Business continuity plan ppt

Related slideshares at hed on apr 29, you sure you want message goes the first to ss continuity

  • continuity strategy
  • business impact
  • incident response
  • disaster recovery
  • business continuity
. Strategy
  • contingency planning
  • incident response planning
  • disaster recovery planning
  • business continuity planning
. Planning
  • contingency planning consists of:
    • incident response plan
    • disaster recovery plan
    • business continuity plan
  • incident response involves:
    • notification of key people
    • documenting the incident
    • contain the damage due to the incident
.

Planning gency planning gency planning

  • primary goal is to restore all systems to pre-failure level
  • cp requires support of:
    • upper level management
    • it people
    • security people
. Impact analysis
  • bia is the first step in cp
  • takes off from where risk assessment ended
  • main steps in bia are:
    • threat attack identification
    • business unit analysis
    • attack success scenarios
    • potential damage assessment
    • subordinate plan classification
. Impact analysis
  • business unit analysis includes:
    • prioritization of business functions
    • identify critical business units
  • attack success scenario includes:
    • known methods of attack
    • indicators of attack
    • broad consequences
.

Impact analysis

  • potential damage assessment includes:
    • actions needed immediately to recover from the attack
    • personnel who will do the restoration
    • cost estimates for management use
  • subordinate plan classification includes:
    • classification of attack as disastrous or non-disastrous
    • disastrous attacks require disaster recovery plan
    • non-disastrous attacks require incident response plan
    • most attacks are non-disastrous, e. Impact analysis nt response plan
      • responsible people aware of ir plan details
      • periodic testing of ir plan as a desktop exercise
      • goals to remember (richard marcinko):
        • more sweat in training means less bleeding in combat
        • preparation hurts
        • lead from the front and not the rear
        • keep it simple
        • never assume
        • you get paid for results not your methods
      . Response plan
      • incidents are usually detected from complaints to help desk
      • security administrators may receive alarms based on:
        • unfamiliar files
        • unknown processes
        • unusual resource consumption
        • activities at unexpected times
        • use of dormant accounts
      .

      Response plan

      • additional incidence indicators:
        • ids system detects unusual activity
        • presence of hacker tools such as sniffers and keystroke loggers
        • partners detect an attack from the organization system
        • hacker taunts
      • how to classify an incident as a disaster? Response plan
        • incident reaction involves
          • notifying proper personnel
            • involves notifying people on the alert roster
            • notification could be accomplished using a predefined tree structure
            • notification is pre-scripted to activate relevant portions of the incident response plan
          • designated personnel start documenting the incident
        . Response plan
          • activate incident containment strategies such as:
            • take system offline
            • disable compromised accounts
            • reconfigure firewall as needed
            • shut down specific applications such as email or database
            • might necessitate shutting down the system completely
        .

        Response plan

        • post-incident actions
          • preserve evidence
          • activate recovery procedures
          • assess damage
        . Recovery planning
        • prioritize recovery of components
        • crisis management
        • activate recovery from backup data
        . Continuity
        • service level agreements
        • software escrow
        • iso 17799 addresses business continuity management
        • cold / warm / hot site
        • farm (functional area recovery management) specifies plans for operational area recovery
        . Essential training: course - linkedin oint: using photos and video effectively for great course - linkedin ng management systems (lms) quick course - linkedin able use policy - ctap a to z guide to business continuity and disaster management ppt awards provisional risk management accreditation management in times of financial management 2. Designing better course - linkedin ng online course - linkedin ng techniques: creating multimedia course - linkedin able use policy - ctap a to z guide to business continuity and disaster management ppt awards provisional risk management accreditation management in times of financial management 2.

        Techniques: classroom course - linkedin oint 2016: course - linkedin ng techniques: creating effective learning course - linkedin able use policy - ctap a to z guide to business continuity and disaster management ppt awards provisional risk management accreditation management in times of financial management 2.