How an organization responds to a cyber security incident or any other event that causes the loss of operations or data. We have provided detailed training on these two topics in the CISSP Training Course. In recent years, Disaster Recovery, and business continuity have more important role in enterprise computing budgets.

Disaster recovery is the process by which you resume business after a disruptive event. The event might be something huge-like an earthquake or the terrorist attacks on the World Trade Center-or something small, like malfunctioning software caused by a computer virus. The Disaster Recovery Plan is typically focused on the technology and infrastructure that supports organization’s operations.

Source: csoonline.com

The general process of disaster recovery include:

  1. Responding to the disruption
  2. Activation of the recovery team
  3. Ongoing tactical communication
  4. Assessment of the damage
  5. Recovery of critical assets and processes

Business continuity requirements, ensures the continuity of IT operations that is maintained from the primary or alternate locations during an incident or disastrous events. Business continuity requirements are based on the business continuity planning (BCP).

BCP Goals include:

  • Ensure the continuity of business operations without affecting the whole organization.
  • Availability is most important factor.

BCP Process include:

  • Scoping: The scope of a BCP primarily focuses on a business process. The primary principle of BCP scoping is ensuring that the scoping process includes all the essential resources.
  • Initiating the Planning Process: Establishing the roles and responsibilities of personnel involved
  • Performing Business Impact Analysis: It is a type of risk assessment application that tries to assess qualitative and quantitative impacts on the business due to a disruptive event. Quantitative impacts are related to financial losses but Qualitative impacts are operational impacts such as the inability to deliver. This process has eight steps, which we will describe soon.
  • Developing the BCP: Identify critical business processes and functions.
  • BCP Implementation: The senior management must approve the properly documented business continuity plans, until then based on, it the plans are implemented.
  • BCP Maintenance: Create a plan to maintain operations. The plans need to be periodically reviewed and updated.
  • BCP Documentation: Read this post about it. 

 

Read more about disaster recovery here.

 

———————————

Source:

csoonline.com