Business Continuity Implementation Planning

In: Computers and Technology

Submitted By atramposh
Words 1104
Pages 5
Anne Tramposh
CSS150-1304A-02
Introduction to Computer Security
Professor Mark Ford
10/26/2013

Business Continuity Implementation Planning
A Business Continuity Plan is “a plan for how to handle outages to IT systems, applications and data access in order to maintain business operation. A Business Impact Analysis is a prerequisite analysis for a Business continuity plan that prioritizes mission critical systems, applications and data and the impact of an outage or downtime.” (Kim. 2012. Pg.478)
Every organization faces risk. Sometimes risk is measurable and predictable, and other times it is not. For example, a lawn care company knows that it has a seasonal business. There is some unpredictability in the seasons in that you do not know for sure if it is going to be a “wet” spring or a “dry” spring, or a hot summer or a cooler summer and so on. However, at least in the Midwest, a lawn care company can pretty well determine that we will have winter, spring, summer and fall. Additionally, it is predictable that the grass will need mowing from about mid to late March all the way through November. So, there is a small risk that it may start a little later and/or end a little sooner, but on the average it is fairly predictable.
Other organizations have much greater risk inherent in their organizations. For example, a small stock brokerage firm may lose its entire business if stocks take the type of tumble that they did in 1998. (I personally know of some small firms that did just that – many family firms that had been in business for over 60 years.)
Just as risk can be defined from an organizational standpoint, risk can also be defined with regard to Information Technology. For a Security Professional, “risk is the likelihood that a particular threat exposes a vulnerability that can damage (an) organization.” (Kim. 2012. Pg 250.) In order to determine the…...

Similar Documents

Business Continuity Planning

...Business continuity planning Business continuity impact analysis identifies the effects resulting from disruption of business functions and processes. It also uses information to make decisions about recovery priorities and strategies. The Operational & Financial Impacts worksheet can be used to capture this information as discussed in Business Impact Analysis. The worksheet should be completed by business function and process managers with sufficient knowledge of the business. Once all worksheets are completed, the worksheets can be tabulated to summarize: • the operational and financial impacts resulting from the loss of individual business functions and process • the point in time when loss of a function or process would result in the identified business impacts Those functions or processes with the highest potential operational and financial impacts become priorities for restoration. The point in time when a function or process must be recovered, before unacceptable consequences could occur, is often referred to as the “Recovery Time Objective.” Resource Required to Support Recovery Strategies Recovery of a critical or time-sensitive process requires resources. The Business Continuity Resource Requirements worksheet should be completed by business function and process managers. Completed worksheets are used to determine the resource requirements for recovery strategies. Following an incident that disrupts business operations, resources will be needed to carry......

Words: 1185 - Pages: 5

Bcp - Business Continuity Plan

...Business Continuity Plan | | [Type the author name] | 5/16/2013 | | Part 1 I. Initiation of the BCP The initiation of a BCP is an effort by the company to ensure that mission-critical functions of the organization have the ability to continue operations in the event of a disruption. II. Business Impact Analysis The BIA is the part of the BCP that prioritizes mission-critical functions and processes and accesses the impact of various types of disruptions. This includes but is not limited by intruders, injections, server crashes and more. III. Business Continuity / Disaster Readiness / Recovery Business continuity is described as the ability of a business to continue to operate during and after a disaster. Disaster Readiness is how well an organization is prepared to handle a disaster. Recovery is what must be done in the event of a disaster to bring the organization back to normal functionality. IV. Develop & Implement the Plan This is the process of creating a plan that details how the organization will react in the event of a disaster, and the implementation of the plan is informing management, employees, and customers of the new policies. V. Test & Update the Plan The testing of the plan consists of either simulations or full-blown test of the plan. This will help to identify anything that was missed in the development phase and allow for the plan to be properly updated. Part 2 Lab 8 Questions 1. A BCP can help to...

Words: 456 - Pages: 2

Business Continuity Planning

...through the above activities. Impact is like an output. In the context of Risk assessment, the relation between Assets, Threats, Vulnerabilities, Impact and Risk can be clearly understood with the aid of this picture. 2. Risk Assessment versus Business Impact Analysis In today’s world, the difference between Risk assessment (RA) and Business impact analysis (BIA) are becoming increasingly thin, and in many cases we see the terms being used interchangeably.  However, This is not correct and may pose a risk to the organization through not understanding the important unique features of each process. Risk Assessment Simply put, Risk assessment is a structure discipline that must discover the threats, vulnerabilities, and values of an organization’s assets. A key factor in risk assessment is the determination of the likelihood of and adverse event affecting an Organization, process, or system. Risk assessment is a valuable tool to help the organization recognize itself threat environment and ensure that the steps are undertaken to minimize the resulting risks to an acceptable level. Business Impact Analysis (BIA) The BIA is the key to a successful BCP implementation. Understanding and standardizing Enterprise business process names is critical to the success of the BIA. The intent of the BIA process is to help the organization’s management appreciate the magnitude of the operational and financial impacts associated with a disaster or serious disruption. When they......

Words: 882 - Pages: 4

Business Continuity and Disaster Planning

...business Continuity Module 4, Discussion 1 Disaster preparedness for business continuity as a contribution to community recovery Heidi Generaux Walden University Disaster preparedness for business continuity as a contribution to community recovery. A disaster is an event that overwhelms available resources. Businesses within a community are necessary resources available to the community. According to the Federal Emergency Management agency 4% of businesses never reopen following a natural disaster (GetReady website, no date). This statistic does not bode well for the economic well-being of the community (Arend, 2005). The better prepared a business is for a crisis that is also experienced by the larger community (such as a large scale fire, chemical spills, pandemic, power outage or extreme weather or geological event) the greater its ability to ensure business continuity throughout the event or reduce delay in recovery (Prewitt, 2005). When business are up and operating during or immediately following a disaster, I believe the community is better able to move into and through the recovery period more quickly than when the businesses have been chronically or mortally wounded. When businesses remain functional employment (and thus individual incomes) remain intact, as well, access to necessary day to day and special disaster recovery items and services are available. Historically, businesses concerned themselves with planning for crisis in service demand.......

Words: 714 - Pages: 3

Business Continuity Plan

...BUSINESS CONTINUITY PLAN (BCP) Business Continuity Plan (BCP) American Public University Instructor: Jenelle Davis, MS, CISSP, CISM, CISA, CSSLP September 12, 2014 Business Continuity Plan (BCP) The word Business continuity Planning is a plan that is used by businesses of all kinds in order to maintain a complete company presence for any and all customers new and old alike it will help a company in the event of a small incident all the way thru a big catastrophe for example if the company has a power outage and can’t get the systems up with a business continuity plan it would have a reasonable temporary solution for the temporary problem in order to keep the company running ,business as usual, by having a back-up generator that would have power delivered to the building and get all the systems that run on electricity back up and running until the power can be fixed or replaced on a permanent basis, this can also apply to situations that cause a more long term or permanent setback for a company and even in that instance a business continuity plan can be used as well again if the situation is more dire and the company had a problem like lead paint or asbestos or even something of a......

Words: 779 - Pages: 4

Business Continuity Plan

...Business Continuity Plan Under Development (May 2006) California State University, Stanislaus CALIFORNIA STATE UNIVERSITY, STANISLAUS BUSINESS CONTINUITY PLAN May 2006 Table of Contents INTRODUCTION I. II. III. IV. V. Incident Command System Business Impact Analysis Risk Assessment Business Plan for Localized Business Disruption Business Plan for Pandemics Page 3 Pages 4-7 Pages 8-11 Pages 12-13 Pages 14-15 Pages 16-17 Pages 18-19 Pages 20-36 Appendix IV-A: Power Outage Business Continuity Plan Appendix V-A: Pandemic Flu Business Continuity Plan 2 Final CP 5-30-06 CALIFORNIA STATE UNIVERSITY, STANISLAUS BUSINESS CONTINUITY PLAN May 2006 INTRODUCTION A Business Continuity Plan (BCP) is developed by an institution to plan for and describe how it will respond to and recover from disruptions. These disruptions can be localized threats (e.g., earthquakes, fires, floods, bombs, etc.) or global threats (e.g., Flu Pandemic). As part of the overall Emergency Operations Plan, California State University, Stanislaus has developed, and continues to refine and enhance, a Business Continuity Plan (BCP) for the University. This plan is about maintaining, resuming, and recovering the University’s activities as an educational institution. It considers human factors along with operational issues. The BCP was developed by a team of the University’s senior administrators and department managers representing all University divisions: Business & Finance, Academic......

Words: 10523 - Pages: 43

Business Continuity

...1. Go online and conduct research on business continuity planning (BCP). 2. In 600 words, write a APAv6 formatted paper which discusses the following: ◦ What does this term mean? ◦ What practices or procedures does it include? ◦ Why should IT personnel be concerned with business continuity planning? Business Continuity Plan Before businesses were involved in contingency management, disaster recovery and contingency planning were predominantly IT driven responses to the increased attacks of Mother nature and terrorist events in the late 80s and early 90s (Tangen & Austin, 2012). It became apparent to business owners the link between events and profit loss which led to the establishment of business led processes. These processes were developed and planned to address the types of threats that could occur and affect business operations. The discipline became known as business continuity management (BCM). Business continuity management is about identifying and understanding the risks to the everyday running of a business and planning how business will be maintained if an incident actually happens (Business Bolton, n.d.). When a business is disrupted, it suffers financially. A business continuity plan (BCP) is a collection of procedures and information which is developed, compiled and maintained in prep for use in the event of an emergency or disaster. of any kind. Types of incidents identified addresses IT system crashes along with ,......

Words: 947 - Pages: 4

Business Continuity

...outage (northeast power outage of 2003) can prevent companies from continuing to provide services to their customers and could affect trust between the customer and business in the long term. Such an event could bring down the company, possibly affecting everyone connected in its organization. “Business continuity (BC) refers to maintaining business functions or quickly resuming them in the event of a major disruption.” (Tittel, 2013) An organization creates a plan that will contain instructions on how to continue in lieu of an activating event. The military has simple contingency plans for communications called “PACER”. (P) Primary, (A) Alternate, (C) Contingency, (E) Emergency and (R) Redundancy. Every unit has these plans whether it is during combat operations or back at their home base. The best way to establish your business continuity plan is to understand your organization and what areas are vulnerable if certain systems are lost, such as a loss of electricity. The plan must cover short term, long term and finally the recovery from the event. Every company will have their own steps in creating a continuity plan. Some of the basic steps include: (1) Identifying the scope of the plan. There should be multiple plans for different events you can’t only have one plan for one event. (2) Identify key business areas. Can we survive without these branches of the organization but make it with these. (3) Identify Critical functions. Once you have decided which parts of your......

Words: 687 - Pages: 3

Business Continuity Planning

...Business Continuity Planning – Proactive and Reactive Business Continuity is managing and establishing plans that will help the organization to stand up again on its feet to continue its business. As we had learned in the class Business Continuity is the process of ensuring continuance of a business if a disruption occurs. This planning is like an immunological fort and a preventive shield which means a focus on the prevention of unplanned events, rather than just the cure. This has meant that disaster recovery has now become a subset of the whole process that covers the whole lifecycle of disaster prevention and recovery. Nowadays we need business continuity planning more than before. Within few years most news headlines capture many kind of catastrophes suck as bombs, fires, floods, and tornadoes. Most of time these catastrophes are not predictable such as the events of 9/11 that had affect many organizations not just the World Trade Center. So when I have a good complete preventive plan I can make sure of the continuity of the business after a disaster recovery.  In a recent research it has mentioned on average 20 % of all organizations will experience some form of unplanned event once every five years but there is still the need to think about how to cope with the more mundane events, such as power cuts or transport problems. When a crisis or a disaster occur the first thing that often will be affected is the effective communication and the internet. Therefore it...

Words: 786 - Pages: 4

Business Continuity and Disaster Recovery Planning for It Professionals

...affordably. SYNGRESS OUTLET Our outlet store at syngress.com features overstocked, out-of-print, or slightly hurt books at significant savings. SITE LICENSING Syngress has a well-established program for site licensing our e-books onto servers in corporations, educational institutions, and large organizations. Contact us at sales@ syngress.com for more information. CUSTOM PUBLISHING Many organizations welcome the ability to combine parts of multiple Syngress books, as well as their own content, into a single volume for their own internal use. Contact us at sales@syngress.com for more information. 443_Disaster_Rec_FM.qxd 5/25/07 3:07 PM Page ii 443_Disaster_Rec_FM.qxd 5/25/07 3:07 PM Page iii Business Continuity & Disaster Recovery for IT Professionals Susan Snedaker, MCSE, MCT 443_Disaster_Rec_FM.qxd 5/25/07 3:07 PM Page iv Elsevier, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work. There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or......

Words: 189146 - Pages: 757

Compare and Contrast Various Business Continuity & Disaster Recovery Planning Models.

...and Contrast various Business Continuity & Disaster Recovery Planning models. Information is a vital resource to modern companies. The loss of that information can throw a company into chaos and even be the end of it. For these reasons, businesses go to great lengths to ensure that the information they store and rely on will always be safe and available. Unfortunately despite these best efforts, disaster can still strike and the few hours of days after such an event may be crucial to the long term survival of the company. This is why businesses must be able to recover quickly from natural and man-made disasters. Business Continuity & Disaster Recovery covers how companies should act in the hours and days after a disruptive event. “What is Business Continuity and Disaster Recovery” describes disaster recovery as “...specific steps taken to resume operations in the aftermath of a catastrophic natural disaster or national emergency.” They go to give examples of such steps to include restoring servers and data connections, egress, employee muster, etc. Business Continuity is described as a the steps a company takes to ensure its information systems don't go down during a disaster (What is Business Continuity and Disaster Recovery). This may include the location of hot or cold sites as well as procedures for relocating to them. Disaster Recovery plans may also focus on preventive measures such as smoke alarms and fire drills (Smith, C., n.d.). Business recovery plans may......

Words: 399 - Pages: 2

Enterprise Continuity Planning

...------------------------------------------------- ENTERPRISE CONTINUITY PLANNING FXT2 TASK 2 November 10, 2015 chrystal kimbrough WGU November 10, 2015 chrystal kimbrough WGU EXPLANATION SUMMARY ENTERPRISE CONTINUITY PLANNING A company’s worst fear came to fruition when an employee hacked into his own records on the human resource system and was successful in modifying their own records. The employee gave himself an increase in pay by increase his base salary rate. The employee had success in performing this crime by spoofing an IP address, allowing their self the ability to eavesdrop on the network. By spoofing the specific IP address, the employee was able to find the location of the data and successfully modified it for their gain. After the fact, the employee received two paychecks containing the fraudulent salary. An auditor, who was effectively performing their job duties, became aware of the fraudulent acts of the employee, and thus sent an email to several pertinent individuals within the organization making them aware of the situation and that there is potentially a discretion with the employee’s paycheck. Probably on the “look-out” for reaction from their errant ways, the employee somehow was able to intercept the emails that were intended for the original recipients. The employee then created falsified responses, posing them to seem as if they were coming from the intended individuals that the original email was sent to. This exchange went on back......

Words: 3197 - Pages: 13

The Cost of Business Continuity Planning Versus the Potential of Risk

...The Cost of Business Continuity Planning Versus the Potential of Risk Though the cost of mitigating risk can be high, the lack of proper business continuity planning and disaster recovery planning will leave a company is at risk of a catastrophic loss of revenue due to the loss of the Information Systems. Any company that relies on its Information Systems for their operations should invest the time and revenue in developing an efficient and effective Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP). This study will compare the differences in what a Business Continuity Plan is used for and what a Disaster Recovery Plan is used for. Additionally, it will evaluate the risk having a Business Continuity Plan and Disaster Recovery Plan versus accepting the potential loss of revenue and business in the event of a disaster. It is important to any company that uses it Information Systems to generate revenue. If a company is effected by a disaster, the longer a company takes to respond to the emergency and recover its resources, the more time it will take the company to get back to normal operations (Harris, 2013, p. 887). As history has shown, our world has and will continue to experience many destructive events such as, floods, earthquakes, terrorism, hurricanes, and many other catastrophic events that could cripple a company that is not prepared. Disasters are uncontrollable and over time, every organization will have to deal with the fallout of a disaster. Three...

Words: 2924 - Pages: 12

Continuity Planning Overview

...University Continuity Planning Overview CIS-359: Disaster Recovery Management October 29, 2015 Introduction: This paper will briefly expound upon the lead position or manager’s role, of a healthcare company. It will provide a list of responsibilities a business continuity manager is expected to perform, how to build the framework for, and execute a business continuity plan, and also display a chart that pertains to giving a BCP presentation. Explain four high-level activities that aid in the initiation of a viable, business continuity plan. The role of an experienced business continuity manager in a healthcare business must identify and implement all of aspects of the business’, business continuity plan or BCP. To remain in accordance with the BCP, in preparation for disaster, from the start date, while it is in ongoing stages, and also afterward. Business continuity managers, work directly and strategically with the in-house BCM (Business Continuity Management) division, the business owner, and also the BCM’s, guidance and/or steering committee. They are expected to supervise, utilize paramount communication skills, monitoring the efficiency and progress of those team members and/or subordinates, who report directly to the, business continuity manager. In a healthcare environment, an efficient and thorough business continuity leader, structures accountability framework, by working close-knit with the business’ IT department, existing business......

Words: 1125 - Pages: 5

Business Continuity Plan

...Richman Investments Business Continuity Plan Implementation Planning By Quentin Ward Introduction Richman Investments is emerging as one of the top e-commerce businesses. In order to better protect our great company I have created a BCP or Business Continuity Plan to be able to offset any problems that may arise and threaten our company’s functions and activities. Included in this BCP will be a BIA (Business Impact Analysis) and a RA (Risk Analysis). Overview 1.1 Policy Statement It is the policy of Richman Investments to always have a Business Continuity Plan in place for all non-critical and critical functions. To ensure that the BCP is implemented each department manager is asked to see to it that the plan is carried through. 1.2 Introduction This is a Business Continuity Plan for Richman Investments located at 834 Harrison Lane Beverley Hills, CA 90210. It has been developed in compliance with the National Fire Protection Association (NFPA) Standard 1600. This plan was created in order to aid Richman Investments in any type of recovery effort needed. Employees should read and adhere in conjunction to the Business Continuity Plan to ensure their safety and the company’s well being. 1.3 Confidentiality Statement This document is classified as confidential property of Richman Investments. The sensitivity of the information contained in this document is only intended for the viewing and use of Richman Investment employees. Unauthorized......

Words: 794 - Pages: 4