Differences

This shows you the differences between two versions of the page.

--- wiki:policies:disaster [2022/10/24 19:05]
peaceolaniran
+++ wiki:policies:disaster [2024/03/04 00:00] (current)
katcow
@@ Line 30: / Line 30: @@
 ==== Application Profile ====
-^Name^Manufactuer^Critical to Business?^Critical to application?^Comments|
+^Name^Manufacturer^Critical to Business?^Critical to application?^Comments|
 |AWS|Amazon|Yes|Yes|Essential for running AutoLit/Synthesis|
 |NPM|Microsoft|Yes|Yes|Essential for building production deployments. In the event of repository outage, dependencies may be transferred from backups via FTP.|
 |PyPi| |Yes|Yes|Essential for building production deployments. In the event of repository outage, dependencies may be transferred from backups via FTP.|
 |Auth0| |Yes|Yes|Essential for providing authorization & username/password management to all users.|
-|Stripe| |No|No |Stripe enables pay-on-the-site. Both paying and non-paying users may continue accessing the site in the event of an outage, and payments & subscriptions may be manually managed by the NK team in the event of a long-term outage.|
+|Stripe| |No|No|Stripe enables pay-on-the-site. Both paying and non-paying users may continue accessing the site in the event of an outage, and payments & subscriptions may be manually managed by the NK team in the event of a long-term outage.|
 |Google Suite|Google|Yes|No|In the event of an email disruption, we will shift to Outlook-based or other email platforms. In the event of a disruption to Google Meets, we will utilize Zoom for video calls. In the event of a document storage disruption, we will utilize Box for storing company documents.|
 |Toggl|Toggl|No|No|Used for employee and contractor time tracking. If a disruption occurs, we will require manual time tracking|
@@ Line 43: / Line 43: @@
 |GitLab| |Yes|Yes|If a temporary disruption occurs, we will employ FTP & patch files.|
 |Carta| |No|No| |
-|Pubmed Entrez API| |No|No| \\ When a disruption occurs, manual and recurrng searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches. \\ |
+|Pubmed Entrez API| |No|No| \\ When a disruption occurs, manual and recurrng searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.|
 |Unpaywall| |No|No|When a disruption occurs, the full text import feature is shown as "Not Available" on site.|
 |HubSpot| |No|No| |
@@ Line 50: / Line 50: @@
 |OBS Studio| |No|No| |
 |Metabase| |No|No|Include sensitive and confidential data.|
+|Scite| |Yes|Yes|When a disruption occurs, the scite badge no longer displays.|
+|[[http://clinicaltrials.gov/|ClinicalTrials.gov ]]| |Yes|Yes|When a disruption occurs, manual and recurring searches fail, and NCTID bibliomining will fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.|
+|EuropePMC| |Yes|Yes|When a disruption occurs, manual and recurring searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.|
+|DOAJ| |Yes|Yes|When a disruption occurs, manual and recurring searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.|
+|Abstra|Abstra|Yes|No|Disruptions may impact the timeliness of customer support actions. |
 ==== Roles and Contacts ====
@@ Line 56: / Line 61: @@
 |Kevin Kallmes|CEO|Executive decisions; personnel management| \\ [[kevinkallmes@supedit.com|kevinkallmes@supedit.com]] \\   \\  507-271-7051|
 |Karl Holub|CTO|Technical Lead|[[karl.holub@nested-knowledge.com|karl.holub@nested-knowledge.com]]|
-|Kathryn Cowie|COO|Administrative Support; operational support| \\ [[kathryn.cowie@nested-knowledge.com|kathryn.cowie@nested-knowledge.com]] \\   \\  301-272-0957|
+|Kathryn Cowie|COO|Operational support| \\ [[kathryn.cowie@nested-knowledge.com|kathryn.cowie@nested-knowledge.com]] \\   \\  301-272-0957|
 ==== Business Continuity Strategies ====
@@ Line 62: / Line 67: @@
 === Loss of Function of Critical Applications ===
-  * In the case of the loss of functionality to AutoLit or Synthesis, the CTO will be notified and we will send out a Site Disruption message to all users. The CTO and development team will assess the extent of any lost capabilities and timeline to restoration, and then communicate with company leadership regarding a recovery plan of specific functions.
+  * In the case of the loss of functionality to AutoLit or Synthesis for at 30 or more minutes, the CTO will be notified and we will send out a Site Disruption message to all users. The CTO and development team will assess the extent of any lost capabilities and timeline to restoration, and then communicate with company leadership regarding a recovery plan of specific functions.
   * In the case of the loss of functionality to any other key/critical applications, the CTO will be notified; Site Disruption messages will only be sent to users in the case that this impacts end user functions. In consultation with company leadership, the CTO and development team will create a plan to either restore function or shift to a different software provider.
-  * In case of outages, the CEO will email account representatives for customers with a proposed restoration timeline and details regarding the outage.
+  * In case of outages, the CEO or another leader will email account representatives for customers with a proposed restoration timeline and details regarding the outage.
-      * Outages will also be communicated on Twitter @nestedknowledge
 === Recession Planning ===
@@ Line 74: / Line 78: @@
   * In the event that Nested Knowledge loses our CTO, we will elevate our head engineer to replace the duties and hire an additional engineer as soon as feasible.
-  * In the event that Nested Knowledge loses our COO, we will hire an already trained administrative assist to aid with record keeping and financial operations.
+  * In the event that Nested Knowledge loses our COO, we will hire an already trained Operations Manager and Bookkeeper to aid with record keeping and financial operations.
 ==== Compliance Statement ====
@@ Line 184: / Line 188: @@
 If applicable, assigned staff will coordinate with the media, working according to guidelines that have been previously approved and issued for dealing with post-disaster communications.
+==== Insurance Requirements ====
+As a mitigation of financial risk, legal exposure, data privacy breach, and other key company functions, the company will maintain the following insurance policies:
+  * General Business / Professional Liability Insurance
+  * Network Security and Privacy Liability Insurance
+  * Cyber Crime Insurance
+  * System Damage and Business Interruption Insurance
 ==== Finances and Legal Action ====
@@ Line 219: / Line 232: @@
 ^Author^Date of Revision/Review^Comments|
 |K. Cowie|11/15/2021|In progress; application profile and risk register need technical review.|
-|K. Holub|06/25/2022|Added a new supplier|
 |K. Kallmes|11/19/2021|2021 version finalized and signed off|
-|P. Olaniran|10/24/2022|Reviewed w/ Kevin K., Kark H., Kathryn C.|
+|K. Holub|06/25/2022|Added a new supplier|
+|P. Olaniran|10/24/2022|Reviewed w/ Kevin K., Karl H., Kathryn C.|
+|K. Kallmes|1/26/2023|Reviewed BIA|
 [[:wiki:policies|Return to Policies]]

Nested Knowledge

User Tools

Site Tools

Differences

Page Tools