Amazon's Recovery Procedures in of Disaster - Response, Resumption, and Restoration - Case Study Example

Disaster Recovery Plan Purpose and Objectives Amazon Inc. developed the following disaster recovery plan for use in case of any disruption to its different components that allows for its standard day-to-day functions. This recovery plan aims to outline the critical recovery procedures that key personnel must perform during and after an interference to ensure normal operations resume as soon as possible. Scope The scope of the DRP outlines the technical reclamation from interference in case of substantial interference. The intent of the recovery plan must follow the business continuity plan that Amazon has adopted. The business continuity plan forms the primary document through which the disaster recovery plan is part off (Continuity and Patterns, 2011). The recovery outlines have in place different measures through which people, infrastructure, external and internal components will become recorded. The DRP will provide the following Recovery procedure guidelines Plan activation procedures Roll back guidelines to ensure the affected operations return to the standard operating state. Recovery and technical response flow Recommended personnel who will handle any disruptions to the company operations. The precise objectives of the DRP include; Instantaneously assemble a central cluster of leaders to evaluate the technical effects of disruptions. Established technical urgencies for the recovery group in the course of the reclamation phase. Decrease the effect of the disturbance to the affected business features and groups; Stage the reinstatement of processes to full dispensation abilities Allow rollback processes once the emergency has become phased out if deemed suitable by recovery personnel. Amazon operates from various states in the USA; therefore, the recovery procedures listed in the DRP should become coordinated with other groups from multiple locations. However, the plan has not outlined all the steps that all departments should adhere to in the event of a disruption or the recovery from disturbances. Authorized By Miss Victoria Edwards, Disaster Management Officer Amazon Inc. Approved By Jeff Bezos CEO, Amazon Inc. Risk Assessment Amazon Inc. is an online retail corporation. It is an indication that most of its operations and interactions with customers occur via computer networks. With increased rates of technological advancement and adverse weather conditions, the computer network vulnerability to threats continues to rise. Amazon Inc. has its headquarters in Seattle, Washington, USA. It is still at this location that the firm houses its central servers which store all information related to customer details, orders among others.It Amazon store is connected to the server indicating that any disruption to the data centers will have negative impacts on the entire firm’s operations. For the company to the likelihood of threats affecting the central servers can occur at any time. It is therefore essential for Amazon to carry out a risk assessment if the disaster recovery plan is to become effective (Du et al., 2015). The risk assessment process forms the cornerstone of any disaster management involvements by any organization. Amazon has deliberated regarding an extensive assortment of possible vulnerabilities and the outcomes of the considerations shown in the table below. Prospective Disaster Probability Ranking Impact Ranking Flood 4 2 Fire 1 4 Storms causing electrical faults 5 Sabotage by employees and other external individuals 2 1 Electrical power surges 3 1 Communications network services breakdown 2 1 Probability: 1=precisely extraordinary, 5=Very Little Effect: 1=Complete destruction, 5=Negligible infuriation Emergency Response Amazon Inc. has a special department which ensures all disasters occurring become handled promptly to reduce the negative impacts on its operations. The Emergency Operations Centre functions as the harmonization hub for disaster reaction. The hub offers a crucial acumen platform for resolution architects and recovery persons in collecting vital data manage recovery undertakings and controlling employees as the disaster state decrees (Gustin, 2010). The EOC similarly provides the staff and personnel the necessary technological platform to communicate with all Amazon branches. Correspondingly, the EOC allows for coordination with other external bodies such as the local government, outside workers, and volunteer groups. The five primary functions of the EOC include finance, logistics, operations, planning, and command. For much higher increased efficiency in services, a division of the tasks into sub-functional units is necessary. The command function has the sole duty of managing the entire disaster response activities. The operations coordinate all processes that support disaster action plans.Planning is in charge of gathering, assessing, and distributing data and harmonizing the development of disaster recovery strategies. Logistics is accountable for procuring amenities, facilities, persons, paraphernalia, and tools. Finance has the responsibility of tracing event expenses, estimates, and reimbursement of responders, contractors, and dues. All the staff in the EOC must understand their roles and responsibilities. The EOC staff must undergo thorough drilling, and training drilled about the appropriate procedures and actions, and assume regular duties and accountabilities for organizing complete disaster reaction work.Nevertheless; other external personnel from the local or federal government, volunteer agencies, and local community can support the emergency response team upon request from the company’s administration. The activation of the EOC occurs after an incident that has adverse impacts happens at the company’s Data Centre. The EOC will act as the communication link between the affected facility and corporate headquarters. It must ensure that all trained personnel get to the affected service in time. The EOC similarly must ensure necessary equipment gets to the data center and update the firm’s administration as the disaster transpires and changes. Important Personnel Contact Information It is essential for employees and other personnel to know who to call in case a problem arises in the workplace. The company should brief all the employees on the role and responsibilities of each staff during an emergency. Members from different departments should work together to share knowledge which will help in eliminating the emergence in a much more timely manner. In this case, once the data servers become affected, it is essential for employees to contact the CEO, Disaster management Officer and or the EOC supervisors. The stated personnel knows all procedures the firm must follow to ensure it secures all its data found on servers. Any loss of information will negatively affect the firm’s operations, in the long affecting its profitability index. Similarly, it is essential to have in place emergency response numbers in case of fires, flooding or injured employees. Crucial Person Contact Information Name, Title Contact Selection Communication Number Jeff Bezos Work 123456789 Chief Executive Officer Mobile 987654321 Home 012345678 Email Address Jeff.bezzos@gmail.com Victoria Edwards Work 897564231 Disaster Management Officer Mobile 687912354 Home 231546879 Email Address vedwards@gmail.com Victor Knowles Work 897456213 Emergency Operations Centre Supervisor Mobile 258741369 Home 963258741 Email Address Victor.knowles@yahoo.com Emergency Contacts Numbers Title Contact Selection Contact Number Virginia Mason Hospital and Seattle Medical Centre Telephone +1206326458 Email vmason@yahoo.com Seattle Fire Department Telephone +1456789123 Email sfd@gmail.com Fire/police/ambulance Telephone 911 Computer Contacts Name Contact Selection Contact details Microsoft Support Phone 123654987 Address 123 Seattle Washington Oracle Support Phone 9876541258 Address 7777 Seattle Washington Emergency Operations Centre Organization The EOC staff allocation is based on the following functional areas; The communication area Meeting area Media briefing section Workstation for individual team representatives. The Communication area Communication is an essential factor when it comes to the handling of disasters (Medford-Davis and Kapur, 2012). The EOC must have the latest communication equipment, and systems in place to facilitate two-way communication. The EOC station and the supporting agencies or participants at the disaster site must stay in touch at all times. The interface must have a phone line to facilitate telephone calls, television with cable or satellite connection and a cellphone that will act as a back-up in case of the weak telephone network. The EOC should have a digital answering machine. The presence of a dry-erase board and flip charts will allow for internal communication between the staff personnel at the center. Once the dry-erase board's fill-up with information, erasing is not an option before capturing the data using digital cameras. The communications area should have a different network, including separate servers from the central servers. It will ensure that even when the data center becomes affected, not interference will emerge when communication is taking place. The location of the communications area should not get interference from other networks within and outside the company. The communication area is located on the tenth floor of the Amazon headquarters building, and it has its internal servers located in a room next to it. The meeting room Once a disaster occurs, it is vital for the parties bearing the responsibility for its correction to hold meetings. In the meetings, the disaster management team will come up with ideas on how to mitigate the disaster, including the effects of the accident on the company’s operations. The meeting room should accommodate all the parties, both internal and external. The meeting room should have dry-erase boards which will allow the person in tracking the status of the incident. The meeting room should similarly have notepads which will let each member list different ideas and choose the best way forward. Recovery team workspace and media briefing The recovery team’s workspace should ensure that it will allow for the personnel to return the firm’s operations into its initial state. The workspace has more than 100 seats each with an individual table. The room has a microphone and speakers to ensure that as one addresses the team, each will get information at ease. The workspace likewise has an all-around power supply reinforced by an automatic generator in case of power failures. The room has soundproof walls to prevent disruptions from the external environment. Apportioned staff will manage the media, operating as per set procedures issued relative to dealing with post-disaster communications. The media strategies that the staff must observe is circumventing negative publicity and having answers to the questions that might become raised. The media team is comprised of; Elizabeth Lorna Emmanuel Benson Zipporah Diana. It is only the media team that should have an uninterrupted communication with mass media persons; everyone else contacted must refer callers to the press team agents. Detailed Information Activation of the recovery team must come from Jeff Bezos, Victoria Edwards or Victor Knowles. No other individual should activate the recovery team unless stated otherwise. The activation is made through the respective contact numbers of reported individuals. Amazon headquarters at Seattle Washington USA houses the central servers. Any interference to the servers will indicate that the recovery team must meet at the respective incident site. The three stated individual will arrive at the location of the incidents. They will then call the team who will reach the EOC for further details. The company has the liberty to call upon additional external staff to come and assist with disaster mitigation. Recovery Functions Details The recovery procedures will become broken down into three phases; response, resumption, and restoration. The three stages should become managed in a parallel manner as per business continuity recovery guiding principles summarized in the business continuity plan. The response phase will include all the immediate actions following the incidence of a substantial occurrence. The resumption phase includes all the activities the recovery team will undertake to ensure the operations resume as usual. The restoration phase consists of the tasks taken to restore services back to their previous levels. Response Phase Objects, events, and undertakings essential for the adversity recovery plan to begin to comprise the following; Identification of the Issue and team members The data center is affected by various factors identified in the risk assessment table. However, some of the elements might occur at the same time. It is thus essential for the recovery team to determine the exact cause of the servers’ malfunctions. The team responsible for the identification of the issue must have the right knowledge to handle such matters (EC-Council Press, 2011). Recovery personnel that lack essential tools in identifying the cause of an event might further increase its severity on the servers. It is a sign that the company might end up losing its information which forms part of vital assets. Edwards will have the responsibility for handling all the communications in relations to the assignment of roles and choosing the best strategy to become followed. Gathering Critical Information After identification of the issue, the provision of all information related to the cause of the disaster must follow. The report should be accurate, concise and timely to facilitate the coming up with practical recovery procedures (Picket, 2013). The data to be gathered ranges from any issues that remain unresolved, additional resources required to complete the recovery process, the progression of recovery and the personnel involved. Resumption Phase Once the issue has become identified and the necessary information collected, the team must come up with the required activities that will help to resume the services. Request for resources Disaster recovery requires a lot of resources which range from internal to external. In the restoration of the server back to its original status, the disaster recovery team will need the following requirements; food and water, security guards, software specialist and computer hardware. Others include data recovery personnel, additional replacement server equipment, temporary laborers, special recovery equipment and furniture. It is crucial for the staff to ensure the accurate recording of resources used during the entire period. This information is essential for the company will use it in future in case such a disaster strikes. Informing and Contacting Key Management of Status In the event of a crisis or disaster recovery operations, situations tend to exist in a dynamic nature. It, therefore, means that the standard situation might change for the better or worse. It is essential that the management becomes aware of all the undertakings. All these depend on the actions set forth by the administration, as such, without informing those promptly on any changes might negatively impact their decision-making abilities. Correspondingly, the disaster recovery team might require information from the management. It is essential to ensure a two-way communication exists between these two groups for positive results to emerge out of the entire process. The team should have in place contact numbers for individuals who head the whole operations. EOC Operations Log All operations carried out by the EOC, and its staff should become recorded in the official log-book. The logbook must have the following information; the name of supervisors, the team handling the disaster recovery, time taken in correcting the disruption, the additional resources used, emergency telephone numbers, recovery procedure timeline, minutes from meetings held and briefing reports. Restoration Phase In the course of the restoration stage, the phases taken to allow for reclamation varies grounded on the category of problem. The processes for every recovery setup include; The determination of whether failback to original servers will become followed (Eshel et al.,2011) Restoration of the original data center Comprehensive failback (Eshel, et al.,2011) Test failback Determine whether failback was successful. Recovery Preparedness The plans followed by the team should not become discarded. Instead, due to the ever-changing technology continues updating of the programs is essential. The EOC personnel has the sole responsibility for updating and reviewing the disaster recovery procedures as per set time frame. Disaster Recovery Plan Review Timetable Name of Individual Bringing up-to-date DRP Date Updated Explanation Version Approved By Vivian Jerusa December 1st, 2017 EOC should have a supervisor in charge #7 Victoria Edwards References Continuity, F. B., & Patterns, D. P. P. (2011). Findings from Current Research. Citizen preparedness review. Winter, 8. Du, Y., Ding, Y., Li, Z., & Cao, G. (2015). The role of hazard vulnerability assessments in disaster preparedness and prevention in China. Mil Med Res, 2, 27. EC-Council Press. (2011). Security and vulnerability assessment. Clifton Park, NY: Course Technology Cengage Learning. Gustin, J. F. (2010). Disaster & recovery planning: A guide for facility managers. Lilburn, GA: Fairmont Press. Medford-Davis, L. N., & Kapur, G. B. (2014). Preparing for effective communications during disasters: lessons from a World Health Organization quality improvement project. International journal of emergency medicine, 7(1), 15. Pickett, K. H. S. (2013). The internal auditing handbook. Hoboken, N.J: Wiley. Eshel, M. M., Gomez, J. C., & Naik, M. P. (2011). U.S. Patent No. 7,962,915. Washington, DC: U.S. Patent and Trademark Office. Read More