recovery and recovery and mitigation in the tmc
play

Recovery and Recovery and Mitigation in the TMC Mitigation in the - PowerPoint PPT Presentation

Recovery and Recovery and Mitigation in the TMC Mitigation in the TMC Sponsored by the Sponsored by the TMC Pooled- -Fund Study Fund Study TMC Pooled http://tmcpfs.ops.fhwa.dot.gov/index.cfm tmcpfs.ops.fhwa.dot.gov/index.cfm http:// Why


  1. Recovery and Recovery and Mitigation in the TMC Mitigation in the TMC Sponsored by the Sponsored by the TMC Pooled- -Fund Study Fund Study TMC Pooled http://tmcpfs.ops.fhwa.dot.gov/index.cfm tmcpfs.ops.fhwa.dot.gov/index.cfm http://

  2. Why Be Concerned with Recovery Why Be Concerned with Recovery and Mitigation and Mitigation • Terrorist Incidents Terrorist Incidents • • Natural Disasters Natural Disasters • • External Events External Events • • Hardware or Software Error Hardware or Software Error • • Infrastructure Issues Infrastructure Issues • • Civil Emergencies Civil Emergencies • • Employment Actions Employment Actions • • Epidemics Epidemics •

  3. Key Concepts to Understand Key Concepts to Understand • Outage Outage • • Mitigation Mitigation • • Recovery Recovery • • Recovery and Mitigation Plan Recovery and Mitigation Plan • • Alternate Site Alternate Site •

  4. Important Acronyms Important Acronyms • DRM DRM • Disaster Recovery and Mitigation Disaster Recovery and Mitigation • COOP COOP • Continuity of Operations Continuity of Operations • GETS GETS • Government Emergency Telecommunications Service Government Emergency Telecommunications Service • WPS WPS • Wireless Priority Service Wireless Priority Service • SLA SLA • Service Level Agreement Service Level Agreement • UPS UPS • Uninterruptible Power Supply Uninterruptible Power Supply

  5. Mitigation vs. Recovery Mitigation vs. Recovery • Recovery Recovery • Mitigation Mitigation • • – Access to Data Access to Data – – Fail Fail- -Over Hardware Over Hardware – Backups Backups – Establishing Backup Establishing Backup – – Access to – Access to Communications Communications Documentation Documentation – Harden TMC Harden TMC – – Personnel Activation – Personnel Activation – Anti Anti- -Virus Software Virus Software – – Chain of Command Chain of Command – – Network Intrusion Network Intrusion – – Access to Alternate Access to Alternate Prevention – Prevention Site Site – Security Standards – Security Standards – Software Licensing Software Licensing – – On On- -going Maintenance going Maintenance – – Enable Backup Enable Backup – Communications Communications – Personnel Needs Personnel Needs –

  6. Policies that affect Recovery and Policies that affect Recovery and Mitigation Mitigation • Physical and Logical Access Physical and Logical Access • Control Control • Hardware and Software Hardware and Software • Standards Standards • Communication Standards Communication Standards • • Internal Communications Internal Communications • • Inter Inter- -agency Communications agency Communications •

  7. Policies that affect Recovery and Policies that affect Recovery and Mitigation Mitigation • Communications with the Media and Public Communications with the Media and Public • • Method and Schedule of Data Backups Method and Schedule of Data Backups • • Storage of Data Backups Storage of Data Backups • • Identify who can declare an Emergency Identify who can declare an Emergency • • Procurement Authority • Procurement Authority • Access to Documentation during an emergency Access to Documentation during an emergency • • Activation of Personnel during an emergency Activation of Personnel during an emergency •

  8. The Planning Project The Planning Project • Identify the Executive Sponsor Identify the Executive Sponsor • • Establish the Mission of the TMC Establish the Mission of the TMC • • Obtain funding for Initial Planning Obtain funding for Initial Planning • • Perform a Business Impact Analysis to Perform a Business Impact Analysis to • Determine Mitigation Strategies Determine Mitigation Strategies

  9. The Planning Project The Planning Project • Identify Recovery Team Identify Recovery Team • • Develop Situational Develop Situational • Responses Responses • Prioritize Mitigation and Prioritize Mitigation and • Recovery Strategies Recovery Strategies • Establish Service Level Establish Service Level • Metrics Metrics

  10. The Planning Project The Planning Project • Select Type of Alternate Select Type of Alternate • Facility Facility • Plan Alternate Site Plan Alternate Site • • Determine Fixed Needs Determine Fixed Needs • • Obtain Funding to Implement Obtain Funding to Implement • Plan Plan • Documentation Documentation •

  11. Documenting Recovery Documenting Recovery • Contingency Plan Contingency Plan • • Network Documentation Network Documentation • • System Passwords System Passwords • • Contact List Contact List • • Process Manual Process Manual • • Procedures Manual Procedures Manual • • Policy Manual Policy Manual • • Occupant Emergency Plan Occupant Emergency Plan • • Version Control Version Control •

  12. Testing Recovery and Mitigation Testing Recovery and Mitigation • “ “Test Plan Test Plan” ” • • Schedule Schedule • • Types of testing Types of testing •

  13. Testing Recovery and Mitigation Testing Recovery and Mitigation • Backup Power Backup Power • • Data Recovery Data Recovery • • Alternate Communication Alternate Communication • Paths Paths • Test with other Agencies Test with other Agencies • • Returning to the TMC Returning to the TMC • • Post Testing Updates Post Testing Updates • • Third Party Observation Third Party Observation • • Funding for On Funding for On- -going going • Testing and Upgrades Testing and Upgrades

  14. Ongoing Activities Ongoing Activities • Ongoing Budget for Recovery and Mitigation Ongoing Budget for Recovery and Mitigation • • Establish Trigger Events and Schedules for Establish Trigger Events and Schedules for • Reviewing the Plan Reviewing the Plan • Update Documents as Necessary Update Documents as Necessary • • Configuration Management for Documents Configuration Management for Documents • • Continued Periodic Testing Continued Periodic Testing • • Hardware and Software Hardware and Software Upgrades at Upgrades at • Alternate Sites Alternate Sites

  15. Best Practices in Recovery and Best Practices in Recovery and Mitigation Mitigation • Management Commitment Management Commitment • • Establish Policies for: Establish Policies for: • – Hardware & Software Standardization Hardware & Software Standardization – – Data Backup Data Backup – – Documentation Management Plan Documentation Management Plan – – Establish Requirements for System Establish Requirements for System – Availability Availability – Roles and Responsibilities Defined and Roles and Responsibilities Defined and – Communicated Communicated

  16. Best Practices in Recovery and Best Practices in Recovery and Mitigation Mitigation • Publish TMC Mission Statement Publish TMC Mission Statement • • Prioritize Functions to be Recovered Prioritize Functions to be Recovered • • Lines of Authority Defined Lines of Authority Defined • • Define Types of Outages and Responses Define Types of Outages and Responses • • Security Standards Security Standards •

  17. Best Practices in Recovery and Best Practices in Recovery and Mitigation Mitigation • External and Internal External and Internal • Communications Communications • Develop Communications Plan Develop Communications Plan • • GETS and WPS GETS and WPS • • Establish Multiple Data Establish Multiple Data • Communications Path Communications Path

  18. Best Practices in Recovery and Best Practices in Recovery and Mitigation Mitigation • Establish Service Level Metrics Establish Service Level Metrics • • Establish an Alternate Site Establish an Alternate Site • • Develop Documentation Develop Documentation • • Perform On Perform On- -going Testing going Testing • • Assistance for Personnel During Assistance for Personnel During • Recovery Recovery

  19. Next Steps Next Steps 1. Organization Self Assessment 1. Organization Self Assessment 2. Identify Executive Sponsor 2. Identify Executive Sponsor 3. Obtain Funding for Project 3. Obtain Funding for Project 4. Establish dialog with relevant agencies 4. Establish dialog with relevant agencies 5. Begin Planning for Recovery and Mitigation 5. Begin Planning for Recovery and Mitigation

  20. Resources to Support Recovery Resources to Support Recovery and Mitigation in the TMC and Mitigation in the TMC • Recovery and Mitigation for TMCs Recovery and Mitigation for TMCs • Technical Document Technical Document • Presentation Presentation • • Fact Sheet Fact Sheet •

  21. Recovery and Mitigation for Recovery and Mitigation for TMCs Technical Document TMCs Technical Document

Recommend


More recommend