1 / 14

Business Continuity Essentials: Disaster Recovery & Planning Strategies

Learn about disaster recovery plans, business continuity strategies, and the role of auditors in reviewing business continuity planning. Explore different types of strategies to ensure operational resilience in the face of various disasters.

williamsgerald
Download Presentation

Business Continuity Essentials: Disaster Recovery & Planning Strategies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Business Continuity

  2. Business continuity... “Drive thy business or it will drive thee.” —Benjamin Franklin (1706-1790), American entrepreneur, statesman, scientist and philosopher “It is your business when the wall next door catches fire.” —Horatius (65-8 BC), Roman poet

  3. What is a Disaster? Any unplanned event that requires immediate redeployment of limited resources Sample Disasters • Natural Forces • Fire • Environmental Hazards • Flood / Water Damage • Extreme Weather • Technical Failure • Power Outage • Equipment Failure • Network Failure • Software Failure • Human Interference • Criminal Act • Human Error • Loss of Users • Explosions

  4. What is a Disaster Recovery Plan? A management document for how and when to utilize resources needed to maintain selected functions when disrupted by agreed upon incidents

  5. business continuity plan: documented procedures that guide organizations to respond, recover, resume, and restore to a pre-definedlevel of operation following disruption • disaster recovery plan: clearly defined and documented plan which recovers ICT capabilities when a disruption occurs • business impact analysis (BIA): process of analysing business functions and the effect that a business disruption might have upon them

  6. The Auditor’s Role in ReviewingBusiness Continuity Planning, Ravi Muthukrishnan • While a BCP refers to the activities required to keep theorganisation running during a period of displacement orinterruption of normal operation, a disaster recovery plan(DRP) is the process of rebuilding the operations orinfrastructure after the disaster has passed. • A DRP is a key component of a BCP, and refers to thetechnological aspect of a BCP—the advanced planning andpreparations necessary to minimise loss and ensure continuityof critical business functions in the event of a disaster. A DRPcomprises consistent actions to be undertaken prior to, duringand subsequent to a disaster.

  7. Terms and definitions • maximum tolerable period of disruption: duration after which an organization’s viability will be irrevocably threatened if product and service delivery cannot be resumed • recovery time objective: period of time within which minimum levels of services and/or products and the supporting systems,applications, or functions must be recovered after a disruption has occurred • recovery point objective: point in time to which data must be recovered after a disruption has occurred

  8. Types of Strategies • Avoidance Strategy • Redundant configuration to avoid incidents • Site harden facilities to resist incidents • Redundant utilities and hardware • Automated operation recovery plan • Mitigation Strategy • Early warning detection • Contractual agreements with vendors • Mirrored data and documents • Detailed migration recovery plan • Recovery Strategy • High level recovery plan • Off-site data storage • Very responsive vendor relationships • Very knowledgeable employees Types of Strategy Options • Hot site • Cold site • Self Backup • Service Bureau • Reciprocal Agreement

  9. Criteria for a Critical Business Function • Timing Requirements • Minutes • Hours • Days • Weeks • Quarters • Special Situations Cost of Control vs. Impact Cost of Impact $ Cost of Control $ Impact Cost

  10. Wide Area Clustering Site Migration Failover Replication

  11. Audit Program/ICQ

More Related