Chapter 3: Business Continuity Planning Flashcards
BCP
Business Continuity Planning
Assessing risks to organizational processes and creating policies, plans, and procedures to minimize the impact those risks may have on the org if they were to occur
What are the four phases of BCP?
Project Scope and Planning
Business Impact Analysis
Continuity Planning
Approval and Implementation
What happens during the business organizational analysis?
The individuals responsible for leading the BCP process determine which departments and individuals have a stake in the BCP. Serves as the foundation for BCP team selection.
Who should be members of the BCP team?
Representatives from each of the operational and support departments
Technical experts from IT
Physical and IT Security personnel
Legal representatives
Senior Management
What are the five stages of Business Impact Analysis?
Identification of Priorities
Risk Identification
Likelihood Assessment
Impact Analysis
Resource Prioritization
MTD
Maximum Tolerable Downtime
RTO
Recovery Time Objective
Amount of time in which you think you can feasibly recover a function in the event of a disruption
RPO
Recovery Point Objective
Defines point in time before the incident where the organization should be able to recover data from a critical business process
Example: org performs DB transaction log backups every 15 minutes. RPO is 15 minutes, org may lose up to 15 minutes worth of data after an incident