Chapter 9 business continuity planning
Download
1 / 66

Chapter 9: Business Continuity Planning - PowerPoint PPT Presentation


  • 565 Views
  • Updated On :

Chapter 9: Business Continuity Planning. Business Continuity and Disaster Recovery: Overview Business Impact Analysis Preventative Measures Recovery Strategies Insurance Recovery and Restoration Implementing Strategies Testing, Revising, and Maintaining.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Chapter 9: Business Continuity Planning' - Jims


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Chapter 9 business continuity planning l.jpg
Chapter 9: Business Continuity Planning

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Business continuity and disaster recovery overview 1 l.jpg
Business Continuity and Disaster Recovery: Overview (1)

Why Business Continuity Planning (BCP) and Disaster Recovery

Planning (DRP) is important?

  • Every year, thousands of businesses are affected by floods, fires, tornadoes, terrorist attacks, and vandalism in one area or another.

    • Most organizations have tangible resources, intellectual property, employees, computers, communications links, facilities, and facility services.

    • If any one of these resources is damaged or inaccessible for one reason or another, the company can be crippled.

  • The companies that survive these traumas are the ones that thought ahead, planned for the worst, estimated the possible damages that could occur, and put the necessary controls in place to protect themselves.


Overview 2 drp vs bcp l.jpg
Overview (2): DRP vs. BCP

  • The goal of disaster recovery: minimize the effects of a disaster and take the necessary steps to ensure that the resources, personnel, and business processes are able to resume operation in a timely manner.

  • DRP:

    • deal with the disaster and its ramifications right after the disaster hits

    • is carried out when everything is still in emergency mode

  • BCP:

    • providing methods and procedures for dealing with longer-term outages and disasters.

    • takes a broader approach to the problem. This includes getting critical systems to another environment while repair of the original facilities is taking place, getting the right people to the right places, and performing business in a different mode until regular conditions are back in place.


Overview 3 bcp in overall security program l.jpg
Overview (3): BCP in Overall Security Program

  • Every company should have security policies, procedures, standards, and guidelines. they provide the framework of a security program for an organization.

  • Business continuity should be a part of the security program and business decisions, as opposed to being an entity that stands off in a corner by itself.


Overview 4 management role in bcp l.jpg
Overview (4): Management Role in BCP

  • First of all, we need to identify critical functions and critical resources in an organization

    • These should be protected in a BCP

    • Who should involved in this task? Why?

  • The most critical part of establishing and maintaining a current continuity plan is management support.

    • It is critical that management understands what the real threats are to the company, the consequences of those threats, and the potential loss values for each threat.

    • Executives may be held responsible and liable under various laws and regulations. They could be sued by stockholders and customers if …

    • The cost / benefit issues


Overview 5 who will build bcp l.jpg
Overview (5): Who will build BCP?

  • A business continuity coordinatorneeds to be identified.

    • This will be the leader for the BCP team and will oversee the development, implementation, and testing of the continuity and disaster recovery plans.

  • A BCP committee needs to be put together.

    • The team must be comprised of people who are familiar with the different departments within the company,


Overview 6 best practices of bcp l.jpg
Overview (6): Best Practices of BCP

  • Although there is not a specific scientific equation that must be followed to create continuity plans, there are best practices that have proven themselves over time.

  • The National Institute of Standards and Technology (NIST) organization is responsible for developing these best practices and documenting them

    • Special Publication 800-34, Continuity Planning Guide for Information Technology Systems, (http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf)


Slide8 l.jpg

a.k.a.

Project initiation phase


Index l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Business impact analysis 1 l.jpg
Business Impact Analysis (1)

Business impact analysis (BIA)is a functional analysis

  • BCP committeecollects data through interviews and documentary sources; documents business functions, activities, and transactions; develops a hierarchy of business functions; and finally applies a classification scheme to indicate each individual function’s criticality level.

  • BCP committee must identify the threats and map them to the following characteristics:

    • Maximum tolerable downtime (MTD)

    • Operational disruption and productivity

    • Financial considerations

    • Regulatory responsibilities

    • Reputation


Business impact analysis 2 l.jpg
Business Impact Analysis (2)

BIA steps:

  • Select individuals to interview for data gathering.

  • Create data-gathering techniques.

  • Identify the company’s critical business functions.

  • Identify the resources that these functions depend upon.

  • Calculate how long these functions can survive without these resources -- maximum tolerable downtime (MTD)

  • Identify vulnerabilities and threats to these functions.

  • Calculate risk for each different business function.

  • Document findings and report them to management.


Business impact analysis 3 maximum tolerable downtime mtd l.jpg
Business Impact Analysis (3)Maximum tolerable downtime (MTD)

  • The outage time that can be endured by a company is referred to as the maximum tolerable downtime (MTD).

  • Some MTD estimates that may be used within an organization:

    • Nonessential 30 days

    • Normal 7 days

    • Important 72 hours

    • Urgent 24 hours

    • Critical Minutes to hours

  • Each business function and asset should be placed in one of these categories.  to determine what backup solutions are necessary to ensure the availability of these resources.

    • E.g. MTD of a T1 communication line is three hours and cost $130,000

      MTD of a sever is ten days and cost $250


Business impact analysis 4 risk analysis l.jpg
Business Impact Analysis (4)Risk Analysis

  • Threats can be manmade, natural, or technical

    • Manmade threats: an arsonist, a terrorist, or a simple mistake that can have serious outcomes.

    • Natural threats: tornadoes, floods, hurricanes, or earthquakes.

    • Technical threats: data corruption, loss of power, device failure, or loss of a data communications line.

  • Steps of risk analysis:

    • To identify all possible threats and estimate the probability of them happening.

    • To assign a value to the assets that could be affected by each threat.

      • The value an asset include the amount of money paid for it, the asset’s role to the company, and liability issues.

        Risk = the likehood of a negative event happening * the impact of such an event happening


Business impact analysis 5 quantitative vs qualitative l.jpg
Business Impact Analysis (5)Quantitative vs. Qualitative

  • In BIA, information should be stated in quantitative terms, not in subjective, qualitative terms.

    e.g., If a tornado were to hit, the result would be really bad.

    If a tornado were to hit and affect 65 percent of the facility, the company could be at risk of losing computing capabilities for up to 72 hours, power supply for up to 24 hours, and a full stop of operations for 76 hours, which would equate to a loss of $125,000 each day.


Business impact analysis 6 interdependencies in bia l.jpg
Business Impact Analysis (6)Interdependencies in BIA

  • A company comprises many types of equipment, people, tasks, departments, communications mechanisms, and interfaces to the outer world.

  • The biggest challenge of continuity planning is understanding all of these intricacies and their interrelationships.



Business impact analysis 7 software tools l.jpg
Business Impact Analysis (7)Software tools

  • There are several software tools available for developing a BCP that simplify the process.

  • Business Continuity Plan Generator:

    • comprises two major elements: a template and a guide.

  • Disaster Recovery Toolkit: is designed to help you review the full array of business continuity and disaster recovery issues. It comprises:

    • A contingency audit questionnaire

    • A Business Impact Analysis questionnaire.

    • An audit questionnaire for your disaster recovery or business continuity plan (if indeed you have one)

    • A checklist, action list and framework for disaster recovery


Index18 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Preventative measures 1 l.jpg
Preventative Measures (1)

  • To reduce negative impact and mitigate these risks by implementing preventative measures.

    • instead of just waiting for a disaster to hit to see how the company holds up, countermeasures should be integrated to better fortify the company from the impacts that were recognized.

    • Appropriate and cost-effective, preventative methods and proactive measures are more preferable than reactionary methods.


Preventative measures 2 l.jpg
Preventative Measures (2)

Preventative Measures include:

  • Fortification of the facility in its construction materials

  • Redundant servers and communications links

  • Power lines coming in through different transformers

  • Redundant vendor support

  • Purchasing of insurance

  • Purchasing of UPS and generators

  • Data backup technologies

  • Media protection safeguards

  • Increased inventory of critical equipment

  • Fire detection and suppression systems


Index21 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Recovery strategy 1 l.jpg
Recovery Strategy (1)

  • In the recovery strategy stage, the team try to figure out what the company needs to do to actually recover the items that it has identified to be so important to the organization.

    • discover the most cost-effective recovery mechanisms that need to be implemented to address the threats that were identified in the BIA stage.

  • Preventative mechanisms

    • Are put into place to try to reduce the possibility of the company experiencing a disaster

    • If a disaster does hit, to lessen the amount of damage that will take place.

  • Recovery strategies are a set of predefined activities that will be implemented and carried out in response to a disaster..

    • Such as establishing alternate sites for facilities, implementing emergency response procedures, etc.


Recovery strategy 2 l.jpg
Recovery Strategy (2)

  • In BIA phase, the team has figured out these types of timelines for the individual business functions, operations, and resources. (MTD)

  • In develop recovery strategy phase, the team needs to identify the recovery mechanisms and strategies that must be implemented to make sure that everything is up and running within the timelines that it has calculated.

    • Business process recovery

    • Facility recovery

    • Supply and technology recovery

    • User environment recovery

    • Data recovery


Business process recovery l.jpg
Business Process Recovery

  • A business process is a set of interrelated steps linked through specific decision activities to accomplish a specific task.

    • The processes should encapsulate the knowledge of services, resources, and operations provided by a company.

      • E.g., when a customer requests to buy a car via an organization’s e-commerce site, a set of steps must be followed.

    • The BCP team needs to understand these different steps of the company’s most critical steps.

      • The data is usually presented as a workflow document



Facility recovery 1 l.jpg
Facility Recovery (1)

  • Three main categories of disruptions:

    nondisaster, disaster, and catastrophe

  • A nondisasteris a disruption in service as a result of a device malfunction or failure.

    • Replacing a device or restoring files from onsite backups

    • The team needs to identify the critical equipment and estimate the mean time between failure (MTBF) and mean time to repair (MTTR)

      • MTBF is the estimated lifetime of a piece of equipment

      • MTTR is an estimate of how long it will take to fix a piece of equipment


Facility recovery 2 l.jpg
Facility Recovery (2)

  • A disasteris an event that causes the entire facility to be unusable for a day or longer.

    • Usually requires the use of an alternate processing facility

  • A catastropheis a major disruption that destroys the facility altogether.

    • Requires both a short-term solution (an offsite facility) and a long-term solution (rebuilding the original facility)


Facility recovery 3 l.jpg
Facility Recovery (3)

  • Companies can choose from three main types of leased or rented offsite facilities: Hot site, Warm site, Cold site

  • Hot site: a facility that is leased or rented and is fully configured and ready to operate within a few hours.

    • The only missing resources from a hot site are usually the data (will be retrieved from a backup site), and the people who will be processing the data.

    • Are a good choice for a company that needs to ensure that a site will be available for it as soon as possible.

      • the annual testing guarantee its operating state

    • A hot site can support a short- or long-term outage

    • the most expensive choice among three offsites


Facility recovery 4 l.jpg
Facility Recovery (4)

  • Warm site:a leased or rented facility that is usually partially configured with some equipment, but not the actual computers.

    • A warm site = a hot site - the expensive equipments

    • Less expensive than a hot site

    • Can be up and running within a reasonably acceptable time period.

    • The most widely used model

    • Drawback: the annual testing is not usually available. Thus a company cannot be certain that it will in fact be able to return to an operating state within hours.


Facility recovery 5 l.jpg
Facility Recovery (5)

  • Cold siteA leased or rented facility that supplies the basic environment

    • Electrical wiring, air conditioning, plumbing, and flooring, but none of the equipment or additional services.

    • It may take weeks to get the site activated and ready for work.

    • the least expensive option

  • Comparison among three offsite options P712


Facility recovery 6 l.jpg
Facility Recovery (6)

  • Alternatives to offsite facility:

    • Reciprocal agreement

    • Redundant sites

  • Reciprocal agreement, also referred to as mutual aid, with another company.

    • This means that company A agrees to allow company B to use its facilities if company B is hit by a disaster, and vice versa.

    • A cheaper way to go than the other offsite choices, but it is not always the best choice.


Facility recovery 7 l.jpg
Facility Recovery (7)

  • Redundant sites: one site is equipped and configured exactly like the primary site, which serves as a redundant environment.

    • Primary site, backup site, and tertiary site.

    • These sites are owned by the company and are mirrors of the original production environment.

    • The most expensive backup facility options, because a full environment must be maintained.

    • Other facility-backup options

      • Rolling hot site (mobile hot site)

      • multiple processing centers


Facility recovery 8 l.jpg
Facility Recovery (8)

Hot site vs. redundant site

  • A hot site are provided by service bureaus, is a subscription service.

  • A redundant site is a site owned and maintained by the company. The company does not pay anyone else for the site.


Supply and technology recovery 1 l.jpg
Supply and Technology Recovery (1)

BCP team needs to dig down into some more granular

items, such as backup solutions for the following:

  • Network and computer equipment

  • Voice and data communications resources

  • Human resources

  • Transportation of equipment and personnel

  • Environment issues (HVAC)

  • Data and personnel security issues

  • Supplies (paper, forms, cabling, and so on)

  • Documentation


Supply and technology recovery 2 l.jpg
Supply and Technology Recovery (2)

It is not easy to fully understand the organization’s current

technical environment, because …

  • The network was most likely established years ago and has kept growing

  • Over years, a number of technology refreshes have taken place

  • Employee turnover: the individuals who are maintaining the environment now are not the same people who built it years ago.


Supply and technology recovery 3 hardware backup l.jpg
Supply and Technology Recovery (3)hardware backup

  • The team has identified the equipment that is required to keep the critical functions up and running.

  • Issue 1: Using images vs. building from scratch

    • Using images is time-saving,

      unless the team finds out that the replacement equipment is a newer version and thus the images cannot be used.

    • The BCP team should plan for the recovery team to use the company’s current images, but also have a manual process of how to build each critical system from scratch with the necessary configurations.


Supply and technology recovery 4 hardware backup l.jpg
Supply and Technology Recovery (4)hardware backup

  • Issue 2: Depending on SLA vs. redundant system

    • MTD indicates how long the company can be without a specific device.

    • Knowing the parameters of the SLA

    • The BCP team needs to make a decision between depending upon the vendor or purchasing redundant systems and storing them as backups

  • Issue 3: legacy system vs. COTS product

    • The team should identify legacy devices and understand the risk that the organization is under if replacements are unavailable.

    • This type of finding has caused many companies to move from legacy systems to commercial off the shelf (COTS) products to ensure that replacement is possible.


Supply and technology recovery 5 software backup l.jpg
Supply and Technology Recovery (5) Software Backup

  • The BCP team should make sure to have an inventory of the necessary software that is required for mission-critical functions and have backup copies at an offsite facility.

  • At least two copies of the company’s operating system software and critical applications.

    • One copy should be stored onsite and the other copy should be stored at a secure offsite location.

    • These copies should be tested periodically and re-created when new versions are rolled out.


Supply and technology recovery 6 software backup l.jpg
Supply and Technology Recovery (6) Software Backup

  • Customized software usually comes without source code

  • What if this software vendor goes out of business because of a disaster or bankruptcy?

    • A company will require a new vendor to maintain and update this customized software; thus, the new vendor will need access to the source code.

    • Software escrow means that a third party holds the source code, backups of the compiled code, manuals, and other supporting materials.

      • This contract usually states that the customer can have access to the source code only if and when the vendor goes out of business, is unable to carry out stated responsibilities, or is in breach of the original contract.


Supply and technology recovery 7 documentation l.jpg
Supply and Technology Recovery (7) Documentation

Without documentation, when a disaster hits, no one will

know how to put critical function back together again.

  • The documentation needs to include:

    • information on how to install images, configure operating systems and servers, and properly install utilities and proprietary software.

    • A calling tree, which outlines who should be contacted, in what order, and who is responsible for doing the calling.

  • Multiple copies: One copy may be at the primary location. Typically, a copy is stored at the BCP coordinator’s home and a copy is stored at the offsite facility. This reduces the risk of not having access to the plans when needed.


Supply and technology recovery 8 human resources l.jpg
Supply and Technology Recovery (8) Human Resources

Human resources is a critical component to any recovery

and continuity process

  • Issue 1: If a large disaster takes place, will employees be more worried about your company or their families?

  • Issue 2: The BCP team may need to look at how it will be able to replace employees quickly through a temporary agency or a headhunter.

  • Issue 3: executive succession planning

    • If someone in a senior executive position retires, leaves the company, or is killed, the organization has predetermined steps to carry out to protect the company.

      • Deputies are ready to take over the necessary tasks

      • A policy indicating that to protect the United States, its top leaders cannot be under the same risk at the same time.


Supply and technology recovery 9 end user environment l.jpg
Supply and Technology Recovery (9) End-User Environment

The end users must be provided a functioning environment

as soon as possible after a disaster hits.

  • How the end users will be notified of the disaster and who will tell them where to go and when.

    • A tree structure of managers can be developed

  • After a disaster, only a skeleton crew is put back to work.

    • The BCP committee identified the most critical functions of the company during the analysis stage, and the employees who carry out those functions must be put back to work first.

  • The BCP team needs to identify user requirements

    • stand-alone PCs, networked systems …

  • The BCP team needs to identify how current automated tasks can be carried out manually if that becomes necessary.


Supply and technology recovery 10 data backup l.jpg
Supply and Technology Recovery (10) Data Backup

  • The BCP team’s responsibility is to provide solutions to protect this data and identify ways to restore it after a disaster.

    • Data has become one of the most critical assets to nearly all organizations.

    • Data usually changes more often than hardware and software, so these backup procedures must happen on a continual basis.

    • The data backups can be full, differential, or incremental backups and are usually used in some type of combination.

      • Most companies choose to combine a full backup with a differential OR incremental backup.


Supply and technology recovery 11 data backup l.jpg
Supply and Technology Recovery (11) Data Backup

  • Full Process

    • All data is backed up and saved to some type of storage media.

    • The archive bit is clear

    • the restoration process is just one step, but the backup and restore processes could take a long time.

  • Differential Process

    • Backs up the files that have been modified since the last full backup.

    • Does not change the archive bit value.

    • When the data needs to be restored, the full backup is laid down first and then the differential backup is put down on top of it.


Supply and technology recovery 12 data backup l.jpg
Supply and Technology Recovery (12) Data Backup

  • Incremental process

    • Backs up all the files that have changed since the last full or incremental backup

    • The archive bit is clear

    • When the data needs to be restored, the full backup data is laid down and then each incremental backup is laid down on top of it in the proper order.

  • A comparison of three data backup processes is next …


Supply and technology recovery 13 data backup l.jpg
Supply and Technology Recovery (13) Data Backup

How to choose a data back up process?

  • Although using differential and incremental backup processes is more complex, it requires less resources and time.

    • A differential backup takes more time in the backing up phase than an incremental backup, but it also takes less time to restore than an incremental backup. Why?

  • Do NOT mix differential and incremental backups!

    Full process + differential backup

    OR Full process + incremental backup

  • A backup strategy must take into account that failure can take place at any step of the process.

  • Test is essential! avoid developing false sense of security


Supply and technology recovery 14 data backup l.jpg
Supply and Technology Recovery (14) Data Backup

  • Several automated backup alternatives:

    • Disk-shadowing, Electronic vaulting, Remote journaling, Hierarchical storage management (HSM), Storage area network (SAN), automatic tape vaulting.

    • Manually backing up systems and data can be time consuming, error prone, and costly.

  • Disk-shadowing (data-mirroring)

    • A disk-shadowing process uses two physical disks, and the data is written to both at the same time for redundancy purposes. If one disk fails, the other is readily available.

    • Provides online backup storage, which can either reduce or replace the need for periodic offline manual backup operations.

    • Provides transparency to the user

    • Another benefit is that it can boost read operation performance.

    • Is an expensive solution


Supply and technology recovery 15 data backup l.jpg
Supply and Technology Recovery (15) Data Backup

  • Electronic vaulting: makes copies of files as they are modified and periodically transmits them to an offsite backup site.

    • The transmission is carried out in batches

    • Can choose to have all files that have been changed sent to the backup facility every hour, day, week, or month.

    • How to choose a transmission period?

  • Remote journaling: only includes moving the journal or transaction logs to the offsite facility, not the actual files.

    • These logs contain the deltas (changes) that have taken place to the individual files.

    • Takes place in real time

    • Is efficient for database recovery. Why?


Supply and technology recovery 16 data backup l.jpg
Supply and Technology Recovery (16) Data Backup

hierarchical storage management (HSM) provides

continuous online backup functionality.

  • It combines hard disk technology with the cheaper and slower optical or tape jukeboxes.

  • Dynamically manages the storage and recovery of files, which are copied to storage media devices that vary in speed and cost.

    • The faster media holds the data that is accessed more often

    • The seldom-used files are stored on the slower devices, or near-line devices

  • Happens in the background without the knowledge of the user or any need for user intervention.



Supply and technology recovery 18 data backup l.jpg
Supply and Technology Recovery (18) Data Backup

Storage area network (SAN) is a dedicated network that is separated

from LANs and WANs. It serves to interconnect the storage-related

resources that are connected to one or more servers.

  • Usually provided by using switches to create a switching fabric -- enables several devices to communicate with back-end storage devices

  • Provides redundancy and fault tolerance by not depending upon one specific line or connection.

  • Includes RAID systems as primary data storage devices, which offer data protection and fault tolerance.

  • Private channels or storage controllers are implemented so that hosts can access the storage devices transparently.


Supply and technology recovery 19 data backup l.jpg
Supply and Technology Recovery (19) Data Backup

Automatic tape vaulting

  • The data is sent over a serial line to a backup tape system at the offsite facility.

  • Data can be quickly backed up and retrieved when necessary.

  • Reduces the manual steps in the traditional tape backup procedures.


Index53 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Insurance 1 l.jpg
Insurance (1)

  • Why we need to consider insurance in BCP?

    • Ans: Taking on the full risk of these threats often is dangerous

    • The decision of whether or not to obtain insurance for a particular threat, and how much coverage to obtain when choosing to insure, should be based on the probability of the threat becoming real and the loss potential

  • Insurance coverage has its limitations

    • if the company does not practice due care, the insurance company may not be legally obligated to pay if a disaster hits.


Insurance 2 l.jpg
Insurance (2)

  • Cyberinsurance: a new type of coverage that insures losses caused by DOS attacks, malware damages, hackers, electronic theft, privacy-related lawsuits, etc.

    • to determine insurance premium, companies are asked questions about their security program, such as whether they have an IDS, antivirus software, firewalls, and other security measures.

  • Business interruption insurance: if the company is out of business for a certain length of time, the insurance company will pay for specified expenses and lost earnings.


Index56 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Recovery and restoration 1 l.jpg
Recovery and Restoration (1)

  • Several different teams that should be properly trained and available if a disaster hits.

    • Damage assessment team

    • Legal team

    • Media relations team

    • Network recovery team

    • Relocation team

    • Restoration team

    • Salvage team

    • Security team

    • Telecommunications team

  • The BCP must outline the specific teams, their responsibilities, and notification procedures.


Recovery and restoration 2 l.jpg
Recovery and Restoration (2)

  • The damage assessment is completed

     the BCP is activated

     various teams are deployed, which signals the company’s entry into therecovery phase.

    • The recovery process needs to get the company up and running as soon as possible.

  • When it is time for the company to move back into its original site or a new site, the company is ready to enter into thereconstitution phase.


Index59 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Implementing strategies 1 l.jpg
Implementing Strategies (1)

Once the strategies have been decided upon, they need to

be documented and put into place by the BCP team.

  • The plan should address in detail all of the topics that we have covered.

  • The plan also needs to integrate a degree of flexibility

    • No one knows exactly what type of disaster will take place nor its effects.

  • Some organizations develop individual plans for specific tasks and goals.

    • The BCP team can choose to integrate many of these components into the BCP


Implementing strategies 2 a commonly accepted structure for a bcp l.jpg
Implementing Strategies (2)A commonly accepted structure for a BCP


Index62 l.jpg
Index

  • Business Continuity and Disaster Recovery: Overview

  • Business Impact Analysis

  • Preventative Measures

  • Recovery Strategies

  • Insurance

  • Recovery and Restoration

  • Implementing Strategies

  • Testing, Revising, and Maintaining


Testing revising and maintaining 1 l.jpg
Testing, Revising, and Maintaining (1)

  • The BCP should be tested / exercised regularly

    • Because environments continually change

  • Each time the plan is exercised / tested, improvements and efficiencies are generally uncovered

    • The exercise should have a predetermined scenario that the company may indeed be faced with one day.

  • There are a few different types of tests

    • Checklist Test

    • Structured Walk-Through Test

    • Simulation Test

    • Parallel Test

    • Full-Interruption Test


Testing revising and maintaining 2 l.jpg
Testing, Revising, and Maintaining (2)

  • Checklist Test: copies of the BCP are distributed to the different departments and functional areas for review.

  • Structured Walk-Through Test:representatives from each department or functional area come together to go over the plan to ensure its accuracy.

    • walks through different scenarios of the plan from beginning to end to make sure nothing was left out.

  • Simulation Test: all employees who participate in operational and support functions, or their representatives, come together to practice executing the disaster recovery plan based on a specific scenario.

  • Parallel Test:Some systems are moved to the alternate site and processing takes place.


Testing revising and maintaining 3 l.jpg
Testing, Revising, and Maintaining (3)

Full-Interruption Test:

  • The original site is actually shut down and processing takes place at the alternate site.

  • The recovery team fulfills its obligations in preparing the systems and environment for the alternate site.

  • All processing is done only on devices at the alternate offsite facility.

  • This is a full-blown drill that takes a lot of planning and coordination, but it can reveal many holes in the plan that need to be fixed before an actual disaster hits.

    • Should be performed only after all other types of tests have been successful

    • The most risky and can impact the business in very serious and devastating ways if not managed properly


Testing revising and maintaining 4 l.jpg
Testing, Revising, and Maintaining (4)

  • Unfortunately, the BCP can become quickly out of date

    • An out of date BCP may provide a company with a false sense of security

  • Organizations can keep the plan updated by taking the following actions:

    • Make business continuity a part of every business decision.

    • Insert the maintenance responsibilities into job descriptions.

    • Include maintenance in personnel evaluations.

    • Perform internal audits that include disaster recovery and continuity documentation and procedures.

    • Perform regular drills that use the plan.

    • Integrate the BCP into the current change management process.