CIS 502 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

Better Essays
Business Continuity and
Disaster Recovery Planning

Definition
Disaster: is a natural or man-caused event that

damages property and assets, injures or kills people, and impairs the ability for organizations to continue operating.
Business Continuity Planning: is the set of activities required to ensure the continuation of critical business processes when a disaster occurs. Disaster Recovery Planning: is the set of activities concerned with the assessment, salvage, repair, and restoration of damaged facilities and assets that support critical business processes. Two Main Kind of Categories of
Disaster
Natural Disaster
Geological
Meteorological
Other
Health

Man-Made Disasters
Labor
Social-Political
Material
Utilities

How Disaster affect
Business?
Direct Damage
Transportation
 Supply Disruption
 Customer Disruption
 Employee Disruption

Communication
Utilities

Contingency Planning
Process

High Level Contingency and Disaster
Recovery Planning Strategy
• Develop the Business Contingency Planning








Policy and Business Process Priorities
Conduct a Risk Assessment
Conduct the Business Impact Analysis (BIA)
Develop Business Continuity and Recovery
Strategies
Develop Business Continuity Plans
Conduct awareness, testing, and training of the
DRP
Conduct Disaster Recovery Plan maintenance and exercise
Identify business processes

Industry Standards
ISO 27001 : Requirements for Information

Security Management Systems. Section 14 addresses business continuity management.
ISO 27002: Code of Practice for Business

Continuity Management.

Industry Standards
NIST 800-34
 Contingency planning



NFPA 1600

 Standard on

guide for information

Disaster/Emergency

Technology systems.

management and

 Seven steps process for

BCP and DRP projects.
 From U.S. national

Institute for Standards and Technology.

business community program.  From U.S. National Fire

protection association.

Industry Standards
NFPA 1620: The



References: Gregory, P. (2010). CISSP Guide to Security Essentials DHS (2012). Business Continuity Plan. Last updated on 12/19/2012 Retrieved on 07/20/2014 from FEMA (2012). Continuity of Operations. Retrieved on 07/20/2014 from July 22, 2014, from http://www.sans.org/readingroom/whitepapers/recovery/disaster-recovery-plantesting-cycle-plan-plan-cycle-563

You May Also Find These Documents Helpful

  • Good Essays

    Contents Introduction 2 Key terms 2 What is the difference between disaster recovery and business continuity planning? 2 The Need for Business Continuity/Disaster Recovery Planning and Management 3 The Phases of Business Continuity and Disaster Recovery Planning, Implementation, and Management 3 Types of Plans 3 Typical Contents of a BC/DR Plan 4 Benefits and Risks 4 Benefits 4 Risks 5 Conclusion 6 Introduction Every business and organization can experience a serious incident which can prevent…

    • 2027 Words
    • 9 Pages
    Good Essays
  • Satisfactory Essays

    the business continuity and disaster recovery in their outlook. Basically, business continuity plan is more like acknowledging whereas the disaster planning is ardent. Business continuity includes series of steps and operations performed by the organization to withstand at the time of disaster and also in fact follows the list of disaster recovery plans. Disaster recovery is the process of refurbishing the data and application that moves the business forward and business continuity planning is the…

    • 259 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Disaster Recovery Planning

    • 1656 Words
    • 7 Pages

    Disaster Recovery Planning Disaster recovery planning can best be defined as an organization’s procedures for continuing operations in the event of the destruction of program and data files, as well as processing capability. In the case of any disaster or incident that causes a stop in the continuing work, businesses must be prepared with a business continuity plan, or a way to resume the activities required to keep your organization running during a period of displacement or interruption…

    • 1656 Words
    • 7 Pages
    Powerful Essays
  • Good Essays

    a healthy Business Continuity and Disaster Recovery Plan. Why is it important? A comprehensive risk assessment exercise will help an organization to understand the wide-ranging threats it can be exposed to, the possible extent of damage and therefore the required steps for damage control. A healthy Risk Assessment helps to determine how each functional area of a business would be impacted in the event of a crisis (Manmade or Natural) and it further helps in prioritizing recovery plans based…

    • 500 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Disaster Recovery Planning

    • 2339 Words
    • 10 Pages

    Introduction "Common natural disasters area a leading cause of data loss…" says Bud Stoddard, AmeriVault President and CEO. Events such as the 8.3 earthquake that struck Hokkaido Japan September 25, 2003, and the firestorm in San Diego just weeks ago are just two examples of how natural disasters are devastating millions of unprepared businesses around the world. These are not the only events that must be considered, however. The terrorist attacks against the US on 9/11/01 and the biggest blackout…

    • 2339 Words
    • 10 Pages
    Powerful Essays
  • Good Essays

    Disaster Recovery Plan VS Business continuity Plan CMGT245 Differences between a Disaster Recovery Plan and a Business Continuity Plan A Disaster Recovery Plan and a Business Continuity plan are very similar yet they also hold unique properties to themselves. Each one works with the other to keep a business working in case of an emergency. A Disaster Recovery Plan is a document of standard operating procedures and personnel are needed to execute those procedures within the IT department…

    • 745 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    basis principles of disaster recovery planning and understanding the process. The information presented is to help prepare you to respond to a disaster and restore normal operations afterward. There is a lot of information that goes into a disaster recovery plan, so we will discuss a few of the important steps that need to be approached. One of the first things a company should do is ask what types of requirements or pressures it faces when deciding how to prioritize business processes and facilities…

    • 2920 Words
    • 12 Pages
    Powerful Essays
  • Powerful Essays

    Business Continuity Planning, Backup, and Recovery An important strategy for organizations is to be prepared for any eventuality. A critical element in any security system is a business continuity plan, also known as a disaster recovery plan. Business continuity is the chain of events linking planning to protection and recovery. The purpose of the business continuity plan is to keep the business operating after a disaster occurs. The plan prepares for, reacts to, and recovers from events that…

    • 1339 Words
    • 6 Pages
    Powerful Essays
  • Good Essays

    Disaster Recovery

    • 3816 Words
    • 16 Pages

    WHITE PAPER A Practical Guide to Disaster Recovery Planning: The basics to getting started. Brace Rennels, Business Continuity published: March 2006 Executive Summary When you think about your disaster recovery plan, does your tape backup system come to mind? Does the mere mention of disaster recovery make you a bit nervous? If so, you're not alone. Many businesses risk grave losses due to failures and disasters yet continue to depend on their tape backups to help them recover successfully…

    • 3816 Words
    • 16 Pages
    Good Essays
  • Better Essays

    Disaster Recovery Planning in Banking Sector Introduction On September 11, 2001, the terrorist attack destroyed the World Trade Center in New York, which was the most highly concentrated financial area. This attack not only destroyed the twin towers, but also ruined the financial system. Banks located in the World Trade Center went through an unprecedented disaster. The company’s back-up facilities which were too close to the primary facilities were disrupted as the primary facilities. Single…

    • 2502 Words
    • 9 Pages
    Better Essays