ASSESSMENT 1

ICTSAS505

REVIEW AND UPDATE DISASTER RECOVERY AND

CONTIGENCY PLAN

SUBMITTED BY:DEEPIKA DHUNGANA

STUDENT ID:GLE0000721
 TABLE OF CONTENT
PART A……………………………………….

INTRODUCTION………………………….

EVALUATING THE IMPACT…………..

FINANCIAL SYSTEM……………………….

PAYROOL……………………………………..

SECURITY ENVIRONMENT…………….

LEGISLATION………………………………..

CRITICAL DATA AND SOFTWARE……

STATUTORY REQUIREMENTS………….

PART B

IDENTIFY THREATS TO SYSTEM…………

PREVENTION AND RECOVERY STRATRGU

PART C

DEVELOPING A DISASTER RECOVERY PLAN….

TIME AND COST

HUMAN RESOURCES……………..

RESOURCES REQUIRED FOR DISASTER RECOVERY….

PROCESS REQUIRED FOR DISASTER RECOVERY……..

CUT OVER CRITERIA TO BE MET BEFORE INITIATING THE DISASTER PLAN..

CONCLUSION………….
Review and update disaster recovery and contingency plans

Disaster recovery and contingency plan

A disaster recovery plan is defined as a set of actions to be taken before,

during and after a disaster. organizations can’t always avoid disasters
but having a plan helps to minimize the potential damage and get
operational backup.

A contingency plan is an alternative way which is often used for risk

management for an exceptional risk.

Evaluating the impact

Business Critical Functions

business critical functions can be identified through range of
documentation such as log books, reports, Australian standards , etc.
Financial system
A financial system is a system that allows the exchange of funds
between lenders, investors and borrowers. It helps in establishing a link
between the savers and investors. The system allows transfer of money
between savers and borrowers. Banks provides specialized financial
services, which reduces the cost of obtaining information about both
savings and borrowing opportunities.

Customer service Functions

In NAB bank, the role of customer service functions are answering
customer questions about basic banking services, such as account
balances, interest rate and fees. They help customer to fill out banking
form and review and explain account charges.

Payroll
payroll is a list of a companys employees and the amount of money
they are to be paid. The payroll department takes care of wage
deductions, record keeping and verifying the reliability of pay data.

Security Environment
The important part for the NAB bank is to keep the people account safe
and secure. Secured environment is necessary to run the business
smoothly.

legislation
there are certain rules implemented by the company like that must
provide full information to the customers about their bank account,
interest of the money, security of the account, etc. the following is
some of the primary legislation that may need to be considered:
1.Banking regulations 1966

2.banking(saving banks)regulations

organisational security policies

critical data and software

in the company the latest software has been updated and data store is
huge from where the company can use their internet site effectively
and customer can also use the website for online banking, viewing their
accounts anywhere at any time, etc. more customers and more profit
can be earn by using latest software.

Potential impact on the business of risks and threats on IT systems

Business risk is influenced by numerous factors, including sales,
economic, climate and government risks. Hackers can hack the website
and steal the information.
Statutory requirements, commercial requirements and contingency
possibilities
A permit or licence required by law to allow you to engage in a certain
activity and this is fulfilled by the company before starting the business
is a statutory requirements.

PART B
Identify threats in system
Threats are included in following catagories;

Physical Security
The protection of personnel, hardware, software, networks and data
from physical action and events that could cause serious loss or damage
is called physical security. This includes protection from fire, flood,
natural disasters, theft, etc.

System failure, accident, sabotage (hackers)

A system failure can be caused due to faulty hardware, or faulty
software , or some environmental cause. The hackers can hack the
system and steal the information.

Denial of service
sometime the customer cannot get any service at a time due to some
problem arise in the website. the service are denied at the time of
maintenance of website and customer must wait for some days to get
proper service.
Virus Attack

virus attack is a self-replicating means it makes copies of itself and it is

designed to be non-detectable. It harms your computer by damaging
programs, and deleting files. It make the computer performance slow
and unexplained data loss.

Telecommunication failure
Telecommunication failure can be caused due to the weather
conditions. Weather changes time to time so, it affects the signals and
leads to telecommunication failure.

Prevention and Recovery Strategy

Following prevention measures can be applied to reduce threats in IT
system:
1. keep all software updated
2.Installing anti-virus to prevent from virus attack
3.Intrusion-detection/prevention systems can be used to protect
against denial of service attack.

PART C

developing a disaster recovery plan

the steps that need to be taken to resume business in the event of a
disaster is called a disaster recovery plan a disaster recovery plan
focuses on enabling an IT department to recover enough data and
system functionality that would make it possible for the business to
continue operating.

time and cost

time and cost are another important factor required to develop a

disaster recovery plan.

human resources
human resource include all the employee, technicians that are needed
to built the website during recovery.

Impact of an extended loss an operation and key business functions

resource required for disaster recovery

the following are the requirements required to save the website fron
disaster recovery:
1.all the data and important information of the company are stored in
the computer, so the computer room should be secured with proper
backup supply.
2.for any kind of sudden damage in the website, the IT technicians is
required for its recovery and maintenance.

process required for disaster recovery

there are certain process which is required for disaster recovery:
1. identifying possible threats
 2. ensure data protection
3. outline your disaster recovery plan
4. communication with the staff
5. regularly test your plan

cut over criteria to be met before initiating the disaster plan

 system down time
 critical business function failure
 profits falling below certain levels
 level of impact on business

conclusion
all the review and update disaster recovery and contingency plan are
appropriate and reliable for the company for their website.
Financial system

customer services