contingency planning
Contingency Planning
I
v
Business Impact Analysis
I
vIncident Respond. Disaster revovery B. Conti.
planning
Security vs. Contingency Planning
Security
Nothing that is not supposed to happen
^
I
v
Contingency PlanningWhatever happens we are prepared
Business Impact analysis
an investigation and assessment of adverse events that can affect the organization to determine the criticality of information assets to the organization’s core processes and its recovery priorities
Closely related to the risk management process which has a focus on protecting information assets, business impact analysis assumes that protection has failed
helps to understand how the organization must respond to an adverse event and where to set priorities
- > what are key business processes and information assets involved
- > how long does it take to recover from an adverse event
- > what are the costs of disruption and costs to recover?
Incidents vs Disaster
Incident:
- > adverse event
- > Could result in a loss of information assets
- > does not threaten the entire organization
- > triggers incident response plan
can escalate into
Disaster:
- > inability to contain or control the impact of the incident
- > damage is so severe that quick revovery is not possible
- > triggers disaster recovery plan
Incident response plan: what needs to happen in the event of an incident?
Disaster recovery plan: what needs to happen in case an incident turns into a disaster=
Incident Response Plan
Core element: incident response procedures (standard operating procedures)
Three sets of function-specific procedures for every incident scenario:
- > procedures that must be performed during the incident (e.g. turning off computer and pulling out cables if computer begins behaving unusually)
- > Procedures that must be performed before an incident (e.g. don’t put unknown memory sticks in your computer)
Key objective of incident response: stopping the incident and containing its impact
disaster recovery plan
is activated in case the incident response plan is no longer able to handle and recover from the incident
Must include a clear delegation of roles and duties and establish priorities (e.g. preserving human life as top priority)
Should cover responsibilities
- > recovering information assets
- > acquire new information assets from appropriate sources to replace those that have been destroyed or compromised by the disaster
- > Reestablish information assets needed for returning to normal operations
Business Continuity planning:
- ensures that critical business functions can continue if a disaster occurs
- disaster may have such a profund effect on the organization that it cannot continue operations (at its primary site) until it fully recovers from the disaster
- to maintain continuity of business operations, a business continuity plan is required
- it is activated concurrently with the disaster response plan if the disaster is major or recovery takes too long
- the plan may also account for reestablishing critical business functions at an alternate site (e.g. in case of a fire destroying the core facilities)
Hot Sites and Cold Sites
Hot Site: fully configured duplicate computing facility
Ability to perform everything that could be done at the main facility
Takes over if main facility is destroyed or otherwise compromised
very expensive
cold site Provides only rudimentary services and facilities
ensures that the organization has space to operate
need to establish it and communication systems after site is activated
low cost (but better than nothin)
Disaster Recovery vs. Business Continuity
Disaster recovery: intends to reestablish infrastructure and operations affected by the disaster to return to regular operations
Business Continuity: intends to maintain critical business functions while the disaster or its consequences prevents regular operations
