Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.
-
Upload
leslie-carter -
Category
Documents
-
view
218 -
download
0
Transcript of Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.
![Page 1: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/1.jpg)
Business Continuity Planning and Disaster Recovery Planning
Ref. CISSP exam guideW.lilakiatsakun
![Page 2: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/2.jpg)
Business Continuity Planning and Disaster Recovery Planning (1)
• DRP is the process of regaining access to the data, hardware and software necessary to resume critical business operations after a natural or human-induced disaster.
• DRP is part of a larger process known as business continuity planning (BCP).
• Disaster recovery is the process by which you resume business after a disruptive event.
![Page 3: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/3.jpg)
Business Continuity Planning and Disaster Recovery Planning (2)
• The event might be – something huge-like an earthquake or the terroris
t attacks on the World Trade Center– something small, like malfunctioning software cau
sed by a computer virus.
• Many business executives are prone to ignoring "disaster recovery" because disaster seems an unlikely event.
![Page 4: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/4.jpg)
Business Continuity Planning and Disaster Recovery Planning (3)
• All BC/DR plans need to encompass – How employees will communicate– Where they will go – How they will keep doing their jobs.
• The details can vary greatly, depending on the size and scope of a company and the way it does business.
![Page 5: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/5.jpg)
Events that necessitate disaster recovery
• Natural disasters • Fire • Power failure • Terrorist attacks • Organized or deliberate disruptions • Theft • System and/or equipment failures • Human error • Computer viruses • Testing
![Page 6: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/6.jpg)
Business Continuity Steps (1)
1 Develop the continuity planning policy statement - Write a policy that provides the guidance necessary to develop a BCP and assigns authority to the necessary roles to carry out these tasks
2 Conduct the business impact analysis (BIA) - Identify critical functions and systems and allow the organization to prioritize them on necessity. -Identify vulnerabilities, threats and calculate risks- Calculate MTD (Maximum Tolerable Downtime) for resources
![Page 7: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/7.jpg)
Business Continuity Steps (2)
3 Identify preventive controls– Identify and implement controls and
countermeasures to reduce the organization’s risk level in an economical manner
4 Develop recovery strategies– Formulate methods to ensure that systems and
critical function can be brought online quickly
![Page 8: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/8.jpg)
Business Continuity Steps (3)
5 Develop the contingency plan– Write procedure and guidelines for how the
organization can still stay functional in a cripple state6 Test the plan and conduct training and exercise– Test the plan to identify deficiencies in the BCP and
conduct training to properly prepare individuals on their expected task
7 Maintain plan – Put in place steps to ensure the BCP is a living
document that is upgraded regularly
![Page 9: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/9.jpg)
Initiation (1)
• Identified a business continuity coordinator (leader for the BCP team)
• Setup a BCP committee might consist of representative from– Business units– Senior management– IT department– Security department– Communications department– Legal department
![Page 10: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/10.jpg)
Initiation (2)
• At this phase, the team works with management to develop the continuity planning policy statement– Layout the scope of the BCP project– Team member roles– Goal of the project
![Page 11: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/11.jpg)
BCP Requirement
• The major requirement is management support
• Work best in a top-down approach– Management should be driving the project
• It is important that management set the overall goals of continuity planning – It should help set priorities of what should be
dealt first
![Page 12: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/12.jpg)
Business Impact Analysis (1)
• The BCP committee must identify the threats to the company and map them to the following characteristics– Maximum tolerable downtime– Operational disruption and productivity– Financial consideration– Regulatory responsibilities– Reputation
![Page 13: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/13.jpg)
Business Impact Analysis (2)
• Data would gather from interviewing, surveying, workshops and etc
• Threat can be manmade, natural or technical• The committee needs to step through scenarios
that could produce the following results– Equipment malfunction– Unavailable utilities (Power, Communication)– Software or data corruption
![Page 14: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/14.jpg)
Business Impact Analysis (3)
• Loss criteria must applied to the individual threats – Loss in reputation and public confidence– Loss of competitive advantages– Increase in operational expenses– Violations of contract agreement– Violations of legal and regulatory requirement– Delays income costs– Loss in revenue– Loss in productivity
![Page 15: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/15.jpg)
Business Impact Analysis (4)
• Example of Maximum Tolerable Downtime (MTD)– Nonessential 30 days– Normal 7 days– Important 72 hours– Urgent 24 hours– Critical Minute to hours
![Page 16: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/16.jpg)
Business Impact Analysis (5)
• Interdependencies– Business function might depend on the other functions
• BCP team should carried out these tasks– Define essential business function and support departments– Identifies interdependencies – Discover all possible disruption that could affect the
mechanism– Identify and document potential threats– Gather quantitative and qualification information pertaining
to those threat– Provide alternative methods for restoring– Provide a brief statement of rationale for each threat and
corresponding information
![Page 17: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/17.jpg)
BIA Steps (1)
• 1 Select individuals to interview for data gathering
• 2 Create data-gathering techniques (surveys, questionnaires, qualitative and quantitative approaches)
• 3 Identify the company ‘s critical business function
• 4 Identify the resources that these functions depend upon
![Page 18: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/18.jpg)
BIA Steps (2)
• 5 Calculate how long these functions can survive without these resources
• 6 Identify vulnerabilities and threats to these function
• 7 Calculate risk for each different business function
• 8 Document findings and report them to management
![Page 19: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/19.jpg)
Preventive Controls
• Reduce impact and mitigate risks• Example of preventive measures– Redundant servers and communication links– Power lines coming in through different
transformers– UPS and generators– Data backup– Fire detection
![Page 20: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/20.jpg)
Recovery strategies• Business process recovery– Business process is back to work
• Facility recovery– Cold site/ Warm site/ Hot site
• Supply and technology recovery– Network /computer /human resources
• User environment recovery– Most critical department gets back first
• Data recovery– Data Back up
![Page 21: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/21.jpg)
Developing the BCP (1)
• Define goals of the plan and goals must contain certain key information such as– Responsibility
• Each individual should have their responsibilities spell out in writing to ensure a clear understanding in a chaotic situation
– Authority• In time of crisis, it is important to know who is in charge• Clear cut authority will aid in reducing confusion and
increase coorperation
![Page 22: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/22.jpg)
Developing the BCP (2)
– Priorities• It is necessary to know which department come online
first which second and so on• Along with the priorities of department, the priorities
of systems, information and program must be established
– Implement and testing
![Page 23: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/23.jpg)
Developing the BCP (3)
• Documenting the following– Procedures – Recovery solutions– Roles and tasks – Emergency response
![Page 24: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/24.jpg)
Testing plan (1)
• Checklist test– Forget anything ?
• Structured walk-through test– Discussion by representatives
• Simulation test– Ensure that specific steps were not left out and
certain threats were not overlooked– Raise awareness of people involved
![Page 25: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/25.jpg)
Testing plan (2)
• Parallel test– Ensure that the specific systems can actually
perform adequately at the alternate off site facility
• Full interruption test– Ensure that everything will be recovered as
planned– It can reveal many holes that need to be fixed
![Page 26: Business Continuity Planning and Disaster Recovery Planning Ref. CISSP exam guide W.lilakiatsakun.](https://reader036.fdocuments.us/reader036/viewer/2022062313/56649cf05503460f949be92b/html5/thumbnails/26.jpg)
Maintaining the plan• Organization can keep the plan updated by taking
the following actions– Make business continuity a part of business decision– Insert the maintenance responsibilities into job
descriptions – Include maintenance in personnel evaluation– Perform internal audits that include disaster recovery
and continuity documentation and procedures– Perform regular drills that use the plan– Integrate BCP into the current change management
process