Table 1

Since the manufacturing activities at JMC should be brought back online in a period of 12 hours, it is evident from the above table that the classification of the disaster recovery plan is mission critical.The whole focus of Disaster recovery Plan is to try and restore the operation of various system components that are termed as mission critical. The process of restoring the system does not have to be totally reliant on technology. Some elements of the process could be manual. It is important to ensure that some aspects of the data recovery process are manually accomplished in order to minimize on the cost of the whole recovery operations. Having a Disaster Recovery Plan in place reduces the risk associated with the period of time that a disruption in a critical business process does not proceed beyond what has been deemed acceptable by company's management

During the recovery process, the focus is on establishment of controls over occurring events in the company in order to limit the risk of any further lose.

The development of a technical disaster recovery strategy is just a single step in the overall it Disaster Recovery Planning process. This process is common to all it systems. It makes use of the following procedures

1. Developing the Business Contingency Planning Policy and identifying Business Process Priorities

2. Conducting a Risk Assessment of the entire facility

3. Conducting the Business Impact Analysis (BIA) of the entire facility

4. Developing a Business Continuity and Recovery Strategies

5. Developing Business Continuity Plans

6. Conducting awareness of the system, testing it components, and training the staff of the DRP elements

7. Conducting a Disaster Recovery Plan maintenance and its related exercises

Identify Data Currency for the Applications

It is vital that the Operational activity which supports the application RPO takes place before the disruption of business or a disaster occurs. Once a disaster takes place, applications and data will be unavailable for the execution of the DRP. Therefore it is important to copy application and data offsite from the production centre to a storage facility.

The location of the storage facility can be situated at the recovery computing centre or a small distance from it. Depending on how critical the recovery is, application and data can be copied from the production centre to the recovery centre using one of two ways or procedures.

One of the ways is electronic copying of data over a wide area Network (WAN) from the production center to the recovery centre. This process will initially consist of copying of entire applications and data to be subsequently followed by a time scheduled copying of files.

The other method is to copy data on physical media such as a disk which can be carried away from the production centre to an offsite storage centre. Moreover copies of data and production applications have to leave the production center at certain allocated RPO timeframe

In order to meet business RPO requirements. This is more so with physical storage media such as tapes. After backing up into the physical media the data and applications has to be removed from the production center but within the RPO

Identify Critical Personnel and Recovery Teams

Personnel and manpower with the necessary skills and knowledge are required for systems and application that support a critical business process. Identifying staff with this the know how to recover the data and applications that support a business process is essential to a DRP. In order to ensure that the organization has enough staff available to execute a DRP should a disaster occur, the personnel have to be dispersed geographically in an organization. In addition the skills of the personnel should be recorder and added into the DRP with updates at the same frequency as the DRP.

Part Two: Planning

This section gives a well-structured approach to be used in responding to future unplanned incidents that may threaten the JMC it infrastructure. The threats may include cases of hardware failures, software malfunction or destruction, network interference and a disruption of processes and persons who monitor the various processes. It is crucial to protect the company's investment in technological infrastructure in order to guard its capability to conduct business normally. These reasons are the main ones for ensuring that a comprehensive it disaster recovery plan is put in place. Below is the full plan

The Jubilee Motor Company it Disaster recovery Plan

This document outlines the basic policies and procedures to be initiated in the event of an it disaster incident at JMC.The plan is also tailored to be used in taking care of process-level plans for the recovery of various critical technology platforms and the accompanying telecommunications infrastructure. This document is a summary of the recommended procedures.

The mission is to ensure that information system has a maintained uptime, quality data integrity and availability in order to ensure and business continuity.

Policy Statement

The company must develop a workable it disaster recovery plan.

A formal risk assessment must be carried out to determine the requirements for the disaster recovery plan.

The disaster recovery plan must cover all essential and critical company infrastructure components, it systems and networks in accordance with various key business activities.

The...

It is also imperative that both the management and staff fathom how it works
All the staff must know of the disaster recovery plan and they must have their own respective roles.

The disaster recovery plan is to update frequently so as to take into account the various changing circumstances.

Objectives

The main objective of the disaster recovery program is to develop come up with, test and provide a document that is a well-structured and easily understood which will then aid the company in recovering quickly from certain unforeseen disaster or emergency situations which interrupts information systems and accompanying business operations. Other objectives include

The necessity of ensuring that all the staff fully comprehend their duties in implementation such a plan

The necessity to ensure that the various operational policies are completely adhered to within all pre-planned list of activities

The need to ensure that proposed plans are cost-effective in their execution

The need to consider the various implications on all the company sites

The disaster recovery operation as applicable to all the key customers, and vendors

Plan must have an elaborate calling and reporting mechanism

Project Timescales - Hard Milestones

Milestone

Reason for Milestone Date being considered Hard

Financial

Year

Breakdown of Project Stages/Deliverables by Year

2009-10

Development of the required definition. Procure as necessary

2010-11

The implementation of the procured solution

2011-12

Key Personnel Contact Info

Name and Title

Contact Information

Number

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Work phone

Alternate phone

Mobile phone

Home phone

Email Address

Alternate Email

Emergency Response

This section contains the various forms of alert and the plans to be invoked in case of an incident

Risk scenarios

The major risk scenarios at JMC that would lead to activation of the set down DRP are:

Complete loss of all communications

Total power loss

Flooding

Complete destruction of the buildings at JMC

Assembly Points

In case the premises need to be completely evacuated, the section of DRP must be invoked which identifies two major evacuation assembly points:

Activation of Emergency Response Team

Whenever an incident occurs the Emergency Response Team (ERT) is to be activated. The ERT is mandated to decide the extent of invocation of the DRP. Roles of the ERT are:

Responding immediately to the various potential disaster and the initiation of emergency services through calling;

Assessment of the extent of the specific disaster and its impact on various business, data center, etc.;

The making of decision on which elements of the DR Plan to be activated;

Establishment and management of disaster recovery team to maintain the various vital services and returning of JMC operations to normalcy;

Strategy for Data Backup

Major JMC business processes that must be protected and the corresponding backup strategy are tabulated below. The chosen strategy is for recovery site which is fully mirrored at the company's offsite facilities. This strategy involves the maintenance of the duplicate sites that are fully mirrored so as to enable the instantaneous switching of manufacturing activities between the live site and the corresponding backup site.

KEY Business PROCESS

STRATEGY for BACKUP

IT Operations

Recovery site which is fully mirrored

Technical Support - Hardware

Recovery site which is fully mirrored

Technical Support - Software

Recovery site which is fully mirrored

Management of facilities

Recovery site which is fully mirrored

Email functions

Recovery site which is fully mirrored

Purchasing

Recovery site which is fully mirrored

Disaster Recovery Plan

Recovery site which is fully mirrored

Finance system

Recovery site which is fully mirrored

Contracts Admin

Recovery site which is fully mirrored

Warehousing & Inventory

Recovery site which is fully mirrored

Sales of Product

Recovery site which is fully…