My Account Log in

1 option

Business Continuity and Disaster Recovery Planning for IT Professionals.

Ebook Central College Complete Available online

View online
Format:
Book
Author/Creator:
Snedaker, Susan.
Language:
English
Subjects (All):
Business--Data processing--Security measures.
Business -- Data processing -- Security measures.
Electronic data processing departments--Security measures.
Electronic data processing departments -- Security measures.
Crisis management.
Computer networks--Security measures.
Computer networks -- Security measures.
Management information systems--Security measures.
Management information systems -- Security measures.
Physical Description:
1 online resource (602 pages)
Edition:
2nd ed.
Place of Publication:
San Diego : Elsevier Science & Technology Books, 2013.
Contents:
Front Cover
Business Continuity and Disaster Recovery Planning for IT Professionals
Copyright
Contents
Acknowledgments
About the Authors
Introduction
Chapter 1: Business Continuity and Disaster Recovery Overview
Business continuity and disaster recovery defined
Components of business
People in BC/DR planning
Process in BC/DR planning
Technology in BC/DR planning
The cost of planning versus the cost of failure
People
Process
Technology
Types of disasters to consider
Business continuity and disaster recovery planning basics
Project initiation
Risk assessment
Business impact analysis
Mitigation strategy development
Plan development
Training, testing, and auditing
Plan maintenance
Summary
Key concepts
BC/DR defined
BC/DR planning basics
References
Chapter 2: Legal and Regulatory Obligations Regarding Data and Information Security
Impact of recent history
Current regulatory environment
Source of legal obligations
Scope of legal obligations
Provide ``reasonable security´´
Provide security breach notification
Information security management
Responsibility lies at the top
Written Information Security Program (WISP)
Categories that must be addressed
Third-party service provider arrangements
Education
Did you know?
Case Study: Legal Obligations Regarding Data Security
Contributor profile
Deanna Conn, Partner, Quarles &amp
Brady, LLP
Background
The Sony PlayStation incident
State laws regarding data security.
Notice of security breach laws
Definition of personal information
Notification procedure
Penalties
Safeguarding personal data state laws
Federal laws regarding data security
U.S. House of representatives proposed bill
U.S. Senate response
Executive order-improving critical infrastructure cyber security
Conclusion
Chapter 3: Project Initiation
Elements of project success
Executive support
User involvement
Experienced project manager
Clearly defined project objectives
Clearly defined project requirements
Clearly defined scope
Shorter schedule, multiple milestones
Clearly defined project management process
Project plan components
Project initiation or project definition
Problem and mission statement
Potential solutions
Requirements and constraints
Success criteria
Project proposal
Estimates
Project sponsor
Forming the project team
Organizational
Technical
Logistical
Political
Project organization
Project objectives
Business continuity plan
Continuity of operations plan
Disaster recovery plan
Crisis communication plan
Cyber incident response plan
Occupant emergency plan
Project stakeholders
Project requirements
Project parameters
Project infrastructure
Project processes
Team meetings
Reporting
Escalation
Project progress
Change control
Quality control
Project communication plan
Project planning
Work breakdown structure
Critical path
Project implementation
Managing progress
Managing change
Project tracking
Project close out
Key contributors and responsibilities
Information technology
Experience working on a cross-departmental team
Ability to communicate effectively
Ability to work well with a wide variety of people.
Experience with critical business and technology systems
IT project management leadership
Human resources
Facilities/security
Finance/legal
Warehouse/inventory/manufacturing/research
Purchasing/logistics
Marketing and sales
Public relations
Operations
Project definition
Business requirements
Functional requirements
Technical requirements
Business continuity and disaster recovery project plan
Project definition, risk assessment
Risk mitigation strategies
Emergency preparation
Training, testing, auditing
Business continuity and disaster recovery plan
Business Continuity and Disaster Recovery in Energy/Utilities
Integrating BC/DR requirements into IT governance
BC/DR requirements definition
IT service level definition
Application recovery procedures
Summary of integrating BC/DR requirements into IT governance
Improving BC/DR recovery and risk mitigation strategies
Ensuring access to BC/DR documentation in a disaster
Change approval board and technical change review committees
Security control testing
Separation of duties
Centralized security vulnerability assessment
IT network vulnerability assessment
Security control baselines and change detection
Data center and network
Compute and data
Self-service application failover and failback
Industrial control systems
Summary of improving BC/DR recovery and risk mitigation strategies
Improving BC/DR testing
Recovery from actual incidents: Postmortems and documenting lessons learned
Scheduled BC/DR tests
Corporate data center redundancy testing.
EMS SCADA EOC testing
SOx 404 application recovery testing
NERC CIP-009 recovery testing
Enterprise business continuity testing
Summary of scheduled BC/DR testing
Summary of best practices and key concepts
Chapter 4: Risk Assessment
Risk management basics
Risk management process
Threat assessment
Vulnerability assessment
Impact assessment
Risk mitigation strategy development
People, process, technology, and infrastructure in risk management
Infrastructure
IT-Specific risk management
IT Risk management objectives
The system development lifecycle model
Risk assessment components
Information gathering methods
Natural and environmental threats
Fire
Floods
Severe winter storms
Electrical storms
Drought
Earthquake
Tornados
Hurricanes/typhoons/cyclones
Tsunamis
Volcanoes
Avian Flu/pandemics
Human threats
Theft, sabotage, and vandalism
Labor disputes
Workplace violence
Terrorism
Chemical or biological hazards
War
Cyber threats
Cyber crime
Loss of records or data-theft, sabotage, vandalism
IT system failure-theft, sabotage, vandalism
Infrastructure threats
Building-specific failures
Public transportation disruption
Loss of utilities
Disruption to oil or petroleum supplies
Food or water contamination
Regulatory or legal changes
Threat checklist
Threat assessment methodology
Quantitative threat assessment
Qualitative threat assessment
People, process, technology, and infrastructure
Vulnerability assessment.
References
Business Continuity and Disaster Recovery in Healthcare
Introduction to healthcare IT
Types of healthcare organizations
Hospitals
Skilled nursing facility
Physician offices
Ambulatory clinics
Pharmacies
Other types of organizations
Summary of healthcare organizations
The rising cost of healthcare
Governmental incentives and penalties
HIEs and Accountable Care Organizations
Health information exchanges
Accountable Care Organizations
Integration of healthcare IT and medical equipment
Consumer-driven healthcare
Real-time data
Regulatory environment
Centers for Medicare and Medicaid Services/Joint Commission on Accreditation of Healthcare Organizations
U.S. Food and Drug Administration
Health Insurance Portability and Accountability Act
Health Information Technology for Economic and Clinical Health
Payment Card Industry
State and local requirements
Healthcare IT risk management
Patient safety
Patient care
Organizational solvency
Facility management
Technical needs-Healthcare IT architecture
Clinical systems
Business systems
Types of data
Structured
Unstructured
Semi-structured
Types of systems and storage
Network core, medical network, and guest network
Wireless/RFID
Security infrastructure
End user devices
Healthcare operational needs
Admitting
Insurance verification and billing services
Clinical care
Physician
Nursing
Support services
Interoperability among disparate systems
Electronic medical record
Diagnostic imaging
Medical equipment
Food services
Environmental services
Billing and payment systems
Payroll
Current environment and new technology
Advances in data storage and replication
Mobile devices.
Virtualization and cloud computing.
Notes:
Description based on publisher supplied metadata and other sources.
Other Format:
Print version: Snedaker, Susan Business Continuity and Disaster Recovery Planning for IT Professionals
ISBN:
9780124114517
OCLC:
861537862

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account