21 jun. 2014

CISSP: BCP and DRP

Business Continuity Plan (BCP):
Business oriented. Long term, strategic.

List of plans
Disaster Recovery Plan
Continuity of Operations Plan
Business Recovery Plan
Continuity of Support Plan
Cyberincident Response Plan
Occupant Emergency Plan
Crisis Management Plan

Threats:
Natural:
Human:
Environmental:


Concepts:
RTO: the amount of time allowed for the recovery of a business function
RPO
WRT

Process:
Respond
Activate team
Communicate
Assess
Reconstitution

Developing:
Project Initiation
Scope the project
Business Impact Analysis
Identify Preventive Controls
Recovery Strategy
Plan Design and Development
Implementation, Training and Testing
BCP/DRP Maintenance

Disaster Recovery Plan (DRP):
IT Focus. Short term, tactical.

Recovery Options:
Redundant Site
Hot Site
Warm Site
Cold Site
Reciprocal Agreement
Mobile Site
Subscription Service

The site should be in a geographic area that is unlikely to be negatively affected by the same disaster event
The site should have the same amount of physical access restrictions as the primary site


Test types:
Checklist
Structured Walk-Througth/Tabletop
Simulation test/walkthrough drill
Parallel test/Parallel processing
Partial and complete (Full-Interrupt) test

No hay comentarios.:

Publicar un comentario