Chapter 3: Business Continuity Planning

Question 1

BCP

Answer 1

Business Continuity Planning
Assessing risks to organizational processes and creating policies, plans, and procedures to minimize the impact those risks may have on the org if they were to occur

Question 2

What are the four phases of BCP?

Answer 2

Project Scope and Planning
Business Impact Analysis
Continuity Planning
Approval and Implementation

Question 3

What happens during the business organizational analysis?

Answer 3

The individuals responsible for leading the BCP process determine which departments and individuals have a stake in the BCP. Serves as the foundation for BCP team selection.

Question 4

Who should be members of the BCP team?

Answer 4

Representatives from each of the operational and support departments
Technical experts from IT
Physical and IT Security personnel
Legal representatives
Senior Management

Question 5

What are the five stages of Business Impact Analysis?

Answer 5

Identification of Priorities
Risk Identification
Likelihood Assessment
Impact Analysis
Resource Prioritization

Question 6

MTD

Answer 6

Maximum Tolerable Downtime

Question 7

RTO

Answer 7

Recovery Time Objective
Amount of time in which you think you can feasibly recover a function in the event of a disruption

Question 8

RPO

Answer 8

Recovery Point Objective
Defines point in time before the incident where the organization should be able to recover data from a critical business process
Example: org performs DB transaction log backups every 15 minutes. RPO is 15 minutes, org may lose up to 15 minutes worth of data after an incident