Analysis of Computer Operations: A Case Study of Disaster Recovery
VerifiedAdded on 2020/05/04
|18
|4463
|95
Case Study
AI Summary
This case study analyzes the computer operations department of a multinational organization, detailing the services provided, potential disaster scenarios, and the necessity of a disaster recovery plan. The paper explores various aspects, including outsourcing, product promotion, database support, and technical support. It identifies threats like third-party entries, security vulnerabilities, data breaches, and inadequate database support. The study emphasizes the importance of proactive measures, such as identifying disasters, assessing impacts, creating plans, and providing staff training. It then delves into risk analysis, contingency policies, and business impact analysis (BIA), including recovery time, IT requirements, data backup, and staffing. The analysis underscores the significance of BIA components in developing effective recovery and mitigation strategies, concluding with the importance of incident response planning.
Running head: CASE STUDY: COMPUTER OPERATIONS
Case Study- Computer Operations
Name of the Student
Name of the University
Author’s Note
Case Study- Computer Operations
Name of the Student
Name of the University
Author’s Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
CASE STUDY: COMPUTER OPERATIONS
Table of Contents
Introduction......................................................................................................................................2
1. Description of the services that the department provides to the organization.............................2
2. Type of disasters that will affect the department.........................................................................3
3. Preparation for a disaster situation..............................................................................................4
4. Risk analysis................................................................................................................................5
5. Need of contingency policy as well as plan.................................................................................7
6. Description of the requirement for starting contingency planning process.................................8
7. Description of business impact analysis and its components......................................................9
8. Discussion on the relationship between overall contingency planning and various subordinate
elements.........................................................................................................................................10
9. Description of the techniques used for data application and backup.........................................11
10. Description of the process that is used for organizing incident response planning process....12
11. Explanation of the techniques that can be employed when formatting a security incident
response team.................................................................................................................................13
12. Description of the processes used in making decisions about incident detection and escalation
.......................................................................................................................................................14
Conclusion.....................................................................................................................................14
References......................................................................................................................................15
CASE STUDY: COMPUTER OPERATIONS
Table of Contents
Introduction......................................................................................................................................2
1. Description of the services that the department provides to the organization.............................2
2. Type of disasters that will affect the department.........................................................................3
3. Preparation for a disaster situation..............................................................................................4
4. Risk analysis................................................................................................................................5
5. Need of contingency policy as well as plan.................................................................................7
6. Description of the requirement for starting contingency planning process.................................8
7. Description of business impact analysis and its components......................................................9
8. Discussion on the relationship between overall contingency planning and various subordinate
elements.........................................................................................................................................10
9. Description of the techniques used for data application and backup.........................................11
10. Description of the process that is used for organizing incident response planning process....12
11. Explanation of the techniques that can be employed when formatting a security incident
response team.................................................................................................................................13
12. Description of the processes used in making decisions about incident detection and escalation
.......................................................................................................................................................14
Conclusion.....................................................................................................................................14
References......................................................................................................................................15
2
CASE STUDY: COMPUTER OPERATIONS
Introduction
The paper focuses on a computer operation department of a large multinational
organization. It is identified that the computer operation department provides number of services
including outsourcing, product promotion, procurement as well as helps in handling online
database. It is identified that the organization wants to create a disaster recovery plan in order to
recover various types of data if any type of disaster associated with the company occurs.
In this paper, various types of disasters that can occur within the organization are
elaborated. The assignment also discusses disaster recovery plan, need of contingency policy as
well as business impact analysis. Moreover, the paper discusses the relationship between overall
contingency planning with various subordinate elements.
1. Description of the services that the department provides to the organization
The computer operation department provides number of services to the organization
which include:
Outsourcing: The department “Computer operations” provides outsourcing services to
the organization (Oshri, Kotlarsky & Willcocks, 2015). The department involves in outsourcing
various specific operations that helps in allowing them to withdraw or transfer their resources in
order to sell the associated assets.
Product promotion: The computer operation department involves in promoting the
products of the organization. It is identified that several strategies are utilized while promotion of
CASE STUDY: COMPUTER OPERATIONS
Introduction
The paper focuses on a computer operation department of a large multinational
organization. It is identified that the computer operation department provides number of services
including outsourcing, product promotion, procurement as well as helps in handling online
database. It is identified that the organization wants to create a disaster recovery plan in order to
recover various types of data if any type of disaster associated with the company occurs.
In this paper, various types of disasters that can occur within the organization are
elaborated. The assignment also discusses disaster recovery plan, need of contingency policy as
well as business impact analysis. Moreover, the paper discusses the relationship between overall
contingency planning with various subordinate elements.
1. Description of the services that the department provides to the organization
The computer operation department provides number of services to the organization
which include:
Outsourcing: The department “Computer operations” provides outsourcing services to
the organization (Oshri, Kotlarsky & Willcocks, 2015). The department involves in outsourcing
various specific operations that helps in allowing them to withdraw or transfer their resources in
order to sell the associated assets.
Product promotion: The computer operation department involves in promoting the
products of the organization. It is identified that several strategies are utilized while promotion of
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
CASE STUDY: COMPUTER OPERATIONS
the products by the company. The company keeps it simple and helps in providing emphasizing
value over price so that the company does not have to participate in price war.
Supporting online database: Online database of the organization is supported by the
department of computer operations. It is identified that the department also helps in maintaining
the database of the clients on a daily basis (Sa Rocha & Cota, 2016). This assist in keeping up
the current client information for making changes that is necessary in the database.
Technical support: Technical support is provided by the computer operation department
in order to help the customers. The department helps in diagnosing the problems and helps the
customers in fixing their problem related with the product.
Monitoring: The departments provides proper supervision for security reasons and are
quite responsible of storing various types of items including files and more so that they can be
kept in a proper order and can be recovered whenever needed (Schondorf et al., 2017)
2. Type of disasters that will affect the department
The various type of disaster that will affect the department of “computer operations” are
provided below:
. Third party entry: It is identified that the cybercriminals generally prefer the path of
less resistance and as a result if proper authentication is not provided they can harm the
organization by stealing confidential information as well as data of department.
Security: The department does not have proper planning in order to maintain security
which creates a serious risk (Liu & Wang, 2016). It is identified that unsecured connection
vulnerability as well as number of security related disasters occur within the organization
CASE STUDY: COMPUTER OPERATIONS
the products by the company. The company keeps it simple and helps in providing emphasizing
value over price so that the company does not have to participate in price war.
Supporting online database: Online database of the organization is supported by the
department of computer operations. It is identified that the department also helps in maintaining
the database of the clients on a daily basis (Sa Rocha & Cota, 2016). This assist in keeping up
the current client information for making changes that is necessary in the database.
Technical support: Technical support is provided by the computer operation department
in order to help the customers. The department helps in diagnosing the problems and helps the
customers in fixing their problem related with the product.
Monitoring: The departments provides proper supervision for security reasons and are
quite responsible of storing various types of items including files and more so that they can be
kept in a proper order and can be recovered whenever needed (Schondorf et al., 2017)
2. Type of disasters that will affect the department
The various type of disaster that will affect the department of “computer operations” are
provided below:
. Third party entry: It is identified that the cybercriminals generally prefer the path of
less resistance and as a result if proper authentication is not provided they can harm the
organization by stealing confidential information as well as data of department.
Security: The department does not have proper planning in order to maintain security
which creates a serious risk (Liu & Wang, 2016). It is identified that unsecured connection
vulnerability as well as number of security related disasters occur within the organization
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
CASE STUDY: COMPUTER OPERATIONS
Data theft: It is identified that deliberate attacks on the individuals as well as systems
that generally access the confidential data can cause harm (Griraa et al., 2015). The data breaches
create theft of sensitive data that can further create number of ethical issues.
Data loss: Due to improper storage facility, the data associated with the computer
operation department can be utilized by unauthorized people and as a result number of security
related disasters occurs within the organization.
Inadequate database support: The database support that is provided by the department
is not appropriate and as result the systems of the department can be accessed by unauthorized
users which can cause the issue related with data loss and data theft (Tajari, Valmohammadi &
Mohammadi, 2014). It is identified that the malicious use of the system also raises the chances
of disaster for the department of computer operations.
Loss of firewall protection: Due to loss of proper firewall protection, the department can
face number of disasters as well as issues related with computer crime as well as malicious use
of system. It is found that chances of unauthorized utilization will grow if the department does
not have proper firewall protection.
3. Preparation for a disaster situation
In order to prepare for the disaster situation, it is quite important to undertake the
activities or steps that are provided below:
Identification of disasters: The first step for the department of the computer operations
is to identify the disasters that can create risks for the company. If the disasters are identified
then it will be quite easier for the department to take proper mitigation steps.
CASE STUDY: COMPUTER OPERATIONS
Data theft: It is identified that deliberate attacks on the individuals as well as systems
that generally access the confidential data can cause harm (Griraa et al., 2015). The data breaches
create theft of sensitive data that can further create number of ethical issues.
Data loss: Due to improper storage facility, the data associated with the computer
operation department can be utilized by unauthorized people and as a result number of security
related disasters occurs within the organization.
Inadequate database support: The database support that is provided by the department
is not appropriate and as result the systems of the department can be accessed by unauthorized
users which can cause the issue related with data loss and data theft (Tajari, Valmohammadi &
Mohammadi, 2014). It is identified that the malicious use of the system also raises the chances
of disaster for the department of computer operations.
Loss of firewall protection: Due to loss of proper firewall protection, the department can
face number of disasters as well as issues related with computer crime as well as malicious use
of system. It is found that chances of unauthorized utilization will grow if the department does
not have proper firewall protection.
3. Preparation for a disaster situation
In order to prepare for the disaster situation, it is quite important to undertake the
activities or steps that are provided below:
Identification of disasters: The first step for the department of the computer operations
is to identify the disasters that can create risks for the company. If the disasters are identified
then it will be quite easier for the department to take proper mitigation steps.
5
CASE STUDY: COMPUTER OPERATIONS
Consider the impact: It is identified that a disaster has a devastating impact on the
workforce. If the impacts of the disasters are identified then it will be quite easier for them to
prioritize the disasters (Loke & Fung, 2014). Prioritizations of the disasters are quite significant
for minimizing the level of impact on the organization.
Creating plans and alerting staffs: The third step for the department is to create
appropriate plans that will be effective in resolving the problems associated with disasters. In
addition to this, the workforce of the department must be alerted so that they take proper action
for minimizing the security related disasters.
Finalize the disaster recovery plan: Proper training sessions must be arranged for the
staffs so that they can work out all the kinks long before the occurrence of the disaster (Chae et
al., 2014). Preventional training will be helpful in ensuring the workers to keep calm during the
time of stress.
Maintaining the plan: It is quite important for the company to revisits the disaster
recovery plan properly and remain vigilant for the changes in the policy of the company. Proper
steps must be prepared for both short and long term recovery for supporting the company.
4. Risk analysis
Risk Explanation Impact Frequency Mitigation
strategy
Inadequate
support of
database
The database
support that is
given is not
High Medium Proper database
support must be
provided so that
CASE STUDY: COMPUTER OPERATIONS
Consider the impact: It is identified that a disaster has a devastating impact on the
workforce. If the impacts of the disasters are identified then it will be quite easier for them to
prioritize the disasters (Loke & Fung, 2014). Prioritizations of the disasters are quite significant
for minimizing the level of impact on the organization.
Creating plans and alerting staffs: The third step for the department is to create
appropriate plans that will be effective in resolving the problems associated with disasters. In
addition to this, the workforce of the department must be alerted so that they take proper action
for minimizing the security related disasters.
Finalize the disaster recovery plan: Proper training sessions must be arranged for the
staffs so that they can work out all the kinks long before the occurrence of the disaster (Chae et
al., 2014). Preventional training will be helpful in ensuring the workers to keep calm during the
time of stress.
Maintaining the plan: It is quite important for the company to revisits the disaster
recovery plan properly and remain vigilant for the changes in the policy of the company. Proper
steps must be prepared for both short and long term recovery for supporting the company.
4. Risk analysis
Risk Explanation Impact Frequency Mitigation
strategy
Inadequate
support of
database
The database
support that is
given is not
High Medium Proper database
support must be
provided so that
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
CASE STUDY: COMPUTER OPERATIONS
proper and as a
result
unauthorized
users get able to
access the
confidential
information that
will further
create risk for the
department.
unauthorized
users do not get
the access for
using the
sensitive
information of
the organization.
Third party
entry
It is identified
that the path of
less resistance is
mainly preferred
by the
cybercriminals
and as a result
they generally
enter through the
path that does is
not secure and
create risks for
the department of
Medium Medium Proper security
related measures
as well as proper
authentication
must be provided
so that the
organization does
not face any
issue or disaster
due to third
party.
CASE STUDY: COMPUTER OPERATIONS
proper and as a
result
unauthorized
users get able to
access the
confidential
information that
will further
create risk for the
department.
unauthorized
users do not get
the access for
using the
sensitive
information of
the organization.
Third party
entry
It is identified
that the path of
less resistance is
mainly preferred
by the
cybercriminals
and as a result
they generally
enter through the
path that does is
not secure and
create risks for
the department of
Medium Medium Proper security
related measures
as well as proper
authentication
must be provided
so that the
organization does
not face any
issue or disaster
due to third
party.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CASE STUDY: COMPUTER OPERATIONS
computer
operations
Security Due to improper
security, data
theft as well as
data loss are the
two important
issue for the
department of
computer
operations as
data theft may
cause loss of
different
sensitive as well
as confidential
data of the
organization.
High High Proper security
related measures
must be taken in
order to avoid the
risks that are
associated with
data theft as well
as data loss.
5. Need of contingency policy as well as plan
The needs of contingency policy as well as plan are provided below:
Helps in improving relations: Contingency planning are very much significant for the
organization as it not only helps in maintaining the position of the company but also assists in
CASE STUDY: COMPUTER OPERATIONS
computer
operations
Security Due to improper
security, data
theft as well as
data loss are the
two important
issue for the
department of
computer
operations as
data theft may
cause loss of
different
sensitive as well
as confidential
data of the
organization.
High High Proper security
related measures
must be taken in
order to avoid the
risks that are
associated with
data theft as well
as data loss.
5. Need of contingency policy as well as plan
The needs of contingency policy as well as plan are provided below:
Helps in improving relations: Contingency planning are very much significant for the
organization as it not only helps in maintaining the position of the company but also assists in
8
CASE STUDY: COMPUTER OPERATIONS
minimizing the risks that further avoids the chances of loss due to the disaster or the recovery
(Teller, Kock & Gemunden, 2014).
Help in reducing risks of uncertainty: If the performance does not work appropriately
then it is quite necessary for the organization to backup plans that will help in controlling the
situation in order to avoid various types of risks.
Improve continuity of work: It is identified that there are times, when both productions
as well as business are required to be stopped due to hindrances as well as presence of proper
factors including labor union, strike as well as shut down of machinery (Oels, 2013).
Prevents panic: If a disaster occurs within an company, then the people associated with
it panic. If a proper as well as appropriate contingency plan was created then the company can
easily control the situation in order to recover them. In addition to this, it is identified that
contingency planning helps in avoiding various types of risk so proper contingency plan must be
adopted for rapid growth.
6. Description of the requirement for starting contingency planning process
For starting the contingency planning the most important thing that is required is
elaborated below:
Knowledge for risk identification: The knowledge of risk identification is quite
important for identifying the risks that are associated with the department of computer operations
(Gielnik et al., 2014). It is quite important to identify the things that can go wrong within the
business.
CASE STUDY: COMPUTER OPERATIONS
minimizing the risks that further avoids the chances of loss due to the disaster or the recovery
(Teller, Kock & Gemunden, 2014).
Help in reducing risks of uncertainty: If the performance does not work appropriately
then it is quite necessary for the organization to backup plans that will help in controlling the
situation in order to avoid various types of risks.
Improve continuity of work: It is identified that there are times, when both productions
as well as business are required to be stopped due to hindrances as well as presence of proper
factors including labor union, strike as well as shut down of machinery (Oels, 2013).
Prevents panic: If a disaster occurs within an company, then the people associated with
it panic. If a proper as well as appropriate contingency plan was created then the company can
easily control the situation in order to recover them. In addition to this, it is identified that
contingency planning helps in avoiding various types of risk so proper contingency plan must be
adopted for rapid growth.
6. Description of the requirement for starting contingency planning process
For starting the contingency planning the most important thing that is required is
elaborated below:
Knowledge for risk identification: The knowledge of risk identification is quite
important for identifying the risks that are associated with the department of computer operations
(Gielnik et al., 2014). It is quite important to identify the things that can go wrong within the
business.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
CASE STUDY: COMPUTER OPERATIONS
Clear concept to analyze the impact of the risk: Clear concept is required in order to
analyze the impact of the risks. Proper training must be provided for analyze the risk impact and
prioritize the risks as per the level of impact.
Communication: Proper communication between the workers as well as higher authority
is required while creating the contingency planning (Schulze et al., 2016). Appropriate
contingency planning creation requires proper communication as well as advice.
Developing contingency planning policy: It is identified that a formal policy helps in
providing proper authority as well as guidance that is needed for developing an effective plan of
contingency.
7. Description of business impact analysis and its components
Business impact analysis is defined as a systematic procedure that helps in determining
as well as evaluating the potential impacts of an interruption due to various critical operations
due to the result of accident or emergency (Fleisher & Bensoussan, 2015). It is identified that
BIA is one of the essential for developing strategies component for an organization that generally
includes exploratory component for revealing vulnerabilities as well as different planning
component as well as minimizing different types of risks. It generally assists in predicting the
consequences of disruption of a business related function as well as process and mainly gathers
information for developing proper recovery strategies (Silvius & Schipper, 2014). Identification
as well as evaluation of the impact of disaster on the business generally helps in providing the
basis of investment in different recovery strategies as well as mitigation strategies.
The various component of business impact analysis are provided below:
CASE STUDY: COMPUTER OPERATIONS
Clear concept to analyze the impact of the risk: Clear concept is required in order to
analyze the impact of the risks. Proper training must be provided for analyze the risk impact and
prioritize the risks as per the level of impact.
Communication: Proper communication between the workers as well as higher authority
is required while creating the contingency planning (Schulze et al., 2016). Appropriate
contingency planning creation requires proper communication as well as advice.
Developing contingency planning policy: It is identified that a formal policy helps in
providing proper authority as well as guidance that is needed for developing an effective plan of
contingency.
7. Description of business impact analysis and its components
Business impact analysis is defined as a systematic procedure that helps in determining
as well as evaluating the potential impacts of an interruption due to various critical operations
due to the result of accident or emergency (Fleisher & Bensoussan, 2015). It is identified that
BIA is one of the essential for developing strategies component for an organization that generally
includes exploratory component for revealing vulnerabilities as well as different planning
component as well as minimizing different types of risks. It generally assists in predicting the
consequences of disruption of a business related function as well as process and mainly gathers
information for developing proper recovery strategies (Silvius & Schipper, 2014). Identification
as well as evaluation of the impact of disaster on the business generally helps in providing the
basis of investment in different recovery strategies as well as mitigation strategies.
The various component of business impact analysis are provided below:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
CASE STUDY: COMPUTER OPERATIONS
Recovery time: The recovery time mainly helps in identifying time that is needed for
recovering different types of critical processes under various existing capabilities.
IT requirements: If proper electronic data is available then recovering specific
procedure to minimum level is required (Fisher & Rendahl, 2017).
Data backup history: If proper data source is identified than the old data can be
satisfactorily recovered.
Staffing minimums: It is quite important to identify various needs throughout the
recovery time objectives in order to optimize the recovery quite properly.
Impact level: Impact level helps in indicating impact of the various procedure on the
various mitigation measures (Fleisher & Bensoussan, 2015).
Likelihood level: It helps in indicating the likelihood level of the threat that is generally
occurred for the existing measures, as well as capabilities.
8. Discussion on the relationship between overall contingency planning and
various subordinate elements
The relationship between overall contingency as well as various subordinate elements are
illustrated below:
Incident response: It is found those non devastating threats as well as the steps of
mitigation as well as recovery helps in creating the relationship with the overall contingency
planning.
CASE STUDY: COMPUTER OPERATIONS
Recovery time: The recovery time mainly helps in identifying time that is needed for
recovering different types of critical processes under various existing capabilities.
IT requirements: If proper electronic data is available then recovering specific
procedure to minimum level is required (Fisher & Rendahl, 2017).
Data backup history: If proper data source is identified than the old data can be
satisfactorily recovered.
Staffing minimums: It is quite important to identify various needs throughout the
recovery time objectives in order to optimize the recovery quite properly.
Impact level: Impact level helps in indicating impact of the various procedure on the
various mitigation measures (Fleisher & Bensoussan, 2015).
Likelihood level: It helps in indicating the likelihood level of the threat that is generally
occurred for the existing measures, as well as capabilities.
8. Discussion on the relationship between overall contingency planning and
various subordinate elements
The relationship between overall contingency as well as various subordinate elements are
illustrated below:
Incident response: It is found those non devastating threats as well as the steps of
mitigation as well as recovery helps in creating the relationship with the overall contingency
planning.
11
CASE STUDY: COMPUTER OPERATIONS
Business resumption: It is identified that risk ranking, business impact analysis,
recovery cost as well as mitigation steps are considered as the methods that helps in forming
proper relationship with the overall contingency planning (Ahimbisibwe, Cavana & Daellenbach,
2015).
Disaster recovery: It is found that both devastating threats as well as proper steps of
mitigation, respond as well as recovering helps in creating relationship with overall contingency
planning.
Business continuity planning: It is quite important to keep the operations running
during disaster recover as well as response (Saeed, Yousafzai & Engelen, 2014). It helps in
reflecting the relationship with the overall contingency plan.
9. Description of the techniques used for data application and backup
The different type of data and application backup as well as recovery technique are
illustrated below:
Disks or tape backup: This method or technique is considered as one of the oldest
technique of data backup (Saad, Natanzon & Dotan, 2015). In this method the backup of the
data is done on a physical device. Hard disk generally helps in offering faster as well as proper
backup as well as recovery plans.
Hybrid cloud backup: This method or technique mainly involves in backing up data on
a local device in a quite secure offsite center of data for redundancy. It is identified that this
practice is generally used for backing up data from the local device to a proper secure data
center.
CASE STUDY: COMPUTER OPERATIONS
Business resumption: It is identified that risk ranking, business impact analysis,
recovery cost as well as mitigation steps are considered as the methods that helps in forming
proper relationship with the overall contingency planning (Ahimbisibwe, Cavana & Daellenbach,
2015).
Disaster recovery: It is found that both devastating threats as well as proper steps of
mitigation, respond as well as recovering helps in creating relationship with overall contingency
planning.
Business continuity planning: It is quite important to keep the operations running
during disaster recover as well as response (Saeed, Yousafzai & Engelen, 2014). It helps in
reflecting the relationship with the overall contingency plan.
9. Description of the techniques used for data application and backup
The different type of data and application backup as well as recovery technique are
illustrated below:
Disks or tape backup: This method or technique is considered as one of the oldest
technique of data backup (Saad, Natanzon & Dotan, 2015). In this method the backup of the
data is done on a physical device. Hard disk generally helps in offering faster as well as proper
backup as well as recovery plans.
Hybrid cloud backup: This method or technique mainly involves in backing up data on
a local device in a quite secure offsite center of data for redundancy. It is identified that this
practice is generally used for backing up data from the local device to a proper secure data
center.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.