1 / 22

What if…

What if…. Presented by: Aly Peavy, Bart Stone, Aby Dattero, and Tae Berg. Topics. Business Continuity Plan (BCP) Auditing a BCP Real-world example. What would happen if…. A hurricane hit? A fire occurred? Power was interrupted? What would you do? What would a business do?.

tatyana-valdez
Télécharger la présentation

What if…

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What if… Presented by: Aly Peavy, Bart Stone, Aby Dattero, and Tae Berg

  2. Topics Business Continuity Plan (BCP) Auditing a BCP Real-world example

  3. What would happen if… • A hurricane hit? • A fire occurred? • Power was interrupted? • What would you do? • What would a business do?

  4. The need for a plan • Risk of going out of business • Cheaper in the long-run • Provides order and structure • Required • Better to have the plan and never use it than to never plan and be unprepared when disaster strikes.

  5. Business Continuity Plan • Business Continuity Plan • A plan that consists of the set of procedures designed to keep critical business functions up and running during and after a disaster. • Goal • To prevent disruptions in business operations

  6. BCP - Elements • Analysis • Identification of risks/threats • Response/recovery Design • Plan of action • Implementation • Testing • Maintenance

  7. Achieving an Effective Plan Obtain Top Management Commitment Establish a Planning Committee Perform a Risk Assessment

  8. Achieving an Effective Plan Establish Priorities for Processing Operations Determine Recovery Strategies Perform Data Collection

  9. Achieving an Effective Plan Organize and Document a Written Plan Develop Testing Criteria and Procedures Test the Plan Approve the Plan

  10. Data and Systems Recovery Storage and Backup of Data Hot, Warm or Cold? Cloud Computing

  11. Auditing a BCP Abby Dattero

  12. Auditing a BCP • 3 Step Process 1. Validating the business continuity plan 2. Scrutinizing and verifying preventive and facilitating measures for ensuring continuity 3. Examining evidence about the performance of activities that can assure continuity and recovery

  13. Validating the BCP • Preventive controls • Recovery controls • RTO and RPO • BCP

  14. Scrutiny and Verification • Disaster recovery site • Accessibility • Outsourcing • Contracts • Supporting equipment • Accessibility

  15. Examining Evidence about Performance of Activities • Daily activities • Backup tapes/backup logs • Look at all components • Operating system, database, etc. • Verification of maintenance • Has plan been tested? How thoroughly? • Table top testing/complete drill

  16. People • Inquiry and verification • Training programs • Awareness campaigns

  17. Examples of Recovery Plans and Their Effectiveness Bart Stone

  18. IBM $300 million to invest in backup centers “Cloud Computing” data centers 10 different countries

  19. HP YouTube Example? HP Example 3:10 – 4:10

  20. Impressive What People Can Recover Space Shuttle Columbia example Kroll On-track Incorporated "When we got it, it was two hunks of metal stuck together. We couldn't even tell it was a hard drive. It was burned and the edges were melted," said Edwards, an engineer at Kroll Ontrack Inc.

  21. Works Cited • Auditing Business Continuity, By S. Anantha Sayana • IS Auditing Guideline: Business Continuity Plan, ISACA • http://en.wikipedia.org/wiki/Business_continuity_planning • http://www.informit.com/articles/article.aspx?p=768381 • http://www.msnbc.msn.com/id/24542368/ • Brian Bergstein 5/9/2008 “Data Recovery Specialist Tells Columbia Story” • http://www.tsl.state.tx.us • Texas State Library and Archives. State and Local Records Management Division. • http://www.reuters.com/article/businessNews/idUSN1936716820080820 • 8/19/2008 “IBM invests $300 mln in disaster recovery centers” Jim Finkle • http://www.youtube.com/watch?v=ndpjNhd1MtE • HP Disaster Recovery Video from YouTube

  22. Works Cited Continued • http://www.microsoft.com/protect/yourself/data/storage.mspx • http://www.samag.com/documents/s=9364/sam0106sc/0106c.htm • http://ezinearticles.com/?CompTIA-Network+-Certification-Exam-Tutorial:--Hot-Sites,-Warm-Sites,-and-Disaster-Recovery&id=331743 • http://ezinearticles.com/?CompTIA-Network+-Certification-Exam-Tutorial:--Hot-Sites,-Warm-Sites,-and-Disaster-Recovery&id=331743 • http://www.infoworld.com/article/08/04/07/15FE-cloud-computing-reality_1.html • http://en.wikipedia.org/wiki/Cloud_computing#Companies • http://articles.techrepublic.com.com/5100-10878_11-5988931.html • http://www.sba.gov/services/disasterassistance/disasterpreparedness/index.html • http://www.drj.com/new2dr/w2_002.htm

More Related