ACC 676 Module Six Activity Guidelines and Rubric

Scenario

You are an auditor for Wagging Tails, a pet supply company that wants to implement a business continuity plan. Your manager has asked you to compose an interdepartmental memo about business continuity and disaster recovery planning. You decide to begin your research by exploring situations other companies have faced relating to business continuity planning and disaster recovery planning. You focus your research on the potential risks of not having adequate business continuity or disaster recovery plans for a specific system or application, possible solutions to address internal control risks in the AIS, and the costs to have proper controls.

This activity will help you with Project Two, where you will be required to analyze the implementation of IT general controls to the sales process being audited.

Module Resource:

The average cost of a data breach in 2022 cost $4.35 million. In 2023, this is expected to grow to $5 million. Globally, cybercrime is predicted to cost $8 trillion in 2023. This is expected to grow to $10.5 trillion by 2025. By replicating data in real-time or on a scheduled basis, file replication software can ensure that critical business data is available and recoverable in an outage or disaster, helping organizations maintain business continuity and minimizing downtime with its subsequent repercussions.

The 2022 IBM Cost of Data Breach Report indicated that the average cost of a data breach in 2022 was $4.35 million , and Acronis estimates that data breaches in 2023 will cost $5 million. Globally, cybercrime is predicted to cost more than $8 trillion in 2023, according to a report by Cybersecurity Ventures, and this number is expected to rise to $10.5 trillion annually by 2025.

These figures highlight the continued need for implementing preventative measures by businesses across all sectors, especially those dealing with sensitive and personal data.

How does data loss affect an organization?

Downtime from a data breach may result in lost sales and potential lawsuits. There is also reduced productivity and increased strain on IT departments and all staff. As essential data is unavailable, making informed decisions can be challenging.

Furthermore, regulatory non-compliance may lead to fines and legal penalties. Regulations like the General Data Protection Regulation (GDPR) and The Health Insurance Portability and Accountability Act (HIPAA) require businesses to protect personal data; a data loss event can result in penalties. The loss of critical records can also result in fines as regulations like Sarbanes-Oxley, Food and Drug Administration (FDA), and the Financial Industry Regulatory Authority (FINRA) require companies to retain certain records for specific periods.

Unfortunately, these internal repercussions are not the only ones to consider. Loss of reputation and customer trust also negatively impact the business, especially if customers become aware of regulatory violations and fines.

Therefore, it is of the utmost importance for companies to implement measures to prevent data loss and ensure regulatory compliance.

How file replication software is used for disaster recovery and business continuity

File replication software copies data from a primary location to a secondary site in real-time. Should the primary location fail, the secondary site can be used to continue operations. This way, if a disaster occurs at the primary site, the secondary site can be activated immediately, minimizing downtime and data loss. This helps to ensure that businesses can continue to function even in the event of a disaster network failure or other interruption at the primary location.

"The costs of a data breach and loss are too significant to take lightly. Early in 2023, we saw data breaches of T-Mobile, Mailchimp, and Chick-Fil-A, highlighting how important it is to take the necessary steps to protect your data," says A. El Haddi, CTO and Founder of EnduraData.

He continues to say, "To make the file replication process more manageable, automation and avoiding the need for manual backup processes is vital. Automated file replication frees up staff time, improves efficiency, and offers scalability benefits, and the growing data volumes may be accommodated."

EnduraData File Sync and Replication Software Solutions transfer data automatically between systems, storages, clusters, LANs, WANs, metro areas, and geolocations. It only sends deltas to reduce the bandwidth and windows of vulnerabilities. Furthermore, data may be integrated from numerous sources and delivered to business processes, analytics, and BI. Stringent security measures ensure that companies who use EnduraData may rest assured that their data is as safe as possible.

Furthermore, EnduraData can also combine data copies with previous version archives and snapshots to increase protection.

This is solidified because the Social Security Administration (SSA.GOV), which deals with very sensitive and critical data, trusts EnduraData's Linux data replication and file sync to protect said data.

Final take

In light of the immense costs of data breaches and data loss, businesses must ensure continuity should the worse occur. Prevention remains better than cure, so companies are becoming increasingly aware of the need for file replication software solutions from companies who have proved their mettle in the industry.

As A. El Haddi notes, "the initial cost of investing in file sync and replication software is minuscule compared to the costs of a data breach and data loss. Business continuity is at the core of business operations, as it protects revenue, maintains customer trust, preserves reputation, complies with regulations, and ensures employee productivity. It is a critical part of any organization's risk management strategy."

Copyright Cyprus Mail 2022 Provided by SyndiGate Media Inc. ( Syndigate.info ).

Copyright: COPYRIGHT 2023 SyndiGate Media Inc.http://www.cyprus-mail.com

Directions

Use the knowledge you gained from this module's resources and your own personal research (Except T-Mobile) to explore the costs and benefits of specific risks and the impact of assessing risk on the system. You will compose an interdepartmental memo to explain your findings.

Specifically, you must address the following rubric criteria:

1. Summarize a specific company's situation that involved business continuity and disaster recovery planning.
2. Explain the impact the situation had on the organization.
3. Assess the risks of the organization not having adequate business continuity or disaster recovery plans.
4. Describe the potential effect of conducting risk assessment in the AIS.
5. Analyze the costs the organization incurred to implement proper disaster recovery or business continuity controls.
6. Analyze the benefits the organization experienced by implementing proper disaster recovery or business continuity controls.