isa 562 1 domain 6: business continuity & disaster recovery planning isa 562 internet security...
TRANSCRIPT
![Page 1: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/1.jpg)
ISA 562 1
Domain 6: Business Continuity &
Disaster Recovery Planning
ISA 562Internet Security Theory & Practice
![Page 2: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/2.jpg)
2
Objectives
Response to save business and human life Recovery activities after a disaster to
normal operations Recovery plans to resume interrupted
critical business
![Page 3: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/3.jpg)
Introduction
Need to process critical business systems in the event of disruption to normal business data processing operations.
Ensure the availability of critical information system resources in the event of an unexpected network interruption or disaster
Many kinds of plans Contingency plans, Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP)
3
![Page 4: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/4.jpg)
BCP and DRP Life cycle
Steps of BCP and DRP project life cycle 1. Project Scope Development and planning2. Business Continuity analysis (BIA) and
functional requirements (for BIA steps, please see the book)
3. Business Continuity and Recovery Strategy4. Plan Design and Development5. Restoration6. Feedback
4
![Page 5: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/5.jpg)
Project Scope and Development Planning
Higher management’s commitment to go through the different steps of the project.
Deliverables Project scope definition Producing a Project plan Dedicating a steering committee for the project
The BCP should be aligned with the organization's mission
Business continuity steering committee should Know the mission statement in order to place the scope Have required authorization
Resources requirement need to be known at this stage
Budget requirements are estimated and validated Personnel availability Knowing key points of contact or personnel in an
emergency5
![Page 6: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/6.jpg)
Business Impact Analysis (BIA) Evaluates all business functions against a
common criterion to assess potential impacts to the business by an interruption
The following fall under the BIA Preparing a BIA format Assess potential impacts Prioritize: very important for business functions
Elements to consider Analysis of different threats for the business Identification of critical business functions and
units Emergency Assessment 3rd party considerations
6
![Page 7: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/7.jpg)
Different Items to be considered in BIA
Threats analysis Human Made threats, Natural threats, IT threats Etc
Identify critical business functions: some characteristics
Time Sensitivity, Data Integrity, Etc Their impact on business: Financial & Operational Impact ,
Reputation etc Emergency Assessment
Affected Areas Alerting procedures Security and safety procedures and guidelines, Etc
3rd party considerations Need to look at Down stream liabilities and
upstream impacts Compliance requirements, SLA Agreements, etc
7
![Page 8: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/8.jpg)
Business Continuity and recovery Strategy
Business Unit Priorities: Business units are examined for BIA identified critical functions Critical processes and functions are reviewed by
the Steering committee and establishes priorities Find the minimum resources required to carry out
identified functions Priorities are documented Recovery time Objective (RTO): is the maximum
time to restore a critical function Recovery point objective (RPO): minimum
tolerable amount of data integrity Perform a Cost/Benefit analysis
8
![Page 9: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/9.jpg)
Recovery Alternatives Three approaches for recovery
Dedicated site operated by the organization Multiple processing centers
Commercially leased facility Hot site / cost high Worm site / cost moderate Cold site / cost lowest
Agreement with an Internal or external facility Identify organizations with equivalent IT
configurations and backup technologies and establish an agreement
Types of agreements Reciprocal or Mutual Aid Contingency Service Bureau
9
![Page 10: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/10.jpg)
Backup
Strategies Replication Storage Area network Electronic Vaulting, etc
Location and Storage Criteria Perhaps store in several locations for different
purposes On-site storage, Near-site storage , Off-site storage.
Resilience Strategies Improve an organization's continuity and resilience
IT and Site Resilience etc
10
![Page 11: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/11.jpg)
Plan Design Development Emergency Response Procedures
Life , Health & safety Damage Assessment Event Reporting Disaster Declaration, etc
Personnel Notifications List of people to notify Defining the role of the executives in crisis management Executive succession planning, etc
Backup and off-site storage Inventory list is compiled and documented Facility Accessibility and Resilience
Communication in Emergency Emergency and Business communication system should be
in place Data communication priorities in networks should be
agreed upon
11
![Page 12: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/12.jpg)
Plan Design Development (Continued) Alterative site considerations
The ability to support the required infrastructure, environmental and space demands should be analyzed: utilities, communications, etc
Logistics and supplies How resources are acquired or procured, transported and
maintained Personnel and materials transportation Remote worker environment activation Emergency funds access, etc
Documentation Document BCP & DRP activation and de-activation plans and
procedures. Activity and status reports Checklists etc
Business continuity and resumption planning Contracts for emergency vendor services Risk avoidance and mitigation planning Emergency business recovery procedures
12
![Page 13: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/13.jpg)
Implementation
Includes Training, Testing, Recovery and Audit Training
Increasing the organization's awareness of the BC and DR business case
Different kinds of training for different attendees All people training, Operation teams, Recovery teams etc
Testing Confirms that the plan meets its emergency,
recovery and restoration objectives Measures the accuracy of the plans Allow management to evaluate personnel readiness for an
adverse event
13
![Page 14: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/14.jpg)
Implementation (continued) Test Plans
Each time tests are scheduled, a test plan should be written, it should contain
Objectives and success criteria Details Schedule Post-test review
Test types Several test types exists which server different
purposes Checklist test Structured walk-through Simulation Parallel testing
Testing follow-up Identifying existing deficiencies Plan should be routinely assessed Should be scheduled for testing for example annually
14
![Page 15: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/15.jpg)
Implementation (continued) Recovery procedures
Site migration Local Recovery procedures Transfer and recovery, etc.
Audit Ensures an organization has an effective BC
and DR capability Measures compliance Addressing audit findings
15
![Page 16: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/16.jpg)
Restoration Restoration of primary location
Primary facility must be stabilized and secured and then more detailed damage assessment is conducted
Procurement Has an essential role in supporting restoration Consolidating acquisitions and Disposition Costs reporting
Data Recovery Reversal procedures Business process recovery point Journal and process synchronization
Relocation to primary site Restoration order and prioritization End of disaster declaration
16
![Page 17: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/17.jpg)
Feedback and plan management Post-recovery reporting
Identification or remediation of plan gaps Record Lessons learned Performance metric review
Plan review and evaluation Training of key personnel
Communication Plan distribution Communicate the plan to stakeholders
17
![Page 18: ISA 562 1 Domain 6: Business Continuity & Disaster Recovery Planning ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.us/reader036/viewer/2022082612/56649e615503460f94b5cde4/html5/thumbnails/18.jpg)
References ISC2 CBK Material CISSP-All-in-one book
18