SlideShare una empresa de Scribd logo

Disaster recovery enw

Descargar como PPT, PDF
Joseph Manzelli Jr
Joseph Manzelli Jr
Tecnología
1 de 28
Disaster Recovery & Risk Management in the Digital World Joseph P. Manzelli Jr. CPA.CITP Director, Fuoco Group LLP www.fuoco.com jmanzelli@fuoco.com
IT Infrastructure Background  Main office in Hauppauge, NY (Long Island) where all servers are housed  Two other offices – NYC and North Palm Beach, Florida  Staff of about 65 individuals  5 Servers  Dual T-1’s in NYC, T-1 point-to-point (NYS-LI) T-1 and 5mb line in LI and one T-1 in Florida
Common Disaster Recovery Terms (not just for IT)  Recovery Time Objective (RTO)  Time required to recover from a disaster  Recovery Point Objective (RPO)  How much data can you afford to lose  Business Impact Analysis (BIA)  Understand the degree of potential loss  Bare Metal Recovery – Assumption you are ‘starting from scratch”
Definitions  Disaster – 1) A sudden unplanned catastrophic event causing unacceptable damage or loss 2) An event that compromises an organization’s ability to provide critical functions, processes or services fro some unacceptable period of time 3) An event where an organization’s management invokes their recovery plans  Emergency – An unexpected or impending situation that may cause injury, loss of life, destruction of property or cause the interference, loss or disruption of an organization’s normal business operations to such an extent that it poses a threat  Disaster Recovery – The ability of an organization to respond to a disaster or an interruption in services by implementing a disaster recovery plan to stabilize and restore the organization’s critical functions.  Emergency Response – The immediate reaction and response to an emergency situation commonly focusing on ensuring life safety and reducing the severity of the incident
Definitions (cont’d)  Disaster Recovery Plan – A management-approved document that defines resources, actions, tasks and data required to manage the technology recovery effort. Usually refers to the technology recovery effort. This is a component of the Business Continuity Management Program.  Business Continuity – The ability of an organization to provide service and support for its customers and to maintain its viability before, during and after a business continuity event  Business Continuity Plan – The process of developing and documenting arrangements and procedures that enable an organization lto respond to an event that lasts for an unacceptable period of time and return to performing its critical functions after an interruption
Disaster Recovery (DR) Considerations (Business Goals)  How long can we be down?  How much data loss is acceptable?  What parts of the business have to be up and when?  What constitutes a disaster?  Less downtime vs. greater DR costs
What Kind of Disaster are We Planning For  Possible Disasters  Fires (loss of access to building)  Power failures (Use of UPS systems)  Flooding (broken pipes)  Hardware failures  Data corruptions (Data backup what type – offsite?)  ISP outages (Multiple ISP use)  AC failure
Recovery Time Considerations  What is acceptable downtime? What is your goal?  How long does it take your systems to go from a completely down state to “ready for use” by staff  How long would it take to restore data to servers?  How long would it take to “switch back” to your main site after the disaster?
Disaster Recovery Communications  How will you communicate to staff that there is an emergency?  Where will people work from during a disaster?  Does everyone know how to access DR systems?  Cell phones and backup email addresses
Types of DR Sites to Consider  Cold Site – Bare metal build – rebuild & restore everything from backups  Warm Site – Full duplicates of systems & data maintained, but need work to “go live”  Hot Site – Full duplicate of ‘live’ systems and data always ready for use (failover site)  With multiple offices, we are between a Cold & Warm site option
Hosting center vs. Self-Hosted  Hosting Quality: ISP diversity, HVAC, Power?  Hosting Costs: Space, Power & Network  Equipment costs: Lease? Purchase? Rent?  Where is the DR site located? (travel issues)  How long can you operate from the DR site?  No matter what is chosen, you are maintaining two IT sites
Planning DR with Virtual Servers  Full virtualization, in computer science, is a virtualization technique used to implement a certain kind of virtual machine environment: one that provides a complete simulation of the underlying hardware. The result is a system in which all software capable of execution on the raw hardware can be run in the virtual machine. In particular, this includes all operating systems. (This is different from other forms of virtualization – which allow only certain or modified software to run within a virtual machine.)
Planning DR with Virtual Servers  Allows you to virtualize machines and cut down on hardware  Replication  Frequency & Process  VM vs. SAN based  Hosted, with agents and 3rd party  Bandwidth restrictions (how much data do you have)  Licenses (not trivial)  Windows  Replication software  VMware ESX Server license vs. Windows 2008 Server
Issues to Consider  How much work is sitting on people’s desks that is NOT digital  Exceptions is there software, files, processes not on servers or that are know by only one person  Do you have a full inventory of current equipment for the replacement of equipment and for the insurance company?  Do you have all of the software ready to restore? Consider software as a service (SaaS)  Plan should be WRITTEN and TESTED
Fuoco Group’s Plans  Tape backup of data (daily) considering offsite online backup as well  SAN Snap shots using Acronis software  Windows Shadow Copy System  Multiple T-1’s ISP’s  Considering Virtualization  Looking into CCH Global fx and CCH Document ASP
Risk Management in Digital World  Risk – The possibility of suffering harm or loss  Management – The act, manner, or practice of managing, handling, supervision, or control As the American Heritage Dictionary suggests, risk management is the process by which one attempts to manage or control the possibility of suffering loss
Overview  Enron Arthur Anderson  Spoliation (destroying evidence)  The way in which information is created, processed , and maintained in the modern, digital world has added a whole new layer of risk to the operation of any business, especially accounting firms  Email handling has spawned a whole new industry  An “ounce of prevention” will prevent “a pound of cure”
Document Management & Retention  What should be kept?  For how long?  Where is it?  How do you maintain it?  “Paperless” office  A rough rule of thumb is that if electronically stored information is accessible (actively used for information retrieval) then it is likely subject to disclosure
Huey Long Notorious Louisiana governor  Don’t write anything you can phone  Don’t phone anything you can talk  Don’t talk anything you can whisper  Don’t whisper anything you can smile  Don’t smile anything you can nod  Don’t nod anything you can wink
Retention Policy  Should you have one?  Keep everything (electronic files)  Storage space is cheap  In litigation, discovery could be expensive as you have ALL files and pure volume of information would be overwhelming  Keep nothing  Litigation – proving your side  Unlikely and unreasonable
Retention Policy  Bottom line is there is no right or wrong answer  Assess  The nature of your practice  Client base  Claim History  Applicable Law  Best Practices of comparable firms  Manage your risk by exercising good business judgment, develop procedures and stick to them
Sedona Guidelines www.thesedonaconference.org  “Absent a legal requirement to the contrary, organizations may adopt programs that routinely delete certain recorded communications, such as electronic mail, instant messaging, text messaging and voice mail”  Legal requirements could be:  Sarbanes Oxley  State law  Federal law  State accountancy regulations  Self-imposed “litigation hold”
Retention Policies  Whether hard copy or electronic the policies MUST BE  Documented  Communicated  Enforced  Updated  Train staff – make them aware
Privacy Issues  IRS reg. 7216  Mandatory consent form for outsourcing overseas  Effective January 1, 2009  Social security numbers  Redacting on copies of returns  IRS still sending notices with full social security number and address listed  Emailing of tax returns  Encryption of emails with personal information  Bank & Brokerage Account numbers/ credit card information  Deloitte 2007 Privacy & Data Protection Survey  http://www.deloitte.com/dtt/cda/doc/content/us_risk_s&P_2007%20Priv acy10Dec2007final.pdf
IT Security & Fraud Risks  External and Internal threats  Most threats and breaches are from within  Laptops  49% of companies have had laptops stolen in the past 12 months  90% are never recovered  57% of corporate crimes are linked to stolen laptops  73% of companies had no specific security policies for their laptops in 2003  25% of security breaches involving identity theft involved missing laptops  Opportunities  CISA certification (Certified Information Systems Auditor)  CFE (Certified Fraud Examiner)
Doesn’t apply to you? AICPA’s 2008 Top Technology Initiatives 1. Information Security 6. Identity and Access Management Management 2. IT Governance 7. Conforming to Assurance 3. Business Continuity Management (BCM) and and Compliance Disaster Recovery Standards Planning (DRP) 8. Business Intelligence (BI) 4. Privacy Management 9. Mobile & Remote 5. Business Process Computing Improvement (BPI) Workflow and Process 10. Document, Forms, exception Alerts Content and Knowledge Management
Honorable Mention Technology Initiatives 11. Customer Relationship Management (CRM) 12. Improved Application and Data Integration 13. Training & Competency 14. Web-deployed Applications 15. Information Portals More details http://infotech.aicpa.org/Resources/Top+Technology+Initiatives/2008+Top+10+Technology+Initiative s/2008+Top+Technologies+and+Honorable+Mentions.htm
345 Seventh Avenue 212-947-2000 8th Floor New York, NY 10001 200 Parkway Drive South 631-360-1700 Suite 302 Hauppauge, NY 11788 1224 US Highway One 561-625-6692 Suite H North Palm Beach, FL 33402 www.fuoco.com jmanzelli@fuoco.com

Recomendados

Business continuity at_northrop_grumman
Business continuity at_northrop_grummanBusiness continuity at_northrop_grumman
Business continuity at_northrop_grummanAnshuman Jaiswal
 
Rethinking Disaster Prepardness THEITS12
Rethinking Disaster Prepardness THEITS12Rethinking Disaster Prepardness THEITS12
Rethinking Disaster Prepardness THEITS12Thomas Danford
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recoveryAdeel Javaid
 
Disaster recovery plan sample 2
Disaster recovery plan sample 2Disaster recovery plan sample 2
Disaster recovery plan sample 2AbenetAsmellash
 
Bcp
BcpBcp
Bcpmadunix
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep DiveEnvision Technology Advisors
 
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)NOLAErwin
 
Small Business Backup & Disaster Recovery
Small Business Backup & Disaster RecoverySmall Business Backup & Disaster Recovery
Small Business Backup & Disaster RecoveryExigent Technologies LLC
 

Recomendados

Business continuity at_northrop_grumman
Business continuity at_northrop_grummanBusiness continuity at_northrop_grumman
Business continuity at_northrop_grummanAnshuman Jaiswal
 
Rethinking Disaster Prepardness THEITS12
Rethinking Disaster Prepardness THEITS12Rethinking Disaster Prepardness THEITS12
Rethinking Disaster Prepardness THEITS12Thomas Danford
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recoveryAdeel Javaid
 
Disaster recovery plan sample 2
Disaster recovery plan sample 2Disaster recovery plan sample 2
Disaster recovery plan sample 2AbenetAsmellash
 
Bcp
BcpBcp
Bcpmadunix
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep DiveEnvision Technology Advisors
 
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)
Customer Db Top 10 Actions For Hurricane Finalprez 091108 (2)NOLAErwin
 
Small Business Backup & Disaster Recovery
Small Business Backup & Disaster RecoverySmall Business Backup & Disaster Recovery
Small Business Backup & Disaster RecoveryExigent Technologies LLC
 
Tampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information OverloadTampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information OverloadSteven Cantler
 
ZENDAL BACKUP
ZENDAL BACKUPZENDAL BACKUP
ZENDAL BACKUPNéstor Alemán Esteban
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recoveryEdiey Smile
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planningmmohamme1124
 
Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?mlevtov
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery PlanIndeevari Ramanayake
 
The Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity LevelThe Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity LevelAxcient
 
Disaster Recovery Plan for IT
Disaster Recovery Plan for ITDisaster Recovery Plan for IT
Disaster Recovery Plan for IThhuihhui
 
Remote Data Backup Protection
Remote Data Backup ProtectionRemote Data Backup Protection
Remote Data Backup ProtectionCrystaLink Inc.
 
Harris Bdr
Harris BdrHarris Bdr
Harris Bdrwericsmith
 
Black Box Backup System
Black Box Backup SystemBlack Box Backup System
Black Box Backup SystemCSCJournals
 
Contingency Planning Guide
Contingency Planning GuideContingency Planning Guide
Contingency Planning Guiderlynes
 
The buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionThe buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionKingfin Enterprises Limited
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery PlanDavid Donovan
 
Best Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingAxcient
 
Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Nathan Winters
 
2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can providemrmwood
 
IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement) IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement) Bashar Alkhatib
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017Atef Yassin
 
Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]
Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]
Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]Michał Pałasz, Jagiellonian University in Krakow, Poland
 
Social Media NGO - praktyka ekstremalna
Social Media NGO - praktyka ekstremalnaSocial Media NGO - praktyka ekstremalna
Social Media NGO - praktyka ekstremalnaMichał Pałasz, Jagiellonian University in Krakow, Poland
 
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...Michał Pałasz, Jagiellonian University in Krakow, Poland
 

Más contenido relacionado

La actualidad más candente

Tampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information OverloadTampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information OverloadSteven Cantler
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recoveryEdiey Smile
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planningmmohamme1124
 
Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?mlevtov
 
The Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity LevelThe Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity LevelAxcient
 
Disaster Recovery Plan for IT
Disaster Recovery Plan for ITDisaster Recovery Plan for IT
Disaster Recovery Plan for IThhuihhui
 
Remote Data Backup Protection
Remote Data Backup ProtectionRemote Data Backup Protection
Remote Data Backup ProtectionCrystaLink Inc.
 
Black Box Backup System
Black Box Backup SystemBlack Box Backup System
Black Box Backup SystemCSCJournals
 
Contingency Planning Guide
Contingency Planning GuideContingency Planning Guide
Contingency Planning Guiderlynes
 
The buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionThe buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionKingfin Enterprises Limited
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery PlanDavid Donovan
 
Best Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingAxcient
 
Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Nathan Winters
 
2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can providemrmwood
 
IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement) IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement) Bashar Alkhatib
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017Atef Yassin
 

La actualidad más candente (19)

Tampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information OverloadTampa Enterprise Content Management -- Dealing with Information Overload
Tampa Enterprise Content Management -- Dealing with Information Overload
 
ZENDAL BACKUP
ZENDAL BACKUPZENDAL BACKUP
ZENDAL BACKUP
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recovery
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planning
 
Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Plan
 
The Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity LevelThe Surprising Truth About Your Disaster Recovery Maturity Level
The Surprising Truth About Your Disaster Recovery Maturity Level
 
Disaster Recovery Plan for IT
Disaster Recovery Plan for ITDisaster Recovery Plan for IT
Disaster Recovery Plan for IT
 
Remote Data Backup Protection
Remote Data Backup ProtectionRemote Data Backup Protection
Remote Data Backup Protection
 
Harris Bdr
Harris BdrHarris Bdr
Harris Bdr
 
Black Box Backup System
Black Box Backup SystemBlack Box Backup System
Black Box Backup System
 
Contingency Planning Guide
Contingency Planning GuideContingency Planning Guide
Contingency Planning Guide
 
The buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionThe buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protection
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Plan
 
Best Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and Testing
 
Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010
 
2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can provide
 
IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement) IT Disaster Recovery Readiness (Maturity Assessement)
IT Disaster Recovery Readiness (Maturity Assessement)
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
 

Destacado

баннерообменные сети
баннерообменные сетибаннерообменные сети
баннерообменные сетиLyubov0603
 
August Minutes 2010
August Minutes 2010August Minutes 2010
August Minutes 2010carlyreimer
 
June Minutes 2010
June Minutes 2010June Minutes 2010
June Minutes 2010carlyreimer
 

Destacado (7)

Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]
Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]
Memy Dawkinsa a memy internetowe - od podstaw [4 miliardy lat w kilku slajdach]
 
Social Media NGO - praktyka ekstremalna
Social Media NGO - praktyka ekstremalnaSocial Media NGO - praktyka ekstremalna
Social Media NGO - praktyka ekstremalna
 
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...
Promocja projektów naukowych i kulturalnych na facebooku. Technicznie rzecz b...
 
Kompetencje social media managera
Kompetencje social media manageraKompetencje social media managera
Kompetencje social media managera
 
баннерообменные сети
баннерообменные сетибаннерообменные сети
баннерообменные сети
 
August Minutes 2010
August Minutes 2010August Minutes 2010
August Minutes 2010
 
June Minutes 2010
June Minutes 2010June Minutes 2010
June Minutes 2010
 

Similar a Disaster recovery enw

SPSUK - When do you decide to go to the cloud?
SPSUK - When do you decide to go to the cloud?SPSUK - When do you decide to go to the cloud?
SPSUK - When do you decide to go to the cloud?Mark Stokes
 
Disaster and RecoveryBusiness Impact AnalysisSystem .docx
Disaster and RecoveryBusiness Impact AnalysisSystem .docxDisaster and RecoveryBusiness Impact AnalysisSystem .docx
Disaster and RecoveryBusiness Impact AnalysisSystem .docxduketjoy27252
 
Disaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their TechDisaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their TechTechSoup
 
Information system availibility control
Information system availibility controlInformation system availibility control
Information system availibility controlShashwat Shriparv
 
Will You Be Prepared When The Next Disaster Strikes - Whitepaper
Will You Be Prepared When The Next Disaster Strikes - WhitepaperWill You Be Prepared When The Next Disaster Strikes - Whitepaper
Will You Be Prepared When The Next Disaster Strikes - WhitepaperChristian Caracciolo
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
Enterprise Content Management
Enterprise Content ManagementEnterprise Content Management
Enterprise Content Managementchadstigall
 
Lab Datareach Presentation V5
Lab Datareach Presentation V5Lab Datareach Presentation V5
Lab Datareach Presentation V5damonhough
 
a) In terms of software risk,an event is any situation or happening .pdf
a) In terms of software risk,an event is any situation or happening .pdfa) In terms of software risk,an event is any situation or happening .pdf
a) In terms of software risk,an event is any situation or happening .pdfanushafashions
 
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxanhlodge
 
First Responders Course - Session 3 - Monitoring and Controlling Incident Costs
First Responders Course - Session 3 - Monitoring and Controlling Incident CostsFirst Responders Course - Session 3 - Monitoring and Controlling Incident Costs
First Responders Course - Session 3 - Monitoring and Controlling Incident CostsPhil Huggins FBCS CITP
 
Business Continuity and Disaster Recovery for the Modern Office
Business Continuity and Disaster Recovery for the Modern Office Business Continuity and Disaster Recovery for the Modern Office
Business Continuity and Disaster Recovery for the Modern Office Dawn Simpson
 
Business Continuity Presentation
Business Continuity PresentationBusiness Continuity Presentation
Business Continuity Presentationperry57123
 
Business Continuity Presentation[1]
Business Continuity Presentation[1]Business Continuity Presentation[1]
Business Continuity Presentation[1]jrm1224
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planningguest340570
 
Disaster recovery solution
Disaster recovery solutionDisaster recovery solution
Disaster recovery solutionAnton An
 
Business Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsBusiness Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsDataCore Software
 

Similar a Disaster recovery enw (20)

SPSUK - When do you decide to go to the cloud?
SPSUK - When do you decide to go to the cloud?SPSUK - When do you decide to go to the cloud?
SPSUK - When do you decide to go to the cloud?
 
The Cost of Downtime
The Cost of DowntimeThe Cost of Downtime
The Cost of Downtime
 
The Cost of Downtime
The Cost of DowntimeThe Cost of Downtime
The Cost of Downtime
 
Disaster and RecoveryBusiness Impact AnalysisSystem .docx
Disaster and RecoveryBusiness Impact AnalysisSystem .docxDisaster and RecoveryBusiness Impact AnalysisSystem .docx
Disaster and RecoveryBusiness Impact AnalysisSystem .docx
 
Disaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their TechDisaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their Tech
 
Information system availibility control
Information system availibility controlInformation system availibility control
Information system availibility control
 
Will You Be Prepared When The Next Disaster Strikes - Whitepaper
Will You Be Prepared When The Next Disaster Strikes - WhitepaperWill You Be Prepared When The Next Disaster Strikes - Whitepaper
Will You Be Prepared When The Next Disaster Strikes - Whitepaper
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity Capability
 
Enterprise Content Management
Enterprise Content ManagementEnterprise Content Management
Enterprise Content Management
 
Lab Datareach Presentation V5
Lab Datareach Presentation V5Lab Datareach Presentation V5
Lab Datareach Presentation V5
 
a) In terms of software risk,an event is any situation or happening .pdf
a) In terms of software risk,an event is any situation or happening .pdfa) In terms of software risk,an event is any situation or happening .pdf
a) In terms of software risk,an event is any situation or happening .pdf
 
Disaster Proof
Disaster ProofDisaster Proof
Disaster Proof
 
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
 
First Responders Course - Session 3 - Monitoring and Controlling Incident Costs
First Responders Course - Session 3 - Monitoring and Controlling Incident CostsFirst Responders Course - Session 3 - Monitoring and Controlling Incident Costs
First Responders Course - Session 3 - Monitoring and Controlling Incident Costs
 
Business Continuity and Disaster Recovery for the Modern Office
Business Continuity and Disaster Recovery for the Modern Office Business Continuity and Disaster Recovery for the Modern Office
Business Continuity and Disaster Recovery for the Modern Office
 
Business Continuity Presentation
Business Continuity PresentationBusiness Continuity Presentation
Business Continuity Presentation
 
Business Continuity Presentation[1]
Business Continuity Presentation[1]Business Continuity Presentation[1]
Business Continuity Presentation[1]
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planning
 
Disaster recovery solution
Disaster recovery solutionDisaster recovery solution
Disaster recovery solution
 
Business Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsBusiness Continuity for Mission Critical Applications
Business Continuity for Mission Critical Applications
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Disaster recovery enw

  • 1. Disaster Recovery & Risk Management in the Digital World Joseph P. Manzelli Jr. CPA.CITP Director, Fuoco Group LLP www.fuoco.com jmanzelli@fuoco.com
  • 2. IT Infrastructure Background  Main office in Hauppauge, NY (Long Island) where all servers are housed  Two other offices – NYC and North Palm Beach, Florida  Staff of about 65 individuals  5 Servers  Dual T-1’s in NYC, T-1 point-to-point (NYS-LI) T-1 and 5mb line in LI and one T-1 in Florida
  • 3. Common Disaster Recovery Terms (not just for IT)  Recovery Time Objective (RTO)  Time required to recover from a disaster  Recovery Point Objective (RPO)  How much data can you afford to lose  Business Impact Analysis (BIA)  Understand the degree of potential loss  Bare Metal Recovery – Assumption you are ‘starting from scratch”
  • 4. Definitions  Disaster – 1) A sudden unplanned catastrophic event causing unacceptable damage or loss 2) An event that compromises an organization’s ability to provide critical functions, processes or services fro some unacceptable period of time 3) An event where an organization’s management invokes their recovery plans  Emergency – An unexpected or impending situation that may cause injury, loss of life, destruction of property or cause the interference, loss or disruption of an organization’s normal business operations to such an extent that it poses a threat  Disaster Recovery – The ability of an organization to respond to a disaster or an interruption in services by implementing a disaster recovery plan to stabilize and restore the organization’s critical functions.  Emergency Response – The immediate reaction and response to an emergency situation commonly focusing on ensuring life safety and reducing the severity of the incident
  • 5. Definitions (cont’d)  Disaster Recovery Plan – A management-approved document that defines resources, actions, tasks and data required to manage the technology recovery effort. Usually refers to the technology recovery effort. This is a component of the Business Continuity Management Program.  Business Continuity – The ability of an organization to provide service and support for its customers and to maintain its viability before, during and after a business continuity event  Business Continuity Plan – The process of developing and documenting arrangements and procedures that enable an organization lto respond to an event that lasts for an unacceptable period of time and return to performing its critical functions after an interruption
  • 6. Disaster Recovery (DR) Considerations (Business Goals)  How long can we be down?  How much data loss is acceptable?  What parts of the business have to be up and when?  What constitutes a disaster?  Less downtime vs. greater DR costs
  • 7. What Kind of Disaster are We Planning For  Possible Disasters  Fires (loss of access to building)  Power failures (Use of UPS systems)  Flooding (broken pipes)  Hardware failures  Data corruptions (Data backup what type – offsite?)  ISP outages (Multiple ISP use)  AC failure
  • 8. Recovery Time Considerations  What is acceptable downtime? What is your goal?  How long does it take your systems to go from a completely down state to “ready for use” by staff  How long would it take to restore data to servers?  How long would it take to “switch back” to your main site after the disaster?
  • 9. Disaster Recovery Communications  How will you communicate to staff that there is an emergency?  Where will people work from during a disaster?  Does everyone know how to access DR systems?  Cell phones and backup email addresses
  • 10. Types of DR Sites to Consider  Cold Site – Bare metal build – rebuild & restore everything from backups  Warm Site – Full duplicates of systems & data maintained, but need work to “go live”  Hot Site – Full duplicate of ‘live’ systems and data always ready for use (failover site)  With multiple offices, we are between a Cold & Warm site option
  • 11. Hosting center vs. Self-Hosted  Hosting Quality: ISP diversity, HVAC, Power?  Hosting Costs: Space, Power & Network  Equipment costs: Lease? Purchase? Rent?  Where is the DR site located? (travel issues)  How long can you operate from the DR site?  No matter what is chosen, you are maintaining two IT sites
  • 12. Planning DR with Virtual Servers  Full virtualization, in computer science, is a virtualization technique used to implement a certain kind of virtual machine environment: one that provides a complete simulation of the underlying hardware. The result is a system in which all software capable of execution on the raw hardware can be run in the virtual machine. In particular, this includes all operating systems. (This is different from other forms of virtualization – which allow only certain or modified software to run within a virtual machine.)
  • 13. Planning DR with Virtual Servers  Allows you to virtualize machines and cut down on hardware  Replication  Frequency & Process  VM vs. SAN based  Hosted, with agents and 3rd party  Bandwidth restrictions (how much data do you have)  Licenses (not trivial)  Windows  Replication software  VMware ESX Server license vs. Windows 2008 Server
  • 14. Issues to Consider  How much work is sitting on people’s desks that is NOT digital  Exceptions is there software, files, processes not on servers or that are know by only one person  Do you have a full inventory of current equipment for the replacement of equipment and for the insurance company?  Do you have all of the software ready to restore? Consider software as a service (SaaS)  Plan should be WRITTEN and TESTED
  • 15. Fuoco Group’s Plans  Tape backup of data (daily) considering offsite online backup as well  SAN Snap shots using Acronis software  Windows Shadow Copy System  Multiple T-1’s ISP’s  Considering Virtualization  Looking into CCH Global fx and CCH Document ASP
  • 16. Risk Management in Digital World  Risk – The possibility of suffering harm or loss  Management – The act, manner, or practice of managing, handling, supervision, or control As the American Heritage Dictionary suggests, risk management is the process by which one attempts to manage or control the possibility of suffering loss
  • 17. Overview  Enron Arthur Anderson  Spoliation (destroying evidence)  The way in which information is created, processed , and maintained in the modern, digital world has added a whole new layer of risk to the operation of any business, especially accounting firms  Email handling has spawned a whole new industry  An “ounce of prevention” will prevent “a pound of cure”
  • 18. Document Management & Retention  What should be kept?  For how long?  Where is it?  How do you maintain it?  “Paperless” office  A rough rule of thumb is that if electronically stored information is accessible (actively used for information retrieval) then it is likely subject to disclosure
  • 19. Huey Long Notorious Louisiana governor  Don’t write anything you can phone  Don’t phone anything you can talk  Don’t talk anything you can whisper  Don’t whisper anything you can smile  Don’t smile anything you can nod  Don’t nod anything you can wink
  • 20. Retention Policy  Should you have one?  Keep everything (electronic files)  Storage space is cheap  In litigation, discovery could be expensive as you have ALL files and pure volume of information would be overwhelming  Keep nothing  Litigation – proving your side  Unlikely and unreasonable
  • 21. Retention Policy  Bottom line is there is no right or wrong answer  Assess  The nature of your practice  Client base  Claim History  Applicable Law  Best Practices of comparable firms  Manage your risk by exercising good business judgment, develop procedures and stick to them
  • 22. Sedona Guidelines www.thesedonaconference.org  “Absent a legal requirement to the contrary, organizations may adopt programs that routinely delete certain recorded communications, such as electronic mail, instant messaging, text messaging and voice mail”  Legal requirements could be:  Sarbanes Oxley  State law  Federal law  State accountancy regulations  Self-imposed “litigation hold”
  • 23. Retention Policies  Whether hard copy or electronic the policies MUST BE  Documented  Communicated  Enforced  Updated  Train staff – make them aware
  • 24. Privacy Issues  IRS reg. 7216  Mandatory consent form for outsourcing overseas  Effective January 1, 2009  Social security numbers  Redacting on copies of returns  IRS still sending notices with full social security number and address listed  Emailing of tax returns  Encryption of emails with personal information  Bank & Brokerage Account numbers/ credit card information  Deloitte 2007 Privacy & Data Protection Survey  http://www.deloitte.com/dtt/cda/doc/content/us_risk_s&P_2007%20Priv acy10Dec2007final.pdf
  • 25. IT Security & Fraud Risks  External and Internal threats  Most threats and breaches are from within  Laptops  49% of companies have had laptops stolen in the past 12 months  90% are never recovered  57% of corporate crimes are linked to stolen laptops  73% of companies had no specific security policies for their laptops in 2003  25% of security breaches involving identity theft involved missing laptops  Opportunities  CISA certification (Certified Information Systems Auditor)  CFE (Certified Fraud Examiner)
  • 26. Doesn’t apply to you? AICPA’s 2008 Top Technology Initiatives 1. Information Security 6. Identity and Access Management Management 2. IT Governance 7. Conforming to Assurance 3. Business Continuity Management (BCM) and and Compliance Disaster Recovery Standards Planning (DRP) 8. Business Intelligence (BI) 4. Privacy Management 9. Mobile & Remote 5. Business Process Computing Improvement (BPI) Workflow and Process 10. Document, Forms, exception Alerts Content and Knowledge Management
  • 27. Honorable Mention Technology Initiatives 11. Customer Relationship Management (CRM) 12. Improved Application and Data Integration 13. Training & Competency 14. Web-deployed Applications 15. Information Portals More details http://infotech.aicpa.org/Resources/Top+Technology+Initiatives/2008+Top+10+Technology+Initiative s/2008+Top+Technologies+and+Honorable+Mentions.htm
  • 28. 345 Seventh Avenue 212-947-2000 8th Floor New York, NY 10001 200 Parkway Drive South 631-360-1700 Suite 302 Hauppauge, NY 11788 1224 US Highway One 561-625-6692 Suite H North Palm Beach, FL 33402 www.fuoco.com jmanzelli@fuoco.com