Wednesday, October 24th, 2007
Since the events of Sept. 11, 2001, many customers are now proposing a program of carrier diversity for their telecommunications services, especially their long distance services. This diversity program essentially splits their network between two or more carriers. The premise of this program is an assumption that their mission critical circuits, or their entire network, cannot fail simultaneously because of a network event in one carrier’s network. However, the customer is now burdened with the coordination between multiple telecommunications providers, which consumes assets, resources, and time.
In some instances the customers are indicating the program is being mandated by the U.S. Department of Homeland Security for certain mission critical circuits such as the banking and financial industries. Route diversity is achieved by selecting two separate facility routes that have no common spans between the originating central office and the terminating central office.
>>>>>> Click Here to Read the Entire Article <<<<<<
Posted in Business Continuity Management | No Comments »
Tuesday, October 23rd, 2007
Common Risks or Threats to an Organization
Identifying threats to an organization is a critical step in the creation of a Business Continuity Plan. There are two types of threats that need to be evaluated, man made and natural threats. Here is a list of a few of the hundred’s of threats an organization may need to identify. A few of the things to consider when determining the risks/threats to your organization are location, physical security, and internet and system security measures, which are currently in place.
|
Man Made
|
Natural
|
|
Strikes
|
Hurricane
|
|
Vandalism
|
Mudslides
|
|
Theft
|
Fire
|
|
Arson
|
Pandemics
|
|
Computer Viruses
|
Flood
|
|
Power Failure/Utility Failure
|
Earthquake
|
|
Terrorist Attack
|
Tornado
|
The following sources can assist you in identifying threats:
- Us Geological Survey (www.usgs.gov)
- National Weather Service
- Army Corp. of Engineers
- OSHA
- Utilities Companies
- Internal Survey
Whether it is an internal threat, or a man made threat, the business continuity plan needs to identify the threat and the impact it will have on your organization. A great way to determine the impact is to look first at your own companies history of events, and events that have recently occurred in your geographic area .
What is the biggest threat/risk to your organization?
Lisa DuBrock is a Partner and IT Compliance Practice Manager for The Radian Group, LLC. You can contact her via email.
Posted in Business Continuity Management, General | No Comments »
Monday, October 22nd, 2007
Top News
PCAOB issues draft guidelines for risk-sensitive SOX audits in smaller corporations
Guidance covers audit of internal controls, such as informal documentation - http://www.itcinstitute.com/info.aspx?id=44094
Rate of corporate fraud holding steady, says PwC global survey
Most US respondents feel that Sarbanes-Oxley has stemmed the tide of fraud - http://www.itcinstitute.com/info.aspx?id=44095
MiFID compliance triggers storage headaches for European financial firms
Companies must retain enough data for five years to reconstruct the stages of each transaction - http://www.itcinstitute.com/info.aspx?id=44096
Houston HR-outsourcing firm suffers data breach involving 159,000 names
Stolen unencrypted laptop exposes personal information of 159,000 employees - http://www.itcinstitute.com/info.aspx?id=44097
Teen launches police SWAT assault by hacking into EMR system
False 911 call sends a SWAT team, helicopter, and police dogs to descend on a random house, endangering a couple and two toddlers - http://www.itcinstitute.com/info.aspx?id=44098
Regulation Watch
PCAOB drops regular inspection requirement for accounting firms that rarely issue audit reports
Less than half of accounting firms registered with the board are regularly involved in audits - http://www.itcinstitute.com/info.aspx?id=44099
NIST publishes two new IT security documents in 800-Series
Guidance covers IT security assessment competency and personal identity verification - http://www.itcinstitute.com/info.aspx?id=44100
Information Security Forum releases update to Standard of Good Practice
Control assessment tool is available as a free download - http://www.itcinstitute.com/info.aspx?id=44101
Nevada passes law requiring encrypted transmission of personal information
Businesses have one year to implement encryption - http://www.itcinstitute.com/info.aspx?id=44102
Prevalence of corporate litigation declines, survey shows
Many credit Sarbanes-Oxley for the situation, others point to the economy - http://www.itcinstitute.com/info.aspx?id=44105
SOX offers almost no whistleblower protection, study finds
Over three years and 491 retaliation complaints only 13 resolutions favored the complainant - http://www.itcinstitute.com/info.aspx?id=44106
Posted in General | No Comments »
