Assignment:
Business Continuity and Disaster Recovery
Disaster Recovery Planning
Similar in structure to the Incident Recovery plan, the Disaster Recovery plan provides detailed guidance in the event of a disaster. The incident response procedure applies to disaster recovery: a clear establishment of priorities and delegation of roles and responsibilities; someone to initiate the alert roster and notify key personnel; someone tasked with the documentation of the disaster; and attempts to mitigate the impact of the disaster on the operations of the organization.
Business Continuity Planning
Using the business continuity plan, the purpose is to reestablish critical business operations during a disaster that impacts operations at the primary site. Incident response plans and disaster recovery plans address the possibility of finding temporary facilities to support the continued viability of the business. The business continuity plan provides a continuity strategy for integration of off-site data storage and recovery functions into this strategy. The selected strategy usually involves some form of off-site facility, which should be inspected, configured, secured, and tested on a periodic basis.
There are different strategies that an organization can use when planning for business continuity. In general, there are hot sites, warm sites, and cold sites. Off-site disaster data storage can include electronic vaulting (transfer of large batches of data to an off-site facility), remote journaling (transfer of live transactions to an off-site facility), and database shadowing (not only real-time data storage, but also duplicates the databases at the remote site to multiple servers).
SLP Assignment Expectations
Write a 3 to 5 page paper titled:
"Business Continuity and Disaster Recovery for ______ (your chosen information system security domain in your chosen organization/industry): Challenges and Solutions"
Address the following issues:
• Special requirements of business continuity planning and disaster recovery in your chosen information system security domain in your chosen organization/industry.
• Two or three major perspectives of business continuity and disaster recovery that you selected to discuss.
• One or two major lessons to be learned from the example that you apply in your business continuity and disaster discussion.
• Key challenges and solutions of business continuity planning and disaster recovery.
Background Readings:
NIST (2012), Computer Security Incident Handling Guide (Draft), National Institute of Standards and Technology Special Report 800-61.
Shannon, M. (2016). CISA: Business continuity planning process and policy. Skillsoft Ireland Limited. 109472, Video. Available in the Trident
Online Library.
Thejendra, B.S. (2014). Disaster recovery and business continuity: A quick guide for organizations and business managers, 3rd edition. IT Goverance.
Wallace, M. and Webber, L. (2018). The disaster recovery handbook: A step-by-step to ensure business continuity and protect vital operations, facilities, and assets, 3rd edition. AMACOM.