HOW PREPARED ARE YOU?

 


By Catherine Weyhausen

In May of 1990 the New York Contingency Planners Exchange Group distributed a survey on data systems security and contingency planning to several organizations at their quarterly meeting. The following are the results of the 21 organizations who participated.

1. Organizations with documented procedures for identifying critical business functions and associated data systems applications: 52%

2. Organizations that have identified critical business functions and the associated data systems applications: 81%

Using documented procedures: 43%

Without documented procedures: 33%

3. Organizations with documented procedures for identifying sensitive data (i.e., personally identifiable and critical data or data supporting critical functions): 52%

4. Organizations that have identified sensitive information: 76%

Its critical data: 76%

In either case,

Using the documented procedures: 43%

Without documented procedures: 33%

5. Organizations with critical data stored off-site: 90%

With data sent off-site and retrieved via a regularly scheduled procedure: 71%

Organizations anticipating a need for on-line vaulting: 71%

6. Organizations with a documented Crisis Management Plan: 57%

With a Business Resumption Plan for office facilities: 43%

With a Disaster Recovery Plan for the critical data systems: 57%

With Contingency Planning for Voice Communications: 52%

With Contingency Planning for Data Communications: 67%

7. Organizations that have considered

Alternate sites within the organization: 67%

Subscription vendors: 52%

Dedicated hot-site internal location: 52%

Dedicated hot-site vendor location: 43%

8. Organizations with a proactive Data Security Awareness Program in place: 38%

The following results are an average of the respondents surveyed.

9. When the plan was last tested: Within the year

Frequency of testing: 1.3 times annually

10. Estimate of how long the organization can operate without its computer systems before

Revenue is impacted: 20 hours

Business is lost: 29 hours

11. Most important components of Data Security Awareness Program:

* Education and Awareness

* Audits and Reviews



This survey provided by AT&T.

This article adapted from Vol. 3 No. 4, p. 22.


DR World Main Index  |  Return to DRJ's Homepage


Disaster Recovery Worldİ 1999, and Disaster Recovery Journalİ 1999, are copyrighted by Systems Support, Inc. All rights reserved. Reproduction in whole or part is prohibited without the express written permission form Systems Support, Inc.