IT Governance and Management - Organizational Continuity Planning and Disaster Recovery Flashcards Preview

CPA - BEC > IT Governance and Management - Organizational Continuity Planning and Disaster Recovery > Flashcards

Flashcards in IT Governance and Management - Organizational Continuity Planning and Disaster Recovery Deck (4):
1

Business Continuity Planning

Process of planning for disasters (BCM) and embedding plan in an organization's culture. Consists of identifying event that may threaten an organization's ability to deliver products and services. And creating structure that ensures smooth and continuous operations in event risks occur

2

6 step model

1) Create a BCM policy and program
2)Understand and evaluate organizational risks. BIA, business impact analysis, will identify the maximum tolerable interruption periods by function and organizational activity
3)Determine business continuity strategies - define alternative methods to ensure sustainable delivery of products and services; desired recovery times, distance to recover facilities, personnel, supporting tech, impact on stake holders.
4) develop and implement a BCM response- Document and formalize the BCM lan
5)Exercise, maintain, and review plan; maintenance and review require updating the plan as business processes and risks evolve
6)Embed BCM in the organization's culture

3

DRP - Disaster recover plans

Enable organizations to recover from disasters and continue operations.]

Includes 2 important goals

1)Recovery point objective (RPO) defines acceptable amount of data lost in an incident. Typically stated in hours and defines regularity of backups.

2)Recovery time objective (RTO) - acceptable downtime for a system or organization. Specifies longest acceptable time for a system to be inoperable

4

Disaster Recovery Plan classification

Cold site (empty shell) - off-site location that has all electrical connections and other physical requirements for data processing , but does not have actual equipment or files. Often require 1-3 days to be made operational . Least expensive type of alternative processing facility available; MOBILE COLD SITE (on mobile unit)


Warm site- Location whee business can relocate to after faster that is already stocked with computer hardware similar to that of that of the original site, but does not contain backed-up copies of data and information

Hot site - off-site location completely equipped to quickly resume data processing , all equipment plus backup copies of essential files are at site, enables resumed operations with minimal disruption, more expensive than warm and cold sites


Reciprocal agreements - shared use facilities governed by inter-organizational agreements that use IT facilities

Mirrored site - full redundant EXPENSIVE AS FUCK

Decks in CPA - BEC Class (62):