Managing Risk in Information Systems

Managing Risk
in Information
Systems
Powered by vLab Solutions
JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES
LABORATORY MANUAL TO ACCOMPANY
VERSION 2.0
INSTRUCTOR VERSION
Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.
82
Introduction
When disaster strikes a business, executive management expects its IT team has a recovery plan
prepped and ready to go. A successful recovery hinges in part on whether IT has properly tested
its plan and regularly updated it. Recovery speed is also key.
The purpose of a business continuity and disaster recovery plan is to document all identified
mission-critical IT systems, applications, and data recovery procedures. Fast recovery times for
IT systems and applications are achievable with efficient and accurate recovery instructions.
In this lab, you will apply the same concepts of disaster recovery backup procedures and
recovery instructions to your own data. You will explain how you can lower recovery time
objectives (RTOs) with proper backup and recovery procedures, you will define a process for IT
system and application recovery procedures, you will identify a backup solution for saving your
own data, and you will test and verify your backups for RTO compliance.
Learning Objectives
Upon completing this lab, you will be able to:
Explain how to lower RTO with properly documented backup and recovery steps.
Define a process for IT system and application recovery procedures.
Identify a backup solution for saving Lab Assessment Worksheets on a system other than
your Student VM workstation and hard drive.
Test and validate your basic backup and recovery procedures for saving Lab Assessment
Worksheets on an alternate system or solution other than your existing hard drive.
Test the backup and recovery procedures for RTO compliance.
Lab #9 Developing Disaster Recovery Backup
Procedures and Recovery Instructions
Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.
84 | LAB #9 Developing Disaster Recovery Backup Procedures and Recovery
Instructions
Hands-On Steps
Note:
This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft®
Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing
application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab
deliverable files.
3. On your local computer, open a new Internet browser window.
4. Using your favorite search engine
, search for information on recovery time objective
(RTO)
.
5.
Briefly review at least three of the first page results regarding RTO.
6. In the address box of your Internet browser,
type the URL
http://www.bluelock.com/blog/rpo-rto-pto-and-raas-disaster-recovery-explained/ and press
Enter to open the Web site
.
7.
Read the article titled “RPO, RTO, PTO and RaaS: Disaster recovery explained.”
8. In the address box of your Internet browser,
type the URL
http://www.computerweekly.com/feature/How-to-write-a-disaster-recovery-plan-and-definedisaster-recovery-strategies/ and press Enter to open the Web site.
9.
Read the article regarding disaster recovery strategies.
10.
Make a backup of any Lab Assessment Worksheets you may have completed from this
lab manual. If this is the only lab you’ve worked on, then make a mock Lab Assessment
Worksheet using the worksheet from this lab and back that one up instead.
11.
Attach the file(s) to an e-mail to your personal e-mail address. You may need to send
multiple e-mails depending on your e-mail’s size limitations.
Note:
At this point, ask yourself questions from the perspective of recovering from a disaster: Would I be able to access
this e-mail from an offsite computer? Where is the e-mail stored? If I were incapacitated, is someone else able to
proceed without me? This is the mindset of someone crafting business continuity plans.
12. Verify receipt of the e-mail message(s), and then open and verify file integrity for each
attachment.
Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.
85
Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
http://www.jblearning.com Instructor Lab Manual
13. Write the backup procedures and recovery procedures you used.
Note:
Arguably, the most important section of any business continuity plan is the Procedures section. A business can
plan disaster recovery scenarios extensively, carefully weighing all possible risk likelihood and impacts. However,
without detailed procedures with which to execute the recovery, a business will not resume operations efficiently, if
at all. And this is especially true in times of near-panic and extreme “executive oversight” immediately following a
disaster. The key source for documenting accurate and helpful recovery procedures is testing.
14. Describe your personal procedures in terms of your RTO as explained in Web sites
visited earlier in this lab.
15.
Test your backup and recovery procedures per your RTO.
16.
Describe ways you can lower the RTO.
Note:
This completes the lab. Close the Web browser, if you have not already done so.
Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s