cloud class

CSE371

Contingency plan for

CloudClass.org.bd

Group Project by: Team Awesomeness

Sl. Name I.D. Signatures

1 Samiya Yesmin 11304043

2 Protiti Khan 11304018

3 Tanzeela Rahman 12304005

4 Upama Sarkar Borna 12104034

CSE371:

Management information System

Course Instructor:

Mr. Syed Mahmudur Rahman

Section 03

15/03/2015

Acknowledgements

Group 1: Awesomeness

Sl. Name I.D. Individual Contribution

1 Samiya Yesmin 11304043

Team Leader, Report organizer and editor.

VI. IT Contingency Plan for CloudClass

VII. Budgeting

X. Conclusion

2 Protiti Khan 11304018

Executive Summary

II. IT Contingency Plan and its importance

VIII. Contingency Staff Training and Plan Testing

3 Tanzeela Rahman 12304005

Logo Design and Presentation Slide.

III. Functions of CloudClass

IV. IT Environment of Cloud Class

VI. IT Contingency Plan for CloudClass (Hardware)

4 Upama Sarkar Borna

12104034

I. Introduction

V. Integral Aspects of the Contingency Plan

IX. Contingency Plan Review Process

The video presentation was a joint effort of the entire team.

Disclaimer

www.CloudClass.org.bd is a business idea of its co-authors and is not-yet a factual business.

The co-authors acknowledge the trademarked status and trademark owners of the following word

marks mentioned in this paper:

Khan Academy, Coursera.org, Google, Facebook, OpenDrive, Adobe Premium Pro, liteCam HD,

Cannon, Dell, Camtasia Studio, Dhaka Web Host.com, Alpha.net.bd/, Avast Antivirus, Kaspersky

Security, Skype, Facetime and Viber.

http://www.cloudclass.org.bd/

Executive Summary

Natural disasters, terrorist acts, large-scale accidents, and cyber-attacks all have the potential to

cause a catastrophic loss of information technology systems and infrastructure. In the event of such

an outage, it is vital for organizations to ensure their business processes which are vital to the

mission and survival of the organization, continue. CloudClass.org.bd is a business that works with

the top universities of Bangladesh, to provide online course lectures as an alternative method to

registered students. The purpose of this report is to develop an Information technology contingency

plan for CloudClass.org.bd, in order to prepare the organization to react lucidly to an unplanned

situation. The report contains the business that is CloudClass.org.bd, the importance of IT

contingency plan. the crucial components of CloudClass that can be under threat, our contingency

plan, containing the business process continuity, disaster recovery and incident management plans.

In the review process of the contingency plan we will have a quality controller who will weekly

review the whole process. Also, we will be having a precautionary measure to determine any

possible foreseen disaster. We have also figured a budget that could be required for the said

contingency plan as well as our planned staffing and training process for our emplo yees, with

regards to the contingency plan.

Table of Contents Acknowledgements ........................................................................................................................ 2

Disclaimer ...................................................................................................................................... 2

Executive Summary ....................................................................................................................... 3

I. Introduction ........................................................................................................................... 5

II. IT Contingency Plan and Its Importance............................................................................... 6

III. Functions of CloudClass .................................................................................................... 7

a. Services of CloudClass:......................................................................................... 7

IV. IT Environment of CloudClass: ......................................................................................... 8

a. Recording Equipment: ........................................................................................... 8

b. Office Equipment: ................................................................................................. 9

V. Integral Aspects of the Contingency Plan ........................................................................... 11

a. Critical Component Items: .................................................................................. 11

b. Non Critical Component Item ............................................................................. 13

VI. IT Contingency Plan for CloudClass ............................................................................... 14

VII. IT Contingency Plan Budgeting ...................................................................................... 17

VIII. Contingency Plan Staff Training & Plan Testing ........................................................... 18

IX. Contingency Plan Review Process .................................................................................. 20

X. Conclusion........................................................................................................................... 22

Works Cited ................................................................................................................................. 23

List of Tables ............................................................................................................................... 24

List of Figures .............................................................................................................................. 24

Appendix A .................................................................................................................................. 25

I. Introduction

CloudClass is an online educational platform, much like Khan Academy and Coursera. Our

business works in collaboration the top universities of Bangladesh, to provide course lectures to

registered students only. We provide an alternative, online, method for university lectures,

which is especially required now due to the unavoidable political circumstances of Bangladesh,

which has completely disrupted the normal way of life. Although born of need, we do predict a

regular demand for online courses in future. Our domain is www.CloudClass.org.bd. A late

report by the U.S. Division of Education found that "classes with web learning (whether taught

totally online or mixed) by and large create stronger understudy learning results than do classes

with singularly eye to eye direction." Internet learning assumes a huge part in a deep rooted

training. Beside the traditional class lectures, a significant number of our collaborator

organizations are also utilizing our online stage to give their on-grounds understudies with an

enhanced learning knowledge. This mixed model of learning has demonstrated in studies to

build understudy engagement, participation and execution.

The purpose of this report is to develop an Information technology contingency plan for

CloudClass, in order to prepare the organization to react lucidly to an unplanned situation. The

report contains the business that is CloudClass, the importance of IT contingency plan. The

crucial components of CloudClass that can be under threat, our contingency plan, containing the

business process continuity, disaster recovery and incident management plans. In the review

process of the contingency plan we will have a quality controller who will weekly review the

whole process. Also, we will be having a precautionary measure to determine any possible

foreseen disaster. We have also figured a budget that could be required for the said contingency

plan as well as our planned staffing and training process for our employees, with regards to the

contingency plan.

Online Link for both report and video (Google Drive):

https://drive.google.com/open?id=0B_pM3ISxJIxkfmlrd0tIT0VvSHFKZ1FVaDZTV0w0MVV

4eGp0LUdFaWV3SFdXMEdON0I4Nk0&authuser=0


https://drive.google.com/open?id=0B_pM3ISxJIxkfmlrd0tIT0VvSHFKZ1FVaDZTV0w0MVV4eGp0LUdFaWV3SFdXMEdON0I4Nk0&authuser=0

https://drive.google.com/open?id=0B_pM3ISxJIxkfmlrd0tIT0VvSHFKZ1FVaDZTV0w0MVV4eGp0LUdFaWV3SFdXMEdON0I4Nk0&authuser=0

II. IT Contingency Plan and Its Importance In today’s world of terrorism, climate change, and an ever- increasing reliance upon Information

technology (IT), it is a vital requirement for any organization to have an IT contingency plan. The

time and money invested in developing and writing an IT contingency plan can pay enormous

dividends in the event of a major disaster. While a plan is good, it must be tested, revised as

necessary, and the people who use it must be trained. Perhaps one of the most important assets a

company has during a contingency is dedicated personnel who can solve problems not covered by

the IT contingency plan.

The National Institute of Standards and Technology states that, “IT contingency planning refers

to a coordinated strategy involving plans, procedures, and technical measures that enable the

recovery of IT systems, operations, and data after a disruption” (Swanson et al., 2002). In addition,

IT contingency planning should be part of a larger organization-wide contingency plan. The

definition of organizational contingency planning is: “A contingency plan is a comprehensive

statement of actions to be taken before, during, and after a disaster. A successful planning process

must achieve three goals: (1) create awareness of potential disasters, (2) define actions and activities

that will minimize disruptions of critical functions, and (3) develop the capability to reestablish

business operations.” (Sauter&Carafano, 2005)

IT Contingency Plan is important in order to ensure business continuity and availability of

critical resources during disasters; the plan should be documented and also tested in advance. This

will help expedite the process when the actual disaster or emergency strikes. The key to IT or

network disaster recovery is preparedness. Business vulnerabilities are ever increasing and every

organization is compelled to make appropriate disaster recovery plans and use advanced technology

to keep its network secure and stable. Network-reliant companies find it an absolute necessity to

frame disaster recovery policies and procedures to respond to the varied circumstances and

problems. Therefore the value of an IT contingency plan may seem obvious. And organizations are

more aware nowadays; for example, rapid actions taken by management of a major U.S. West

Coast bank whose headquarters was destroyed by a fire. Within a day they were able to resume

basic operations, and within a week resume all regular activities. This was made possible because

management had prepared a solid business continuity management program.

III. Functions of CloudClass

CloudClass is a user-friendly interface which facilitates learning in the university level. The

domain of our website is www.CloudClass.org.bd. Our work is not to trade the classroom

experience for a virtual one; rather we aim to enhance the education system in Bangladesh.

a. Services of CloudClass:

We provide faculties the platform for making video lectures and its supplements (PDFs,

Slides and subtitles), which our website uploads and maintains.

Access to contents has filtered authorization as per the faculty’s opinion. Each lecturer

provides us their list of students, whom they want to show their video content to, and we

create authorized usernames and password for each of them, through Windows

Communication Foundation (WCF).

Authorized students are able to stream and download the contents provided by their lecturer.

Discussion boards are provided for each course, for students to interact with their

lecturer/TA and clear out their problems

CloudClass is available as a website and as a Smartphone application, allowing students to

access and download items on the go.

CloudClass provides Google calendar urls, which when added to one’s Google calendar

provides date and time notifications for assignment submissions/tests etc.


IV. IT Environment of CloudClass:

CloudClass has an office in Niketon, with 10 soundproof recording rooms, working space for

the employees, a huge server room and a break lounge. Our website is made using the programming

language node.js, that fetches data fast and allows real- time streaming, and the compressing

software called grunt.js, for image and code compression, thus consuming very less space.

CloudClass would use OAuth2 protocol for user authentication and LTI. 1.1 protocols for

interaction with courses.

a. Recording Equipment:

Input Equipment: Each of the soundproof rooms has a

glass board with a white background for lecturers to

write on. We use touch-screen monitors and graphics

tablets for digital input. If a faculty does not want to

show their face, they can use graphics tablet which

would have their writing digitalized on the computer

screen will be recorded along with the voice audio.

Figure 1: Glass Board Notes

Video Equipment: Lectures are recorded with

standard digital single lens reflex video camera,

Canon 5D Mark II, one in each recording room.

Lighting equipment: We have day- light colour balanced lighting system that diffuses the

light and avoids strong shadow. An example of our output is given in the picture to the right.

All lighting ideas were adapted from (Wiastia, 2006)--a learning platform.

Sound Equipment: Each room has one microphone, a field mixer and an external capture

device for crystal clear audio recording. A mike in flexible boom will be attached for better

sound recording. Two sound equipment sets are kept as a back- up, at all times. Professional

consultancy of sounding equipments was received from Julie Babcock and Dan Bruns of

Videomaker.

b. Office Equipment:

Display: Dell LED monitors are used for exclusive clarity.

Computers: Each employee is equipped with an Intel i5 2.5GHz, 4GB RAM, 320GB Hard

Drive, Windows 8 computer system for their work. We have 25 computer systems,

including back-ups.

Data storage devices: For the storage of software programs, video contents, course database

along with students’ scores, assignments and discussion details and for rendering the page of

the website, we use solid state drive instead of hard-disk for our server. This provides better

reliability, fragmentation and access to change the form. Also all our data is stored on our

private company Google drive, our official cloud data storage and back-up system. Google

drive lets the employees work on different projects simultaneously.

Web Server: we use server computers to control and run our website server. Disk mirroring

will be done with data will be duplicated in separate volumes on two drives to make the

storage more fault-tolerant. However, separate disks rely upon common controller; access to

both copies of data is threatened if the controller fails. Hence we would have 3 back-up

controllers as well. Coolers are kept to keep the server cold.

Data Management System: To ensure better synchronization of the data, all the employees

will have to use the certain active directories, procedures and policies. Starting from writing

the name of each file correctly, right use of CC and BC, mailing students using mail merge

of Gmail, be able to use the admin console of Gmail properly ensuring utmost security and

the use of digital signature.

Network Components: For wireless internet, we would have a strong router to serve all of

our 23 employees and a broadband connection with high internet speed. Moreover, switches

and guards will be there as well. A router hub will be there to connect the computers to the

server so that each data stored in it can be accessed with any employee. As we have a server,

streaming devices can make the transfer of storage on cloud for our website users to watch

and download. Huge amount of cables will be needed. Various types as cable as such

coaxial, twisted-pair, sata, fibre will be used to satisfy different purposes.

Software programs: For editing audio and video, we use Adobe Premium Pro, liteCam HD

and Camtasia Studio for screen recording in case the faculty does not want to be present in

the video. Firewalls are used to keep the website safe from virus, unauthorized access, pop-

ups and unwanted advertisements.

Employees: We have 4 programmers, 3 web designers, 2 computer technicians, 5 video and

audio editors, 2 electrical and electronic engineers, 1 translator, 2 staff for cleaning and

serving coffee, 2 network engineers, for the maintenance and set up of the server and the

network components, and 4 co-founders, who make up the management team and

department heads of the company.

V. Integral Aspects of the Contingency Plan

Disasters are unavoidable but mostly volatile, and they vary in type and extent. Every business

encounters disruption. The Table, below, depicts the threats most likely to impact the

CloudClass.org.bd and components of IT system. The specific threats that are represented by (XX)

are considered the most likely to occur within that environment.

Table 1: Risk Analysis Matrix

PROBABILITY OF THREATS

Probability of Occurrence: High Medium Low

Air Conditioning Failure X

Communications Loss X

Data Destruction X

Earthquakes X

Fire X

Flooding / Water Damage X

Power Loss / Outage XX

Vandalism / Rioting XX

Below are the key components of our business that would be affected by the above mentioned

threats, and thus require an IT contingency plan:

a. Critical Component Items:

1. Hardware- In our company, hardware includes the office itself, furniture, computer, large

screen display, video, lighting and sound equipment, etc. We are considering hardware as a

critical component of our organization because these resources can be inevitably affected by

natural disaster like earthquake and fire etc. Physical damage by natural disaster will destroy all

our office equipment. This also affects the power supply and severe data loss through physical

damage of the drives (IT Disaster Recovery, 2010). As a result, we will not be able to upload

our video contents or perform any other functions. Fire which is another natural disaster can

result in hardware meltdown, as well as with slag and smoke particles winding up between the

read/compose leaders of the circle and the plate platter itself, will result in destruction.

Therefore, a contingency plan is absolutely required in case of catastrophe.

2. Data storage devices- Data constitute valuable organizational resources and it should be

managed effectively to benefit the organization. CloudClass is solely a confidential database

business. Without proper and secure database, our business will fail. Data storage is subject to

several threats that might result in total disruption of our work. For instance, data may get lost

during a system crash as a result of faulty drives or power failures or accidentally deleting or

overwriting files. Data might also be corrupted by computer viruses or stolen by hackers,

unauthorized users. Hence, in order to minimize the above mentioned risk and protect the

database, a back-up plan should be developed.

3. Network Components- Network plays an important role in interconnecting all the computers

and other communication devices. The most common problem that our network system might

experience is “server overload”. When data enters into the server at a greater rate than it can

load it causes a number of connection build up rapidly. Gradually, the server crosses the limit it

can handle and consequently get overloaded. So, if our server gets overloaded the clients will

not be able to access into the server and experience system crash, which would be just bad

business. The resulting disruption in the ease of website usage which will ruin the popularity of

our site and lessen the user rating.

4. Software- Software is a set of machine intelligible direction that coordinates a PCs processor to

perform particular operations. CloudClass.org.bd is a based-IT company. We rely on audio and

video editing software, network and database maintenance and cloud computing software

programs, heavily. So, the basic threat that we can encounter is the viral attack affecting our

software. The two most potential destructive viruses that can disrupt our software system are

listed below:

Code Red- Once infected, it will

continue to make a hundred duplicates of itself

yet because of a bug in the programming. As a

result, it will copy much more and winds up

consuming a ton of our system resource

(Jamaluddin, 2009)

Figure 2: Code-Red Virus Message

Zeus- Zeus is a Trojan horse prepared to

infect Windows computers so that it can

execute various criminal tasks.

Figure 3: Virus Zeus Message

For all these above mentioned reasons we

need a pre-planned recovery process to cope up

with any sort of disaster that might affect our

business.

b. Non Critical Component Item

1. Employees: We are considering our employees as the non-critical item for our company. The

reason behind the fact is the close supervision and commitment of the employees. Human

resources are not critical because we can easily hire employees, since candidate number is

greater in comparison with job vacancy. In addition, if any employee leaves our organization we

have a thorough replacement process to fill that position. Still, a contingency plan is required

for training the newly recruited employees to produce an uninterrupted service.

VI. IT Contingency Plan for CloudClass After reviewing the components of our business that could be under a threat, we did a business

impact analysis, and a disaster recovery plan for these components, based on which we have built a

viable and strong contingency plan to prevail over any form of disruptions that might come our

way. Our contingency plan for each of the components at risk is detailed below:

1. Hardware: CloudClass has all its hardware equipment insured.

a. A preventive control is to store the server in a clean and cold room, as shown in figure 1.

One of the main job responsibilities of the staff is to maintain these two factors. Coolers

are installed in a server room to where the temperatures kept within 20-21 degree

Celsius, at all times.

Figure 4: Temperature Controlled Room

b. To avoid short-term power outage, we use generators to support our system and have

uninterrupted power supply to lessen system failures.

c. We have a standing order understanding with our video, lighting and sound equipment

suppliers, in case of calamity. And just in case required, we keep at least two back-up of

the entire recording system sets, at one of the founder’s house.

2. Data storage devices: We already have our server class computer in place, with SSD for vast

data storage.

a. For our data back-up, we use http://www.opendrive.com cloud store. Opendrive is not

only one of the best cloud service available to business but also the most secure and

affordable cloud service present in the market (Dunn, 2014). Using cloud storage

provides our business not only with high remote and secure storage capacity but also

with additional features, such as deduplication which is a specialized data compression

technique that eliminates duplicate copies of redundant data, hence enables high data

efficiency (EMC Glossary). Cloud storage also helps enable remote access to data. And

also to ensure an additional level of data security and privacy, we use virtual private

network (VPN) for our collaborations and data backup processes (Diallo, 2014).

b. In case of natural calamities or vandalism or system failure we have the business

continuity plan in place. For the back-up of storage in case the entire office gets

destroyed all the content will be stored in large portable hard-disks which will be kept in

different locations. Disk mirroring will be done to make it feasible for the company to

sustain up-to-date copies of data in geographically dispersed locations, so that data

access can continue uninterrupted if one location is disabled.

3. Network Components: We have implemented the most logical and fail-safe solution to our

everyday networking system:

a. Cloud Hosting (Thoke). This means that we divide the resources required to run our

website over a cluster of web servers, CloudClass uses two web servers namely,

https://dhakawebhost.com/, and http://alpha.net.bd/. This allows us to easily manage

peak loads without losing any bandwidth. Thus making us impervious to server crash

and server overload disruptions.

b. Content delivery network (CDN) which will increase efficiency as it distributes the

static content of the website such as pictures and videos and puts them in location closer

to the people we are serving to. We would be using the Amazon CDN. Amazon servers

will cash our content to its servers and thus taking the load o ff our server and providing

faster usage for our website.

http://www.opendrive.com/

https://dhakawebhost.com/

http://alpha.net.bd/

4. Intellectual Property and Software Security:

a. Data theft is a major concern for CloudClass. Thus we have registered all our

intellectual property under the Main IP Laws: enacted by the Legislature, Copyright Act,

2000 (Act No. 28 of 2000, as amended up to 2005).

b. Also by implementing Kaspersky Total Security for Business, one of the world’s best

internet and antivirus security system (Rubenking, 2014), on our 25 computers our

company is virtually the safest it can be against all viruses and hackers. And in-case if

additional computers were introduced, we have Avast ProAntiVirus System as back-up.

5. Online Collaboration: CloudClass is a small business, consisting of 25 employees, of which

two are office boys. Our work is purely IT based and staff collaboration is of utmost

importance. Our 23 employees do not live in the same city, much less come to the office

regularly. Thus online collaboration is an integral part of running our business. We use Social

networks, such as Google hangouts, Facebook, Skype, Viber and Facetime, for staff interactions

and meetings (From example, see Appendix A). Our cloud service remote distance access

comes to work here as it enables us to share and work on business data, e.g. Course contents,

user information etc., in a secured platform.

6. Staffing: Having a set plan for staff hiring and training is essential for any business, be it for a

short-term inconvenience or a long term requirement. Thus it is explained in detail under “VIII.

Contingency Plan Testing & Staff Training” (page- 17)

VII. IT Contingency Plan Budgeting

When it comes to setting up a contingency plan, it is essential to make a budget plan. This helps

to figure out from where to source the financing for a contingency plan. Even an estimated budget

is better than none. Our IT contingency plan budget consists of estimated numbers, which are

subjective to economical and market price changes. With that being said, the table below depicts

our contingency plan budget requirements.

Table 2: IT Contingency Plan Budget

Sl.

No. Component Budgeted Requirement

1. Hardware Tk. 80,000

2. Cloud Server Tk. 20,000 per TB for a year

3. Network Server Tk. 10,000 per year

4. Antivirus and Internet Security Tk. 60,000 per year

5. Staffing and Training Process Tk. 25,000 per year

Our business is a website, which we cannot run without cloud and network server and security

already in place. Thus half the sums quoted here would be required for components 2, 3 and 4.

CloudClass is a profitable business with good financial record; thus we have a standing

understanding with our bank partner for instant credit loan in case of catastrophe.

VIII. Contingency Plan Staff Training &

Plan Testing

A common theme throughout this is the importance of the people who execute a contingency

plan. Staffing contingency plans involve researching each project team members' experience and

how that affects the project. By knowing who has specific educational and work experience, you

can make better decisions about the contingency plans and suitable staff replacements. If there's

enough time, potential replacements can be trained so that they have the same or similar knowledge

as the person who is no longer on the project. All staff should be thoroughly trained in their roles,

duties and responsibilities; more intense training will need to be given to those who will be in key

positions.

Training for personnel with contingency plan responsibilities should complement

testing. Therefore training will be provided at least annually; new hires with plan responsibilities

should receive training shortly after they are hired. Ultimately, all personnel involved will be

trained to the extent that they are able to execute their respective recovery procedures without aid of

the actual guide. Therefore, personnel would be trained on the following plan elements:

Cross-team coordination and communication

Reporting procedures

Security requirements

Team-specific processes

Individual responsibilities

Contingency Plan Testing Process:

The IT contingency plan must work when needed; finding out that it does not work during an

emergency is much too late. Plan testing, training, and exercises will help to establish the viability

of the organizations IT contingency plan. Plan testing will discover holes in the plan that must be

fixed, or identify procedures that seem simple on paper, but are complex in execution.

There are several methods for testing and/or exercising contingency plans to identify potential

weaknesses. Contingency plan testing and/or exercises include a determination of the effects on

organizational operations and assets (e.g., reduction in mission capability) and individuals arising

due to contingency operations in accordance with the plan.

Since there are many aspects of an IT environment to be tested, there are different kinds of tests

to be initiated. There are four basic tests to do that:

1. Walk – Through: Basic disaster recovery testing begins with a desktop walk-through activity, in

which team members review plans step by step to see if they make sense and to fully understand

their roles and responsibilities. Walkthroughs, workshops and orientation seminars are basic

training for team members. They are designed to familiarize team members with emergency

response, business continuity and crisis communications plans and their roles and

responsibilities as defined in the plans.

2. Simulated Recovery: The next kind of test, a simulated recovery, impacts specific systems and

infrastructure elements. Specifically, tests such as failover and failback of critical servers are

among the most frequently conducted. These tests not only verify the recoverability of primary

and backup servers but also the network infrastructure that supports the failover/failback and the

specialized applications that effect failover and failback.

3. Operational exercises: These extend the simulated recovery test to a wider scale, typically

testing end-to-end recovery of multiple systems, both internal and external, the associated

network infrastructures that support connectivity of those assets, and the facilities that house

primary and backup systems. These tests are highly complex, and provide a higher level of risk

compared to other tests, as multiple systems will be affected. Loss of one or more critical

systems from this kind of test could result in a serious disruption to the organization.

4. Table – Top Exercises: Tabletop exercises are discussion-based sessions where team members

meet in an informal, classroom setting to discuss their roles during an emergency and their

responses to a particular emergency situation. A facilitator guides participants through a

discussion of one or more scenarios. The duration of a tabletop exercise depends on the

audience, the topic being exercised and the exercise objectives. Many tabletop exercises can be

conducted in a few hours, so they are cost-effective tools to validate plans and capabilities.

IX. Contingency Plan Review Process

A Contingency plan review process is defined as an action that recognizes, investigates and

enhances existing techniques inside an association in order to meet the goals and objectives of an

organization.

In the review process we will check the standard of our contingency planning. The contingency

plan should be practical and flexible. We will make the plan modest and easy therefore all the staff

and communal members will be able to participate and exploit the benefit for our company. We will

ensure the effective and efficient use of our resources. The review process consists of two factors:

1. Standard Operating Procedures (SOPs): We developed a Standard Operating Procedure

(SOP) in order to assist the individual with information required to carry out their particular

task. It also assists our company to maintain in the quality control process within the

organization. It also provides comprehensive description of the work instruction which will

decrease miscommunication (Goolaup, 2011).

2. Core Contingency Planning Team (CT): In order to maintain proper monitoring of our IT

contingency plan we developed a Core Contingency Planning Team (CT). The CT consists

of three to five individuals who are responsible for the entire process. This obligation is

reflected in sets of responsibilities also internal working strategies, so that sufficient time is

allotted to empower the CT to work frequently on possibility arranging, readiness and limit

building (Choularton, 2007).

Our contingency plan review process feasibility test has to follow these four steps (as shown in

figure):

Step-1: Determining our contingency plan and objectives

Step-2: Evaluating options, vendors and planning design

Step-3: Reviewing plan investment options and providing fee benchmarking

Step-4: Completing due diligence review and document results

In order to maintain proper monitoring of our IT contingency plan, our CT will monitor and

control the review process steps. We will monitor and test the plan on a regular basis using table-

top exercises.

Figure 5: Review Process

Table-top exercise is a simple table-top exercise is a facilitated analysis of an emergency

situation in an informal, stress- free environment. It is intended to evoke valuable examination as

members look at and resolve issues taking into account existing operational plans and distinguish

where those arrangements need to be refined. There is insignificant attempt at recreation in a

tabletop exercise. Since, supplies are not utilized, assets are not conveyed, and time weights are not

presented it will help us to test the capability of our company to respond to a virtual event (Select

Your Exercise)

The contingency planning process does not end with the creation of an arrangement. It is

especially vital that the arrangement be altogether assessed when there is a change in the

circumstance or a change in the institutional environment, for example, a noteworthy change in

participation or administration of the group/division. Therefore, the process should be persistent and

we must review and modernize the plan on a regular basis.

X. Conclusion

An automobile is made up of many pieces. Every piece plays a function to keep it running; one

little disjointed piece can bring about a total shutdown of the vehicle. A business is like a well oiled

automobile, every component counts. Thus to ensure long, effective and successful business it is a

smart decision to have contingency plans in place.

In this report we have talked about the IT contingency plans of CloudClass in simple concise

details. We believe that with the steps we have taken, as described throughout the report, will

ensure a long, effective and successful business. We believe that the above mentioned IT

contingency plan, steps and procedures as described in the report, will enable our organization to

have faster response for any disruptions, to minimize risk exposure, to ensure proper business

functioning and to ensure the continuity of our business, even at the face of any disaster.

Works Cited 1. Choularton, R. (2007, March). Retrieved March 04, 2015, from Humanitarian Practice Network

Website:

http://www.odihpn.org/index.php?option=com_k2&view=item&layout=item&id=2868

2. Diallo, A. (2014, August 06). Three Ways To Protect Yourself From Hackers. Retrieved from

Forbes: http://www.forbes.com/sites/amadoudiallo/2014/08/06/three-ways-to-protect-yourself-

from-hackers/

3. Dunn, K. (2014). 2015 Best Business Cloud Storage Services. Retrieved March 01, 2015, from

Top Ten Reviews: http://business-cloud-storage-services.toptenreviews.com/

4. EGOL. (2006, Oct. 20). A Contingency Plan for your Web-Based Business. Retrieved March

01, 2015, from The Moz Blog: http://moz.com/blog/a-contingency-plan-for-your-webbased-

business

5. EMC Glossary. (n.d.). Retrieved March 03, 2015, from EMC Website:

http://www.emc.com/corporate/glossary/data-deduplication.htm

6. Goolaup, P. (2011). Preparing For Severe Weather Emergencies . Retrieved March 04, 2015,

from Mauritius Mateorological Services:

http://www.liv.ac.uk/media/livacuk/schoolofmanagement/docs/ethnographypapers2014/Liberati

_Scaratti.pdf

7. IT Disaster Recovery. (2010, March 12). Retrieved 03 01, 2015, from Respond to Disaster

website: http://www.respondtodisaster.org/it-disaster-recovery.htm

8. Jamaluddin, A. (2009). 10 Most Destructive Computer Viruses. Retrieved Feb. 28, 2015, from

Hongkiat.com: http://www.hongkiat.com/blog/famous-malicious-computer-viruses/

9. Rubenking, N. J. (2014, November 26). The Best Antivirus for 2015. Retrieved March 02, 2015,

from PC Magaznie: http://www.pcmag.com/article2/0,2817,2372364,00.asp

10. Select Your Exercise. (n.d.). Retrieved March 04, 2015, from Emergency Response Tabletop

Exercises: http://www.epa.gov/watersecurity/tools/trainingcd/Pages/exercise-menu.html

11. Thoke, O. (n.d.). Understanding What Cloud Hosting Really Is! Retrieved March 02, 2015,

from About Tech Website: http://webhosting.about.com/od/Clouding-Hosting/a/What-Is-Cloud-

Hosting-And-Should-You-Consider-It.htm

12. Wiastia. (2006). Retrieved February 20, 2015, from Wistia.com: http://wistia.com/blog

List of Tables Table 1: Risk Analysis Matrix .................................................................................................. 11

Table 2: IT Contingency Plan Budget ......................................................................................... 17

List of Figures Figure 1: Glass Board Notes .......................................................................................................... 8

Figure 2: Code-Red Virus Message ............................................................................................. 13

Figure 3: Virus Zeus Message ..................................................................................................... 13

Figure 4: Temperature Controlled Room..................................................................................... 14

Figure 5: Review Process............................................................................................................. 21

Appendix A

Our group consists of four members. Due to political unrest, we did not have much of face-to-

face meet-ups. We mostly worked and interacted through online communication. Along with

talking over the phone, we used Skype for video conferences, we created a Facebook group for

regular idea and article discussion and finally we used Google drive to store all the data articles we

collected to help each other and to shared our term paper write up files and videos. Screen Shots of

our FB group and Google Drive Folder is shared below:

cloud class

Education

contingency plan review

cse371 contingency plan

contingency plan11a

contingency planix

plan testing

contingency staff training

business process continuity

review process