NUMBER: IA-643 CREDIT HOURS: 3 PREREQUISITE: IA

Size: px
Start display at page:

Download "NUMBER: IA-643 CREDIT HOURS: 3 PREREQUISITE: IA"

Transcription

1 Syllabus COURSE TITLE: Disaster Recovery and Business Continuity COURSE NUMBER: IA-643 CREDIT HOURS: 3 PREREQUISITE: IA 642 Enterprise Security IA 622 Risk Vulnerability Physical Assessment Course Description: Disaster Recovery and Business Continuity, a strategic imperative and a competitive advantage in an environment where you must plan for the unexpected, maintain operations, and meet regulatory demands. Course also covers recovery time and recovery point objectives (RTO and RPO. Built upon the concepts of risk analysis and business impact planning, this course is designed to provide a foundation and guide to coordinated organizational emergency response and event management during and after a disruptive occurrence. Course Objectives: Upon successful completion of this course, students should be able to: 1. Identify the core pieces and functions of an integrated, effective, corporate business continuity program 2. Describe key Business Continuity terms and concepts, such as: determining critical business functions, the "MARC" (minimum acceptable recovery configuration), Recovery Time Objectives, Recovery Point Objectives, Recovery Time Capabilities, information technology disaster recovery technical solution designs standards and practices 3. Understand how to effectively determine business unit business resumption requirements for loss of workspace, loss of information technology, and loss of personnel. 4. Understand how to approach crafting effective information technology recovery time capabilities for key systems that will meet business units' stated needs, and how to address "the gap" which may be discovered between business units' information technology recovery requirements and available money or capabilities 5. Understand the core quality control concepts surrounding the development and use of scorecards in evaluating business resumption and disaster recovery plans, and standardized objective metrics in information technology testing Unit 1: Course Intro and Asset Identification Chapter 1 IR/DR 1.1 Course Intro and Review 1.2 Critical Asset Identification 1.21 Tangible/Physical Assets 1.22 Intangible/Logical Assets 1.3 Asset Valuation 1.4 Baseline Creation 1.5 Understanding Asset Ranking in Incident Response vs. Disaster Recovery

2 Unit 2: Introduction to Risk Management Chapter1 IR/DR Chapter 62 CSH 2.1 Overview of the Risk Management Process 2.2 Risk 2.3 Risk Assessment Process 2.4 Risk Management 2.5 Residual Risk 2.6 Risk Control and Acceptance Unit 3: Threat Chapter 1, 2 IR/DR Chapter 12, 13, 14, 22 CSH 3.1 Threats 3.2 Environmental/Natural Threat 3.3 Human Threats 3.31 Error 3.32 The Insider 3.33 Sabotage 3.34 Social Engineering 3.4 Hardware/Software Failure 3.5 Attacks 3.51 Software Attacks 3.52 Viruses 3.53 Worms 3.54 Backdoors and Trapdoors 3.55 Denial of Service 3.6 Theft 3.7 Threat Analysis 3.8 Threat Assessment Unit 4: Vulnerabilities Chapter 4.1 Vulnerabilities 4.2 Vulnerability Analysis 4.3 Vulnerability Management 4.4 Network Vulnerabilities 4.5 Technical Vulnerabilities Unit 5: Planning for Organizational Readiness Chapter 2 IR/DR 5.1 Contingency Planning Process 5.11 Beginning the CP Process 5.12 Elements to Begin Contingency Planning 5.2 Contingency Planning Policy 5.3 Business Impact Analysis 5.4 Business Impact Analysis Data Collection

3 5.5 Budget Planning for BIA 5.51 Incident Response Budgeting 5.52 Disaster Recovery Budgeting 5.53 Business Continuity Budgeting 5.54 Crisis Management Budgeting Unit 6: Incident Response Chapter 3, 4, 5 IR/DR 6.1 Preparing for Incident Response 6.2 Incident Response Policy 6.3 Building the Security Incident Response Team 6.4 Incident Response Planning 6.41 During the Incident 6.42 After the Incident 6.43 Before the Incident 6.5 Assembling and Maintaining the Final Incident Response Plan 6.6 Detecting Incidents 6.7 Intrusion Detection Systems 6.8 Incident Decision Making 6.9 Reaction 6.10 Recovery from Incidents 6.11 Maintenance 6.12 Intrusion Forensics Chain of Custody 6.13 Managing Evidentiary Data in an Electronic Environment Unit 7: Contingency Strategies for Business Resumption Planning Chapter 6 IR/DR 7.1 Data and Application Resumption 7.2 Site Resumption Strategies 7.21 Exclusive Site Resumption Strategies 7.22 Shared Site Resumption Strategies 7.23 Service Agreements Unit 8: Disaster Recovery Chapter 7, 8 IR/DR 8.1 Disaster Classifications 8.2 Forming the Disaster Recovery Team 8.3 Disaster Planning Functions 8.4 Technical Contingency Planning Considerations 8.5 Resumption Phase 8.6 Restoration Phase 8.7 Facing Key Challenges 8.8 Preparation: Training the DR Team and the Users 8.9 Disaster Response Phase 8.10 Recovery Phase

4 8.11 Resumption Phase 8.12 Restoration Phase 8.13 Simulation Exercise-Sample Disaster Recovery Plans Unit 9: Business Continuity Chapter 9, 10 IR/DR 9.1 Elements of Business Continuity 9.2 The Business Continuity Team 9.3 Business Continuity Policy and Plan Functions 9.4 Creating an Effective BC Plan/Policy 9.5 Implementing the BC Plan 9.6 Continuous Improvement of the BC Process 9.7 Maintaining the BC Plan 9.8 Simulation Exercise-Sample Business Continuity Plans Unit 10: Crisis Management Chapter 11 IR/DR 10.1 Crisis Management in the Organization 10.2 Preparing for Crisis Management 10.3 Post-Crisis Trauma 10.4 Getting People Back to Work 10.5 Law Enforcement Involvement 10.6 Managing Crisis Communications 10.7 Succession Planning Unit 11: Site Planning Simulation Exercise Students, in a team, will develop a full Site Plan for a fictitious organization. Details will be provided by the Instructor. Site Planning Simulation Exercise: The final project will be developed in teams, with each Team Leader giving an oral presentation to the class. Each team will be assigned a unique Organization/Location for which a Business Impact Analysis, Incident Response, Business Continuity and Disaster Recovery Plan will need to be developed. Each student will write a portion of the team report and will be responsible for his or her contribution to the overall project. Each team will provide a final written report identifying each team member s individual contribution, as well as their findings. The focus of the final project is to develop a complete Business Continuity/Disaster Recovery Plan, as well as an Incident Response Plan and Business Impact Analysis, utilizing the materials presented in class. Things to consider: Size Line of business Number and types of locations Risks to the organization

5 Final Project Documentation: A complete project with two hard paper copies must be submitted as a total business document, including a copy of the PowerPoint presentation. All projects must be secured in a lightweight binder. Due: Accepted only during the class session during which you present your project. Print all components of the finished project, tables, queries, forms and reports. These should be assembled in logical order. Grading will also be based on correctness and accuracy of work, content, professionalism and other factors emphasized in the course. The project must be complete when turned in. **The instructor reserves the right to make any additions/deletions or changes to this syllabus as deemed necessary.

Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM) Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Business Continuity / Disaster Recovery Context

Business Continuity / Disaster Recovery Context Capability Business Continuity / Disaster Recovery Context What is Business Continuity? The Business Continuity Program Life Cycle Copyright: Virtual Corporation, 1994 2006 Modified U.S. DoD Graphic Normal

More information

Desktop Scenario Self Assessment Exercise Page 1

Desktop Scenario Self Assessment Exercise Page 1 Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information

Disaster Recovery Plan The Business Imperatives

Disaster Recovery Plan The Business Imperatives Disaster Recovery Plan The Business Imperatives Table of Contents Disaster Recovery Plan The Business Imperatives... 3 Introduction... 3 A Disaster Recovery Program The Need of the Hour... 3 Approach to

More information

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

University of Central Florida Class Specification Administrative and Professional. Information Security Officer Information Security Officer Job Code: 2534 Serve as the information security officer for the University. Develop and computer security system standards, policies, and procedures. Serve as technical team

More information

GEARS Cyber-Security Services

GEARS Cyber-Security Services Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments

More information

Unit Guide to Business Continuity/Resumption Planning

Unit Guide to Business Continuity/Resumption Planning Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions

More information

Virginia Commonwealth University School of Medicine Information Security Standard

Virginia Commonwealth University School of Medicine Information Security Standard Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Business Continuity Management Standard for IT Systems This standard is applicable to all VCU School of Medicine

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

Business Continuity Planning in IT

Business Continuity Planning in IT Introduction: Business Continuity Planning in IT The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions

More information

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4 State Agency Cybersecurity Survey v 3.4 The purpose of this survey is to identify your agencies current capabilities with respect to information systems/cyber security and any challenges and/or successes

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

Business Continuity and Disaster Recovery Planning from an Information Technology Perspective

Business Continuity and Disaster Recovery Planning from an Information Technology Perspective Business Continuity and Disaster Recovery Planning from an Information Technology Perspective Presenter: David Bird, Director of Sales, Business Technology Consultant phone: 215-672-7100 email: dbird@quatro.com

More information

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be

More information

Disaster Recovery: What s Your Plan?

Disaster Recovery: What s Your Plan? Disaster Recovery: What s Your Plan? Kevin Villanueva Troy Hawes Moss Adams IT Consulting Group June 26, 2012 MOSS ADAMS LLP 1 The material appearing in this presentation is for informational purposes

More information

Information Systems and Tech (IST)

Information Systems and Tech (IST) California State University, San Bernardino 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey

More information

Business Continuity Management

Business Continuity Management Business Continuity Management cliftonlarsonallen.com Introductions Brian Pye CliftonLarsonAllen Senior Manager Business Risk Services group 15 years of experience with Business Continuity Megan Moore

More information

How to measure your business resiliency

How to measure your business resiliency How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com

More information

Overview of how to test a. Business Continuity Plan

Overview of how to test a. Business Continuity Plan Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four Data Handling in University Business Impact Analysis ( BIA ) Agenda Overview Terminologies Performing

More information

2008-2009 2008-2009 TRENDS IN BUSINESS CONTINUITY AND CRISIS COMMUNICATIONS SURVEY

2008-2009 2008-2009 TRENDS IN BUSINESS CONTINUITY AND CRISIS COMMUNICATIONS SURVEY 2008-2009 The Second Annual Trends in Business Continuity and Crisis Communications Survey has been completed with over 700 participants from a wide range of industries and organizational sizes. The Disaster

More information

Data Security Incident Response Plan. [Insert Organization Name]

Data Security Incident Response Plan. [Insert Organization Name] Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security

More information

Business Continuity and Disaster Planning

Business Continuity and Disaster Planning WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and

More information

ILLINOIS INSTITUTE OF TECHNOLOGY School of Applied Technology. Dave Wallenberg, Mario Russo and Batchum Mataruke Edited by Ray Trygstad

ILLINOIS INSTITUTE OF TECHNOLOGY School of Applied Technology. Dave Wallenberg, Mario Russo and Batchum Mataruke Edited by Ray Trygstad ITM Whitepaper ILLINOIS INSTITUTE OF TECHNOLOGY School of Applied Technology...because knowledge is power. Selling the Boss: Convincing Senior Management of the Need for Contingency Planning Dave Wallenberg,

More information

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management

More information

PBSi Business Continuity Planning

PBSi Business Continuity Planning Business Continuity Planning Definition Business Continuity planning is a planning process designed to reduce the risk that disruptive failures or events could seriously harm your business. It is designed

More information

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A

More information

Information Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Technology Service Manager Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

Why Should Companies Take a Closer Look at Business Continuity Planning?

Why Should Companies Take a Closer Look at Business Continuity Planning? whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters

More information

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition

More information

Contingency Planning and Disaster Recovery for BOMA

Contingency Planning and Disaster Recovery for BOMA Contingency Planning and Disaster Recovery for BOMA Steve Elliot President & CEO Elliot Consulting Hazards & Vulnerabilities Continuity of Business Operations Normal Business Processes SALES MANUFACTURING

More information

Temple university. Auditing a business continuity management BCM. November, 2015

Temple university. Auditing a business continuity management BCM. November, 2015 Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program

More information

Regional Training Institute, Jammu Course Contents Information Technology Courses 2015-16

Regional Training Institute, Jammu Course Contents Information Technology Courses 2015-16 Regional Training Institute, Jammu Course Contents Information Technology Courses 2015-16 Index # Course Title Page No 1 Course on Business Continuity Planning 1 2 Course on IT Security 3 3 Course on IDEA

More information

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning Val-EdTM Valiant Technologies Education & Training Services 2-day Workshop on Business Continuity & Disaster Recovery Planning All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies.

More information

D2-02_01 Disaster Recovery in the modern EPU

D2-02_01 Disaster Recovery in the modern EPU CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October

More information

Enterprises are transforming, market place priorities are changing, Is your business ready?

Enterprises are transforming, market place priorities are changing, Is your business ready? Enterprises are transforming, market place priorities are changing, Is your business ready? Presented by: Mike Errity, Vice President IBM Resiliency Services merrity@us.ibm.com Twitter: @MikeErrity 1 14th

More information

TCOM 562 Network Security Fundamentals

TCOM 562 Network Security Fundamentals TCOM 562 Network Security Fundamentals George Mason University Fall 2009 Jerry Martin Fairfax Campus Tel: (703) 993-3810 Email: gmartin@gmu.edu Office Hours: by appointment only 1. Announcements The class

More information

Ohio Conference for Payroll Professionals Disaster Recovery

Ohio Conference for Payroll Professionals Disaster Recovery Ohio Conference for Payroll Professionals Disaster Recovery Speaker Bruce E. Phipps CPP 2011 APA Payroll Man of the Year Principal Product Manager US Legislative Analyst ORACLE Corporation bruce.phipps@oracle.com

More information

Company Management System. Business Continuity in SIA

Company Management System. Business Continuity in SIA Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT

More information

CIS 523/423 Disaster Recovery Business Continuity

CIS 523/423 Disaster Recovery Business Continuity CIS 523/423 Disaster Recovery Business Continuity Course Description A study of disaster recovery and business continuity as related to the information technology function in organizations. Topics will

More information

ISACA North Dallas Chapter

ISACA North Dallas Chapter ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis

More information

BSBCCO501B Develop business continuity strategy

BSBCCO501B Develop business continuity strategy BSBCCO501B Develop business continuity strategy Release 2 BSBCCO501B Develop business continuity strategy Modification History Release Release 2 Comments New release of this Unit with version 7.0 of BSB07

More information

ITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS

ITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS ITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis Application / Hardware - Business Impact Analysis Template The single most important thing we can do is help you understand the criticality of each application, supporting hardware/server/pc and the required

More information

v. 03/03/2015 Page ii

v. 03/03/2015 Page ii The Trident University International (Trident) catalog consists of two parts: Policy Handbook and Academic Programs, which reflect current academic policies, procedures, program and degree offerings, course

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

Proposal for Business Continuity Plan and Management Review 6 August 2008

Proposal for Business Continuity Plan and Management Review 6 August 2008 Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.

More information

DISASTER RECOVERY PLANNING GUIDE

DISASTER RECOVERY PLANNING GUIDE DISASTER RECOVERY PLANNING GUIDE AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING FOR JD EDWARDS SOFTWARE CUSTOMERS www.wts.com WTS Disaster Recovery Planning Guide Page 1 Introduction This guide will provide

More information

A BCP Tale: From Theory to Practice

A BCP Tale: From Theory to Practice A BCP Tale: From Theory to Practice Presenter: Gord Novoselnik Problem & Configuration Manager, Enterprise Solutions Division, MTS Allstream Gord.Novoselnik@mtsallstream.com 1 10 Commandments of BCM I.

More information

NIST SP 800-34, Revision 1 Contingency Planning Guide for Federal Information Systems

NIST SP 800-34, Revision 1 Contingency Planning Guide for Federal Information Systems NIST SP 800-34, Revision 1 Contingency Planning Guide for Federal Information Systems Marianne Swanson NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Table Of Contents Introduction to NIST SP 800-34

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Business Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com

Business Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?

More information

CRISC Glossary. Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data

CRISC Glossary. Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data CRISC Glossary Term Access control Access rights Application controls Asset Authentication The processes, rules and deployment mechanisms that control access to information systems, resources and physical

More information

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy

More information

CISM ITEM DEVELOPMENT GUIDE

CISM ITEM DEVELOPMENT GUIDE CISM ITEM DEVELOPMENT GUIDE TABLE OF CONTENTS CISM ITEM DEVELOPMENT GUIDE Content Page Purpose of the CISM Item Development Guide 2 CISM Exam Structure 2 Item Writing Campaigns 2 Why Participate as a CISM

More information

Stellenbosch University. Information Security Regulations

Stellenbosch University. Information Security Regulations Stellenbosch University Information Security Regulations 1. Preamble 1.1. Information Security is a component of the Risk structure and procedures of the University. 1.2. Stellenbosch University has an

More information

Business Continuity in Healthcare

Business Continuity in Healthcare Business Continuity in Healthcare Cynthia Simeone, CBCP, PMP Director Business Resilience Catholic Health Initiatives Scott Ream President Virtual Corporation 1 Session Speakers Cynthia Simeone, CBCP,

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

REGULATIONS FOR THE SECURITY OF INTERNET BANKING REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY

More information

BUSINESS CONTINUITY PLAN OVERVIEW

BUSINESS CONTINUITY PLAN OVERVIEW BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and

More information

Incident Handling. Applied Risk Management. September 2002

Incident Handling. Applied Risk Management. September 2002 Incident Handling Applied Risk Management September 2002 What is Incident Handling? Incident Handling is the management of Information Security Events What is an Information Security Event? An Information

More information

BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY PLANNING Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,

More information

November 2007 Recommendations for Business Continuity Management (BCM)

November 2007 Recommendations for Business Continuity Management (BCM) November 2007 Recommendations for Business Continuity Management (BCM) Recommendations for Business Continuity Management (BCM) Contents 1. Background and objectives...2 2. Link with the BCP Swiss Financial

More information

Interactive-Network Disaster Recovery

Interactive-Network Disaster Recovery Interactive-Network Disaster Recovery BACKGROUND IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., terrorism,

More information

Course Title: ITAP 3471: Web Server Management

Course Title: ITAP 3471: Web Server Management Course Title: ITAP 3471: Web Server Management Semester Credit Hours: 4 (3,1) I. Course Overview The primary objective of this course is to give students a comprehensive overview of the tools and techniques

More information

Assessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC

Assessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC Assessing Your Disaster Recovery Plans Gregory H. Soule, CPA, CISA, CISSP, CFE Andrews Hooper Pavlik PLC Andrews Hooper Pavlik PLC Agenda Business Continuity Concepts Impact Analysis Risk Assessment Risk

More information

CTR System Report - 2008 FISMA

CTR System Report - 2008 FISMA CTR System Report - 2008 FISMA February 27, 2009 TABLE of CONTENTS BACKGROUND AND OBJECTIVES... 5 BACKGROUND... 5 OBJECTIVES... 6 Classes and Families of Security Controls... 6 Control Classes... 7 Control

More information

Computer and Information Science

Computer and Information Science Computer and Information Science www.odessa.edu/dept/computer Faculty: Katrieva Jones- Munroe, chair The computer information systems curriculum provides students with practical, job- related computer

More information

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS Title: DRAFT USG Continuity of Operation Plan Policy Policy Number: 2009-Julian Date Topical Security Area: Document Type: Standard Pages: Words: Lines: 5 1,387 182 Issue Date: May-09 Effective Date: Immediately

More information

Best Practices in Disaster Recovery Planning and Testing

Best Practices in Disaster Recovery Planning and Testing Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely

More information

Security+ P a g e 1 of 5. 5-Day Instructor Led Course

Security+ P a g e 1 of 5. 5-Day Instructor Led Course P a g e 1 of 5 Security+ 5-Day Instructor Led Course Overview This course is the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic

More information

Report on CAP Cybersecurity November 5, 2015

Report on CAP Cybersecurity November 5, 2015 Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets

More information

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis

More information

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 5. 2. Security Standards - Organizational, Security Policies Standards & Procedures, - Administrative and Documentation Safeguards

More information

IT Networking and Security

IT Networking and Security elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer

More information

Services Providers. Ivan Soto

Services Providers. Ivan Soto SOP s for Managing Application Services Providers Ivan Soto Learning Objectives At the end of this session we will have covered: Types of Managed Services Outsourcing process Quality expectations for Managed

More information

Disaster Recovery Policy

Disaster Recovery Policy Disaster Recovery Policy INTRODUCTION This policy provides a framework for the ongoing process of planning, developing and implementing disaster recovery management for IT Services at UCD. A disaster is

More information

NCUA LETTER TO CREDIT UNIONS

NCUA LETTER TO CREDIT UNIONS NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster

More information

Security + Certification (ITSY 1076) Syllabus

Security + Certification (ITSY 1076) Syllabus Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and

More information

The Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)

The Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS) Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services

More information

Documentation. Disclaimer

Documentation. Disclaimer HOME UTORprotect DOCUMENTATION AMS/ROSI SERVICES CONTACT Documentation Disaster Recovery Planning Disaster Recovery Planning Disclaimer The following project outline is provided solely as a guide. It is

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

OVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii

OVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii The Office of the Auditor General has conducted a procedural review of the State Data Center (Data Center), a part of the Arizona Strategic Enterprise Technology (ASET) Division within the Arizona Department

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

Developing a Business Continuity Plan... More Than Disaster

Developing a Business Continuity Plan... More Than Disaster Developing a Business Continuity Plan..... More Than Disaster Recovery! April 19, 2010 UHY / MMA Business Survival Series Webinar Focus.... Understanding the components of Business Continuity Planning

More information

DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late)

DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late) DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late) Introduction... 4 Disaster Recovery vs. Business Continuity... 4 Why You Need to Read this ebook... 5 Chapter 1: The Risks (aka, The

More information

Disaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International

Disaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International Disaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International BCP Definitions Business Continuity Plan: An ongoing process supported by senior management

More information

Enterprise Security Tactical Plan

Enterprise Security Tactical Plan Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

IT Disaster Recovery and Business Resumption Planning Standards

IT Disaster Recovery and Business Resumption Planning Standards Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:

More information

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1 Version 3.1 November 22, 2004 TABLE OF CONTENTS PART 1: DISASTER RECOVERY EXPECTATIONS... 3 OVERVIEW...3 EXPECTATIONS PRIOR TO AN INCIDENT OCCURRENCE...3 EXPECTATIONS PRIOR TO A DISASTER OCCURRENCE...4

More information

Yale University Business Continuity Planning (BCP) Quick Start Guide

Yale University Business Continuity Planning (BCP) Quick Start Guide Yale University Business Continuity Planning (BCP) Quick Start Guide Introduction Yale University s mission is to create, preserve and disseminate knowledge. Each college, division, and major administrative

More information

Frequently Asked Questions. Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best Practices

Frequently Asked Questions. Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best Practices FREQUENTLY ASKED QUESTIONS: PRIORITIZING TRUST: CERTIFICATE AUTHORITY SECURITY BEST PRACTICES Frequently Asked Questions Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best

More information