Disaster Recovery Plan/Discussion

Part 1: Written Paper1.
In recent years, organizations have witnessed the impact of having effective and non-effective business continuity plans and disaster recovery plans. In todays environment, with significant potential natural disasters, terrorist threats, and other man-made threats, it is critical that organizations develop effective business continuity plans and disaster recovery plans. Select an organization that you are familiar with, such as where you currently or previously have worked, contact a local organization, or search on the Internet for the needed detail of an organization you are interested in. Prepare a disaster recovery plan policy for that organization.

1. Write a six page paper in which you:
a. Provide an overview of the organization that will be delivered to senior management, defining the business goals and objectives and the size, layout, and structure of the organization.
b. Include a diagram of the organizations network architecture and the proposed network architecture of an alternate computing facility in the event of a disaster (or the actual network architecture of the alternate computing facility if one already exists) through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
c. Develop the DRP Policy, including:
i. Disaster declaration
ii. Assessment of security
iii. Potential disaster scenarios and methods of dealing with the disaster
iv. Disaster recovery procedures
d. Develop an Incident Response Team (IRT) charter, which includes the following sections:
i. Executive summary
ii. Mission statement
iii. Incident declaration
iv. Organizational structure
v. Roles and responsibilities
vi. Information flow and methods of communication
vii. Methods and services provided by the IRT
viii. Authority and reporting procedures

PART 2 answer question at least 50 words per question and number answers to question
1. Describe how monitoring worker activities can increase the security within organizations. Describe the rationale that managers should use to determine the degree of monitoring that the organization should conduct.
Explain the extent to which you believe an organization has the right to monitor user actions and traffic. Determine the actions organizations can take to mitigate the potential issues associated with monitoring user actions and traffic.
2. Propose at least three control measures that organizations need to put in place to ensure that they remain complaint with emerging technologies and in a continually changing IT environment.
Examine the correlation of effective configuration management and change control procedures to remain compliant with emerging technologies and IT security changes.
3. Share two new insights about information systems security policies that you have discovered from this course.
Explain how this type of course is essential for every information systems security professional..
4. Write a speech that you would give to a friend in an elevator summing up the contents of this course. You have 30 90 seconds to inform your friend of the most important elements. Go!
The textbook identified several areas of information systems security policies. Sum up the most important concept that you learned in 160 characters or less.(Workstation polices)