Advertisement

Modeling and Analyzing Disaster Recovery Plans as Business Processes

  • Andrzej Zalewski
  • Piotr Sztandera
  • Marcin Ludzia
  • Marek Zalewski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5219)

Abstract

The importance of business continuity and disaster recovery (BC/DR) plans has grown considerably in the recent years, becoming a well-established practice to achieve organization’s resiliency. There are several applicable standards, like BS 25999-1:2006, sets of guidelines and best practices in this field. BC/DR plans are typically text documents and exercising is still the main measure used to verify them. On the contrary, to the common practice we suggest to model BC/DR plans as business processes using ARIS methodology and models, which have proven successful in the Enterprise Resource Planning systems projects. This provides uniform representation of BC/DR plans that can be applied across the whole distributed organization, strengthens the efficiency of traditional manual analysis techniques like walk-throughs, helps to achieve completeness, consistency and makes possible computer simulation of BC/DR processes. Timing and dynamic behavior, resource utilization and completeness properties have been also defined. It is possible to analyze them with computer support based on proposed ARIS model of BC/DR plan.

Keywords

Business Process Textual Form ARIS Model Disaster Recovery Business Process Modeling Notation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    BSI: Standard BS 25999-1:2006. Business continuity management. Code of practice, http://www.bsi-global.com
  2. 2.
    ISO/IEC: Information technology – Service management – Part 1: Specification (ISO 20000-1), Part 2: Code of practice (ISO 20000-1). ISO/IEC (2005)Google Scholar
  3. 3.
    ITGI: COBIT 4.1: Control Objectives for Information and related Technology. IT Governance Institute (2007)Google Scholar
  4. 4.
    NFPA: NFPA 1600 – Standard on Disaster/Emergency Management and Business Continuity Programs. National Fire Protection Association (2007)Google Scholar
  5. 5.
    Swanson, M., et al.: Contingency Planning Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, pp. 800–834. NIST Special Publication (June 2002)Google Scholar
  6. 6.
    Snedaker, S.: Business Continuity and Disaster Recovery for IT Professionals. Elsevier, Amsterdam (2007)Google Scholar
  7. 7.
    Barbara, M., et al.: Effective Strategies to Ensure Business Continuity/Disaster Recovery. Dr. Mueller.VerlagGoogle Scholar
  8. 8.
    Thejendra, B.: Disaster Recovery and Business Continuity. IT Governance Ltd (2007)Google Scholar
  9. 9.
    Nelson, K.: Examining Factors Associated with IT Disaster Preparedness. In: Proceedings of the 39th Hawaii International Conference on System Sciences (HICSS 2006), p. 205b. IEEE, Los Alamitos (2006)CrossRefGoogle Scholar
  10. 10.
    Zambon, E., et al.: A Model Supporting Business Continuity Auditing & Planning in Information Systems. In: Second International Conference on Internet Monitoring and Protection (ICIMP 2007), pp. 33–33. IEEE, Los Alamitos (2007)CrossRefGoogle Scholar
  11. 11.
    Kepenach, R.: Business Continuity Plan Design. 8 Steps for Getting Started Designing a Plan. In: Second International Conference on Internet Monitoring and Protection (ICIMP 2007), p. 27. IEEE, Los Alamitos (2007)CrossRefGoogle Scholar
  12. 12.
    Cloth, L., Haverkort, B.R.: Model Checking for Survivability! In: Proceedings of the Second International Conference on the Quantitative Evaluation of Systems (QEST 2005), pp. 145–154. IEEE, Los Alamitos (2005)CrossRefGoogle Scholar
  13. 13.
    Hayes, P., Hammons, A.: Picking up the Pieces: Utilizing Disaster Recovery Project Management to Improve Readiness and Response. In: IEEE Industry Applications Magazine, November/December 2002, pp. 27–36. IEEE, Los Alamitos (2002)Google Scholar
  14. 14.
    Scheer, A.W.: ARIS – Business Process Frameworks. Springer, Heidelberg (1999)Google Scholar
  15. 15.
    Scheer, A.W., et al.: Business Process Automation. Springer, Heidelberg (2004)Google Scholar
  16. 16.
    Weske, M.: Business Process Management: Concepts, Languages, Architectures. Springer, Berlin (2007)Google Scholar
  17. 17.
    University of California: Disaster Prevention, Preparedness and Recovery Plan, http://palimpsest.stanford.edu/bytopic/disasters/plans/ucdaviis_disasterplan2004.pdf

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Andrzej Zalewski
    • 1
  • Piotr Sztandera
    • 1
  • Marcin Ludzia
    • 1
  • Marek Zalewski
    • 1
  1. 1.Institute of Automatic Control and Computational EngineeringWarsaw University of TechnologyWarsawPoland

Personalised recommendations