جميع الحقوق محفوظة ـ اإلعتداء عىل حق املؤلف 58 بالنسخ أو الطباعة يعرض فاعله للمسائلة القانونية3) Lack of standards distribution of responsibility in the DDP environment, standards for developing and documenting systems, choosing programming languages, acquiring hardware and software, may be unevenly applied or non-existent Controlling for risks: 1) Separation of Related duties is a must in any IT Governance settings 2) Having effective disaster recovery Plans (especially keeping backups):  Disaster Recovery Planning: is a contingency planning of resuming normal information processing operations after the occurrence of a major interruption. Whether those in which the data center is physically available and those in which it is not. A-the first type of contingency: those in which the data center is physically available are power failure, random intrusions such as viruses, and deliberate intrusions such as hacking incidents. The organization's physical facilities are sound, but immediate action is required to keep normal processing going. the purchase of backup electrical generators: to mitigate Power failures, can be guarded against by These can be programmed to automatically begin running as soon as a dip in the level of electric current is detected. This is a widespread practice in settings such as hospitals where 24-hour system availability is crucial.  Attacks such as viruses and denials-of-service call for a completely different response. The system must be brought down \infection. The IT staff must be well trained in the nature of the latest virus threats to know how to isolate the damage and bring the system back to full operation. B-The second type of contingency: is much more serious. those in which the data center is NOT physically available, this type is caused by disasters such as floods, fires, hurricanes, earthquakes, etc. An occurrence of this type necessitates the existence of an alternate processing facility.  The recovery center, like the offsite storage location for backup files, must be far enough away that it will likely be unaffected by the same natural disaster that forced the abandonment of the main facility. Usually, companies’ contract for backup facilities in another city.  Once the determination is made that processing is no longer possible at the principal site, the backup files are retrieved from the secure storage location and taken to the recovery center.