Page 185 - Courses
P. 185

Exploring Corrective Controls

            Patches are small pieces of software designed to provide incremental enhancements, fix existing
            coding errors, or remediate known security issues. They should be properly developed, tested, and
            validated before applying to avoid corrupting systems. Testing in an isolated environment and
            piloting before mass rollouts reduce this risk.

            Hardware and System Malfunctions

            Hardware and system malfunctions are one of the primary causes of loss of data. Examples include:

            Electrical failure can occur when there is no alternative power source (such as an interruptible power
            supply exists or fails).

            Hard/media crash occurs when a read-write hard disk drive head comes in contact with its rotating
            platter. The contact, in essence, corrupts the disk drive and may destroy the data, platter, and disk
            head itself. This is less likely to occur when standard maintenance procedures are performed. Timely
            backups can also limit the risk of data loss.

            Controller failure occurs when a hardware device or a software program that manages or directs the
            flow of data between two entities fails. This is less likely to occur when standard maintenance
            procedures are performed. Timely backups can also limit the risk of data loss.

            Brownouts can occur under extreme weather conditions. Alternative supplies of energy, such as
            backup diesel generators and interruptible power supplies, can limit data loss and will allow
            shutdown of systems in an orderly process.

            Natural Disasters

            Climate change and other forces have dramatically impacted the likelihood and impact of natural
            disasters, such as storms, fires, earthquakes, and volcanoes.

            In addition to these natural disasters, the world has also been impacted over the last several
            decades by a series of viral pandemics that have impacted both animals and people.

            Having current business continuity plans (BCPs) to address disruptions in supply chain, equipment
            and building failures, and employee health and safety are critical to organizational survival.

             TOPIC 4: RECOVERY SOLUTIONS

            Recovery Solutions

            There are varying levels to which organizations dedicate resources and efforts for recovery. Common
            solutions include:

            Hot Recovery Plan (hot site)
              A recovery plan exists.

            Copyright © 2021 by The Institute of Internal Auditors, Inc. All rights reserved.
   180   181   182   183   184   185   186   187   188   189   190