SlideShare a Scribd company logo

Managing Risk in Information SystemsLesson 6Business Imp.docx

Download as DOCX, PDF
C
croysierkathey

Managing Risk in Information Systems Lesson 6 Business Impact Analysis and Continuity Planning © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objectives Perform a business impact analysis. Create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization. Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts Purpose of BIA Critical success factors of BIA Steps involved in implementing a BIA BIA best practices Comparing a BCP and a DRP Major elements of BCP Phases of a BCP Steps for implementing a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Chapter 13 Slides Chapter 13: “Mitigating Risk with a Business Continuity Plan” Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Business Continuity Plan? A plan designed to help an organization continue to operate during and after a disruption BIA is included as part of a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Business Continuity Plan? BIA key objectives that directly support the BCP: Identify critical business functions (CBFs) Identify critical processes supporting the CBFs Identify critical IT services supporting the CBFs, including any dependencies Determine acceptable downtimes for CBFs, processes, and IT service Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Elements of a BCP Purpose and scope Assumptions and planning principles System description and architecture Responsibilities Phases Plan training, testing, and exercises Plan maintenance Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Description and Architecture Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Description and Architecture Show system interaction Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. BCP Roles and Responsibilities BCP program manager BCP coordinator BCP teams Emergency Management Team (EMT) Damage Assessment Team (DAT) Technical Recovery Team (TRT) Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblear ...

Education
1 of 12
Managing Risk in Information Systems Lesson 6 Business Impact Analysis and Continuity Planning © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objectives Perform a business impact analysis. Create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization. Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts Purpose of BIA Critical success factors of BIA Steps involved in implementing a BIA
BIA best practices Comparing a BCP and a DRP Major elements of BCP Phases of a BCP Steps for implementing a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Chapter 13 Slides Chapter 13: “Mitigating Risk with a Business Continuity Plan” Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Business Continuity Plan? A plan designed to help an organization continue to operate during and after a disruption BIA is included as part of a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
All rights reserved. What Is a Business Continuity Plan? BIA key objectives that directly support the BCP: Identify critical business functions (CBFs) Identify critical processes supporting the CBFs Identify critical IT services supporting the CBFs, including any dependencies Determine acceptable downtimes for CBFs, processes, and IT service Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Elements of a BCP Purpose and scope Assumptions and planning principles System description and architecture Responsibilities Phases Plan training, testing, and exercises Plan maintenance Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved.
System Description and Architecture Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Description and Architecture Show system interaction Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. BCP Roles and Responsibilities BCP program manager BCP coordinator BCP teams Emergency Management Team (EMT) Damage Assessment Team (DAT) Technical Recovery Team (TRT) Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com All rights reserved. Phases within a BCP Plan Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Notification/activation phase Recovery phase Reconstitution phase Defining Data that Needs to Be Protected Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The BCP should list all the critical components for the system. There are two reasons for including this data: First, it makes it clear which components are needed for the critical business functions (CBF). Second, it provides a list that you can use to restore the system from scratch.
This list includes any equipment, such as servers, switches, and routers. The servers may need to be rebuilt from scratch. Therefore, the BCP should list the operating system and any applications needed to support the system. If an image is used to rebuild servers, it will list the version number. Data can include a database hosted on the system. It can also include any type of files, such as documents or spreadsheets. Last, the list can include any needed supplies: This can be simple office supplies, such as printer paper and toner. For some systems, it can include technical supplies, such as special oils for machinery or tools needed for maintenance. 12 Identify all critical components for the system Identify all equipment ~ servers, switches, routers
Include databases hosted on the system Include files ~ documents or spreadsheets Include necessary supplies BCP Best Practices Complete the BIA early Exercise caution when returning functionality from alternate locations Restore least critical functions first Review and update the BCP Test all individual pieces of the plan Conduct test exercises of the plan Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Complete the BIA early—Ensure the BIA is done early in the process for the BCP. Without the BIA, you won’t know what systems are critical. Exercise caution when returning functionality from alternate locations—When restoring functionality from an alternate location to the primary location, consider these best practices:
Restore least critical functions first to the primary location— This allows you to get the bugs out of the process without affecting critical functions. Review and update the BCP regularly—The BCP coordinator should review and update the BCP at least annually. If critical systems are changed or modified between annual reviews, the BCP should be reviewed when those changes or modifications occur. Test all the individual pieces of the plan—This includes basic procedures, such as recalls. Exercise the plan—Verify the plan works by performing test exercises. These exercises should not affect normal operations. 13 Summary Purpose of BIA Critical success factors of BIA Steps involved in implementing a BIA BIA best practices Comparing a BCP and a DRP Major elements of BCP Phases of a BCP Steps for implementing a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. OPTIONAL SLIDES Page ‹#›
Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 7/15/2018 15 Chapter 13 Optional Slides Chapter 13: “Mitigating Risk with a Business Continuity Plan” Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Business Continuity vs. Disaster Recovery Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. BCP Covers all functional areas of a business, it ensures the entire business can continue to operate in the event of a disruption.
Includes a BIA, and also address other non-technical elements of the event. Focused on getting the overall business functions back to normal. DRP Is a function of the IT department, Includes the elements necessary to recover from a disaster, once one is declared. Involves copying the critical data to media or online and then, if required, moving the IT operations off site to recover, if required. Focused on restoring and recovering IT functions. 17 BCP Covers all functional areas of business Includes a business impact analysis (BIA) Focused on business function recovery DRP Function of the IT department
Focused on IT function recovery Recovery from a declared disaster Steps for Implementing a BCP Create BCP scope statements Conduct business impact analysis (BIA) Identify countermeasures and controls Develop individual disaster recovery plans (DRPs) Implement training Test and exercise plans Maintain and update plans Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Why Use a Business Continuity Plan? What happens if electrical power is lost? What happens if servers go down? What are the critical business functions to maintain? What must remain intact to conduct business? What is the risk of being without a BCP? Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com All rights reserved.

Recommended

Business Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxBusiness Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxfelicidaddinwoodie
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
Building Organizational Resilience Presentation - ISSA Special Interest Group...
Building Organizational Resilience Presentation - ISSA Special Interest Group...Building Organizational Resilience Presentation - ISSA Special Interest Group...
Building Organizational Resilience Presentation - ISSA Special Interest Group...Bryghtpath LLC
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Disaster Biz Resumpt
Disaster Biz ResumptDisaster Biz Resumpt
Disaster Biz ResumptJimGroark
 
Documentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxDocumentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxpetehbailey729071
 
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxBusiness Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxfelicidaddinwoodie
 
206610 instantis for the enterprise
206610 instantis for the enterprise206610 instantis for the enterprise
206610 instantis for the enterprisep6academy
 

Recommended

Business Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxBusiness Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxfelicidaddinwoodie
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
Building Organizational Resilience Presentation - ISSA Special Interest Group...
Building Organizational Resilience Presentation - ISSA Special Interest Group...Building Organizational Resilience Presentation - ISSA Special Interest Group...
Building Organizational Resilience Presentation - ISSA Special Interest Group...Bryghtpath LLC
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Disaster Biz Resumpt
Disaster Biz ResumptDisaster Biz Resumpt
Disaster Biz ResumptJimGroark
 
Documentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxDocumentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxpetehbailey729071
 
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxBusiness Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxfelicidaddinwoodie
 
206610 instantis for the enterprise
206610 instantis for the enterprise206610 instantis for the enterprise
206610 instantis for the enterprisep6academy
 
A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5Gewurtz
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Julie Rampello
 
Suchasmita Padhi Resume
Suchasmita Padhi ResumeSuchasmita Padhi Resume
Suchasmita Padhi ResumeSuchasmita Padhi
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planingHanaysha
 
Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21Business As Usual, Inc.
 
Julie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationJulie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationProjetech
 
JF Burguet - ERP Experiences
JF Burguet - ERP ExperiencesJF Burguet - ERP Experiences
JF Burguet - ERP ExperiencesJean Francois Burguet
 
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Technical Performance Measures
Technical Performance MeasuresTechnical Performance Measures
Technical Performance MeasuresGlen Alleman
 
Network Admin D R P
Network Admin D R PNetwork Admin D R P
Network Admin D R Pcolmbennett
 
Integrated Program Performance Management
Integrated Program Performance ManagementIntegrated Program Performance Management
Integrated Program Performance ManagementGlen Alleman
 
The Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster RecoveryThe Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster Recoverycadavis22
 
JISommerResume
JISommerResumeJISommerResume
JISommerResumeJohn Sommer
 
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...AppDynamics
 
Security Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docxSecurity Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docxjeffreye3
 
Self-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch CompleteSelf-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch CompleteDatawatchCorporation
 
Chap6 2007 Cisa Review Course
Chap6 2007 Cisa Review CourseChap6 2007 Cisa Review Course
Chap6 2007 Cisa Review CourseDesmond Devendran
 
Chap6 2007 C I S A Review Course
Chap6 2007 C I S A Review CourseChap6 2007 C I S A Review Course
Chap6 2007 C I S A Review CourseDesmond Devendran
 
Six ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAMSix ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAMGlen Alleman
 
High Performance BI Infrastructure Maintenance
High Performance BI Infrastructure MaintenanceHigh Performance BI Infrastructure Maintenance
High Performance BI Infrastructure Maintenancebrunomase
 
1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docx1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docxcroysierkathey
 
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docxcroysierkathey
 

More Related Content

Similar to Managing Risk in Information SystemsLesson 6Business Imp.docx

A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5Gewurtz
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Julie Rampello
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planingHanaysha
 
Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21Business As Usual, Inc.
 
Julie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationJulie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationProjetech
 
Technical Performance Measures
Technical Performance MeasuresTechnical Performance Measures
Technical Performance MeasuresGlen Alleman
 
Network Admin D R P
Network Admin D R PNetwork Admin D R P
Network Admin D R Pcolmbennett
 
Integrated Program Performance Management
Integrated Program Performance ManagementIntegrated Program Performance Management
Integrated Program Performance ManagementGlen Alleman
 
The Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster RecoveryThe Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster Recoverycadavis22
 
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...AppDynamics
 
Security Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docxSecurity Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docxjeffreye3
 
Self-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch CompleteSelf-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch CompleteDatawatchCorporation
 
Chap6 2007 Cisa Review Course
Chap6 2007 Cisa Review CourseChap6 2007 Cisa Review Course
Chap6 2007 Cisa Review CourseDesmond Devendran
 
Chap6 2007 C I S A Review Course
Chap6 2007 C I S A Review CourseChap6 2007 C I S A Review Course
Chap6 2007 C I S A Review CourseDesmond Devendran
 
Six ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAMSix ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAMGlen Alleman
 
High Performance BI Infrastructure Maintenance
High Performance BI Infrastructure MaintenanceHigh Performance BI Infrastructure Maintenance
High Performance BI Infrastructure Maintenancebrunomase
 

Similar to Managing Risk in Information SystemsLesson 6Business Imp.docx (20)

A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5A Top Down Business Impact Analyses Method V5
A Top Down Business Impact Analyses Method V5
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
 
Suchasmita Padhi Resume
Suchasmita Padhi ResumeSuchasmita Padhi Resume
Suchasmita Padhi Resume
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planing
 
Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21Business Continuation - The basics according to John Small 2014-02-21
Business Continuation - The basics according to John Small 2014-02-21
 
Julie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationJulie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentation
 
JF Burguet - ERP Experiences
JF Burguet - ERP ExperiencesJF Burguet - ERP Experiences
JF Burguet - ERP Experiences
 
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
 
Technical Performance Measures
Technical Performance MeasuresTechnical Performance Measures
Technical Performance Measures
 
Network Admin D R P
Network Admin D R PNetwork Admin D R P
Network Admin D R P
 
Integrated Program Performance Management
Integrated Program Performance ManagementIntegrated Program Performance Management
Integrated Program Performance Management
 
The Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster RecoveryThe Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster Recovery
 
JISommerResume
JISommerResumeJISommerResume
JISommerResume
 
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
How the World Bank Standardized on AppDynamics as its Enterprise-Wide APM Sol...
 
Security Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docxSecurity Policies and Implementation IssuesChapter 12Inciden.docx
Security Policies and Implementation IssuesChapter 12Inciden.docx
 
Self-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch CompleteSelf-Service Data Preparation with Monarch Complete
Self-Service Data Preparation with Monarch Complete
 
Chap6 2007 Cisa Review Course
Chap6 2007 Cisa Review CourseChap6 2007 Cisa Review Course
Chap6 2007 Cisa Review Course
 
Chap6 2007 C I S A Review Course
Chap6 2007 C I S A Review CourseChap6 2007 C I S A Review Course
Chap6 2007 C I S A Review Course
 
Six ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAMSix ½ Day Sessions on the Road To Becoming a CAM
Six ½ Day Sessions on the Road To Becoming a CAM
 
High Performance BI Infrastructure Maintenance
High Performance BI Infrastructure MaintenanceHigh Performance BI Infrastructure Maintenance
High Performance BI Infrastructure Maintenance
 

More from croysierkathey

1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docx1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docxcroysierkathey
 
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docxcroysierkathey
 
1.Purpose the purpose of this essay is to spread awareness .docx
1.Purpose the purpose of this essay is to spread awareness .docx1.Purpose the purpose of this essay is to spread awareness .docx
1.Purpose the purpose of this essay is to spread awareness .docxcroysierkathey
 
1.  Tell us why it is your favorite film.2.  Talk about the .docx
1.  Tell us why it is your favorite film.2.  Talk about the .docx1.  Tell us why it is your favorite film.2.  Talk about the .docx
1.  Tell us why it is your favorite film.2.  Talk about the .docxcroysierkathey
 
1.What are the main issues facing Fargo and Town Manager Susan.docx
1.What are the main issues facing Fargo and Town Manager Susan.docx1.What are the main issues facing Fargo and Town Manager Susan.docx
1.What are the main issues facing Fargo and Town Manager Susan.docxcroysierkathey
 
1.Writing Practice in Reading a PhotographAttached Files.docx
1.Writing Practice in Reading a PhotographAttached Files.docx1.Writing Practice in Reading a PhotographAttached Files.docx
1.Writing Practice in Reading a PhotographAttached Files.docxcroysierkathey
 
1.Some say that analytics in general dehumanize managerial activitie.docx
1.Some say that analytics in general dehumanize managerial activitie.docx1.Some say that analytics in general dehumanize managerial activitie.docx
1.Some say that analytics in general dehumanize managerial activitie.docxcroysierkathey
 
1.What is the psychological term for the symptoms James experiences .docx
1.What is the psychological term for the symptoms James experiences .docx1.What is the psychological term for the symptoms James experiences .docx
1.What is the psychological term for the symptoms James experiences .docxcroysierkathey
 
1.Write at least 500 words discussing the benefits of using R with H.docx
1.Write at least 500 words discussing the benefits of using R with H.docx1.Write at least 500 words discussing the benefits of using R with H.docx
1.Write at least 500 words discussing the benefits of using R with H.docxcroysierkathey
 
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docxcroysierkathey
 
1.  Discuss the cultural development of the Japanese and the Jewis.docx
1.  Discuss the cultural development of the Japanese and the Jewis.docx1.  Discuss the cultural development of the Japanese and the Jewis.docx
1.  Discuss the cultural development of the Japanese and the Jewis.docxcroysierkathey
 
1.  Discuss at least 2  contextual factors(family, peers,  school,.docx
1.  Discuss at least 2  contextual factors(family, peers,  school,.docx1.  Discuss at least 2  contextual factors(family, peers,  school,.docx
1.  Discuss at least 2  contextual factors(family, peers,  school,.docxcroysierkathey
 
1.Write at least 500 words in APA format discussing how to use senti.docx
1.Write at least 500 words in APA format discussing how to use senti.docx1.Write at least 500 words in APA format discussing how to use senti.docx
1.Write at least 500 words in APA format discussing how to use senti.docxcroysierkathey
 
1.The following clause was added to the Food and Drug Actthe S.docx
1.The following clause was added to the Food and Drug Actthe S.docx1.The following clause was added to the Food and Drug Actthe S.docx
1.The following clause was added to the Food and Drug Actthe S.docxcroysierkathey
 
1.What are social determinants of health  Explain how social determ.docx
1.What are social determinants of health  Explain how social determ.docx1.What are social determinants of health  Explain how social determ.docx
1.What are social determinants of health  Explain how social determ.docxcroysierkathey
 
1.This week, we’ve been introduced to the humanities and have ta.docx
1.This week, we’ve been introduced to the humanities and have ta.docx1.This week, we’ve been introduced to the humanities and have ta.docx
1.This week, we’ve been introduced to the humanities and have ta.docxcroysierkathey
 
1.What are barriers to listening2.Communicators identif.docx
1.What are barriers to listening2.Communicators identif.docx1.What are barriers to listening2.Communicators identif.docx
1.What are barriers to listening2.Communicators identif.docxcroysierkathey
 
1.Timeline description and details There are multiple way.docx
1.Timeline description and details There are multiple way.docx1.Timeline description and details There are multiple way.docx
1.Timeline description and details There are multiple way.docxcroysierkathey
 
1.The PresidentArticle II of the Constitution establishe.docx
1.The PresidentArticle II of the Constitution establishe.docx1.The PresidentArticle II of the Constitution establishe.docx
1.The PresidentArticle II of the Constitution establishe.docxcroysierkathey
 
1.What other potential root causes might influence patient fal.docx
1.What other potential root causes might influence patient fal.docx1.What other potential root causes might influence patient fal.docx
1.What other potential root causes might influence patient fal.docxcroysierkathey
 

More from croysierkathey (20)

1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docx1.  Discuss the organization and the family role in every one of the.docx
1.  Discuss the organization and the family role in every one of the.docx
 
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
1.  Compare and contrast DEmilios Capitalism and Gay Identity .docx
 
1.Purpose the purpose of this essay is to spread awareness .docx
1.Purpose the purpose of this essay is to spread awareness .docx1.Purpose the purpose of this essay is to spread awareness .docx
1.Purpose the purpose of this essay is to spread awareness .docx
 
1.  Tell us why it is your favorite film.2.  Talk about the .docx
1.  Tell us why it is your favorite film.2.  Talk about the .docx1.  Tell us why it is your favorite film.2.  Talk about the .docx
1.  Tell us why it is your favorite film.2.  Talk about the .docx
 
1.What are the main issues facing Fargo and Town Manager Susan.docx
1.What are the main issues facing Fargo and Town Manager Susan.docx1.What are the main issues facing Fargo and Town Manager Susan.docx
1.What are the main issues facing Fargo and Town Manager Susan.docx
 
1.Writing Practice in Reading a PhotographAttached Files.docx
1.Writing Practice in Reading a PhotographAttached Files.docx1.Writing Practice in Reading a PhotographAttached Files.docx
1.Writing Practice in Reading a PhotographAttached Files.docx
 
1.Some say that analytics in general dehumanize managerial activitie.docx
1.Some say that analytics in general dehumanize managerial activitie.docx1.Some say that analytics in general dehumanize managerial activitie.docx
1.Some say that analytics in general dehumanize managerial activitie.docx
 
1.What is the psychological term for the symptoms James experiences .docx
1.What is the psychological term for the symptoms James experiences .docx1.What is the psychological term for the symptoms James experiences .docx
1.What is the psychological term for the symptoms James experiences .docx
 
1.Write at least 500 words discussing the benefits of using R with H.docx
1.Write at least 500 words discussing the benefits of using R with H.docx1.Write at least 500 words discussing the benefits of using R with H.docx
1.Write at least 500 words discussing the benefits of using R with H.docx
 
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx
1.What is Starbucks’ ROA for 2012, 2011, and 2010 Why might focusin.docx
 
1.  Discuss the cultural development of the Japanese and the Jewis.docx
1.  Discuss the cultural development of the Japanese and the Jewis.docx1.  Discuss the cultural development of the Japanese and the Jewis.docx
1.  Discuss the cultural development of the Japanese and the Jewis.docx
 
1.  Discuss at least 2  contextual factors(family, peers,  school,.docx
1.  Discuss at least 2  contextual factors(family, peers,  school,.docx1.  Discuss at least 2  contextual factors(family, peers,  school,.docx
1.  Discuss at least 2  contextual factors(family, peers,  school,.docx
 
1.Write at least 500 words in APA format discussing how to use senti.docx
1.Write at least 500 words in APA format discussing how to use senti.docx1.Write at least 500 words in APA format discussing how to use senti.docx
1.Write at least 500 words in APA format discussing how to use senti.docx
 
1.The following clause was added to the Food and Drug Actthe S.docx
1.The following clause was added to the Food and Drug Actthe S.docx1.The following clause was added to the Food and Drug Actthe S.docx
1.The following clause was added to the Food and Drug Actthe S.docx
 
1.What are social determinants of health  Explain how social determ.docx
1.What are social determinants of health  Explain how social determ.docx1.What are social determinants of health  Explain how social determ.docx
1.What are social determinants of health  Explain how social determ.docx
 
1.This week, we’ve been introduced to the humanities and have ta.docx
1.This week, we’ve been introduced to the humanities and have ta.docx1.This week, we’ve been introduced to the humanities and have ta.docx
1.This week, we’ve been introduced to the humanities and have ta.docx
 
1.What are barriers to listening2.Communicators identif.docx
1.What are barriers to listening2.Communicators identif.docx1.What are barriers to listening2.Communicators identif.docx
1.What are barriers to listening2.Communicators identif.docx
 
1.Timeline description and details There are multiple way.docx
1.Timeline description and details There are multiple way.docx1.Timeline description and details There are multiple way.docx
1.Timeline description and details There are multiple way.docx
 
1.The PresidentArticle II of the Constitution establishe.docx
1.The PresidentArticle II of the Constitution establishe.docx1.The PresidentArticle II of the Constitution establishe.docx
1.The PresidentArticle II of the Constitution establishe.docx
 
1.What other potential root causes might influence patient fal.docx
1.What other potential root causes might influence patient fal.docx1.What other potential root causes might influence patient fal.docx
1.What other potential root causes might influence patient fal.docx
 

Recently uploaded

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 

Recently uploaded (20)

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 

Managing Risk in Information SystemsLesson 6Business Imp.docx

  • 1. Managing Risk in Information Systems Lesson 6 Business Impact Analysis and Continuity Planning © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objectives Perform a business impact analysis. Create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization. Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts Purpose of BIA Critical success factors of BIA Steps involved in implementing a BIA
  • 2. BIA best practices Comparing a BCP and a DRP Major elements of BCP Phases of a BCP Steps for implementing a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Chapter 13 Slides Chapter 13: “Mitigating Risk with a Business Continuity Plan” Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Business Continuity Plan? A plan designed to help an organization continue to operate during and after a disruption BIA is included as part of a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
  • 3. All rights reserved. What Is a Business Continuity Plan? BIA key objectives that directly support the BCP: Identify critical business functions (CBFs) Identify critical processes supporting the CBFs Identify critical IT services supporting the CBFs, including any dependencies Determine acceptable downtimes for CBFs, processes, and IT service Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Elements of a BCP Purpose and scope Assumptions and planning principles System description and architecture Responsibilities Phases Plan training, testing, and exercises Plan maintenance Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved.
  • 4. System Description and Architecture Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Description and Architecture Show system interaction Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. BCP Roles and Responsibilities BCP program manager BCP coordinator BCP teams Emergency Management Team (EMT) Damage Assessment Team (DAT) Technical Recovery Team (TRT) Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
  • 5. www.jblearning.com All rights reserved. Phases within a BCP Plan Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Notification/activation phase Recovery phase Reconstitution phase Defining Data that Needs to Be Protected Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The BCP should list all the critical components for the system. There are two reasons for including this data: First, it makes it clear which components are needed for the critical business functions (CBF). Second, it provides a list that you can use to restore the system from scratch.
  • 6. This list includes any equipment, such as servers, switches, and routers. The servers may need to be rebuilt from scratch. Therefore, the BCP should list the operating system and any applications needed to support the system. If an image is used to rebuild servers, it will list the version number. Data can include a database hosted on the system. It can also include any type of files, such as documents or spreadsheets. Last, the list can include any needed supplies: This can be simple office supplies, such as printer paper and toner. For some systems, it can include technical supplies, such as special oils for machinery or tools needed for maintenance. 12 Identify all critical components for the system Identify all equipment ~ servers, switches, routers
  • 7. Include databases hosted on the system Include files ~ documents or spreadsheets Include necessary supplies BCP Best Practices Complete the BIA early Exercise caution when returning functionality from alternate locations Restore least critical functions first Review and update the BCP Test all individual pieces of the plan Conduct test exercises of the plan Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Complete the BIA early—Ensure the BIA is done early in the process for the BCP. Without the BIA, you won’t know what systems are critical. Exercise caution when returning functionality from alternate locations—When restoring functionality from an alternate location to the primary location, consider these best practices:
  • 8. Restore least critical functions first to the primary location— This allows you to get the bugs out of the process without affecting critical functions. Review and update the BCP regularly—The BCP coordinator should review and update the BCP at least annually. If critical systems are changed or modified between annual reviews, the BCP should be reviewed when those changes or modifications occur. Test all the individual pieces of the plan—This includes basic procedures, such as recalls. Exercise the plan—Verify the plan works by performing test exercises. These exercises should not affect normal operations. 13 Summary Purpose of BIA Critical success factors of BIA Steps involved in implementing a BIA BIA best practices Comparing a BCP and a DRP Major elements of BCP Phases of a BCP Steps for implementing a BCP Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. OPTIONAL SLIDES Page ‹#›
  • 9. Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 7/15/2018 15 Chapter 13 Optional Slides Chapter 13: “Mitigating Risk with a Business Continuity Plan” Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Business Continuity vs. Disaster Recovery Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. BCP Covers all functional areas of a business, it ensures the entire business can continue to operate in the event of a disruption.
  • 10. Includes a BIA, and also address other non-technical elements of the event. Focused on getting the overall business functions back to normal. DRP Is a function of the IT department, Includes the elements necessary to recover from a disaster, once one is declared. Involves copying the critical data to media or online and then, if required, moving the IT operations off site to recover, if required. Focused on restoring and recovering IT functions. 17 BCP Covers all functional areas of business Includes a business impact analysis (BIA) Focused on business function recovery DRP Function of the IT department
  • 11. Focused on IT function recovery Recovery from a declared disaster Steps for Implementing a BCP Create BCP scope statements Conduct business impact analysis (BIA) Identify countermeasures and controls Develop individual disaster recovery plans (DRPs) Implement training Test and exercise plans Maintain and update plans Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Why Use a Business Continuity Plan? What happens if electrical power is lost? What happens if servers go down? What are the critical business functions to maintain? What must remain intact to conduct business? What is the risk of being without a BCP? Page ‹#› Managing Risk in Information Systems © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company