The document discusses disaster management and contingency planning for information systems. It defines the basic purpose of a disaster management plan as ensuring the system can start working where it stopped with no data loss. It outlines key steps in developing a disaster management plan such as identifying critical data, risks, and manual processes; testing the plan; and insuring against risks. The document also covers system controls and audits to ensure quality, integrity, and accuracy of information. It defines the contingency management process as establishing plans, procedures, and technical measures to enable effective system recovery with minimal disruption following an outage or disaster.

1. Management information system Third Year Information Technology Part 22 Disaster Management Tushar B Kute, Sandip Institute of Technology and Research Centre, Nashik http://www.tusharkute.com

2. Disaster management The disaster management plan ensures that company recovers from the disaster without much damage. Because of need to continue functioning in emergency situations, disaster management plans are often multi-layered and can address many issues of security. The basic purpose of DMP is to ensure that the system starts working from where it has stopped and there is no loss of data.

3. Disaster management plan Identify the critical areas. Calculate the probability of the occurrence of risk. Identify the critical data, programs, software and files which need to be saved. Identify the areas which could be carried out manually Get the system rolling. Identify the loopholes in the systems. Insure company against all possible risks. Identify the areas which have not lived up to expectation. Test the DMP to ensure that all steps are in place and all risks have been covered.

4. System controls and audits Why controls are required? To ensure that system work as per expectations. To ensure the quality To ensure information integrity and accuracy. Types of controls- Information system Procedure Physical facilities

5. Information system controls Input stage (Data entry) Processing Hardware Software Storage Output

6. Procedure controls Standard procedures and documentation Authorization Separation and identification of duties.

7. Physical controls Physical protection Insurance Computer failure

8. Auditing of information system It is required to check operating of system as per the plan and check the loopholes in system. The information should be periodically checked, examined or audited by an internal auditor and in addition to internal auditing there are external auditors from external firms. Types of audits- Auditing around the computer. Auditing in the computer.

9. Contingency management Contingency management supports systems to operate effectively without excessive interruption by establishing thorough plans, procedures and technical measures that can enable system to be recovered quickly and effectively following a service disruption of disaster.

10. IT Contingency management process Develop a contingency planning policy statement. Conduct the business impact analysis (BIA) Identify preventive controls Develop recovery strategies. Develop an IT contingency plan. Plan testing, training and exercises. Plan maintenance.

11. references http://en.wikipedia.org Tushar B Kute, Sandip Institute of Technology and Research Centre, Nashik http://www.tusharkute.com