Business Continuity & Disaster Recovery Planning Flashcards
2 categories for distaster ?
- Natural
* Man-Made
How does disaster affect Business ?
Damage to Property (the building)
Damage to business records (paper,electronic)
Damage to business equipment (computers, copiers)
Damage to communications (telephone, wireless)
Damage to Public Ulilities (power,water,gas)
Damage to transportation systems (bus,train)
Injuries and loss of life
Indirect Damage - Suppliers and customers
What is the Goal of BCP ?
Business Continuity Planning deals with keeping business operations running — perhaps in another location or by using different tools and processes — after a disaster has struck.
What is the Goal of DRP ?
Disaster Recovery Planning deals with restoring normal business operations after the disaster takes place.
Speed of recovery is directly proportional to cost.
BCP / DRP Commonalities ?
- Identification of critical business functions (done via an assessment)
- Identification of possible disaster scenarios (disaster scenarios identified and ranked by probability.
- Experts (critical business process)
BCP
This concentrates on continuing / keeping business operations running.
DRP
This concentrates on restoring / recovering the original business function.
What is COOP ?
Continuity of Operations - a blending of BCP and DRP into a single mission statement - keeping the organisation running after a disaster.
BCP - Success ?
Areas of Concern:
Success of the BCP depends on scope definition.
Business Process (muddy waters)
Technology (muddy waters)
geographical dispersement (adds difficulty)
Politics (departments lobby claim criticality)
What is scope creep ?
When a project’s scope grows beyond the original intent.
What is scope lean ?
When a project’s scope changes and ‘leans’ in a certain direction.
The project team needs to find a balance between too narrow a scope, which makes the plan ineffective, and too wide a scope, which makes the plan too cumbersome.
What is the BIA ?
Business Impact Analysis (BIA)
- describes the impact a disaster will have on Business Operations.
- should include qualatative and quantative impacts.
- quantative - Mostly finance.
- qualatative - delivery of goods and services.
BIA Tasks:
- Perform a Vulnerability Assessment
- Carry out a Criticality Assessment
- Determine the Maximum Tolerable Downtime
- Establish recovery targets
- Determine resource requirements
What is a vulnerability assessment ? (BIA)
- assesses weaknesses in business critical systems.
- identifies critical support areas which are business functions.
- quantative - Mostly finance.
- qualatative - delivery of goods and services.
Quantitative Losses ? (Vuln Assess, BIA)
- Loss of revenue
- Loss of operating capital
- Loss because of personal liabilities
- Increase in expenses
- Penalties because of violations of business contracts
- Violations of laws and regulations
Qualitative Losses ? (Vuln Assess, BIA)
- Service quality
- Competitive advantages
- Customer satisfaction
- Market share
- Prestige and reputation