Business Continuity and Disaster Recovery Planning Flashcards
(25 cards)
BCP
Business Continuity Plan. A long-term to ensure continuity of business operations. Goal is to ensure a business will continue to operate before, throughout and after a disaster event.
COOP
Continuity of Operations Plan. A plan to maintain operations during a disaster.
DRP
Disaster Recovery Plan. A short-term plan to recover from a disruptive event.
MTBF
Mean Time Between Failures. Quantifies how long a new or repaired system will run on average before failing.
MTTR
Mean Time To Repair. Describes how long it will take to recover a failed system.
PIDAS Fence
Perimeter Intruder Detection Assessment System
Disruptive Events (Disaster) Types (3)
Natural, Human or Environmental
MTD
Maximum Tolerable Downtime.
Consists of:
(1) RTO - Recovery Time Objective
(2) WRT - Work Recovery Time
DRP Process Steps
Respond, Activate Recovery Team, Communications, Assessment & Reconsistution
BCP/DRP Planning Steps
Project Initiation Scope the Project Business Impact Analysis Identify Preventive Controls Recovery Strategy Plan Design and Development Implementation, Training and Testing BCP/DRP Maintenance
BIA
Business Impact Analysis. Process for determining how a disruption to the IT systems of an organization will impact the organization’s requirements, processes and interdependencies.
BIA Components (2)
(1) Identification of critical assets
(2) Comprehensive risk analysis
Failure and Recovery Metrics
RPO, RTO, WRT, MTBF MTTR MORs
RPO
Recovery Point Objective. The amount of data loss or system inaccessibility that an organization can withstand.
RTO/WRT
Recovery Time Objective/Work Recovery Time. RTO is the maximum time allowed to recover business or IT systems - how long it take to get the hardware running. WRT is the time needed to configure a recovered system.
MTD
Maximum Tolerable Downtime. also MAD, MTO or MAO
…MTD = RTO + WRT
MOR
Minimum Operating Requirements. The minimal environmental and connectivity requirements in order to operate computer equipment.
Redundant Site
Exact production duplicate site with real-time synchronization of data. Highest cost and highest availability of all recovery options. No loss of data and changeover is transparent to users. Immediate recovery.
Hot Site
Contains all necessary hardware and critical applications data mirrored in real time. Ready to go site. Recovery in hours.
Warm Site
Fully configured and ready data center. Relies on backups to restore systems. Recovery in days
Cold Site
Ready building with contingencies for equipment, supplies and applications. Recovery in weeks.
Mobile Sites
Datacenters on wheels. Contain equipment, HVAC, fire suppression and physical security. Can be used on-site of original datacenter.
Crisis Communications Plan
A plan for communicating to staff and the public.
(1) Call Trees/Automated call trees
HA
High Availability Cluster. The goal is to decrease the recovery time of a system or network device so that the availability of the service is less impacted than it would be by having to rebuild, reconfigure, etc.
(1) Active-active Cluster: Multiply systems used to process traffic or data, load balancing. (2) Active-Passive Cluster: Secondary system online and active with data backed to system.
