Department of Justice Disaster Recovery Plan

Project Background

As part of a large state’s Department of Justice (DOJ) business continuity plan, Elyon Strategies consulted with the client to update and enhance an enterprise-wide Disaster Recovery Plan (DRP). This included the DOJ’s Technology Recovery Plan (TRP) and Business Resumption Plan (BRP).

The Elyon team updated the TRP and BRP with the latest technology trends and security standards while improving scalability, making it simpler and more cost-effective. In addition, we also ensured that best practices were in place regarding the business continuity planning for disaster recovery efforts.  

Elyon was tasked with ensuring the BRP/TRP documentation reflected the latest Information Technology (IT) strategies and was in alignment with DOJ’s: 

• Mission
• Business strategy 
• IT vision 

Project Approach

When Elyon began work on the DRP, we provided the DOJ with the following work products at the start of the project: 

• Programs
• Documentation 
• Ideas
• Schedule
• Source code
• Charts
• Specifications 

Our goal was to meet four milestones during this project, and we successfully completed each one. Below is a breakdown of our approach for each milestone. 

Milestone 1

Elyon began the Disaster Recovery Plan project by undertaking an initial assessment which included reviewing documents such as:

• BRP dated January 2013 
• Hawkins Data Center (HDC) TRP dated 2015 
• TRP template 
• State Justice Information Services (SJIS) Division Security policies 
• Response Planning Guide 

After the initial assessment, we performed a DOJ enterprise-wide technology assessment and discovery to get an idea of what needed to be improved and how we could improve it. 

Elyon interviewed many DOJ divisions to identify and prioritize critical points, applications, systems, and processes that needed updating. We also talked with the Chief Information Officer (CIO) to document and review the program’s needs and identify any gaps. 

Milestone 2

The Elyon team moved onto removing, editing, and adding to the current BRP and TRP documentation. This included: 

• Updating technology trends
• Enhancing security standards
• Making it simpler and cost-effective
• Adding in the latest IT strategies 
• Building a communication strategy 

From here, Elyon provided recommendations on how to improve their TRP template and updated the TRP to align with the updated BRP. We then identified and recommended hardware and software improvements to help the DOJ reach the industry standards. 

Milestone 3

In this stage of the project, our main objective was to identify and document common physical and cyber threats including:

• Internal threats
• External threats
• Natural disasters 

Our team mapped out the severity of every type of threat and created a detailed account of what areas were most vulnerable. We also developed a scorecard that tracks the disaster and incident responses to give the DOJ an idea of the severity of each type of threat. 

Milestone 4

The final milestone involved reviewing and documenting the current DOJ backup technology and processes to help the DOJ re-establish its business operations with ease in the event of a disaster. 

We identified alternative backup methodologies and processes and developed recommendations for hardware and software that support the updated BRP and TRP. 

Our team was also tasked with developing a technical Business Resumption/Technology Resumption (BR/TR) architecture diagram with a network connectivity layout and a sample of critical applications and systems at each location.

Project Deliverables

Elyon provided the DOJ with:

• Complete technology discovery documentation 
• Asset Inventory documentation 
• Technology dependencies documentation 
• TRP non-compliance and/or deviation documentation 
• Alternatives for TRP non-compliance and/or deviation documentation
• Discussion group sessions documentation 
• CIO and HDC executive management session documentation 
• Business impact analysis documentation 
• Critical application and system list 
• Gap analysis document with alternatives/options for updating the BRP/TRP 

Elyon completely updated and improved the:

• BRP
• TRP
• State Sex Offender Registry (SSOR) Hardware and Software Support Recovery Document 

We also created a Scorecard Matrix graphic which is now used by the SJIS Security Operations Team to rapidly identify the severity of an incident so they know when to activate the BRP and TRP.  

Finally, we delivered the BR/TR architecture diagram that depicted the network topology, interconnections, and location of critical applications and systems. This allowed us to provide the DOJ with a detailed backup strategy with the right hardware and software requirements. 

The Outcome

Our team worked in partnership with the DOJ and accomplished the work that was requested. We met with the DOJ management for clarifications and made sure we understood and undertook the work without any issues or complications. 

We made the necessary corrections that were needed to the work products, gave a bi-weekly report detailing our current status, and developed and provided ad hoc reports. 

The DOJ received their BRP, TRP, and SSOR Hardware and Software Support Recovery Document as well as a Scorecard Matrix graphic and the BR/TR architecture diagram — updated to meet the latest technology trends and security standards and we made their processes easier, efficient, and cost-effective. 

Elyon Enterprise Strategies, Inc.

Transformation starts here

Elyon is a management consulting firm specializing in enterprise business design. Our purpose is to see executive burdens lessened and organizational order increased, with leaders and their organizations having more hope, more success, less despair, and human needs being met.

Our vision is to be your most trusted advisor as you seek to arrive at your full potential. We know your unique business, deliver insightful strategies, build great designs, and can skillfully navigate the road ahead together.

We inspire leaders to transform complexity into enterprise success.