ISACA Journal Author Blog

ISACA > Journal > Practically Speaking Blog > Posts > Prepare Your Substitutes

Prepare Your Substitutes

Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
| Published: 1/22/2018 3:14 PM | Category: Audit-Assurance | Permalink | Email this Post | Comments (0)

Ian CookeAccording to Merriam-Webster, the first known use of the word backup was in 1910, and it has 3 distinct definitions. Not surprisingly, the last of these is the one that an ISACA audience will be most familiar with:  “A copy of computer data (such as a file or the contents of a hard drive.)” However, if I paid attention correctly in English class, I believe I am correct in saying that this definition would have been derived from the first definition, “one that serves as a substitute or support.”

Now consider a situation in which you are the manager of a soccer team that is performing very well in a crucial game because you have the best player in the world, Lionel Messi,1 playing for your team. A member of the opposition kicks Messi hard. He gets injured and either (a) you have no substitute or (b) you have a substitute who has never trained with your team. Things may still work out well, but you are most definitely reducing the likelihood that this will be the case.

Next, consider your current computer environment. You have the best failover solutions in the world, including virtual machines (VMs) and replication. You are hit hard by a ransomware attack that affects a crucial application, and because of the way the application is configured, both the primary and failover servers are encrypted. You look to your backups but either (a) you are not sure if all the correct data have been backed up or (b) you have never confirmed that you can restore the data. Again, things may still work out well, but you are most definitely reducing the likelihood that this will be the case.

You can reduce this risk and increase the likelihood of a positive outcome by applying good principles to backup and recovery. I discuss these in my ISACA Journal volume 1, 2018, IS Audit Basics column “Backup and Recovery.” I would be interested to hear your thoughts on this and on the world player of the year!

Read Ian Cooke’s recent Journal article:
Backup and Recovery,” ISACA Journal, volume 1, 2018.

1 I am aware that Cristiano Ronaldo is the current holder of the Ballon d'Or, but am I willing to debate this strenuously in the comments section!


There are no comments yet for this post.