Organizational Continuity Planning and Disaster Recovery Planning

Question 1

What do you need to know about disaster recovery planning?

Answer 1

Recovery Point Objective- acceptable data loss recovery time objective (how long are you willing to wait for it to come back up?? (0-24 hours)

Types of recovery approaches:
- Cold site: no computers ($)- Off-site location with electrical and other physical requirements for process. No equipment or files (added when needed). 1-3 days start up. Cheaper.

• Warm site: Computers no data ($$)- Don’t have back-up data but have similar computer hardware. This is more money.
• Hot site: Completely equipped including data. Near-immediate (within hours) operations.
• Mirrored site: Fully redundant, fully staffed, fully equipped. Real-time replication of mission critical systems. Credit card processing. This is changing with cloud computing.

Question 2

What is reciprocal agreement?

Answer 2

Agreement between two or more organizations to aid each other with data processing if disaster strikes.

Question 3

What is organizational continuity planning?

Answer 3

Identifying a plan for disruptions.

Integrate into business culture

Recall risk management less/discussion- integrate OCP into risk management

Question 4

What is BRM, BCP, OCP, BIA?

Answer 4

BRM- Business Risk Management

BCP- Business Continuity Planning 
OCP- Organizational continuity plan
1) Create a OCP policy/program 
2) Determine critical functions 
3) determine continuity strategy 
4) Develop and implement BCM Response 
5) Exercise, maintain, update plan 
6) let it become a part of the culture  

BIA- Business impact analysis (identify maximum tolerable interruption periods of an organization by function and acidity to assess risk importance and consequence.

Question 5

If there is an incident, how do you management that?

Answer 5

Map level of incidents to events to responses

0= negligible event (power strike) 
7= Crisis (pandemic virus) 

Responses mapped to level of incidents