DR - Discussion Reply

DISCUSSION - 1

Information systems are playing a vital role in the universities, for example, many administrative and student management activities have been done by emerging information systems. But such systems are exposed to various forms of attacks like a terrorist, system failure, and security attacks. to address these attacks, a strong contingency plan is required. For instance, the University of Nairobi (UON) has typical end-users to their information system resources. The end-users like students and staff must be engaged with information systems so the inclusion of end-users for meeting contingency planning goals and objectives is an essential thing (A.Moturi & Karugu, 2014). The main reason for including end-users is that they engage with information systems for performing daily basis activities. This indicates end-users must follow effective security controls to avoid possible loss or breach. Also, end-users should be accountable for meeting the company’s objectives in terms of data security protection. End users involve in each phase of business activity. This means if anything happens to the system the affected persons are to be end-users which means, considering the involvement of end-users in contingency planning is a crucial thing to the organization. Also, end-users make possible reports against the vulnerabilities that help the system administrator to take the right mechanism to avoid risk accordingly. but end users will be compromised if an unexpected disaster occurs eventually the responsiveness of end-users is blocked. Poor involvement or engagement of end-users with contingency plans will generate negative consequences. Moreover, a contingency plan has certain key programs that heavily require accountable or responsible behavior from end-users otherwise negative consequence happens (Whitman, Mattord, & Green, 2013). The organization may experience bad or tough situations if end-users were not properly responded to or accountable during an unexpected disaster.

References

A.Moturi, C., & Karugu, G. C. (2014). Embracing Contingency Planning for University Information Resources. British Journal of Applied Science and Technology, 4(3) , 492-509.

Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of Incident Response and Disaster Recovery. Cengage Learning.

DISCUSSION 2

IT systems support, process and make decision support critical to the business continuity and continuity planning process . Organizations need the planning information to assess how to protect the organization’s assets. Organizations need the planning information to prepare for, prepare for, and recover from disaster. Organizations should make sure all the stakeholders are aware of how the information can help prevent, detect and/or mitigate disaster. Troubleshooting, contingency planning, disaster recovery, disaster recovery planning and maintenance, and business continuity planning. It was a very busy time at the Center after the fire, but after this incident we have recovered with a high degree of ease. (Liu, 2016).

The main issues that we faced after the disaster are: System downtime due to fire Operational issues after the fire Data loss due to fire Processing, manual and electronic documentation and instructions (documentation and maintenance) needed to ensure business continuity Information security threats Security alerts that the system sends to the system administrators Technical and physical security issues Information system vulnerability (introduction) The risks of disaster are greater when a system is located on a public or private property .( Yi, 2018).

Endusers, which is the stakeholders of the Project can initiate a decision on the preparation of the contingency plan, for instance the planning for the delivery of a security feature and for the pre-emptive launch of security features. The preparation of the contingency plan is carried out through a detailed assessment of the vulnerabilities of the system, by consulting with the stakeholders on the implementation and design of the security features and by considering the risk. The preparation is carried out by meeting all the relevant requirements and technical aspects including the security features being considered by the enduser of the project team.

References

Liu, S. (2016). Critical success factors for post-disaster infrastructure recovery: Learning from the Canterbury (NZ) earthquake recovery. Disaster Prevention and Management, 25(5), 685–700. https://doi.org/10.1108/DPM-01-2016-0006

Yi, T. (2018). An Evaluation of the Paired Assistance to Disaster-Affected Areas Program in Disaster Recovery: The Case of the Wenchuan Earthquake. Sustainability (Basel, Switzerland), 10(12), 4483–. https://doi.org/10.3390/su10124483