Section 14.129 Continuity of Operations Plan Flashcards
Objective 3.4 Explain the importance of resilience and recovery in security architecture
Continuity of Operations Plan (COOP)
Ensures an organisations ability to recover from disruptive events or disasters
■ Requires detailed planning and forethought
Business Continuity Planning (BC Plan)
Plans and processes for responding to disruptive events
● Addresses a wide range of threats and disruptive incidents
● Involves preventative actions and recovery steps
● Can cover both technical and non-technical disruptions
Disaster Recovery Plan (DRP)
Focuses on plans and processes for disaster response
● Subset of the BC Plan
● Focuses on faster recovery after disasters
● Addresses specific events like hurricanes, fires, or floods
Strategies for Business Continuity
Consider alternative locations for critical infrastructure
■ Distribute staff across multiple geographic regions
■ Use cloud services to maintain operations during disasters
The Role of Senior Management
Senior managers are responsible for developing the BC Plan
■ Goals for BC and DR efforts should be set by senior management
■ Appoint a Business Continuity Coordinator to lead the Business Continuity Committee
Business Continuity Committee
Comprises representatives from various departments (IT, Legal, Security,
Communications, etc)
■ Determines recovery priorities for different events
■ Identifies and prioritizes systems critical for business continuity
Defining Scope
Senior management decides the plan’s scope based on risk appetite and
tolerance
■ Can be broken down by business function or geographical area
■ All components must be coherent and compatible for crisis situations
