Advanced Accounting Information Systems Day 21 Systems Availability and Business Continuity October 12, 2009.

Slides:



Advertisements
Similar presentations
Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Advertisements

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
Systems Availability and Business Continuity Chapter Four Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
Internal Control.
Business Continuity Mark Holloway Former Head of Change Management at Co-operative Food.
1 Continuity Planning for transportation agencies.
Business Continuity Planning and Disaster Recovery Planning
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Planning for Contingencies
SOX & ISO Protect your data and be ready to be audited!!!
FOR INTERRUPTIONS IN THE SUPPLY CHAIN Anthony Vatterott.
November 2009 Network Disaster Recovery October 2014.
Continuity of Operations Planning COOP Overview for Leadership (Date)
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies.
RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Basics of OHSAS Occupational Health & Safety Management System
Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :
Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.
9 - 1 ©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 9.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Risk Management For the Board of The Law Society 16 February 2005.
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
Evaluation of Internal Control System. Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal.
Advanced Accounting Information Systems Day 20 Control and Security Frameworks October 9, 2009.
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
EECS 4482 – Session 5 1. Understand system availability and business continuity, and recognize differences between the two. 2. Comprehend incident response.
Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
Sandra Simpson / Dene Williams – 14 th January 2008 Gemini Update.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
 2001 Prentice Hall Business Publishing, Accounting Information Systems, 8/E, Bodnar/Hopwood Systems Implementation, Operation, and Control Chapter.
CHAPTER 28 Translation of Evidence into Nursing Practice: Evidence, Clinical practice guidelines and Automated Implementation Tools.
Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.
Stanford University Emergency Exercise ‘06 Satellite Operations Center Briefing.
Advanced Accounting Information Systems Day 19 Control and Security Frameworks October 7, 2009.
Chapter 16 Presented By: Stephen Lambert Disaster Recovery and Business Continuity.
Principles of Information Systems, Sixth Edition 1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
SOLUTION What kind of plan do we need? How will we know if the work is on track to be done? How quickly can we get this done? How long will this work take.
Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.
Developing an Effective Evaluation to Check for Understanding Part 2 Susan E. Schultz, Ph.D. Evaluation Consultant PARK Teachers.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.
Exercising, Maintaining and Reviewing BCM Arrangements ERMAN TASKIN
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
Disaster Recovery Planning (DRP) DRP: The definition of business processes, their infrastructure supports and tolerances to interruptions, and formulation.
Business Continuity Planning 101
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-I)
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Business Continuity and Disaster Recovery
Review of IT General Controls
CSE 4482 – Session 9 Understand system availability and business continuity, and recognize differences between the two. Comprehend incident response systems.
CIS 359 Education for Service-- snaptutorial.com.
CIS 359 Teaching Effectively-- snaptutorial.com
CompTIA Security+ Study Guide (SY0-501)
Continuity of Operations Planning
BUSINESS CONTINUITY PLAN
Business Continuity Program Overview
Developing and testing the Plan
INPUT OUTPUT ASSURANCE
BUSINESS CONTINUITY PLAN
Presentation transcript:

Advanced Accounting Information Systems Day 21 Systems Availability and Business Continuity October 12, 2009

Announcements –Return quiz 4 –Assignment 4 –Graduate student papers – disaster recovery planning, recovery from 9/11, Katrina, etc. –Midterm on October 23 –No class on October 26

Objectives Understand system availability and business continuity and recognize differences between the two Comprehend incident response systems and their role in achieving the system availability objective Explain disaster recovery planning objectives and its design, implementation, and testing requirements Comprehend the link between business continuity and disaster recovery Understand the role of backup and recovery in disaster recovery plans

Gray Case What factors contributed to this situation? What internal controls could have reduced the likelihood that this situation occurred? What computer auditing/monitoring techniques could the Grays develop to reduce the possibility that a similar situation will occur in the future?

Questions for today Identify at least one difference between systems availability and business continuity Why is disaster recovery planning important? Is disaster recovery planning cost beneficial?

Power outage example at Northwest Airlines Problem relates to systems availability Business continuity ‘mere power outage’ morning of July 15 in Eagan MN restored in 45 minutes but operated for a prolonged period of time in a degraded manner –Over 5 minutes to print boarding ticket –Automated check-in terminals did not work –Issued manual boarding passes that could not be scanned at the gate – thus passenger database needed to be updated later –Manual luggage check in –Impact – loss of revenue, impact on image, customer dissatisfaction, inconvenience and frustration on the part of the airline employee and travelers, additional costs of manual processing

Two worries Business continuity Systems availability

Incident Response Incident Questions as incident is identified (order is important) Incident response team Nature of response Preventive measures

Disaster Recovery Disaster Postdisaster phases –Response phase –Resumption phase –Recovery phase –Restoration phase –Timeliness of action –Value of recovery

Disaster Recovery Planning Components of planning (discuss processes and resources rather than details) Assessing potential losses: disaster impact analysis Value-based recovery planning Finding criticality Disaster recovery strategies

Disaster Recovery Planning Recovery locations – New York Board of Trade – New Orleans business recovery Disaster recovery teams

Disaster Recovery Planning Disaster readiness –Walkthroughs –Rehearsals –Compliance (live) testing

Business Continuity Planning Totality of plans made to recover the business operations following a disaster Business impact analysis Business recovery

Assurance Considerations Method –Is top management supportive of maintaining a sound systems availability and business continuity plan? Are adequate resources devoted to this plan? –How is criticality defined? Is it complete and adequate for changing needs of business? –Are key systems and business processes carefully identified? Content –Is source(s) of information used to prepare BCP reliable? –What is the quality of instruments and methods used to gather data? –Does BCP reflect recent changes in business, recent acquisitions, mergers? Live testing –How often is testing performed? –Who is in charge? Are personnel warned ahead of time? –Are test results documented? Is there a follow-up process that may modify plan if problems are discovered during testing?

Questions for Wednesday Exercises 9 and 11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.