Security Policies and Implementation Week Four Lab

1858 Words8 Pages
------------------------------------------------- Sara ------------------------------------------------- 10/11/2014 ------------------------------------------------- Week 4 Laboratory: Part 1 Part 1: Identify Necessary Policies for Business Continuity - BIA & Recovery Time Objectives Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Identify the major elements of a Business Continuity Plan (BCP) * Align the major elements of a Business Continuity Plan with required policy definitions * Review the results of a qualitative Business Impact Analysis (BIA) for a mock organization * Review the results of defined Recovery Time Objectives…show more content…
They must provide policies because it will walk staff through what to do if a disaster were to occur and how to get things up and running again. 1. When should you define a policy definition and when should you not define one? You should define a policy definition when creating a new policy with new topics. You should not define one when updating a policy. 2. What is the purpose of having a Business Continuity Plan policy definition that defines the organization’s Business Impact Analysis? To identify critical business functions and what disruptions in the services can have on the organization. 3. Why is it critical to align the RTO and RPO standards within the policy definition itself? To provide the guidelines for the amount of time a critical business function can remain out of service before cost rises or data is lost forever. 4. What is the purpose of a Business Impact Analysis (BIA)? It identifies possible business failurs in a company. It looks at the resources that may be needed. 5. Why is a business impact analysis (BIA) an important first step in defining a business continuity plan (BCP)? It is important because the BCP is what to do after the failure occurs and the BIA is predicting what the failure could be. 6. How does risk management and risk assessment relate to a business impact analysis for an IT infrastructure? They relate because it is
Get Access