Plan summary and definition
The fundamental aim of this business contingency plan is to offer the procedural guidance that will be followed in case there is an occurrence of the disaster or the organization disruptions. It is the role of every company to ensure that there are contingency plans that will be deployed to enable business continuity after there is an occurrence of the disaster within an organization. As such, the Emergency Response Department (ERD) should respond to cases of disaster occurrence within an organization.
Business Continuity plan intends to guide business against the occurrence of unforeseen events. Additionally, procedures method is deployed to ensure that orderly and timely resumption of business operation cycle through minimizing business interruption. As such, the objective of business continuity plan includes minimizing financial loss, enabling resumptions of critical operation within an organization, ensuring safety and health of all personnel and later, reduce the rate of interruptions to firm able to provide its service and products.
Plan Description Failures
This company mentioned several levels of failure might affect business continuity if there will not be taken care of. These failures are discussed below:
Environmental factors are the most challenging event that affects most of the information technologies business. These environmental factors can be described as identifiable elements within political, technological, physical, demographic, economic, and cultural environments which impact the survival, operation, and growth of the professional business. The political interference in the field of information may lead to an increment in the cases of information insecurity as a result of uncertainty in the country. This may undermine the business operation within the organization since the client’s loyalty will have been compromised. Many of the customers will disregard every small business that focuses on securing the information. Additionally, the climatic factors which include air pollution and flood may cause loss of power by that leading to system failure.
Level 1 failure will be solved within twenty-hours. When this failure is identified, the communication center will be responsible for making on-call to the department of emergency. From that, members of ERD will be held in charge of the operation. They will ensure everything is restored and the process will continue as usual. In case ERD requires some help from our member, every member should feel free to coordinate with them until everything resumes as usual. Alternatively, firefighting and fire suppression system and the environmental alarm system will be installed to deal with any other form of environmental factors. Also, it is recommendable that hazardous and combustible will be kept away from the secure zone. Bulk supplies which include stationary should also be stored in a protected region. Backup media and equipment should also be kept safe to avoid danger affecting the leading site. All these arrangements will enable ERD to deal with any form of disaster without compromising anything on the website.
Human factors are the tip of the spear when income to cases of crime occurrence. One of the facts which I considered as the most harmful and dangerous situation is information hacking. Hacking is acknowledged as the deliberate exploitation of a technological network or system to acquire unauthorized data. There are several reasons behind hackers breaching networks and computer. First, is to access financial accounts to steal the cash. Second, is to acquire confidential information such as intellectual property and trade secrets.
At last, is to cause general mayhem. Although hacking is considered difficult since the procedural means of cyber attack are always evolving, in real life, hacking is there and is increasing with a more considerable margin.
Similarly, malware s another human factor that is considered dangerous in destroying the computer system. Malware is described as the case of introducing malicious software programming to eradicate the system. Malware process begins in a low-key manner through the use of malware; a reasonable appearance of instruction on the computer screen and an operator recommend on it. This creates an open path for the cyber hacker to access information in our system.
To deal with the failure of level 2 in the communication site, the case of cyber hacking will be worked on within fifteen minutes. In case any operator realizes that there are any actions of hacking happening within site, he or she is responsible for making on-call to the person on the primary operator. The operator will deal with such case after switching off the computer and later, removing the hard disk from the monitoring CU. Further, it was a way of dealing with matters of cyber hacking every laptop will be installed with firewalls and antivirus software that are suitable preventative measures against cyber-attacks.
The project team structure is another factor that affects the significant performance of IT projects within an organization. The attribute of the members and leaders who are directly responsible for the IT project conduction jeopardize the success of an organization. This case occurs as a result of business employing and hiring incompetence personnel within an organization. Notably, a business is capable of achieving greater success or performance if the members have significant experience.
To prevent level 3 failure, a business will be holding a training and evaluation practices on an annual basis to examine it’s business operator’s capabilities. In case the level of capabilities is wanting, the business will be enforced to give adequate training which will take a week. However, to control such cases, the organization through the department of human resources will be in charge of evaluating the employee before hiring them as a way of promoting better business performance.
Plan Assumption
For the department of emergency and this company to respond to the above failure, some procedural methods should be considered. Some of these assumptions include:
In case the failure of level 1 are not met within twenty-one hours, ERD will be enforced to retreat their mission for public government intervention. As public government takes charge of the events, every member will be free to evacuate the place. However, we will be enforced to seek for more qualified helpful and meaningful gargets from the operation room as the process of restoring the operation continues. Also, it is recommendable that hazardous and combustible will be kept away from the secure zone. Bulk supplies which include stationary should also be stored in a stable region. Backup media and equipment should also be kept safe to avoid danger affecting the main site. All these arrangements will enable ERD to deal with any form of disaster without compromising anything on the website.
In the event of level 2 failure, the business operator of the computer system that was hacked will be answerable to every mess that will happen. In case the operator is proven guilty, he will be charged with one million dollars to compensate for the events. Afterward, he will be issued with a warning letter that will stand to precaution him about the importance of being steadfast and responsible.
In the event of level 3 failure, the business management will hold the managing directors answerable to poor performance. And, he will be required to submit clear financial documents as well as proper explanations before the annual general meeting.
Management of Response Emergency
After the occurrence of an event, it is difficult to plan for emergency response. As such, it requires a lot of effort to deal with recovery, response, and preparation from an occurrence of a disaster. By that, the following association will responsible for managing these business failures:
Social Recovery Management (SRM)
Emergency Response Department (ERD)
The Board of directors managing at Emergency Response Department who are responsible for managing the departments includes:
INSERT POSITIONS AND THEIR NAMES
Therefore, to curb menace that was caused by the Emergency Response Department (ERD), this organization will assign restoration roles to Social Recovery Management (SRM).
Social Recovery Management duties
INSERT DETAILS OF MEMBER ASSIGNED IN EVERY MANAGEMENT DOCKET
Operation officers
Security
Cleaner
Technologies
Human relation
Recovery
Counselor
Transportation
All these members will participate according to ensure that the organization realizes better performance in term of managing the occurrence of the disaster within an organization. Human resources management will focus on strengthening these teams in the level of rewarding the active group. This will promote competition among these teams and by that better performance will be achieved. Operation team will be expected to collaborate with the technology team to curb all the menace that might minimize the occurrence of cyber hacking. Every group should continue actively to better the environment within the organization. This restoration team is a combined effort of Social Recovery Management (SRM) and Emergency Response Department (ERD). Thus the great result is expected in reducing business crisis. To the technology team, there are expected to come up with new procedural means of mitigating data loss by storing data in the cloud database and later get informed by signing up bulletins from the Department of Homeland Security.
Set communication strategy into place
For proper business operation communication is much relevance in the case of controlling natural calamities and destruction to an organization. As such, there is a need of putting communication strategy in place to educate and inform suppliers, employees, clients, and customers what opt to be done in case of natural events occurring.
Provide financial support to the victims
After a precise investigation and confirmation of what losses the suppliers, employees, and customers underwent in the occurrence of an event. The board of management will be enforced to have an emergency meeting with the executive director of Emergency Response Department (ERD) and Social Recovery Management (SRM) to plan on the procedural method to be deployed on compensating the victims.
Area Recovery Management Teams
Area Recovery Management (ARM) is composed of Social Recovery Management (SRM) and Emergency Response Department (ERD). SRM is in charge of ensuring that all operation entailing planning, controlling and directing all aspect of the recovery mission are well performed. ERD is responsible for conducting the process of emergency. The roles of ARM are mentioned below:
Operation officers’ team will be entrusted whenever there is an occurrence of disaster or destruction within an organization. There will be responsible for directing everyone on the business floor or endangered place the place where stay.
Transportation team will in charge of making appropriate an arrangement about where business equipment and tool being at the right place at the right time — as such, there required to coordinate with the chairperson to make sure that their role does not compromise the business operation.
The of cleaners will be in charge of ensuring that every business furniture, tool, equipment, and computer are free from dust and dirt. In this team, the member should be moderate in conducting this task to avoid interfering with computer systems.
Relation officers will play a role in promoting oneness and unity among the business members. These members include suppliers, clients, employees, and clients. In case there is any inconvenience within the business, they are supposed to make sure that there is unison. The members chosen for this team should be loyal, peacemaker, and very discipline when dealing with any business case.
Security officers will be responsible for dealing with any case of hacking. If they have identified any person negotiating with external hackers, they are supposed to take immediate action of seeking help from the administrative department, including the Central Investigation Department. Also, they are in charge of business security, and they are supposed to report cases of insecurity to the managing director.
Examining of the plan
The company will make sure that plan evaluation take play after everyone. If the case of failure is recognized from a confident team, the company is supposed to make an appropriated adjustment. Similarly, the case where a negative report is issued by the team supervisor about the incorporation of one of the members, the acting recovery management board is supposed to take immediate action with a lot of seriousness by fining such a person a stipend of thousands dollar. If there is any inconvenience within these groups, an urgent meeting will be called for more clarification.
Declaration stage
If the Emergency Response Department will make a declaration that they will not be capable of dealing with the issue of dealing with natural disasters within twenty-one hours. They will be enforced to write a letter assigned by all members to show that they will be not on a position to deal with business disasters within that duration. The message will be summited to the executive board of director and precise investigation to confirm if the issue to deal with natural disaster can be held in charge by the Social Recovery Management (SRM). The chair personal of SRM will be alert about the case of taking another role. However, in the case of the executive management board lack; otherwise, they will be enforced to evaluate the facility until an estimation time is acquired.
If the process of dealing with the emergency case is estimated to be longer than twenty-one hours, the executive board of director with the support of ERD chairperson, and call upon the Business Contingency Plan activation. As such, ERT will activate a business contingency plan until recovery estimation time acquired, and Sample Company will be ready in the situation transformation.