business continuity planning
TRANSCRIPT
![Page 1: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/1.jpg)
LTU CISP Security 1
Business Continuity Planning
The Problem - Reasons for Business Continuity Planning - BCP
Principles of BCP Doing BCP
The stepsWhat is includedThe stages of an incident
![Page 2: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/2.jpg)
LTU CISP Security 2
Definitions
A contingency plan is:“A plan for emergency response, backup operations,
and post-disaster recovery maintained by an activity as a part of its security program that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation…”
(National Computer Security Center 1988)
1997-98 survey >35% of companies have no plans
![Page 3: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/3.jpg)
LTU CISP Security 3
Definitions of BCP
Disaster Recovery Business Continuity Planning End-user Recovery Planning Contingency Planning Emergency Response Crisis Management
The goal is to assist the organization/business to continue functioning even though normal operations are disrupted
Includes steps to take Before a disruption During a disruption After a disruption
![Page 4: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/4.jpg)
LTU CISP Security 4
Reasons for BCP
It is better to plan activities ahead of time rather than to react when the time comes“Proactive” rather than “Reactive”Take the correct actions when neededAllow for experienced personnel to be absent
![Page 5: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/5.jpg)
LTU CISP Security 5
Reasons for BCP
It is better to plan activities ahead of time rather than to react when the time comes“Proactive” rather than “Reactive”
Maintain business operations Keep the money coming in Short and long term loss of business Have necessary materials, equipment, information on hand Saves time, mistakes, stress and $$ Planning can take up to 3 years
![Page 6: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/6.jpg)
LTU CISP Security 6
Reasons for BCP
It is better to plan activities ahead of time rather than to react when the time comes“Proactive” rather than “Reactive”
Maintain business operations Keep the money coming in Short and long term loss of business
Effect on customersPublic imageLoss of life
![Page 7: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/7.jpg)
LTU CISP Security 7
Reasons for BCP
It is better to plan activities ahead of time rather than to react when the time comes“Proactive” rather than “Reactive”
Maintain business operations Keep the money coming in Short and long term loss of business
Effect on customers Legal requirements
‘77 Foreign Corrupt Practices Act/protection of stockholders Management criminally liable
![Page 8: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/8.jpg)
LTU CISP Security 8
Reasons for BCP
It is better to plan activities ahead of time rather than to react when the time comes
“Proactive” rather than “Reactive”
Maintain business operations Keep the money coming in Short and long term loss of business
Effect on customers Legal requirements
‘77 Foreign Corrupt Practices Act/protection of stockholders Federal Financial Institutions Examination Council (FFIEC) FCPA SAS30 Audit Standards Defense Investigative Service Legal and Regulatory sanctions, civil suits
![Page 9: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/9.jpg)
LTU CISP Security 9
Definitions
Due Careminimum and customary practice of
responsible protection of assets that reflects a community or societal norm
Due Diligenceprudent management and execution of due
care
![Page 10: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/10.jpg)
LTU CISP Security 10
The Problem
Utility failures Intruders Fire/Smoke Water Natural disasters (earthquakes, snow/hail/ice, lightning,
hurricanes) Heat/Humidity Electromagnetic emanations Hostile activity Technology failure
![Page 11: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/11.jpg)
LTU CISP Security 11
Recent Disasters
Bombings ‘92 London financial district ‘93 World Trade Center, NY ‘93 London financial district ‘95 Oklahoma City ’01 World Trade Center, NY (9/11)
Earthquakes ‘89 San Francisco ‘94 Los Angeles ‘95 Kobe, JP
Fires ‘95 Malden Mills, Lawrence, MA ‘96 Credit Lyonnais, FR ‘97 Iron Mountain Record Center, Brunswick, NJ
![Page 12: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/12.jpg)
LTU CISP Security 12
Recent Disasters
Power ‘92 AT&T ‘96 Orrville, OH ‘99 East coast heat/drought brownouts
Floods ‘97 Midwest floods
Storms ‘92 Hurricane Andrew ‘93 Northeast Blizzard ‘96 Hurricanes Bertha, Fran ‘98 Florida tornados
Hardware/Software Year 2000
![Page 13: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/13.jpg)
LTU CISP Security 13
The Problem
Utility failures Intruders Fire/Smoke Water Natural disasters (earthquakes, snow/hail/ice, lightning, hurricanes) Heat/Humidity Electromagnetic emanations Hostile activity Technology failure
Failure to keep operatingFortune 1000 study Average loss $78K, up to $500K 65% failing over 1 week never reopen Loss of market share common
![Page 14: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/14.jpg)
LTU CISP Security 14
Threats
From Data Pro reportsErrors & omissions 50%Fire, water, electrical 25%Dishonest employees 10%Disgruntled employees 10%Outsider threats 5%
![Page 15: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/15.jpg)
LTU CISP Security 15
The Controls
Least Privilege Information security
Redundancy Backed up dataAlternate equipmentAlternate communicationsAlternate facilitiesAlternate personnelAlternate procedures
![Page 16: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/16.jpg)
LTU CISP Security 16
The Steps in a BCP - Initiation
Project initiation Business case to obtain support Sell the need for DRP (price vs benefit) Build and maintain awareness On-going testing & maintenance Top down approach Executive commitment and support MOST CRITICAL Project planning, staffing
Local support/responsibility
![Page 17: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/17.jpg)
LTU CISP Security 17
The Steps in a BCP - 1
Impact Assessment (Impact Analysis/Vulnerability Assessment/Current State Assessment/Risk Assessment )Purpose Identify risks Identify business requirements for continuity Quantify impact of potential threats Balance impact and countermeasure cost Establish recovery priorities
![Page 18: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/18.jpg)
LTU CISP Security 18
Benefits
Relates security objectives to organization mission Quantifies how much to spend on security measures Provides long term planning guidance
Building design HW configuration SW Internal controls Criteria for contingency plans Security policy Site selection
Protection requirements Significant threats Responsibilities
![Page 19: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/19.jpg)
LTU CISP Security 19
The Steps in a BCP - 1
Risk AssessmentPotential failure scenariosLikelihood of failureCost of failure (loss impact analysis)
Dollar losses Additional operational expenses Violation of contracts, regulatory requirements Loss of competitive advantage, public confidence
Assumed maximum downtime (recovery time frames) Rate of losses Periodic criticality Time-loss curve charts
![Page 20: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/20.jpg)
LTU CISP Security 20
The Steps in a BCP - 1
Risk Assessment/Analysis Potential failure scenarios (risks) Likelihood of failure Cost of failure, quantify impact of threat Assumed maximum downtime Annual Loss Expectancy Worst case assumptions Based on business process model? Or IT model? Identify critical functions and supporting resources Balance impact and countermeasure cost
Key - Potential damage Likelihood
![Page 21: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/21.jpg)
LTU CISP Security 21
Definitions
Threat any event which could have an undesirable impact
Vulnerability absence or weakness of a risk-reducing safeguard, potential to allow
a threat to occur with greater frequency, greater impact, or both Exposure a measure of the magnitude of loss or impact on the value of the
asset
Risk the potential for harm or loss, including the degree of confidence of
the estimate
![Page 22: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/22.jpg)
LTU CISP Security 22
Definitions
Quantitative Risk Analysis quantified estimates of impact, threat frequency, safeguard
effectiveness and cost, and probability Powerful aid to decision making Difficult to do in time and cost
Qualitative Risk Analysis minimally quantified estimates Exposure scale ranking estimates Easier in time and money Less compelling
Risk Analysis is performed as a continuum from fully qualitative to less than fully quantitative
![Page 23: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/23.jpg)
LTU CISP Security 23
Results
Loss impact analysis Recovery time frames
Essential business functions Information systems applications
Recommended recovery priorities & strategies Goals
Understand economic & operational impact Determine recovery time frame (business/DP/Network) Identify most appropriate strategy Cost/justify recovery planning Include BCP in normal decision making process
![Page 24: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/24.jpg)
LTU CISP Security 24
Risk Management Team
Management - Support DP Operations Systems Programming Internal Audit Physical Security Application owners Application programmers
![Page 25: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/25.jpg)
LTU CISP Security 25
Preliminary Security Exam
Asset costs Threat survey
Personnel Physical environment HW/SW Communications Applications Operations Natural disasters Environment Facility Access Data value
![Page 26: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/26.jpg)
LTU CISP Security 26
Preliminary Security Exam
Asset costs Threat survey Existing security measures Management review
![Page 27: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/27.jpg)
LTU CISP Security 27
Threats
Hardware failure Utility failure Natural disasters Loss of key personnel Human errors Neighborhood hazards Tampering Disgruntled employees Emanations Unauthorized access Safety Improper use of technology Repetition of errors Cascading of errors
• Illogical processing• Translation of user needs
(technical requirements)• Inability to control
technology• Equipment failure• Incorrect entry of data• Concentration of data• Inability to react quickly• Inability to substantiate
processing• Concentration of
responsibilities• Erroneous/falsified data• Misuse
![Page 28: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/28.jpg)
LTU CISP Security 28
Threats
Uncontrolled system access Ineffective application security Operations procedural errors Program errors Operating system flaws Communications system failure Utility failure
![Page 29: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/29.jpg)
LTU CISP Security 29
Risk Analysis Steps
1 - Identify essential business functions Dollar losses or added expense Contract/legal/regulatory requirements Competitive advantage/market share Interviews, questionnaires, workshops
2 - Establish recovery plan parameters Prioritize business functions
3 - Gather impact data/Threat analysis Probability of occurrence, source of help Document business functions Define support requirements Document effects of disruption Determine maximum acceptable outage period Create outage scenarios
![Page 30: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/30.jpg)
LTU CISP Security 30
Risk Analysis Steps
4 - Analyze and summarize Estimate potential losses
Destruction/theft of assets Loss of data Theft of information Indirect theft of assets Delayed processing Consider periodicity
Combine potential loss & probability Magnitude of risk is the ALE (Annual Loss
Expectancy) Guide to security measures and how much to spend
![Page 31: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/31.jpg)
LTU CISP Security 31
Results
Significant threats & probabilities Critical tasks & loss potential by
threat Remedial measures
Greatest net reduction in losses Annual cost
![Page 32: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/32.jpg)
LTU CISP Security 32
Information Valuation
Information has cost/value Acquire/develop/maintain Owner/Custodian/User/Adversary
Do a cost/value estimate for Cost/benefit analysis Integrate security in systems Avoid penalties Preserve proprietary information Business continuity
Circumstances effect valuation timing Ethical obligation to use justifiable tools/techniques
![Page 33: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/33.jpg)
LTU CISP Security 33
Conditions of Value
Exclusive possession Utility Cost of creation/recreation Liability Convertibility/negotiability Operational impact Market forces Official value Expert opinion/appraisal Bilateral agreement/contract
![Page 34: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/34.jpg)
LTU CISP Security 34
Scenario
A specific threat (potential event/act) in which assets are subject to loss
Write scenario for each major threat Credibility/functionality review Evaluate current safeguards Finalize/Play out Prepare findings
![Page 35: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/35.jpg)
LTU CISP Security 35
The Steps in a BCP - 2
Strategy Development (Alternative Selection)Management supportTeam structureStrategy selection
Cost effective Workable
![Page 36: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/36.jpg)
LTU CISP Security 36
The Steps in a BCP - 3
Implementation (Plan Development)Specify resources needed for recoveryMake necessary advance arrangementsMitigate exposures
![Page 37: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/37.jpg)
LTU CISP Security 37
The Steps in a BCP - 3
Risk Prevention/Mitigation Security - physical and information (access) Environmental controls Redundancy - Backups/Recoverability
Journaling, Mirroring, Shadowing On-line/near-line/off-line
Insurance Emergency response plans Procedures Training Risk management program
![Page 38: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/38.jpg)
LTU CISP Security 38
The Steps in a BCP - 3
Decision Making Cost effectiveness
Total cost Human intervention requirements
Manual functions are weakest Overrides and defaults
Shutdown capability Default to no access
Design openness Least Privilege
Minimum information Visible safeguards
Entrapment Selected vulnerabilities made attractive
![Page 39: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/39.jpg)
LTU CISP Security 39
The Steps in a BCP - 3
Decision Making Universality Compartmentalization, defense in depth Isolation Completeness Instrumentation Independence of controller and subject Acceptance Sustainability Auditability Accountability Recovery
![Page 40: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/40.jpg)
LTU CISP Security 40
Remedial Measures
Alter environment Erect barriers Improve procedures Early detection Contingency plans Risk assignment (insurance) Agreements Stockpiling Risk acceptance
![Page 41: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/41.jpg)
LTU CISP Security 41
Remedial Measures
Fire Detection, suppression
Water Detection, equipment covers, positioning
Electrical UPS, generators
Environmental Backups
Good housekeeping Backup procedures Emergency response procedures
![Page 42: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/42.jpg)
LTU CISP Security 42
The Steps in a BCP - 3
Plan DevelopmentSpecify resources needed for recoveryTeam-basedRecovery plansMitigation stepsTesting plansPrepared by those who will carry them out
![Page 43: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/43.jpg)
LTU CISP Security 43
Included in a BCP
Off-site storageTrip there - secure? Timely?Physical layout of siteFire protectionClimate controlsSecurity access controlsBackup power
![Page 44: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/44.jpg)
LTU CISP Security 44
Included in a BCP
Off-site storage
Alternate site Reciprocal agreements/Multiple sites/Service bureaus Hot/Warm/Cold(Shell) sites Trip there - secure? Timely? Physical layout of site Fire protection Climate controls Security access controls Backup power Agreements
![Page 45: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/45.jpg)
LTU CISP Security 45
Included in a BCP
Off-site storage Alternate site
Backup processing Compatibility Capacity Journaling - maintaining audit records
Remote journaling - to off-site location Shadowing - remote journaling and delayed mirroring Mirroring - maintaining realtime copy of data Electronic vaulting - bulk transfer of backup files
![Page 46: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/46.jpg)
LTU CISP Security 46
Included in a BCP
Off-site storage Alternate site Backup processing
CommunicationsCompatibilityAccessibilityCapacityAlternatives
![Page 47: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/47.jpg)
LTU CISP Security 47
Included in a BCP
Off-site storage Alternate site Backup processing Communications
Work spaceAccessibilityCapacityEnvironment
![Page 48: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/48.jpg)
LTU CISP Security 48
Included in a BCP
Off-site storage Alternate site Backup processing Communications Work space Office equipment/supplies/documentation Security Critical business processes/Management Testing Vendors - Contact info, agreements Teams - Contact info, transportation Return to normal operations Resources needed
![Page 49: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/49.jpg)
LTU CISP Security 49
Complications
Media/Police/Public Families Fraud Looting/Vandalism Safety/Legal issues Expenses/Approval
![Page 50: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/50.jpg)
LTU CISP Security 50
The Steps in a BCP - Finally
Plan TestingProves feasibility of recovery processVerifies compatibility of backup facilitiesEnsures adequacy of team procedures
Identifies deficiencies in procedures
Trains team membersProvides mechanism for maintaining/updating the
planUpper management comfort
![Page 51: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/51.jpg)
LTU CISP Security 51
The Steps in a BCP - Finally
Plan TestingDesk checks/ChecklistStructured WalkthroughsLife exercises/SimulationsPeriodic off-site recovery tests/ParallelFull interruption drills
![Page 52: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/52.jpg)
LTU CISP Security 52
The Steps in a BCP - Finally
Test Software Hardware Personnel Communications Procurement Procedures Supplies/forms Documentation Transportation Utilities Alternate site processing Security
![Page 53: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/53.jpg)
LTU CISP Security 53
The Steps in a BCP - Finally
Test Purpose (scenario) Objectives/Assumptions Type Timing Schedule Duration Participants
Assignments Constraints Steps
![Page 54: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/54.jpg)
LTU CISP Security 54
The Steps in a BCP - Finally
Alternate Site Test– Activate emergency control center– Notify & mobilize personnel– Notify vendors– Pickup and transport
tapes supplies documentation
– Install (Cold and Warm sites)– IPL– Verify– Run– Shut down/Clean up– Document/Report
![Page 55: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/55.jpg)
LTU CISP Security 55
The Steps in a BCP - Finally
Plan Update and Retest cycle (Plan Maintenance) Critical to maintain validity and usability of plan
Environmental changes HW/SW/FW changes Personnel
Needs to be included in organization plans Job description/expectations Personnel evaluations Audit work plans
![Page 56: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/56.jpg)
LTU CISP Security 56
BCP by Stages
Initiation Current state assessment Develop support processes Training Impact Assessment Alternative selection Recovery Plan development Support services continuity plan development Master plan consolidation Testing strategy development Post transition plan development
![Page 57: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/57.jpg)
LTU CISP Security 57
BCP by Stages
Implementation planning Quick Hits Implementation, testing, maintenance
![Page 58: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/58.jpg)
LTU CISP Security 58
End User Planning
DP is critical to end users Difficult to use manual procedures Recovery is complex Need to plan
manual proceduresrecovery of data/transactionsprocedures for alternate site operationprocedures to return to normal
![Page 59: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/59.jpg)
LTU CISP Security 59
The Real World
DR plans normally involveEssential DP platforms/systems onlyA manual on the shelf written 2-3 years agoLittle or no user involvementNo provision for business processesNo active testingResource lists and contact information that do
not match current realities
![Page 60: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/60.jpg)
LTU CISP Security 60
Stages in an Incident
Disaster interruption affecting user operations
significantly
![Page 61: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/61.jpg)
LTU CISP Security 61
Stages in an Incident
Disaster Initial/Emergency response
Purpose Ensure safety of people Prevent further damage
Activate emergency response team Covers emergency procedures for expected hazards Safety essential Emergency supplies Crisis Management plan - decision making
![Page 62: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/62.jpg)
LTU CISP Security 62
Stages in an Incident
Disaster Initial response Impact assessment
Activate assessment teamDetermine situation
What is affected?
Decide whether to activate plan
![Page 63: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/63.jpg)
LTU CISP Security 63
Stages in an Incident
Disaster Initial response Impact assessment Initial recovery
Initial recovery of key areas at alternate siteDetailed proceduresSalvage/repair - Clean up
![Page 64: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/64.jpg)
LTU CISP Security 64
Stages in an Incident
Disaster Initial response Impact assessment Initial recovery Return to normal/Business resumption
Return to operation at normal site “Emergency” is not over until you are back to normal Requires just as much planning - Parallel operations
![Page 65: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/65.jpg)
LTU CISP Security 65
Special Cases
Y2K Incidents will happen in a particular time
frameAlternate sites won’t helpRedundant equipment won’t helpBackups won’t help Involves automated equipment and services
![Page 66: Business Continuity Planning](https://reader036.vdocument.in/reader036/viewer/2022062704/55572cfad8b42a067f8b4fd6/html5/thumbnails/66.jpg)
LTU CISP Security 66
Final Thoughts
Do you really want to activate a DR/BCP plan?PreventionPlanning