CIS 502 Discussion Response

profileCollegeman
CIS502DiscussionResponseReqs.docx
Home>Information Systems homework help>CIS 502 Discussion Response

CIS502 discussion post responses.

Disaster Recovery

Disaster recovery has been the topic of study this week. What do you think is the most difficult and expensive disaster to plan for? Do you think companies plan adequately? In your experience (or research if you have no experience) what aspect is most lacking in corporate planning? Why do you think this is? What would you do to advise leadership in your company to prepare for a disaster? Be specific and explain your thought processes on this subject based on your learning.

JP’s post states the following:Top of Form

Disaster Recovery

Disaster recovery has been the topic of study this week. What do you think is the most difficult and expensive disaster to plan for? Do you think companies plan adequately? In your experience (or research if you have no experience) what aspect is most lacking in corporate planning? Why do you think this is? What would you do to advise leadership in your company to prepare for a disaster? Be specific and explain your thought processes on this subject based on your learning.

I believe a natural disaster is the most expensive disaster to plan for. Natural disasters could occur at any point and time and location has a lot to do with it. Depending on the businesses geographic location it may have to deal with floods, earthquakes, hurricanes, electrical storms etc. The companies that I have had the pleasure to work for are located globally and have well established disaster recovery plans for natural disasters known to happen in that region. Because of the unpredictable nature natural disasters bring, not one company has a disaster recovery plan that is readily available for every situation. Funding for possible disasters that have a low chance of occurring may be a lacking aspect in corporate planning, since at the end of the day in business investments must make sense. Also advising leadership on shortages or delays of necessary materials can keep bandages, disinfectant, and medicine cabinets up to date in case of an unexpected emergencies.

Reference

https://yourbusiness.azcentral.com/effects-lack-planning-organization-11394.html

KF’s post states the following:Top of Form

Disaster recovery is the topic of study this week. What do you think is the most difficult and expensive disaster to plan for? Do you think companies plan adequately? In your experience (or research if you have no experience) what aspect is most lacking in corporate planning? Why do you think this is? What would you do to advise leadership in your company to prepare for a disaster? Be specific and explain your thought processes on this subject based on your learning.

I thought about many disasters this week and also discussed this information with my friends because I thought it was interesting. We came to a conclusion that any aspect that takes human life would be the worst kind of disaster. Physical/Weather Disaster can cause this (strong tornadoes, hurricanes, earthquakes). We also discussed the fact that data breaches could also lead to the loss of human life directly and/or a chain of events. Therefore I feel data breaches are the worse kind of disasters that an organization could face. They can lead to mass financial loss and/or hardware/software loss, and reputation loss <priceless>. Even locating and finding the means of entry into the system can cost 1000,s of dollars. They can lead to downtimes from destruction (ransomware) which in turn also can cost the organization big $$$. Lastly, the data leaks can cause life threating risk. Data is constantly being leaked online. This can be sexually explicit imagery (blackmail, hate, control through embarrassment), personal information (used in information gathering for harassment<digital and physical>, physical threats <hitman/woman>), medical equipment manipulation). I think companies plan as accordingly as possible. The proper plans of disaster management need to be well round. It has to be put together in a well manner, all angles of that specific plan need to be acknowledged and addressed. In my experience companies neglect testing and sometimes even laws and standards. It can all look great on paper and then this team of individuals comes in and has a field day with your systems security. I personally think auditing should be conducted more than suggested (31 U.S. Code § 7502). I think a lot of this has to do with the technical know-how of security testing. The professional help can cost money and this is why it can be neglected.

Advisory: I would advise management to address and plan properly for each type of disaster that could arise. Having a said plan for each disaster individually lets the creator and the team know exactly what, when, and why to do. I advise for a team of individuals to be put together that would be classified as a disaster team. Real life situations would be created that allow for the team to “get the feel” of each scenario providing a very systematic and timely response. Past use case stories would be reviewed to learn from mistakes and educate on all sorts of disasters. My disaster plan would cover all aspects from start of disaster, during disaster, and the recovery after said disaster. Each individual fully aware of the chain of command, how to communicate properly during all phases, what organizational property is priority at the time of disaster (data, hardware, recovery data protection) and whom and where to be at all phases of the disaster.

Reference:

Interesting reading from research and reference: https://www.hipaajournal.com/research-suggests-healthcare-data-breaches-cause-2100-deaths-a-year/

https://money.cnn.com/2015/09/08/technology/ashley-madison-suicide/

https://www.theregister.co.uk/2015/08/24/death_toll_ashley_madison/

https://www.uschamberfoundation.org/sites/default/files/publication/ccc/WhatDoesaSuccessfulRecoveryLookLike.pdf