Disaster Recovery Plan
Mäkelä, Jouni (2024)
Mäkelä, Jouni
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202402022423
https://urn.fi/URN:NBN:fi:amk-202402022423
Tiivistelmä
The topic of this thesis is to research and create a disaster recovery plan for a company. Disaster recovery plan is a set of instructions on how to return a company back to normal operations after a cybersecurity disaster has happened. Normal operations can be defined as the time when a company’s as-sets and functions are operating in a normal and predictable way. Disaster recovery usually involves the whole company and all its different departments. The company I am making this thesis for has requested that the disaster recovery plan will only focus on the IT-department and its devices. That means that also this thesis will only focus on the IT-department.
Even that this thesis is being made for a company the company will stay anonymous. The thesis will have a more general look on disaster recovery and examples that are in the thesis will be made up. The company will receive separate documentation that will not be publicly included in this thesis. This is done to protect the company’s information and ensure that this thesis cannot be used to gather information about the company.
This thesis will define what disaster recovery is and what is needed for a successful disaster recovery. I will first go over what are good rules and practices when making a risk analysis based on the research material I gathered during this thesis, after going over the good rules and practices I will present a simplified version of risk analysis. After risk analysis I will go over the same things when it comes to disaster recovery. I will go over good rules and practices and then I will go over a simplified version of disaster recovery. After risk analysis and disaster recovery I will go over how to upkeep both documentations and how to improve them. This thesis was done as a development study that fol-lowed a multimethodology as the research methodology. The thesis will have both primary and secondary research material.
The goal of this thesis was to go over the theory of disaster recovery and improve the company by providing them with theory and documentation templates related to the topic. The goal of the thesis was achieved, because of the thesis, the company better understands where the weak points of the company are and if something goes wrong, the company has a better understanding of how to recover from it. For other readers this thesis can be a good starting point when thinking about creating your own disaster recovery plan.
Even that this thesis is being made for a company the company will stay anonymous. The thesis will have a more general look on disaster recovery and examples that are in the thesis will be made up. The company will receive separate documentation that will not be publicly included in this thesis. This is done to protect the company’s information and ensure that this thesis cannot be used to gather information about the company.
This thesis will define what disaster recovery is and what is needed for a successful disaster recovery. I will first go over what are good rules and practices when making a risk analysis based on the research material I gathered during this thesis, after going over the good rules and practices I will present a simplified version of risk analysis. After risk analysis I will go over the same things when it comes to disaster recovery. I will go over good rules and practices and then I will go over a simplified version of disaster recovery. After risk analysis and disaster recovery I will go over how to upkeep both documentations and how to improve them. This thesis was done as a development study that fol-lowed a multimethodology as the research methodology. The thesis will have both primary and secondary research material.
The goal of this thesis was to go over the theory of disaster recovery and improve the company by providing them with theory and documentation templates related to the topic. The goal of the thesis was achieved, because of the thesis, the company better understands where the weak points of the company are and if something goes wrong, the company has a better understanding of how to recover from it. For other readers this thesis can be a good starting point when thinking about creating your own disaster recovery plan.