Business Continuity Planning and Disaster Recovery Planning
After reading this chapter and completing the exercises, you will be able to do the following:
■ ■ ■ ■ ■ ■ ■ ■
Distinguish between the business continuity plan (BCP) and the disaster recovery plan (DRP). Follow the steps in the BCP. Inform business executives why planning is important. Define the scope of the business continuity plan. Identify types of disruptive events. Outline the contents of a business impact analysis (BIA). Discuss recovery strategies and the importance of crisis management. Explain backup and recovery techniques including shared-site and alternate site agreements.
Upon reading this chapter, you may feel like you are preparing for a project management role rather than an information security role, but you’ll soon see that the interests of those who manage the business and those who safeguard it are intertwined. This chapter, more so than any of the other domains of the Common Body of Knowledge, deals with business management concerns: how to prepare for an emergency or calamity and how to respond and continue operations under suboptimal business conditions.
Information Security: Principles and Practices, by Mark S. Merkow, CISSP, CISM and Jim Breithaupt. Published by Prentice Hall. Copyright © 2006 by Pearson Education, Inc.
CHAPTER 6 | Business Continuity Planning and Disaster Recovery Planning
In this chapter, you will learn about the goals of sound business continuity planning and disaster recovery planning, how these two types of planning differ, the types of threats that could invoke emergency planning and procedures, and several of the more prominent techniques organizations are using to plan for and hopefully prevent a disruption in business activities.
Overview of the Business Continuity Plan and Disaster Recovery Plan
In the early 1990s, the focus of most businesses...