Disaster Recovery Plan for Glasgow Health Board
Added on 2023-06-07
6 Pages1595 Words79 Views
Disaster Recovery Plan
Introduction
IT services are an essential part of modern day business organizations. Thus it is essential that
all the IT related machinery as well as software are maintained timely and any problem in the
system may be resolved promptly. Any problem in the IT system may disrupt the whole
system and may hamper the overall functionality of the organization (Borgianni et al., 2015).
In this case study a similar incident is observed in case of Glasgow Health Board (GHB)
where the disruption in the IT system resulted in the postponing of several appointments of
the patients.
Objectives
The main objective of this study is to find appropriate measures to avoid similar incidents in
the future and make changes in the company IT policies.
Scope
The study will cover the IT system, the staff responsibilities and the IT policies to determine
the loopholes in the existing system.
Service RPO and RTO targets
Setting up RPO (Recovery Point Objective) and RTO (Recovery Time Objectives) are the
two most effective procedures of recovering any disaster or planning a protection of data.
These two procedures provide guidance for enterprises to choose an optimal data backup
plan.
IT service Scenario RPO RTO Priority
Email systems Server failure 24 hours 4 hours Medium
Business Critical
Applications
Failure of ATM
machines
1 hour A few minutes High
Mission Critical
Applications
Site failure Few
minutes
With a mouse
click
Medium
IT services are an essential part of modern day business organizations. Thus it is essential that
all the IT related machinery as well as software are maintained timely and any problem in the
system may be resolved promptly. Any problem in the IT system may disrupt the whole
system and may hamper the overall functionality of the organization (Borgianni et al., 2015).
In this case study a similar incident is observed in case of Glasgow Health Board (GHB)
where the disruption in the IT system resulted in the postponing of several appointments of
the patients.
Objectives
The main objective of this study is to find appropriate measures to avoid similar incidents in
the future and make changes in the company IT policies.
Scope
The study will cover the IT system, the staff responsibilities and the IT policies to determine
the loopholes in the existing system.
Service RPO and RTO targets
Setting up RPO (Recovery Point Objective) and RTO (Recovery Time Objectives) are the
two most effective procedures of recovering any disaster or planning a protection of data.
These two procedures provide guidance for enterprises to choose an optimal data backup
plan.
IT service Scenario RPO RTO Priority
Email systems Server failure 24 hours 4 hours Medium
Business Critical
Applications
Failure of ATM
machines
1 hour A few minutes High
Mission Critical
Applications
Site failure Few
minutes
With a mouse
click
Medium
Backup Startegy
IT service Backup location Backup frequency
RPO Service E-commerce website 3 hrs or shorter
RTO Service Smart phone gaming zone Every minute
Testing Schedule
GHB is mainly a health organization which provides the various services to the patients. It
provides the appointments to the patients and also assigns specific times according to the
schedule of the doctors. The system is mainly a data storage and entry system and requires
entry of data every day from the staffs. The staffs while conducting their daily operations
have to input their unique password and ID to log in to the system. The IT experts monitor
the whole system in regular basis
Plan review
The company IT policy clearly defines that there must be specific systems in place which will
provide the backup of the data on regular basis. This is to ensure that the data is not lost in
case of disasters. The company policy also states that the system must be monitored by IT
experts in regular basis to ensure that the system functions without any problem. However in
the present scenario these were not maintained. The main problem which has occurred was
the corruption of the system and the data loss. The primary reason of this is not upgrading the
system framework software and the lack of maintenance and monitoring from the IT expert
part. Another failure was the absence of proper backup system.
Risk assessment
GHB is a health organization which provides the various health services to the various
patients. The recent IT disaster has resulted in a lot of problem for the organization. To assess
the various probable areas of future risks a risk assessment is done. In case of the present
case, the risk assessment is mainly related to the system and it will be done to determine the
various risks in the IT system of the company.
The initial phase is the risk assessment which is conducted in three phases:
IT service Backup location Backup frequency
RPO Service E-commerce website 3 hrs or shorter
RTO Service Smart phone gaming zone Every minute
Testing Schedule
GHB is mainly a health organization which provides the various services to the patients. It
provides the appointments to the patients and also assigns specific times according to the
schedule of the doctors. The system is mainly a data storage and entry system and requires
entry of data every day from the staffs. The staffs while conducting their daily operations
have to input their unique password and ID to log in to the system. The IT experts monitor
the whole system in regular basis
Plan review
The company IT policy clearly defines that there must be specific systems in place which will
provide the backup of the data on regular basis. This is to ensure that the data is not lost in
case of disasters. The company policy also states that the system must be monitored by IT
experts in regular basis to ensure that the system functions without any problem. However in
the present scenario these were not maintained. The main problem which has occurred was
the corruption of the system and the data loss. The primary reason of this is not upgrading the
system framework software and the lack of maintenance and monitoring from the IT expert
part. Another failure was the absence of proper backup system.
Risk assessment
GHB is a health organization which provides the various health services to the various
patients. The recent IT disaster has resulted in a lot of problem for the organization. To assess
the various probable areas of future risks a risk assessment is done. In case of the present
case, the risk assessment is mainly related to the system and it will be done to determine the
various risks in the IT system of the company.
The initial phase is the risk assessment which is conducted in three phases:
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Business Impact Analysis Report for MyHealth Companylg...
|5
|536
|304
Network Security Plan for Mitigating Identified Issues in a Universitylg...
|15
|679
|496
Assignment on Effective Information Security & Risk Management Strategylg...
|6
|1137
|95
IS Security and Risk Managementlg...
|17
|4121
|102