Why a DRP Plan?
Officers and Boards address the regulatory requirements of a business continuity plan and of an IT security chart in their Governance, Risk Management and Compliance (“GRC”) policies.
Business continuity plan
Governmental, public or private companies, SMEs & multi-national entities, Non-Governmental Organizations (“NGO”) & corporations must preserve the integrity of goods, services, & information of the company, and ensure the continuity of the operations.
Legislators and controllers have established a framework of Corporate Governance for companies that struggle to develop a business continuity plan despite pressure from the insurance companies. For example, international standards (ISO 27001, ISO 22301, ISO 9001, ISO 20000); specific security policies (e.g., PCI DSS); Royal Decree of 12 August 1993 on the organization of IT security in social security institutions, etc.
DRP Agency is your partner for the mitigation of the risks associated with the discontinuity of your business activity, your IT Security, and the management of the disaster recovery crisis.
IT Governance
Information technology (“IT”) governance focuses on IT systems and their performance, security and risk management. IT governance provides a consistent framework to support the board and senior management and the municipal body in ensuring that IT efficiently and effectively supports business strategy and key initiatives.
There are four elements of IT. The first is aligning IT with the strategic goals of the business. The second is effective and efficient use of resources. The third is risk management. The fourth is visibility into the overall IT operation.
The perception of IT governance has changed from something to turn to when things go wrong into a critical success factor for public institutions and enterprises to meet their most critical business needs. Disaster recovery is critical to the IT governance that the Board or le Collège implement.
Sécurité informatique
DRP Agency integrates the audit of the PCA and the PRI plans with the design and the implementation of a certified and continue solution for IT security, business continuity, and crisis management.
The almost full dependence on the proper functioning of the IT infrastructure and of electronic information storage exposes commercial enterprises, governmental institutions and non-profit organizations to the reality of the damaging disruption of their activities:
- Disruption of IT systems, energy and gas networks
- Climate or accident risks from fire and water damage
- Loss of a computer site
- Control of physical access to buildings, computer rooms, and servers
- Protection of computer rooms and servers
- Protection of data and transactions: servers, archives, applications, mirror-systems
- Security and vulnerability of the Intranet, the Cloud, the private or semi-private Cloud
- Management of IT crashes
- Interruptions of SaaS and semi-automatic services delivery; telecommute
- Mega-transfer of data over long distances
- Cybercrime: attacks against IT infrastructure, networks, Intranet and email (spam, phishing, etc.), viruses and attacks on mobiles
- Wireless security and data access
- Management and security of mobile park (Bluetooth, WiFi, GPRS, 3G, etc.) of the company and of its customers
- Management of reputational risks and of social networks
- Etc.