Disaster recovery planning can be defined as the process by which companies resume business activities, at the time of disaster, after recovering and rescuing work in progress (Arnold Christopher, 1993, pp. 170). In most circumstances, a work area recovery facility, which is an alternate office location, undertakes the recovery of the business. It is fundamental to have plans of actions that are detailed and that would permit business continuity in case of an emergency circumstance. Examples of probable disasters are plague or denial of access, fire, chemical spillage, building collapse, flood, bomb threats, and organized interruption. In this paper, the team will choose a large international or domestic business that heavily depends on information processing (as its clients), and advise the client in regard to the logistics of, and the need for, setting up disaster recovery-plans with respect to critical locations in the IT architecture of the client.
The Business Team
In order to meet the ongoing essential amending, creating and revising of plans, the business recovery team ought to be developed (Berke, et al., 1993, pp. 23). The team will need to agree on information technology policies that need to be implemented, and on priorities of the business functions. Moreover, they will need to identify the required recovery facilities. In order for the team to advise the client in regard to the logistics of, and the need for, setting up disaster recovery-plans with respect to critical locations in the IT architecture of the client, they ought to be a suitable room from which the business team can manage disaster recovery on a short instance of time. Despite the fact that the room must be physically separate from the premises, it ought to be close. Nonetheless, it needs to have access to computers, telephones, and faxes, and be secure. In case of an emergency, the team should first assess the level of the damage before deciding on what policy to take. A variety of business functions will recuperate at different times depending on the organizational priorities. For instance, in large-organizations, certain processes may require a continuous availability (Comerio, et al. 1996, pp. 12). Only those processes that are identical ought to be identified. A strategy is only a plan if it needs to be tested to see how important it is. Any needs or issues for additional-measures can be introduced while testing. The staff ought to be trained and perform testing in recovery-site at least-once a year. Everything ought to be thoroughly documented as the plan can be improved by feedback of the staff. Implementing a business continuity plan that is successful and outsourcing it is expensive, although these costs can be justified while comparing of the costs of not-preparing one. Also, the staff can believe that there is a lesser chance of a risk taking place with the increase in safety measures.
RSA Insurance Ireland Limited
The team chose RSA Insurance Ireland Limited, a company which the procedures for disaster recovery planning are worth needed. The RSA Insurance Ireland Limited is a large multinational non-insurance company that heavily depends on information processing, as well as, its clients. In the disaster recovery plan of the RSA, as Mileti and Dennis (1999 pp. 352) observes, the business is categorized into components, and each component has specifications with a description. There are individuals accountable for each component that is provided either in house or through an out-sourcer, who maintain and creates instructions that are detailed for the retrieval of step-by-step and back-up media recovery tasks. Moreover, RSA has set up a process for notifying all those that were affected by the failure (Nigg Joanne 1995, p.14).
Designated individuals ought to be able to evaluate the relentlessness of the accident and deem its effects on ICT systems by providing a framework of procedures.
Recovery from a major-interference must be done in an orderly, cost-effective, controlled and timely manner. In view of the fact that all procedures are well-rehearsed and flexible, they are well documented. All experiences will lead to a post-incident view, making sure that all lessons that are learnt are integrated into the maintenance of procedures and plans (Godschalk, et al. 1996, pp. 31).
The RSA Insurance Ireland Limited ought to ensure that the following roles (or their equivalent) are in place outsource service team site technology recovery team Central Site Recovery Support Team and Teams as required depending on technology affected.
These teams will encompass the specialists and managers who will be accountable for the service or the technology affected at the site, encompassing delegates from any services that will be outsourced. The team that will be summoned will depend on the technology services, size of the site, and complexity.
Certain actions ought to be implemented in order to ensure that fundamentals for consolidating the information that is of necessity into the technology recovery plan are performed on a regular basis. The Review and maintenance of the risk evaluation of the capability of the on-site technology to identify specific actions and exposures, which are required, ought to be undertaken on a regular basis. Nevertheless, the RSA Insurance Ireland Limited Company ought to support other services as well as the business, and identify the end-to-end technology together with the critical processes of the business (Godschalk, et al. 1996, pp. 31).
To easily identify and find the software that is needed, the RSA Insurance Ireland Limited Company should map of the technology-components for each critical functions of the business. Important records will be needed for recovering technology, such as centrally supported or contact information requirements contracts between third party and the site for the supply of Information technology equipment and back-up information regarding the offsite-storage of media so as to protect the critical functions of the business (Emmer, 1994, pp. 23).
Furthermore, it is also of necessity to hold meetings on a regular basis with external parties. This will ensure that their capabilities and plans dovetail with the requirements of the RSA Insurance Ireland Limited Company. Plans ought to be tested on a regular basis and all-experiences will lead to the modification of existing plans. Below is a list of the critical-processes of each business-unit in RSA Insurance Ireland Limited, which can help to give a scheme of processes that need to be implemented in the insurance companies (of similar profile).
DEPARTMENTCRITICAL - PROCESSES RetailCommercial ClaimsAbility to receive new-claims by phoneCheck Policy CoversLog approximationsCorporate AccountsEnd-Month Management AccountsFinancial Analysis PlanningYearly Operational PlanQuarterly Rolling ForecastBanking Cash LodgmentsCash Collection credit carddirect debitsTreasuryActuarialMonthly Reserving of ReviewsPRMarketingPublic RelationsRisk- ManagementOperational Risk Quarterly Operating Assurance StatementTechnological ClaimsCapability to be given new claimsCheck-Policy CoverLog-estimatesAttend to court hearingsAttend to negotiation meetingsHuman ResourcePayrollSchemesBenefitsAuditGeneral Audit workSolicitorsReceive original paper file and new instructions from Handler in Claims Department Instructing Court Agents and filing legal documents in Court.Settlements and monitoring legal diary Attending Court for hearings.Receiving and sending correspondence-legal.Conformity with Internal-Audit Policy on drawn chequesReceiving and Making telephone callsBrokerSales ManagementImplement target business basing on chosen intermediaries.Deliver on growth targets and strike rates for respective Branch areasBrokers in DistrictManagement FunctionE-Mail FacilityVoice-CommunicationsRisk Control UnitProvide uw with written report carry out Insurance Risk-Management SurveysProvide Technical advice to Commercial Underwriters and PFS Under-writingGive Quotations for new business-submissionsIssue of renewal-DocumentationPremium Processing Renewals, new orders and alterations Complete EML Forms, manage, place and process ReinsuranceExternal and Internal CommunicationFacilitiesCar-FleetPrinted MaterialStationeryCredit ControlIssue-StatementsPursue-ArrearsAgency-CancellationsQuarterly Commission-Cheques Corporate UnderwritingGive Confirmation of CoverPreparing Indemnity LettersCustomer Service Unit (CSU)Direct Callers QueriesDirect Callers PaymentsDirect Callers - Issue Indemnity CertificatesLettersDirect Callers Give QuotationsIssue Renewal-Certificates for Direct-Customers
It not possible for the RSA Insurance Ireland Limited Company to predict all probable scenarios, thus, it ought to be prepared for anything. The insurance firm is usually customer-service-based. Therefore, it is crucial to guarantee the availability and continuity of the business. From the financial view, both payments for expenses and claims, as well as, cash receipts from renewals ought to be processed daily.
The business ought to have teams that advise the client with regard to the logistics of, and the need for, setting up disaster recovery-plans in respect to critical locations in the IT architecture of the client. Thus, we can say that the essential elements in disaster recovery planning for RSA are Contingency planning Business recovery an alternative office accommodation and technology recovery.
The Business Team
In order to meet the ongoing essential amending, creating and revising of plans, the business recovery team ought to be developed (Berke, et al., 1993, pp. 23). The team will need to agree on information technology policies that need to be implemented, and on priorities of the business functions. Moreover, they will need to identify the required recovery facilities. In order for the team to advise the client in regard to the logistics of, and the need for, setting up disaster recovery-plans with respect to critical locations in the IT architecture of the client, they ought to be a suitable room from which the business team can manage disaster recovery on a short instance of time. Despite the fact that the room must be physically separate from the premises, it ought to be close. Nonetheless, it needs to have access to computers, telephones, and faxes, and be secure. In case of an emergency, the team should first assess the level of the damage before deciding on what policy to take. A variety of business functions will recuperate at different times depending on the organizational priorities. For instance, in large-organizations, certain processes may require a continuous availability (Comerio, et al. 1996, pp. 12). Only those processes that are identical ought to be identified. A strategy is only a plan if it needs to be tested to see how important it is. Any needs or issues for additional-measures can be introduced while testing. The staff ought to be trained and perform testing in recovery-site at least-once a year. Everything ought to be thoroughly documented as the plan can be improved by feedback of the staff. Implementing a business continuity plan that is successful and outsourcing it is expensive, although these costs can be justified while comparing of the costs of not-preparing one. Also, the staff can believe that there is a lesser chance of a risk taking place with the increase in safety measures.
RSA Insurance Ireland Limited
The team chose RSA Insurance Ireland Limited, a company which the procedures for disaster recovery planning are worth needed. The RSA Insurance Ireland Limited is a large multinational non-insurance company that heavily depends on information processing, as well as, its clients. In the disaster recovery plan of the RSA, as Mileti and Dennis (1999 pp. 352) observes, the business is categorized into components, and each component has specifications with a description. There are individuals accountable for each component that is provided either in house or through an out-sourcer, who maintain and creates instructions that are detailed for the retrieval of step-by-step and back-up media recovery tasks. Moreover, RSA has set up a process for notifying all those that were affected by the failure (Nigg Joanne 1995, p.14).
Designated individuals ought to be able to evaluate the relentlessness of the accident and deem its effects on ICT systems by providing a framework of procedures.
Recovery from a major-interference must be done in an orderly, cost-effective, controlled and timely manner. In view of the fact that all procedures are well-rehearsed and flexible, they are well documented. All experiences will lead to a post-incident view, making sure that all lessons that are learnt are integrated into the maintenance of procedures and plans (Godschalk, et al. 1996, pp. 31).
The RSA Insurance Ireland Limited ought to ensure that the following roles (or their equivalent) are in place outsource service team site technology recovery team Central Site Recovery Support Team and Teams as required depending on technology affected.
These teams will encompass the specialists and managers who will be accountable for the service or the technology affected at the site, encompassing delegates from any services that will be outsourced. The team that will be summoned will depend on the technology services, size of the site, and complexity.
Certain actions ought to be implemented in order to ensure that fundamentals for consolidating the information that is of necessity into the technology recovery plan are performed on a regular basis. The Review and maintenance of the risk evaluation of the capability of the on-site technology to identify specific actions and exposures, which are required, ought to be undertaken on a regular basis. Nevertheless, the RSA Insurance Ireland Limited Company ought to support other services as well as the business, and identify the end-to-end technology together with the critical processes of the business (Godschalk, et al. 1996, pp. 31).
To easily identify and find the software that is needed, the RSA Insurance Ireland Limited Company should map of the technology-components for each critical functions of the business. Important records will be needed for recovering technology, such as centrally supported or contact information requirements contracts between third party and the site for the supply of Information technology equipment and back-up information regarding the offsite-storage of media so as to protect the critical functions of the business (Emmer, 1994, pp. 23).
Furthermore, it is also of necessity to hold meetings on a regular basis with external parties. This will ensure that their capabilities and plans dovetail with the requirements of the RSA Insurance Ireland Limited Company. Plans ought to be tested on a regular basis and all-experiences will lead to the modification of existing plans. Below is a list of the critical-processes of each business-unit in RSA Insurance Ireland Limited, which can help to give a scheme of processes that need to be implemented in the insurance companies (of similar profile).
DEPARTMENTCRITICAL - PROCESSES RetailCommercial ClaimsAbility to receive new-claims by phoneCheck Policy CoversLog approximationsCorporate AccountsEnd-Month Management AccountsFinancial Analysis PlanningYearly Operational PlanQuarterly Rolling ForecastBanking Cash LodgmentsCash Collection credit carddirect debitsTreasuryActuarialMonthly Reserving of ReviewsPRMarketingPublic RelationsRisk- ManagementOperational Risk Quarterly Operating Assurance StatementTechnological ClaimsCapability to be given new claimsCheck-Policy CoverLog-estimatesAttend to court hearingsAttend to negotiation meetingsHuman ResourcePayrollSchemesBenefitsAuditGeneral Audit workSolicitorsReceive original paper file and new instructions from Handler in Claims Department Instructing Court Agents and filing legal documents in Court.Settlements and monitoring legal diary Attending Court for hearings.Receiving and sending correspondence-legal.Conformity with Internal-Audit Policy on drawn chequesReceiving and Making telephone callsBrokerSales ManagementImplement target business basing on chosen intermediaries.Deliver on growth targets and strike rates for respective Branch areasBrokers in DistrictManagement FunctionE-Mail FacilityVoice-CommunicationsRisk Control UnitProvide uw with written report carry out Insurance Risk-Management SurveysProvide Technical advice to Commercial Underwriters and PFS Under-writingGive Quotations for new business-submissionsIssue of renewal-DocumentationPremium Processing Renewals, new orders and alterations Complete EML Forms, manage, place and process ReinsuranceExternal and Internal CommunicationFacilitiesCar-FleetPrinted MaterialStationeryCredit ControlIssue-StatementsPursue-ArrearsAgency-CancellationsQuarterly Commission-Cheques Corporate UnderwritingGive Confirmation of CoverPreparing Indemnity LettersCustomer Service Unit (CSU)Direct Callers QueriesDirect Callers PaymentsDirect Callers - Issue Indemnity CertificatesLettersDirect Callers Give QuotationsIssue Renewal-Certificates for Direct-Customers
It not possible for the RSA Insurance Ireland Limited Company to predict all probable scenarios, thus, it ought to be prepared for anything. The insurance firm is usually customer-service-based. Therefore, it is crucial to guarantee the availability and continuity of the business. From the financial view, both payments for expenses and claims, as well as, cash receipts from renewals ought to be processed daily.
The business ought to have teams that advise the client with regard to the logistics of, and the need for, setting up disaster recovery-plans in respect to critical locations in the IT architecture of the client. Thus, we can say that the essential elements in disaster recovery planning for RSA are Contingency planning Business recovery an alternative office accommodation and technology recovery.
No comments:
Post a Comment