The final Project is due next week. There are no graded activities this week so be sure to continue working on the final project. Develop a disaster recovery plan for an organization. There are many different templates available online for you to use as reference and guidance. Your plan should cover the following sections (these sections detail the elements in a DR plan in the sequence defined by industry compliance standards ISO 27031 and ISO 24762)

Disaster recovery planning is necessary for the organizations. Commercial activity is a must for any organization in order to make money and create a following. For the most part, organizations may choose between on- and off-site data storage. There is important and secret information in all of their safes. All of the data is at risk if the information is kept on-site. Therefore, it is essential to have safe back-ups. The company must have a plan in place in the event of a disaster. Contingency plans may be described as a back-up plan to the initial or planned one. There is a purpose for them in risk management. They are usually carried out by the government or a commercial organization. As an example, a business bus transporting employee crashed with another vehicle, killing some and wounding many more. Corporations in this situation are either heartbroken or compelled to take a risk in order to bear the loss, or they may even have to explain to the necessary authorities what happened. An insurance policy may incorporate the company's policy and procedures depending on the kind of loss or disaster. Every kind of crisis that might occur at any level of an organization needs an efficient disaster recovery strategy in order to be successful. Each company has its own set of regulations and procedures in order to function successfully. A company's security systems may be vulnerable to cyber-attacks and hacking if they are subjected to unusual attacks. The disaster rescue team and the CSIRT team can handle all of these challenges. When natural catastrophes strike again, these teams' principal goal is to keep business operations and output running as normal and to assist in the continuance of such activities. (Elder, 2019)

Roles and Responsibilities

This team is responsible for creating and implementing an industry's business continuity strategies in the event of an emergency. It's also within their responsibilities to restore the procedures and functions. It is essential to have a disaster response team in place in order to execute and maintain a disaster recovery strategy properly. In the end, we have no idea what the future holds. It is impossible to foresee what will happen in the future. All of these steps are being organized by an emergency readiness team so that services may be restored as quickly as possible. These institutions are in charge of devising a plan of action after a calamity. The size and location of a team have a direct effect on how effectively it performs. In order to give the finest options for data, cloud, and application backups, there is no lag in the team's efforts. In order to get the job done quickly, speed is key. In the case of a crisis, a disaster recovery team must analyses consumers, threats, security issues, regulations, and forms. In order for the whole structure to be reconstructed from the ground up, each department's head must be persuaded that this is possible. Because of the possibility of a natural disaster. A catastrophe recovery team's preparation offers several benefits, among them. It is important for a team to organize in such a manner that people have most of the relevant plans on hand at all times. Make sure you're up to speed on the newest developments in your field. A precise set of operational parameters and limitations must be met for it to perform properly. A wide range of issues must be taken into account while designing the project. At this phase, resources must be procured. In order for them to be effective part of the group, their tasks and functions need to be established. (Kumari, 2021)

Incident Response

In the event of an issue, the Organization will be responsible for dealing with it. Receives all security breaches reports, assesses the reports, and then provides any information requested by the senders to those who are in charge of investigating. CSIRTs are companies or teams that often perform proactive responsibilities. As a manager or leader, you must listen to and accept the advice of your coworkers. Customers may call the support desk or hotline for assistance. The incidents will be handled by incident handlers. Security concerns will be handled by vulnerability handlers. To assist new hires, mentors are always ready to provide a helping hand. You'll need to have those qualifications to operate in the CSIRT.

Depending on the nature of the catastrophe, recovery may be categorized into three parts:

Preventative measures, rather than remedial ones

Efforts to improve precision

A police detective's toolbox

At this moment, we don't know what the future holds. Prediction of events cannot be achieved without accepting that it is impossible. Data security is the obligation of any business or organization, regardless of size. Situated in a new location When there is a data breach, natural disaster, or other unexpected misfortune, organizations may continue about their everyday business. Errors and omissions caused by humans. The frequency with which hackers attempt to infiltrate a system or compromise its security is on the rise. However, even though we've backed up anything, we're experiencing issues. There must be consideration given to whether area has on- or off-site warehouses. It's impossible for either to be ideal, yet both have their benefits and drawbacks. (Hooper, 2019)

Plan Activation

Firms that have well-documented and structured disaster recovery plans are better able to rapidly return to business when an unanticipated catastrophe occurs. A Disaster Recovery Strategies (DRS) is a necessary component of a Business Contingency Planning. Many parts of a company's operation depend on the well IT system. There are ways to assist organizations retrieve lost data and get their systems back up and running after a disaster, even if just a fraction of the system is functional again. The electoral campaign may continue or be swiftly resumed if precautions are put in place to minimize the effect of a catastrophe. Disaster recovery plans often comprise an assessment of a company's activities and the need for a continuous supply of goods and services (continuity). It is common for an enterprise plan to begin with BIAs and RAs and recovery goals. Companies must have ways to recover and secure their data due to the rising complexity of criminality and cybersecurity breaches. Fast response is necessary to prevent expensive downtime and reputational harm. Organizations may utilize disaster recovery plans (DRPs) to maintain track of their recovery activities and guarantee that they have been in compliance with all applicable laws and regulations.

Instances of calamities that may have been predicted include the following:

a bug in the program both the recorded and spoken word are unable to express themselves clearly

• The data center has been demolished.
• The worst-case scenario envisioning
• The campus has descended into anarchy.
• Death and destruction rips over the whole city in one fell swoop.
• The area has been devastated in an unprecedented way.
• Immediately after a catastrophic event,
• It was a total disaster for everyone throughout the world.

Preparation for disaster recovery begins by determining which business apps are critical and which are not. The RTO is used to detect whether an application is unavailable for a prolonged length of time (Recovery Time Objective). Information from backup storage must be retrieved from "recovery time objectives targets" in order to restart everyday functioning (RPO). In the wake of a tragedy, comprehensive disaster recovery defines how a company expects to handle the situation. When developing treatment protocols, rehabilitation strategies are taken into account. (Monllor, 2020)

Document History

Integrity checks are necessary to ensure that no data was lost or corrupted during the backup. For any problems, the CSIRT is responsible. Security breaches that have been reported to the proper authorities are investigated. "CSIRT" stands for "Computer Expert". Crisis response teams, are sometimes tasked with taking the initiative. Subordinates, leaders, and supervisors must be listened to and respected. The company's customer service department or phone line may be contacted by customers if they have questions or concerns. Incident handlers will be responsible for handling the incidents. Vulnerability handlers will take care of security problems. Mentors are always on hand to assist new workers in their transition into the workplace. Until you can interact with the CSIRT, you need to get a slew of credentials.

A contingency plan may be split down into three classifications:

Then save money, preventative steps are better to remedial ones.

Compatibility has been improved

The toolbox of a police investigator

We do not even know what might happen at this point. Nobody can accurately predict the future unless they acknowledge the impossibility of knowing what will transpire in the coming years. Regardless of the size of a company or organization, it is required by law to protect the privacy of its clients and consumers. Operation center relocated to a different site Businesses may continue to operate normally in the face of a data leak or other unexpected event. There has been an increasing number of systems hacked. We're continuing having problems, despite the fact that we've made many backups. There are pros and cons to both moving and storing your possessions on-site or off-site. Both also have good points and bad points.

Procedures

In the case of a disaster, business continuity plans must be devised and executed as soon as possible. Furthermore, they may be able to assist with the reinstatement of operations and systems. The formation of a disaster rescue team is essential for the efficient implementation and maintenance of a disaster plan. At this point, we have no way of knowing what the future brings. It is impossible to predict the future unless one first acknowledges that it is difficult to do so. The catastrophe rescue team has developed these procedures in order to ensure that all resources may be restored as quickly as possible. A plan of action is developed by these organizations after a natural disaster or other catastrophe. It is dependent on the size and location of the team whether they perform better or worse. The team's efforts are not slowed down in order to provide the best backup alternatives for databases, cloud-based systems, and on-premises systems.

You'll need to move rapidly if you're going to make your deadlines.

It is critical for a major accident repair crew to consider everything including consumer risks to security requirements and documentation in order to get it all back on track as quickly as possible. All supervisors must agree on the need to completely reconstruct the institution from the ground up.

 

Conclusion

One should regard them all as objectives and take the required efforts to attain them all. If a tragedy hits, whether it be a major calamity or a breach of sensitive data, the enterprise should have a comprehensive disaster recovery policy in place to ensure that it can restore or retrieve its information and that no production is lost. Information storage backup should be kept in the internet so that they can be retrieved from a database systems storage area as needed. (Fulton, 2020)

References

1.       Elder, & Elder, S. F. (2019). Faster Disaster Recovery. John Wiley & Sons, Incorporated.

2.       Kumari, & Frazier, T. G. (2021). Evaluating social capital in emergency and disaster management and hazards plans. Natural Hazards (Dordrecht), 109(1), 949–973. https://doi.org/10.1007/s11069-021-04863-x

3.      Hooper. (2019). When Diverse Norms Meet Weak Plans: The Organizational Dynamics of Urban Rubble Clearance in Post‐Earthquake Haiti. International Journal of Urban and Regional Research, 43(2), 292–312. https://doi.org/10.1111/1468-2427.12696

4.      Monllor, Pavez, I., & Pareti, S. (2020). Understanding informal volunteer behavior for fast and resilient disaster recovery: an application of entrepreneurial effectuation theory. Disaster Prevention and Management, 29(4), 575–589. https://doi.org/10.1108/DPM-05-2019-0151

5.       Fulton, Drolet, J., Lalani, N., & Smith, E. (2020). Prioritizing psychosocial services for children, youth and families postdisaster. Disaster Prevention and Management, 29(4), 591–607. https://doi.org/10.1108/DPM-09-2019-0310

The Application of a Variable in Mediation should you make a concerted effort to quit smoking but then continue to do so?

 

 

                                                       Table of content 

Introduction and Objectives Abstraction

Conclusion

References

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Introduction and Objectives Abstraction:

Addicts undergoing treatment are more likely than the general population to smoke (SUD). Government health specialists are concerned about respiratory disease and other potential hazards due to the substantial influence that cigarette smoking has on the early mortality rates of substance abusers. This study aimed to assess tobacco use prevalence in various adult demographics utilizing drug misuse treatment programs. Methods: 106,472 adults in treatment for substance use disorders smoked at least once a month, according to the English National Drug Treatment Monitoring System (NDTMS). 48.7 percent of those who began therapy admitted to smoking, with opiate users accounting for the most significant rate (61 percent ). Recent statistics indicate that 48.5 percent of the population smokes. Patients who finished treatment lost between 5% and 7% of their body weight, but only during the last stages. After the study, smoking rates increased by 5% among individuals who remained in therapy. In SUD treatment, a higher emphasis should be made on smoking cessation. Providing smoking cessation assistance to all smokers may be helpful as a part of SUD treatment.

 

MOTHERS WHO ARE NOT CIGARETTE USERS

There was no evidence of a higher prevalence of congenital disabilities in either the crude or adjusted analysis. (95 percent confidence interval: 1.01–2.58) Musculoskeletal disorders had a prevalence rate ratio of 2.63 (1.53–4.52). Smoking during pregnancy does not result in congenital abnormalities. Nonsmokers who used nicotine replacement treatment had a greater likelihood of experiencing problems. Additional evidence will be necessary to substantiate this allegation. 57–51. (OBGYN) Neonates ingest tobacco smoke in a variety of contexts. It impairs growth and raises the chance of placental and neonatal death. Children with chronic asthma, low sperm quality, and attention deficit hyperactivity disorder have long-term health effects. 5–7Smoking has not been associated with an increased frequency of birth abnormalities, except mouth clefts. Due to the tendency of mothers of children with birth abnormalities to abstain from smoking, a small sample size or a retroactive smoking recollection may obscure an effect. Extensive cohort studies with prospective smoking and confounding variables are required to get accurate results.

 

a) Blocks of topics are used to eliminate "non-essential" variability. Apart from the health risks inherent in old age, older persons smoke more. To purchase this, you must be at least 18 years old. Due to biological and cultural differences, smoking has varying effects on men and women.

 

Accepting that the treatment is not scientifically validated is long overdue. This was, in essence, a survey. Assuming causation is never a good idea. Examine the causation claim: Is it harmful to one's health to stop smoking?

 

On the other hand, the design precludes this. People who are ill are more likely to quit smoking, either on their doctor’s advice or due to physical constraints. Former smokers appear to be in a worse financial situation than quitters when they die.

Uncertainty about a single component has an effect on the treatment assignment as well as the response variable. An individual's health determines whether or not they should smoke (quality of health).

 

The adjective "recently" in the problem statement perplexed several individuals. Quitting smoking has short-term implications. It's similar to realizing that stopping smoking is hazardous for your health (even if for the short term). Cigarettes harmed people of all ages, including the elderly. Others noted the well-known disadvantages of smoking cessation (most noticeably a weight gain). Current smokers are healthier than recent quitters, implying that fat is more than simply a minor issue.

 

THE APPLICATION OF A VARIABLE IN MEDIATION

·         A mediator is a third party who connects two seemingly unrelated occurrences.

·         As a result, the mediator has granted the cause his blessing. Resignation, on the other hand, is risky due to the element of mystery.

·         It's unclear why there was such a significant gender disparity.

·         For both men and women, smoking is a personal choice. Smoking has a variety of effects on people as they age.

 

a) Mean of cigarettes smoked on weekdays = sum of cigarettes smoked on weekdays / Number of people

= (20 + 15 +10 + 15 + 20) / 5

= 16

Mean of cigarettes smoked on weekends = sum of cigarettes smoked on weekends / Number of people

= (20 + 20 +20 + 20 + 20) / 5

= 20

(b) Standard deviation  =

where x_i = observation

 = mean

N = no of observations

>> Therefore, SD of cigarettes smoked on weekdays = SQRT ((20 -16)^2 + (15 - 16)^2 + (10 - 16)^2 + (15 - 16)^2 + (20 - 16)^2)/ 5)

= 3.74

>> SD of cigarettes smoked on weekends = SQRT ((20 -20)^2 + (20 - 20)^2 + (20 - 20)^2 + (20 - 20)^2 + (20 - 20)^2)/ 5)

= 0

As clear from the results, variability is higher on weekdays as 3.74 > 0.

1.32>> (a) Mean = sum of observations / No. of observations

= (2 + 1.4 + 4 + 3 + 2.2) / 5

= 2.52%

(b) Standard Deviation =

where x_i = observation

 = mean

N = no of observations

Standard Deviation = SQRT ((2.52 -2)^2 + (2.52 - 1.4)^2 + (2.52 - 4)^2 + (2.52 - 3)^2 + (2.52 - 2.2)^2)/ 5)

= SQRT ( (0.2704 + 1.2544 + 2.1904 + 0.2304 + 0.1024) / 5)

= SQRT (0.8096)

= 0.89

 

 

Should you make a concerted effort to quit smoking but then continue to do so?

No. For a long time, the ex-smokers had been heavy smokers (let’s hypothesize that they have smoked for pretty several years) As a result, the human body suffers.

The bulk of modern smokers are first-time tobacco users. They are unaffected by any stimulation.

Rationalization

Less tax income is wasted because demand is less elastic. If an order is more flexible, a tax will have a more significant impact on output.

 

conclusion

·         As a result of taxation, customer costs grow.

·         As a result, consumer demand has decreased.

·         Stressed-out teenagers Teen tobacco usage is tolerated due to their financial hardships. Nothing has become a habit. Taxation hurts adolescent desire.

·         The nicotine requirements of adults differ from those of youngsters (or inelastic) Adult consumption taxes have a negligible influence.

 

Men and women have pretty distinct anatomy. These distinctions may have an impact on the exam's outcome.

Collaborative work should be promoted among students.

The effects of tobacco use on men and women were investigated separately. As a result, to account for gender differences, the researchers divided the men and women into two groups. A wide range of ages was also considered. Because the detrimental effects of smoking are more severe in certain age groups, for example, smoking may be more hazardous to the elderly than to the younger population. They investigated the effect of age on the behavior of each age group.

The number of people who do not smoke is increasing.

 

References

1.    Campbell BK, Le T, Tajima B, Guydish J. Quitting smoking during substance use disorders treatment: patient and treatment-related variables. J Subst Abuse Treat. 2017;73:40–6.

External Resources

o    Crossref (DOI)

2.    Fine DR, Bearnot BI, Rigotti NA, Baggett TP. Smoking status and quit behaviors among health center patients with substance use disorders: a national study. Drug Alcohol Depend. 2019;202:6–12.

External Resources

o    Crossref (DOI)

3.    Public Health England. Adult substance misuse statistics from the national drug treatment monitoring system (NDTMS). London: Public Health England; 2017 Apr 1–2018 Mar 31.

4.    Office for National Statistics. Adult smoking habits in the UK: 2017. London: Office for National Statistics; 2017. https://www.ons.gov.uk/releases/adultsmokinghabitsintheuk2017.

 

What are the five Components of the Coso Framework l Coso Framework Pdf l What is Coso Framework l Coso Framework Components and Principles l Coso Framework Objectives

 COSO Framework Components:

Using the COSO framework, every organization may guarantee that its internal controls are adequate. The framework's five components may be used to assess a company's internal control systems. The components of the system are mentioned below:

1.      Control Environment:

In terms of internal control systems, COSO highlights the relevance of the company's control environment. Culture and ethics provide the basis for successful work in the control environment of a corporation. Management's behavior is more important than the company's overall control environment. There are several factors that contribute to a company's control environment, including management style, how power is allocated, the organization of its employees, and compliance with internal control standards. Internal controls and procedures are more likely to be adopted by lower-level employees if management lays more attention on this issue. It doesn't matter how well planned your strategy may be if it isn't executed in a controlled environment.

As an example, internal controls are in place for a company's bank transactions. Various banking processes, such as bank reconciliations, may be used to guarantee that the financial process runs smoothly. The company's senior management doesn't do any bank reconciliations at all. This sets a bad precedent for other workers, which discourages them from using the strategy in the future.

2.      Risk Assessment:

Understanding the company's goals helps it identify and mitigate the dangers that it confronts. Because of this, these risks may be identified and managed. The type, purpose, and industry of a corporation are critical in establishing its risk profile. As a result, it is vital to consider these aspects while evaluating a company's risk. When it comes to doing a risk assessment, it's important to look at both internal and external dangers that a firm confronts. Internal and external elements must be considered while assessing risk. Further investigation may be required due to the firm's limited control over external problems. The effectiveness with which a threat can be managed has a significant impact on the company's choice to deal with it.

For example, a company may do a risk assessment of its operations. Inventory management companies face a wide range of hazards, including physical damage, obsolescence, theft, and a decrease in value. (D'Aquila, 2017)

3.      Control Activities:

Control activities are the many methods a company uses to manage its risks. Depending on the nature of the risk, organizations may employ a variety of control measures. Control operations include: authorizations; approvals; reviews; security measures; verifications; reconciliations; role division; and management. Additionally, proactive actions must be taken to ensure that control activities align with the organization's goals and vision. It's easier for a corporation to manage its operations if it has more effective policies in place.

Accounts receivable and account payable balances, as well as the division of work, are heavily dependent on how tasks are assigned. Keeping track of inventory may be more important than separating responsibilities. Sales and purchases in which money is transferred for products and services are both examples of transactions. As a result of this, each object has its own unique set of safeguards in place.

4.      Information and Communication:

Following on from information and communication are two more COSO components. In this context, it refers to the distribution of information about control operations to the proper authorities or persons so that they may be executed. Employee communication is essential to control activities, such as the control environment. Communication breakdowns make it impossible to keep control. Information systems quality plays an important part in this aspect of the equation.

Management and staff should be able to communicate with each other. In order to take advantage of new features as soon as they become available, managers should get frequent system updates. Including both external and internal data in this report is essential. At different levels of management, the information accessible to executives will differ. Channels are needed in order to make this function.

5.      Monitoring:

However, the four components listed above are not the whole list of internal controls. So that management may set up a mechanism to assess the effectiveness of their efforts, efforts must be put in place and reported to them. Consequently, a thorough approach to analyzing and monitoring a company's actions is essential. In addition, firms may use monitoring to discover and fix control flaws. Processes must be evaluated and analyzed on a frequent basis to keep up with the rapid pace of change. The best way to get people excited about coming to work is to create a positive work environment. To uncover problems and inefficiencies that might otherwise go unreported, organizations need to continually monitor their operations. They may benefit from this.

Physical inventory controls must be routinely inspected by management to ensure that they are working properly. The earliest feasible time must be given to the correction of any inefficiencies discovered. Management must ensure that all internal control systems are aligned with the company's goals in the same way. (Jill, 2019)

Role of an IT Auditor:

Information technology (IT) auditors are responsible for safeguarding a company's internal controls and data. It is their job to find and fix security holes in a network and devise new ways to keep attackers out. IT auditor remediation strategies should be put in place for the IT controls that are being analyzed for their design and operational effectiveness. To keep the network safe and secure, fix any issues. There must be a quick fix for any security weaknesses in systems and networks. IT auditor use appropriate security measures to protect data, systems, and networks. IT auditor involves as much as can in the change management process. Prepare countermeasures for a variety of network and system attacks. Ensure that IT audit methods are efficient and effective. In order for employees to understand complex technological challenges, they must be communicated in a way that is understandable to them. Maintain a regular auditing program and provide suggestions for improvement. Take a look at the program's controls and play about with them.  Concerns about security and control need to be addressed. IT auditor Begin to familiarize with business and information technology processes.

An IT auditor is responsible for ensuring that the IT infrastructure is secure and compliant. Compliance with the company's auditing criteria is critical for auditors working on IT projects. Every service that depends on an organization's IT infrastructure is subject to an audit. Because of the potential for wide-ranging ramifications, a good approach for managing technology risk is essential. Internal and external IT audits are critical to a company's data and system security. An information security audit may also be used to evaluate a company's practices and risk management (IS audit). When assessing the integrity and security of IT systems, an IT audit is often utilized. (Lindgreen, 2016)

Suggestions for COSO Framework:

After going through the COSO framework, senior management and key decision-makers should utilize it to analyze their present internal control system and make improvements. As a matter of course, the system must function as designed. Using the COSO framework, if it doesn't already, design a plan to improve it The COSO framework should be familiar to employees at all levels of the organization. Based on the information in the paper, make suggestions to the company's upper management. By bringing together personnel from all levels of the organization, an internal control system may be reinforced. Employees must also assume responsibility in order to prevent fraud. COSO is a good guideline for all of endeavors. There must be a strict adherence to anti-fraud procedures and frequent reporting. (Moeller, 2017)

References:

D'Aquila. (2017). COSO's Internal Control--Integrated Framework: updating the original concepts for today's environment. The CPA Journal (1975), 83(10), 22.

Jill M D'Aquila, & Robert Houmes. (2019). COSO's Updated Internal Control and Enterprise Risk Management Frameworks. The CPA Journal (1975), 84(5), 54.

Lindgreen. (2016). From IT Auditor to Data Scientist. EDPACS, 53(3), 1–4. https://doi.org/10.1080/07366981.2016.1148965

Moeller, Robert R. (2017). COSO Internal Control Components: Control Environment. In Executive's Guide to COSO Internal Controls (pp. 41–57). John Wiley & Sons, Inc. https://doi.org/10.1002/9781118691656.ch4