Incident Response Plan

profilesepola
bd_ch_10_sect_04.html
Home>Computer Science homework help>Incident Response Plan

Business Continuity

Sometimes, disasters have such a profound effect on the organization that it cannot continue operations at its primary site until it fully completes all DR efforts. To deal with such events, the organization implements its business continuity (BC) An organization’s set of efforts to ensure its long-term viability when a disaster precludes normal operations at the primary site. The organization temporarily establishes critical operations at an alternate site until it can resume operations at the primary site or select and occupy a new primary site. strategies.

Business continuity planning (BCP) The actions taken by senior management to develop and implement the BC policy, plan, and continuity teams. ensures that critical business functions can continue if a disaster occurs. Unlike the DR plan, which is usually managed by the IT community of interest, the BC plan The documented product of business continuity planning; a plan that shows the organization’s intended efforts to continue critical functions when operations at the primary site are not feasible. is most properly managed by the CEO or COO of an organization. It is activated and executed concurrently with the DR plan when the disaster is major or long term and requires fuller and more complex restoration of information and IT resources. If a disaster renders the current business location unusable, there must be a plan to allow the business to continue to function. While the BC plan reestablishes critical business functions at an alternate site, the DR plan team focuses on the reestablishment of the technical infrastructure and business operations at the primary site. Not every business needs such a plan or such facilities. Some small companies or fiscally sound organizations may be able simply to cease operations until the primary facilities are restored. Manufacturing and retail organizations, however, depend on continued operations for revenue. Thus, these entities must have a BC plan in place so as to relocate operations quickly with minimal loss of revenue.

BC is an element of CP, and it is best accomplished using a repeatable process or methodology. NIST's “Special Publication 800-34, Rev. 1: Contingency Planning Guide for Federal Information Systems”* includes guidance for planning for incidents, disasters, and situations calling for BC. The approach used in that document has been adapted for BC use here.

Swanson, M., P. Bowen, A. Phillips, D. Gallup, and D. Lynes. “Special Publication 800-34, Rev. 1: Contingency Planning Guide for Federal Information Systems.” National Institute of Standards and Technology. Accessed 7/13/15 from http://csrc.nist.gov/publications/nistpubs/800-34-rev1/sp800-34-rev1_errata-Nov11-2010.pdf.

The first step in all contingency efforts is the development of policy; the next step is planning. In some organizations, these are considered concurrent operations where development of policy is a function of planning, while in others policy comes before planning and is a separate process. In this text, the BC policy is developed prior to the BC plan; and both are developed as part of BC planning. The same seven-step approach that NIST recommends for CP can be adapted to an eight-step model that can be used to develop and maintain a viable BC program. Those steps are as follows:

  1. Form the BC Team—As was done with the DR planning process, the initial assignments to the BC team, including the team lead, will most likely be performed by the CPMT; however, additional personnel may need to be assigned to the team as the specifics of the BC policy and plan are developed, and their individual roles and responsibilities will have to be defined and assigned.

  2. Develop the BC Planning Policy Statement—A formal organizational policy provides the authority and guidance necessary to develop an effective continuity plan. As with any enterprise-wide policy process, it is important to begin with the executive vision.

  3. Review the BIA—Information contained within the BIA can help identify and prioritize critical organizational functions and systems for the purposes of business continuity, making it easier to understand what functions and systems will need to be reestablished elsewhere in the event of a disaster.

  4. Identify Preventive Controls—Little is done here exclusively for BC. Most of the steps taken in the CP and DRP processes will provide the necessary foundation for BCP.

  5. Create Relocation Strategies—Thorough relocation strategies ensure that critical business functions will be reestablished quickly and effectively at an alternate location, following a disruption.

  6. Develop the BC Plan—The BC plan should contain detailed guidance and procedures for implementing the BC strategies at the predetermined locations in accordance with management’s guidance.

  7. Ensure BC Plan Testing, Training, and Exercises—Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.

  8. Ensure BC Plan Maintenance—The plan should be a living document that is updated regularly to remain current with system enhancements.

Listen webReader by ReadSpeaker Open/close toolbar