They must identify the scope and boundaries of the business continuity plan while communicating the importance of such a plan throughout the organization. What critical aspects of the business must be considered as part of the plan? This step typically involves an audit analysis of the organization's assets, including people, facilities, applications, and IT systems, along with a risk analysis that identifies the types of threats to the
organization, both man-made and natural. Show Natural events capable of disrupting a business include these: The BIA identifies the risks that specific threats pose to the business, quantifies the risks, establishes priorities, and performs a cost/benefit analysis for countering risks. In pursuit of these goals, these are the three most important steps: This makes the task of prioritizing easier and hopefully less subjective, assuming that all business units accept the scoring method. This approach gives prioritization more objective scientific validity. Shared-site agreements are arrangements between companies with similar (if not identical) data processing centers. This compatibility in hardware, software, and services allows companies that enter into an agreement to back up each other when one partner has an emergency. Instead of having to build an entire infrastructure to back up its applications and data, Company A enters into an agreement with Company B to share resources in case of a disaster. Such an arrangement can save substantial time and money because the computers and software already exist and do not have to be procured. In theory, when Company A loses its data processing center resources, a figurative switch flips and it begins to run its applications on Company B's computers as if nothing had happened. Despite the advantages of reduced costs, this scenario encounters problems. First, the data centers must be highly compatible in terms of the hardware and software they run. In fact, if Company A is not a subsidiary of Company B or they aren't regional offices of the same corporation, a shared-site agreement is difficult to implement. If the companies are not part of the same corporate charter, other difficulties arise, such as assured data security, privacy protection, and data synchronization. Shared-site agreements are feasible when companies are closely related and share common processing platforms, but the challenges are greater when this is not the case. A hot-site facility assumes the entire burden of providing backup computing services for the customer. This includes hosting the application software and data in a so-called mirror site. The vendor should be prepared to assume all responsibility for processing transactions for the customer, with little to no interruption of service. The vendor is responsible for maintaining the facility, including all environmental controls, such as heating, air conditioning, and power; hardware, including servers and printers; data backups; and all other services associated with a data processing center. Although a hot-site facility offers several advantages, most importantly providing uninterrupted service in a relatively quick time, it can also be the most expensive solution as a DRP. In addition, the hot site poses some security risk because the data is now stored, backed up, and theoretically accessible to a third party. Still, for companies that can afford a hot-site facility, this is the most attractive solution. Unlike the hot site, the cold site provides facilities (including power, air conditioning, heat, and other environmental systems) necessary to run a data processing center without any of the computer hardware or software. The customer must deliver the hardware and software necessary to bring up the site. The cold site is a cheaper solution than a hot site, but you get what you pay for. When you consider the logistical problems of moving hardware that is highly sensitive to both temperature fluctuations and movement and then quickly installing software on it, you will appreciate the challenges that a cold-site facility poses. In the event of a true disaster, when a company cannot afford to suffer a protracted outage, the cold-site alternative, although economically feasible, might give the customer the illusion of security, even if it is not grounded in reality. Unfortunately, this lesson may be learned the hard way. Which of the following is the definition of business continuity plan BCP )?A business continuity plan (BCP) is a document that outlines how a business will continue operating during an unplanned disruption in service.
What is the purpose of a business continuity plan BCP )? Quizlet?What is the primary goal of business continuity planning? Maintaining business operations with reduced or restricted infrastructure capabilities or resources.
What is the goal of the BCP process quizlet?The most common goal of the BCP is quite simple: to ensure the continuous operation of the business in the face of an emergency situation.
What is a business continuity plan what is a disaster recovery plan quizlet?The Disaster Recovery Plan (DRP) provides a short-term plan for dealing with specific IT-oriented disruptions. Relationship between BCP and DRP. The Business Continuity Plan is an umbrella plan that includes multiple specific plans, most importantly the Disaster Recovery Plan.
|