13 Pages
3332Words
Disaster Recovery Plan for Lidl
Introduction of the organization and the disaster incidence
The Lidl Group Ltd. company is one of the top retailers for food, drink and other essentials in Europe, the company is counted among the best supermarkets in Germany (Lidl. 2022). Lidl has operated about 900 outlets in more than 31 countries with 200 product logistic and distribution centres. The company has satisfied their consumers with 500 ranges of products such as home essentials, edible food products, baby products, pet products, wines, various types of beers and spirits and many more. Moving on, the report will discuss the Disaster Recovery plan of Lidl. An organisation's detailed “Disaster Recovery Plan (DRP)” summarises in great detail how to handle unexpected disasters including environmental hazards, breakdowns, cybercrime, and other unexpected incidents. This plan includes measures for reducing disaster impacts so that a business may carry forward rapidly continued activities. However, the Disaster Recovery Plan (DRP) gathers all the data about Lidl's capacity to endure a cybercrime disaster and the procedures that must be followed to accomplish disaster recovery in one location (Finucane et al., 2020). The documents of customers and employees were linked from the management. This report's purpose is to ensure business continuity, data availability and integrity, and information system availability.
Purpose
List the roles and objectives of the disaster recovery plan.
Making a disaster recovery strategy provides right away advantages. For instance, Lidl will have a better understanding of the organisation's IT estate thanks to the audit of IT systems and Service Level Contracts that will be conducted as part of establishing the strategy (Barker et al., 2021). In the case of a crisis that results in system failure, Lidl's disaster recovery plan's goal is to reduce harm or breakdown and gain back as rapidly as feasible.
- Ensure the security of all personnel and customers at the workplace of Lidl.
- Protect relevant information and documents of employees and customers.
- Secure infrastructure and facilities for Lidl.
- Reduce the probability of cybercrime tragedies brought on by human mistake, planned devastation, and structural or electronic failure.
- Become more prepared to recoup from a significant major disaster of cybercrime.
- Determine the Lidl’s capacity to function in response and recovery to the disaster.
- After a disaster, recover any missing or damaged documents or information.
Scope
List all the items that need to be secured
- A crucial phase of disaster management is recovery (Hunt and Eburn, 2018). Lidl are continually engaged in recovery planning, preparation, exercise, use of relevant technology, and development and reinforcement of key relationships.
- By enhancing resilience throughout the process of recovery, a network needs to be able to endure losses from disaster risks and recover quickly after an incident.
- A DRP's scope might be anything from simple to extensive.
- A DRP checklist outlines the procedures essential to resume, modify, and improve networks and systems lists crucial IT networks and systems and priorities the RTO (Mendonca et al., 2019). The approach should at the very minimum reduce any opposing effects on business actions.
Disaster Recovery Team And Responsibilities
This section defines the disaster recovery team and highlights their roles and responsibilities and their contact information
Lidl's current staff members, including the Chief Information Officer, the Information Technology department, shareholders from different operating departments, and service providers, often make up a disaster recovery team. The disaster recovery team of Lidl do have the following roles (Whitelaw et al., 2020):
- Head of the recovery team: This might be a Lidl executive management team member, senior information technology manager, or chief information officer (Wamsler and Johannessen 2020). They are responsible for managing the whole team, coordinating everyone's activities, and ensuring that a successful business continuity and disaster recovery strategy is in operation.
- Coordinator for crisis management: This office is in charge of managing data recovery and starting processes in the case of a cybercrime tragedy.
- Expert in business operations: In the case of a cybercrime tragedy, this team member concentrates on the plan necessary to carry on or increase the accessibility (Emenike and Falcone, 2020). Furthermore, managers of Lidl need to guarantee that company requirements are fulfilled by Disaster Recovery strategies.
- Inspection and recovery advisor: This position is typically filled by a number of workers with differing levels of experience in various technological components. When a disaster strikes, ASDS is then responsible for determining the extent of the damage and the best course of action. Databases, servers, storage, and networks are a few examples of technical fields.
- IT programs measure: This professional is in charge of staying focused on all technology for potential disasters and ensuring that each component functions properly after a recovery of cybercrime.
Therefore, in order for a Disaster Recovery plan to be effective, each team associate's unique roles and authority must be quantified (Burrell, 2020). They also need to be knowledgeable of their obligations, present at meetings, and knowledgeable of business regulations of Lidl.
Responsibilities that the team of disaster recovery must accomplish
- A disaster maintenance team of Lidl are also being responsible for the following (Jones and Comfort, 2020):
- Conducting damage and risk evaluations
- Ensuring the accessibility, security, and safety of all physical site
- Coordinating the service agreements of companies that aid in disaster recovery.
- Creating timetables and strategies for repairs.
- After a tragedy, a meeting is held to assess what went well and what procedures need to be improved.
- Giving the proper personnel training after a tragedy or upgrade.
- Examining relevant governmental and compliance issues
- Defining the precise responsibilities and degrees of authority for each team member.
- Figuring out the best way to inform staff members of a crisis.
Recovery Plan For Hot Site
This is the relevant information needed to continue recovery plans and normal business operations at an alternative or backup site. This “hot site” is meant for temporary use while the main site is dealt with.
A hot site seems to be a backup site which works as a mirror image of the major production facility in Lidl. A hot site provides all of the setup of software and hardware, software, and internet connectivity, allowing Lidl to duplicate or backup valuable data very instantly. In this method, there will be minimal to that delay and no data loss as the production workload may be quickly transferred to a DR site. In addition to maintaining connectivity across the websites, a hot site is supposed to be constantly accessible and functioning without delay. It helps Lidl to decrease the risk possibility of cybercrime in existing sits.
Communicating During A Disaster
The Communications Team will be responsible for contacting all Organization’s stakeholders (The Authorities, Clients, Employees, Vendors, the Media and other stakeholders. NB See Communication plan in appendix)
|
COMPANY NAME
|
POINT OF CONTACT
|
PHONE
|
EMAIL
|
|
Lidl LTD
|
Chief Information Officer
|
222-111-4445
|
ChiefInformationOfficer.Lidl@gmail.com
|
|
Lidl LTD
|
Information Technology Manager
|
999-222-0008
|
InformationTechnologyManager.Lidl@gmail.com
|
|
Lidl LTD
|
Operation Manager
|
888-855-5557
|
OperationManager.Lidl@gmail.com
|
|
Lidl LTD
|
Human Resource Manager
|
111-100-0055
|
Hrm.Lidl@gmail.com
|
|
COMPANY NAME
|
POINT OF CONTACT
|
PHONE
|
EMAIL
|
|
Lidl LTD
|
Disaster Recovery Team Leader
|
333-388-8855
|
DisasterRecoveryTeamLeader.Lidl@gmail.com
|
|
Lidl LTD
|
Supervisor
|
333-555-7771
|
Supervisor.Lidl@gmail.com
|
|
Lidl LTD
|
Technical Expertise
|
555-558-8888
|
Technicalexpertise.Lidl@gmail.com
|
|
Lidl LTD
|
IT Executive
|
777-888-8888
|
ITexecutive.Lidl@gmail.com
|
|
COMPANY NAME
|
POINT OF CONTACT
|
PHONE
|
EMAIL
|
|
Lidl LTD
|
IT Operator
|
444-555-6666
|
IToperator.Lidl@gmail.com
|
|
Lidl LTD
|
Team Leader
|
555-555-8888
|
TeamLeader.Lidl@gmail.com
|
|
Lidl LTD
|
Operational head
|
111-222-3335
|
Operationalhead.Lidl@gmail.com
|
|
Lidl LTD
|
Program Manager
|
338-555-5555
|
Programmanager.Lidl@gmail.com
|
The details mentioned above are the people who can help in recovering documents, data and information. These are the professionals who operate under the Disaster recovery plan of Lidl. Risk communication is a crucial part of disaster risk management (DRM) since it impacts how people interpret threats and impacts how they plan for and respond to disasters. All the way through the crisis management progression, it also affects the decisions on whether to intervene.
Disaster Recovery Procedures(Dealing With A Disaster)
These are the key components in the DRP that should be immediately addressed and acted upon in the event of emergency.The procedures should be explained: Disaster Assessment, Disaster Recovery Activation, Communicating the Disaster, Restoring IT Functionality and Resume Normal Operations
Lidl protects their business and the important documents and data by establishing a plan and procedures of disaster recovery which is Cyber Crime (Oh and Lee, 2020). The company plan is simple and easy to execute. Plan is frequently updated and consistently practised. However, the procedures that assist Lidl in developing a disaster recovery plus protection plan of cybercrime are as follows.
- Determine an owner: While the IT department frequently has the duty of protecting the company against cyber threats. However, in Lidl, the whole function has already been contracted over and is too occupied with other concerns to deal with it directly (Connolly and Wall, 2019). As a result, it is crucial for Lidl to select someone inside the company who can take ownership of the creation of the backup and recovery and cybercrime plans. This individual may include formulation, evaluation, and monitoring of the plan like a fundamental duty of their position since they are organised, at ease working with colleagues from different Lidl departments, and capable. Lidl's business executives and managers must also encourage the individual's efforts for them to receive the support they require from the company as a whole.
- Set the RTO and RPO parameters in Lidl: For important possessions, provide the “Recovery Time Objective (RTO)”. In what way considerable shiftless time can one stand? For example, every single minute of outage origins important financial damage to an e-commerce position through significant circulation (Buil-Gil et al., 2021). At what time there is no loss of information, an accounting corporate Lidl might be able to endure delay before gears grow back to standard. However, creating a process and upward gears is essential to practise the RTO's actions once more to develop a recovery plan. “Recovery point objective (RPO)” is the determined phase of files that Lidl rescues from information backup in order to bring on with business as usual resulting in a disaster. RPO is used by organisations to inaugurate the nominal backup incidence.
- Make disaster recovery sites available: Having an appliance to spare records among numerous disaster recovery places is an important component of essentially some disaster recovery plan (Lallie et al., 2021). While Lidl plans systematic data backups, the greatest plan for disaster recovery is to frequently copy information to additional servers. Data duplication is likely to, “Cold storage on-site”, a backup system housed in your data centre. A redundant operating unit in Lidl data centre, such as a backup server, is known as on-site warm backup. “Off-Site Cold Storage”, a backup system located in a detached data centre, and cloud storage with significant potential, subsequent in a delay or additional expense to recover data.
- Test files and service restoration: Backups can miscarry in a disaster just similar commerce operations formulate. There are few additional threats of dealings who set up backup structures but got it too late that the hold ups were not really functioning. Lidl might not be alert of a system dispute, software virus, or tackle failure that extracts their backups ineffectually unless they investigate them (Pettit et al., 2019). Testing that records are actuality derivative precisely to the purpose site is a critical component of whatever disaster recovery plan. Testing the situation is possible to restore documents to their creation site is correspondingly crucial. When Lidl set up their disaster recovery system, they needed to do these tests. At that moment, professionals need to recurrence them on a steady basis to make certain the procedure is still functional.
Testing And Maintaining The Disaster Recovery Plan
This is the plan that should be carried out to practice and prepare for an emergency. These involves testing and maintenance of the DRP
Lidl’s recovery plan components are established and plans are drafted at this phase. Additionally, this phase involves updating current data processing work methods to support recovery plans and alternatives, managing changes to user procedures, negotiating vendor contracts (with suppliers of managed services) and defining recovery teams and their responsibilities and roles. During this phase, recovery criteria are also defined.
Over this step, the plan Testing Program is created to examine Disaster Recovering plans. Many testing methodologies are measured, and testing/application intentions are set to accomplish in the working function of Lidl. However, it is significant to build a continuing testing programme and choose testing approaches that are suitable for the situation (Ivanov and Dolgui, 2021). To minimise interference with Lidl's general activities, the strategy is being tested in segments and after regular business hours. Checklist testing, simulation tests, parallel tests, and full disruption tests are among the several types of tests.
The achievement of an actual recovery depends on the maintenance of the recovery plans. Plans must take into account modify to the systems they depend on. It is influential that in progress change managing processes be updated to integrate recovery plan upkeep. Change management applications will be advised and lay into place where none now exist. This standard is engaged into consideration as a result of a number of recovery software programmes.
After plans are primed, initial testing of the plans is approved out, and some required alterations to the programs are implemented in light of the test findings analysed. This phase's specific tasks include the following:
Defining the test's objective and strategy:
Choosing test teams, organising the test, carrying it out, analysing the findings, and, if necessary, modifying the plans.
The method used to test the plans is greatly influenced by the recovery techniques chosen to satisfy Lidl's objectives for disaster recovery planning. To guarantee that the documented plans are thorough and correct, precise testing processes should be devised when the recovery techniques are outlined.
References
Ivanov, D. and Dolgui, A., 2021. A digital supply chain twin for managing the disruption risks and resilience in the era of Industry 4.0. Production Planning & Control, 32(9), pp.775-788.
Pettit, T.J., Croxton, K.L. and Fiksel, J., 2019. The evolution of resilience in supply chain management: a retrospective on ensuring supply chain resilience. Journal of Business Logistics, 40(1), pp.56-65.
Emenike, S.N. and Falcone, G., 2020. A review on energy supply chain resilience through optimization. Renewable and Sustainable Energy Reviews, 134, p.110088.
Barker, H., Shaw, P.J., Richards, B., Clegg, Z. and Smith, D., 2021. What Nudge Techniques Work for Food Waste Behaviour Change at the Consumer Level? A Systematic Review. Sustainability, 13(19), p.11099.
Finucane, M.L., Acosta, J., Wicker, A. and Whipkey, K., 2020. Short-term solutions to a long-term challenge: rethinking disaster recovery planning to reduce vulnerabilities and inequities. International journal of environmental research and public health, 17(2), p.482.
Wamsler, C. and Johannessen, Å., 2020. Meeting at the crossroads? Developing national strategies for disaster risk reduction and resilience: Relevance, scope for, and challenges to, integration. International journal of disaster risk reduction, 45, p.101452.
Mendonca, J., Andrade, E., Endo, P.T. and Lima, R., 2019. Disaster recovery solutions for IT systems: A Systematic mapping study. Journal of Systems and Software, 149, pp.511-530.
Hunt, S. and Eburn, M., 2018. How can business share responsibility for disaster resilience?. Australian journal of public administration, 77(3), pp.482-491.
Burrell, D.N., 2020. Understanding the talent management intricacies of remote cybersecurity teams in covid-19 induced telework organizational ecosystems. Land Forces Academy Review, 25(3), pp.232-244.
Whitelaw, S., Mamas, M.A., Topol, E. and Van Spall, H.G., 2020. Applications of digital technology in COVID-19 pandemic planning and response. The Lancet Digital Health, 2(8), pp.e435-e440.
Jones, P. and Comfort, D., 2020. A commentary on the United Kingdom's leading food retailers' resilience plans in the face of climate change. Journal of Public Affairs, 20(2), p.e2047.
Oh, N. and Lee, J., 2020. Changing landscape of emergency management research: A systematic review with bibliometric analysis. International Journal of Disaster Risk Reduction, 49, p.101658.
Connolly, L.Y. and Wall, D.S., 2019. The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security, 87, p.101568.
Buil-Gil, D., Miró-Llinares, F., Moneva, A., Kemp, S. and Díaz-Castaño, N., 2021. Cybercrime and shifts in opportunities during COVID-19: a preliminary analysis in the UK. European Societies, 23(sup1), pp.S47-S59.
Lallie, H.S., Shepherd, L.A., Nurse, J.R., Erola, A., Epiphaniou, G., Maple, C. and Bellekens, X., 2021. Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, p.102248.
Lidl. 2022. Our History [online] Available at: https://www.lidl.co.uk/about-us [Accessed on: 26.12.2022]
