...Business Continuity Planning – Proactive and Reactive Business Continuity is managing and establishing plans that will help the organization to stand up again on its feet to continue its business. As we had learned in the class Business Continuity is the process of ensuring continuance of a business if a disruption occurs. This planning is like an immunological fort and a preventive shield which means a focus on the prevention of unplanned events, rather than just the cure. This has meant that disaster recovery has now become a subset of the whole process that covers the whole lifecycle of disaster prevention and recovery. Nowadays we need business continuity planning more than before. Within few years most news headlines capture many kind of catastrophes suck as bombs, fires, floods, and tornadoes. Most of time these catastrophes are not predictable such as the events of 9/11 that had affect many organizations not just the World Trade Center. So when I have a good complete preventive plan I can make sure of the continuity of the business after a disaster recovery. In a recent research it has mentioned on average 20 % of all organizations will experience some form of unplanned event once every five years but there is still the need to think about how to cope with the more mundane events, such as power cuts or transport problems. When a crisis or a disaster occur the first thing that often will be affected is the effective communication and the internet. Therefore it...
Words: 786 - Pages: 4
...– aSSESSmENt WORKSHEEt Perform Business Continuity Implementation Planning Course Name and Number: Student Name: Instructor Name: lab due date: 6 Perform Business Continuity Implementation Planning Overview In this lab, you were asked to begin the business continuity planning process for an e-commerce company, Online Goodies. You reviewed the key business functions and a prioritized list of impacted IT systems, applications, and data provided by your supervisor. You also compared the components of the major documentation required by the business continuity planning process: risk analysis, business impact analysis, business continuity plan, disaster recovery plan, and the business continuity implementation plan. Lab Assessment Questions & Answers 1. What is the difference between a risk analysis (RA) and a business impact analysis (BIA)? Risk analysis is often identifying the potential threats and the associated vulnerabilities to the organizations .Risk analysis doesn’t view the organization from the mission critical Business Process point of view. BIA the organization from the impact that is going to occur for an organization if the critical business processes are interrupted or tampered 2. What is the difference between a disaster recovery plan (DRP) and a business continuity plan (BCP)? Disaster recovery plan is have a full access to recover any lost data or essentials after a disaster while the business continuity is having what ever bare bones essentials...
Words: 681 - Pages: 3
...The Cost of Business Continuity Planning Versus the Potential of Risk Though the cost of mitigating risk can be high, the lack of proper business continuity planning and disaster recovery planning will leave a company is at risk of a catastrophic loss of revenue due to the loss of the Information Systems. Any company that relies on its Information Systems for their operations should invest the time and revenue in developing an efficient and effective Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP). This study will compare the differences in what a Business Continuity Plan is used for and what a Disaster Recovery Plan is used for. Additionally, it will evaluate the risk having a Business Continuity Plan and Disaster Recovery Plan versus accepting the potential loss of revenue and business in the event of a disaster. It is important to any company that uses it Information Systems to generate revenue. If a company is effected by a disaster, the longer a company takes to respond to the emergency and recover its resources, the more time it will take the company to get back to normal operations (Harris, 2013, p. 887). As history has shown, our world has and will continue to experience many destructive events such as, floods, earthquakes, terrorism, hurricanes, and many other catastrophic events that could cripple a company that is not prepared. Disasters are uncontrollable and over time, every organization will have to deal with the fallout of a disaster. Three...
Words: 2924 - Pages: 12
...Richman Investments Business Continuity Plan Implementation Planning By Quentin Ward Introduction Richman Investments is emerging as one of the top e-commerce businesses. In order to better protect our great company I have created a BCP or Business Continuity Plan to be able to offset any problems that may arise and threaten our company’s functions and activities. Included in this BCP will be a BIA (Business Impact Analysis) and a RA (Risk Analysis). Overview 1.1 Policy Statement It is the policy of Richman Investments to always have a Business Continuity Plan in place for all non-critical and critical functions. To ensure that the BCP is implemented each department manager is asked to see to it that the plan is carried through. 1.2 Introduction This is a Business Continuity Plan for Richman Investments located at 834 Harrison Lane Beverley Hills, CA 90210. It has been developed in compliance with the National Fire Protection Association (NFPA) Standard 1600. This plan was created in order to aid Richman Investments in any type of recovery effort needed. Employees should read and adhere in conjunction to the Business Continuity Plan to ensure their safety and the company’s well being. 1.3 Confidentiality Statement This document is classified as confidential property of Richman Investments. The sensitivity of the information contained in this document is only intended for the viewing and use of Richman Investment employees. Unauthorized use...
Words: 794 - Pages: 4
...CIS 462 WK 8 ASSIGNMENT 2 BUSINESS IMPACT ANALYSIS To purchase this visit here: http://www.activitymode.com/product/cis-462-wk-8-assignment-2-business-impact-analysis/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 462 WK 8 ASSIGNMENT 2 BUSINESS IMPACT ANALYSIS CIS 462 WK 8 Assignment 2 - Business Impact Analysis In order for an organization to develop an effective business continuity plan or disaster recovery plan, it must know what information assets it has, their impact on business operations, and the criticality and priorities associated with the information systems and assets. The primary objective of a business impact analysis (BIA) is to identify the assets that are required for continued business operations in the event of an incident or disaster. Thus, a critical step in the development of an effective BIA includes establishing component priorities and determining component reliance and dependencies. Additionally, organizational personnel must know their responsibilities during recovery efforts. Write a three to five (3-5) page paper in which you: 1. Describe the methods for establishing component priorities, including: a. Business functions and processes b. BIA scenarios and components c. Financial and service impact of components not being available d. Recovery time frameworks 2. Describe the methods for determining component reliance and dependencies, including: a. Component dependencies b. Resources required to recover component in the event of...
Words: 784 - Pages: 4
...restoration of business ops if significant disruptions occur BCP and DRP BIA stands for Business Impact Analysis MTD stands for Maximum Tolerable Downtime first step in building BC program Project initiation and management activites of project initiation and mgmt 1) obtain senior mgmt support 2) define a project scope, the objectives, to be achieved and planning assumptions 3) estimate the project resources needed (human and financial) 4) Define a timeline and major deliverables Senior leadership's two major goals 1) Grow the business 2) Protect the brand What are the risk to a corporation for not having BC/DRP? 1) Financial 2) Reputational 3) Regulatory Formula for calculating financial risk P * M = C P: Probability of harm M: Magnitude of harm C: Cost of prevention Prudent man rule exercise the same care in managing the company affairs as in managing one's own affairs 1. Which of the following is considered the most important component of the enterprisewide continuity planning program? c. Executive management support 2. During the threat analysis phase of the continuity planning methodology, which of the following threats should be addressed? a. Physical security b. Environmental security c. Information security d. All of the above d. All of the above 3. The major objective of the business impact assessment process is to: a. Prioritize time-critical business processes b. Determine the most appropriate recovery time objective for business processes c...
Words: 2067 - Pages: 9
...and backups. These are people who fill positions without which your business absolutely cannot function make the list as large as necessary but as small as possible. Consider which job functions are critically necessary, every day. Think about who fills those positions when the primary job-holder is on vacation. Make a list of all those individuals with all contact information including business phone, home phone, cell phone, personal email, and any other possible way of contacting them in an emergency situation where normal communications might be unavailable. If you have critical vendors or contractors, build a special contact list that includes a description of the company and any other absolutely critical information about them including key personnel contact information. Personal computers often contain critical information so make sure they are all on backups. Identify critical documents. Articles of incorporation and other legal papers, utility bills, banking information, building lease papers, tax returns, you need to have everything available that would be necessary to start your business over again. A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potential loss scenarios should be identified during a risk assessment. Identifying and evaluating the impact of disasters on business provides the basis for investment in recovery strategies as well as...
Words: 806 - Pages: 4
...LAB 6 What is the difference between a risk analysis (RA) and a business impact analysis (BIA)? Risk analysis is a technique to identify and assess factors that may jeopardize the success of a project or achieving a goal. Business continuity planning "identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, while maintaining competitive advantage and value system integrity”. In addition to some disagreement among business continuity professionals regarding the BIA and risk assessment definitions and outcomes, disagreement also exists regarding the order of execution: whether it is best to perform the risk assessment before, during, or after the BIA. While many professionals argue that it is best to perform the risk assessment before the BIA to establish the risk landscape in which the organization operates, Evaluation argues the opposite. What is the difference between a Disaster Recovery Plan and a Business Continuity plan? A disaster recovery plan is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. Such plan, ordinarily documented in written form, specifies procedures an organization is to follow in the event of a disaster. Business continuity planning "identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention...
Words: 1291 - Pages: 6
...Business Contingency Plan Disaster assessment and recovery plan is a continuity strategy that is outlined in a detailed process that is designed to assist a company in recovering from an event(s) that disrupts the daily functionality of an enterprise. It should include guidelines and procedures initiated to respond successfully to and recover from disaster scenario(s) that can adversely impact business operations. Plans for this type of situation(s) should be well-constructed and implemented in a step by step process that will enable a company to minimize the effects of a disaster and help the resume essential business functions swiftly and efficiently. This process is called “Business Continuity Planning” and should be in force before a disaster occurs. These steps include the following. 1. Identifying the Risk(s) a. “Business Continuity Planning” is a constant process of identifying risks and the impact they have on the significance of business operations. Creating strategies and procedures for extenuating risks and restoring functions as quickly as possible when a disruptive event occurs are critical deliverables of a BCP. 2. Analyzing the impact of the risk on the business b. Perform a “business impact analysis (BIA)” to evaluate the impact of a potential risk. This analysis will help to ascertain the severity and what effects it will have on how long the business could be sustained without its functionality in place. Additionally, it will determine...
Words: 723 - Pages: 3
...Contrast various Business Continuity & Disaster Recovery Planning models. Information is a vital resource to modern companies. The loss of that information can throw a company into chaos and even be the end of it. For these reasons, businesses go to great lengths to ensure that the information they store and rely on will always be safe and available. Unfortunately despite these best efforts, disaster can still strike and the few hours of days after such an event may be crucial to the long term survival of the company. This is why businesses must be able to recover quickly from natural and man-made disasters. Business Continuity & Disaster Recovery covers how companies should act in the hours and days after a disruptive event. “What is Business Continuity and Disaster Recovery” describes disaster recovery as “...specific steps taken to resume operations in the aftermath of a catastrophic natural disaster or national emergency.” They go to give examples of such steps to include restoring servers and data connections, egress, employee muster, etc. Business Continuity is described as a the steps a company takes to ensure its information systems don't go down during a disaster (What is Business Continuity and Disaster Recovery). This may include the location of hot or cold sites as well as procedures for relocating to them. Disaster Recovery plans may also focus on preventive measures such as smoke alarms and fire drills (Smith, C., n.d.). Business recovery plans may cover loans...
Words: 399 - Pages: 2
...create a simple set of contingency plans using business impact analysis and prepare and execute a test of contingency plans. Chapter Objectives When you complete this chapter, you will be able to: • Understand the need for contingency planning • Know the major components of contingency planning • Create a simple set of contingency plans, using business impact analysis • Prepare and execute a test of contingency plans • Understand the unified contingency plan approach Introduction This chapter focuses on planning for the unexpected event, when the use of technology is disrupted and business operations come close to a standstill. “Procedures are required that will permit the organization to continue essential functions if information technology support is interrupted.” On average, over 40% of businesses that don't have a disaster plan go out of business after a major loss. What Is Contingency Planning? The overall planning for unexpected events is called contingency planning (CP). CP is the process by which organizational planners position their organizations to prepare for, detect, react to, and recover from events that threaten the security of information resources and assets, both human and artificial. The main goal of CP is the restoration to normal modes of operation with minimum cost and disruption to normal business activities after an unexpected event. CP Components Incident response plan (IRP) focuses on immediate response...
Words: 3573 - Pages: 15
...Business Continuity Planning There are a few different definitions of Business Continuity Planning. Business Continuity refers to the activities required to keep your organization running during a period of displacement or interruption of normal operation. Business continuity plan is a collection of procedures and information which is developed, compiled and maintained in readiness for use in the event of an emergency or disaster. Whatever the definition, every business needs to have a continuity plan in case something happens to their data and information. A business continuity plan is different to a Disaster Recovery plan in that a disaster recovery plan is enacted after the disaster has happened. “A typical Business continuity plan includes: * Plans, measures and arrangements to ensure the continuous delivery of critical services and products, which permits the organization to recover its facility, data and assets. * Identification of necessary resources to support business continuity, including personnel, information, equipment, financial allocations, legal counsel, infrastructure protection and accommodations.”1 Business continuity planning needs to cover the company during a disruption in service from a disaster. The plan should cover all of the following such events: a. Equipment malfunction b. Disruption of power c. Application failure or corruption of the database d. Human error, sabotage or strike e. Malicious software f. Hacking ...
Words: 678 - Pages: 3
...Q1. NAME AND DESCRIBE THREE AUTHENTICATION METHODS. Authentication is defined by Essentials Guide as is the process of determining whether someone or something is, in fact, who or what it is declared to be. Authentication means verifying the identity of someone (a user, device, or an entity) who wants to access data, resources, or applications. Validating that identity establishes a trust relationship for further interactions. Authentication is the first step in access control, and there are three common methods used for authentication: What you have method: – Examples of this method includes keys, badges, ID, pass cards/smart card, tokens. These are physical objects and go towards identifying you by what you physically “own”. A smart card is credit card sized card that has an embedded certificate used to identify the holder. The obvious problem here is that objects can be taken and are not tied or "signed" to any particular person. This makes it easy to loan your verification for temporary uses like valet parking, but objects can be stolen. Keys can be duplicated and IDs can be faked, What you are method: - DNA, fingerprints, voice match, cadence of your typing, your walk, talk, act. Your smell, shoeprints, aura, your retinal scan, your vein patterns. Anything that leaves the impression of YOU, but nothing that can come from someone else. These are things that can be taken from you. They cannot be faked but can be stolen. Secondary level of security, what you are is better...
Words: 1987 - Pages: 8
...Discussion: Business continuity plan Discussion: Business continuity plan A business continuity plan (BCP) is a practice adopted by the university to ensure continuity in their services and business unit processes in cases of disruptions preventing normal procedures from taking place (Latha, 2003). These disruptions may be in the form of threats such as earthquakes, fires or pandemics like the Ebola crisis. The main objectives of the BCP are to maintain, resume and recover all of the activities of the university as a whole unit implementing both the human operational factors (Ken, 2000). All the university departments are involved in the development of the BCP and as a team conduct a risk assessment and business continuity plan (Latha, 2003). In case the university cannot handle an emergency situation using routine measures, the president implements an emergency plan. The university’s incident command section comprises of the safety officer and emergency operations executive who oversee the emergency operations. The planning section coordinates responsibilities of planning and intelligence while the finance section keeps a record of all purchases and report making. The university business impact analysis (BIA) analyzes the critical functions that affect the health and safety of university staff and students. It also analyzes the critical functions that influence the continuity of the university. The functions of the BIA are prioritized and respective downtime estimated...
Words: 483 - Pages: 2
...ISS 310 Mr. Behboodi CCSD Business continuity Plan Assignment 2 03/22/2016 The business continuity planning (BCP) is the creation of a strategy through the recognition of threats and risks facing a company, with an eye to ensure that personnel and assets are protected and able to function in the event of a disaster. When business is disrupted, it can cost money. Lost revenues plus extra expenses means reduced profits. Insurance does not cover all costs and cannot replace customers that defect to the competition. This strategy can be comprised of a basic 4 part setup with an array of sub categories within these guidelines. The type of business that I will be making a mock example for would be an IT business. This paper will also explain the composition of the 4 parts of a BCP. The battle plan. Consisting of 4 parts, Business impact analysis, plan development and testing and Exercises. Part 1 the business continuity impact analysis picks up on the problems resulting from negative effects of a normal business function and processes. This makes it easier to fix and rectify the problem down the road. Also conducting a workshop to instruct business function and process mangers how to complete the business impact analysis. Once finishing a basic training for management level employees, conduct follow up...
Words: 527 - Pages: 3
