Csec 650 Individual Assignment 2

While these situations are not entirely avoidable, an organization’s ability to recover from such setbacks largely depends on how much energy has been invested into identifying and mitigating risk through the use of a well-established business continuity plan. Lindros and Tittel (2013) explain that business continuity refers to maintaining business functions, or quickly recovering such functions in the event of a major disruption, and the lack of planning doesn’t just mean an organization will take longer to recover, but may never recover at all. The first step to developing an effective continuity plan is a thorough planning process in which an organization establishes

a business continuity plan starting with a risk analysis, business impact analysis, and alignment of critical

Good Business Continuity Planning starts with being proactive. That means taking concrete steps to plan for an incident much before it actually strikes. There is no one single approach that fits for all types of incidents as no two emergencies are identical. Much of business continuity planning varies based on the size of the company, company’s line of business, and the locations of the company, customers and suppliers.

Summary: For this assignment, you must research three or more commercially available technology solutions which could be used by a business as part of its recovery during disaster recovery or business continuity operations. You may focus upon the incident reported upon in your cybersecurity research paper OR you may take a more general approach. Your research will then be used to prepare a presentation (Power Point slides) in which you discuss how your selected solutions could be used to address cybersecurity problems specific to DR / BCP operations. Your presentation must also address the importance of disaster recovery planning and/or business continuity planning with respect to maintaining the

The business continuity & disaster recovery is written into the policy to ensure each department knows and has a plan in case of an unexpected event such as a fire, vandalism, and natural disaster that would disrupt normal business. This part of the plan also states that data administrators are the ones responsible to implement procedures for critical backup of data and how long the recovery time would be which is set by the data stewards and other stockholders.

The goal of the information disaster recovery processes and a robust contingency plan is to maintain the resiliency of General Hospital during any type of data disruption. Continuation of essential functions at all times requires the ability to adapt to changes and risks. The disaster recovery and contingency plans consider risk management and other security and emergency management activities that are

A BCP should cover all of the things that could cease regular business operation. Once that has been establish, then we will need to determine what is required for continue operation during a disaster. Then who are the key personnel and what their job will be in support of the continue operation. Identify the key equipment, storage data area and the secondary location at least 30-50 miles away from your primary position.

MAGALHAES, R. (2005, MAY). THE BUSINESS CONTINUITY PLAN RECOVERY DOCUMENT. RETRIEVED ON FEBRUARY 23, 2007, FROM

Without a business continuity plan the organization will fail to successfully recover from cyber threats and attacks such as Stuxnet.

According to the article, How to Successfully Implement a Disaster Recovery Plan on ameinfo.com, “most major organizations are running critical enterprise applications such as Enterprise Resource Planning (ERP), Supply Chain Management (SCM), and Customer Relationship Management (CRM). These applications are integrated across the enterprise to such an extent that they touch everyone from employees and customers to suppliers and partners, and they are the backbone and life-blood of the organization” (ameinfo.com, 2003). Implementing a good disaster recovery plan is highly imperative to ensure business continuity. However, one of the biggest challenges is convincing business leaders to recognize the need and fund the change. An organization should be prepared for all forms of disasters and catastrophes and have a disaster recovery plan in place that will allow the system should function normally under any of these circumstances. This alone will provide a huge competitive advantage and allow the organization to remain functional during potential down times. Natural or any other form of disaster is something that cannot be predicted and the company should be well prepared to deal with any untoward incidents. Any business utilizing IT systems should have proper backup and restoration methods to reset the system in case of emergencies.

A disaster is defined as a sudden, unplanned catastrophic event that renders the organizations ability to perform mission-critical and critical processes, including the ability to do normal production processing of systems that support critical business processes. A disaster could be the result of significant damage to a portion of the operations, a total loss of a facility, or the inability of the employees to access that facility. The disaster recovery process consists of defining rules, processes,

In this day and age, a business continuity plan is essential to an organizations risk management. A large organization like Sunshine Machine Works understand that time is critical when it comes to natural disasters or man made interruptions to their network systems. When a system is offline for excessive amounts of time, could mean a loss to the organization. That’s why having an effective business continuity plan is vital to keeping operations for being disturbed during a time of crisis whether it is an attack or natural disaster that could potentially affect Sunshine Machine Works operations, data and networks.

Disasters have become an inevitable part of businesses and organizations as well. They not only have a major effect on business and organizational continuity; they also result to an overhaul in organizational operational mechanisms (Awasthy, 2009). It is for this reason that many organizations and business resort to preparing business continuity plans and disaster recovery plans that will facilitate better disaster management in future. Effective disaster recovery plans are important to every business and organization (Thejendra, 2008).

As a consultant brought into an organization concerned about business continuity I would recommend to first perform a Risk Assessment Analysis and/or Business Impact Analysis (BIA). Conducting a business impact analysis will allow an organization to know the system or application’s downtime tolerance. The analysis will identify all systems and applications that can experience little to no downtime. Conducting risk assessment analysis will allow the organization to identify all the risks at the beginning and during the life of the organization, and grade the risks in terms of likelihood of occurring and seriousness of impact on the organization. Either analysis is an excellent tool and will result in the beginning creations of disaster recovery and business continuity planning. If using the BIA method a good first step is identifying the business’ most crucial systems and processes to assess what effect the outages will have on the business. All systems or applications should have a back-up location offsite to ensure business continuity. The higher the impact the more money a company should spend in order to quickly gain restoration of their business.

Contingency planners are now asserting that contingency planning is a value-added component that can be a competitive advantage in the marketplace as well a means of helping organizations save money. Processes that are deeply analyzed in terms of continuity will usually be more secure, and new ways of working may emerge to help streamline operations. Contingency planning can be useful when forging alliances with external organizations or during acquisition phases. Contingency planning should be part of an organization’s quality cycle as well. “Business continuity and disaster recovery have gained somewhat in the eyes of top corporate management since the start of the 1990s. As the industry has slowly evolved from what could almost have been called a ‘black art’ to something starting to resemble a disciplined science, basic business principles have begun to become increasingly relevant” (Rothstein, 2003, p. 1).