CISM Certified Information Security Manager

Size: px
Start display at page:

Download "CISM Certified Information Security Manager"

Transcription

1 CISM Certified Information Security Manager Firebrand Custom Designed Courseware

2 Chapter 4 Information Security Incident Management

3 Exam Relevance Ensure that the CISM candidate Establish an effective program to respond to and subsequently manage incidents that threaten an organization s information systems and infrastructure The content area in this chapter will represent approximately 18% of the CISM examination (approximately 36 questions). ISACA CISM Review Manual Page 220

4 Chapter 4 Learning Objectives Develop and implement processes for: Detecting Identifying Analyzing Responding To information security incidents ISACA CISM Review Manual Page 220

5 Learning Objectives cont. Incident Management process Establish a severity hierarchy for identification and response to security incidents Maintain an incident response plan Establish processes toidentify and investigate incidents Establish escalation and communications plans Develop a skilled team ISACA CISM Review Manual Page 220

6 Learning Objectives cont. Test and refine information security incident response plans Manage incident response Conduct post-incident reviews of security incidents to determine root cause, develop corrective actions and reassess risk Integrate incident response plans with business continuity plans (BCP) and disaster recovery plans (DRP) ISACA CISM Review Manual Page 220

7 Definition Incident Any event that has the potential to adversely impact the ability of the business to meet its objectives Incident management The capability to effectively manage unexpected disruptive events Minimize impacts Maintain and restore normal business operations within defined time limits ISACA CISM Review Manual Page 233

8 Definition Incident response The operational capability of incident management that identifies, prepares for and responds to incidents Provide forensic and investigative capabilities Restore normal operations as defined in service level agreements (SLAs) Manage the impact of unexpected disruptive events to acceptable levels ISACA CISM Review Manual Page 234

9 Definition Incident Management will ensure that incidents are detected, recorded and managed to limit impacts. ISACA CISM Review Manual Page 234

10 Goals of Incident Management and Response The goals of incident management and response include: The ability to deal effectively with unanticipated events Detection and monitoring capabilities to alert staff to a potential incident Effective notification and reporting to management A response plan that is aligned with business priorities ISACA CISM Review Manual Page 234

11 Goals of Incident Response cont. The ability to learn from past incidents and prevent future problems Regular testing and validation of the effectiveness of the plan ISACA CISM Review Manual Page 234

12 What is an Incident - Intentional Malicious code Unauthorized access to IT systems, facilities, information Unauthorized use of resources Unauthorized changes to systems, networks Denial of service (DOS) Surveillance, espionage Social Engineering Fraud ISACA CISM Review Manual Page 236

13 What is an Incident - Unintentional Equipment failure Utility failure (power) Software bugs Deletion of files Weather-related issues ISACA CISM Review Manual Page 236

14 Incident Response Team Members

15 Personnel An Incident Response Team usually consists of The Incident Manager (often an Information Security Manager) The Team Leader Steering committee/advisory board Provide oversight and authority ISACA CISM Review Manual Page 239

16 Personnel cont. An Incident Response Team usually consists of Permanent/dedicated team members Specialized skills forensics, audit, communications, legal Representation from key departments Operations, IT, HR, Finance, Security, Executive, etc. Virtual/temporary team members External experts ISACA CISM Review Manual Page 237

17 Personnel cont. The composition of the incident response team will depend on a number of factors such as Mission and goals of the incident response program Nature and range of services provided Available staff expertise Scope and technology base Anticipated incident load Severity or complexity of incident reports Funding Regulations and legal considerations ISACA CISM Review Manual Page 237

18 Team Member Skills The set of basic skills that incident response team members need can be separated into two broad groups: Personal skills Ability to handle stress Leadership skills Expertise based on the incident handler s daily activity. Technical skills Specialized skills in IT, communications, etc ISACA CISM Review Manual Page 238

19 Skills cont. Personal skills Communication Presentation skills Ability to follow policies and procedures Team skills Integrity Confidence Problem solving Time management ISACA CISM Review Manual Page 238

20 Skills cont. Technical skills Basic understanding of the underlying technologies used by the organization Understanding of the techniques, decision points and supporting tools required in incident management ISACA CISM Review Manual Page 239

21 Security Concepts and Technologies The following security concepts and technologies should be considered and known to IRTs Security principles Security vulnerabilities/ weaknesses The Internet Network protocols Network applications and services Network security issues Operating systems Malicious code Programming skills ISACA CISM Review Manual Page 237

22 Organizing, Training and Equipping the Response Staff Every incident response team member should get the following types of training: Induction to Incident response - basic information about the team and its operations Description of the team s roles, responsibilities and procedures On the job training Formal training ISACA CISM Review Manual Page 238

23 Review and Audit of Incident Response ISACA CISM Review Manual Page 240

24 Value Delivery To deliver value, incident management should: Integrate and align with business processes and structures Improve the capability of businesses to manage incidents effectively Integrate incident management with risk and business continuity Become part of an organization s overall strategy and effort to protect and secure critical business function and assets ISACA CISM Review Manual Page 241

25 Performance Measurement Performance measurements for incident management and response will focus on achieving the defined objectives and optimizing effectiveness Incident response time Application of lessons learned KPIs and KGIs should be defined and agreed upon by stakeholders and ratified by senior management ISACA CISM Review Manual Page 241

26 Reviewing the Current State of Incident Response Capability Survey of senior management, business managers and IT representatives Self-assessment External assessment or audit ISACA CISM Review Manual Page 243

27 Audits Audits (internal and external) must be performed to verify Incidents have been resolved and closed off Lessons learned applied to the organization Adherence by the incident response team to the policies and procedures defined by the organization ISACA CISM Review Manual Page 240

28 History of Incidents Past incidents provide valuable information on risk trends, threat types and business impact due to an incident Can be used to evaluate the existing plans Used as input to know the types of incidents that must be considered and planned for ISACA CISM Review Manual Page 244

29 Gap Analysis Basis for an Incident Response Plan Gap analysis compares current incident response capabilities with the desired level. The following may be identified: Processes that need to be improved to be more efficient and effective Resources needed to achieve the objectives for the incident response capability ISACA CISM Review Manual Page 245

30 Preparing the Incident Response Plan

31 Incident Management and Response The incident management and response structure should include: Incident Response Planning Business Continuity Planning Disaster Recovery Planning Recovery of IT systems

32 Incident Management and Response cont. Plans must be Clearly documented Readily accessible Based on the long range IT plan Consistent with the overall business continuity and security strategies

33 Incident Management and Response cont. Incident Response planning includes Incident detection capabilities (ability to recognize an event (false positive vs. real event) Clearly defined severity criteria (catastrophic, major, minor) Assessment and triage capabilities (determine extent of incident) Declaration criteria (activation of response teams)

34 Importance of Incident Management and Response Incident response is required since even minor incidents may: Affect business viability Develop into major incidents Require public communications plans Necessitate advising regulators, clients or other affected stakeholders Even the best controls cannot prevent all incidents ISACA CISM Review Manual Page 234

35 Incident Response Functions Detection and reporting Alerting, escalation Triage Containment, recovery Analysis Root cause, lessons learned Incident response team skills Necessary training and experience ISACA CISM Review Manual Page 234

36 Incident Management Technologies An effective incident management system should Monitor and consolidate inputs from multiple systems Identify incidents or potential incidents Prioritize incidents based on business impact Provide status tracking and notifications Integrate with major IT management systems Follow good practices guidelines ISACA CISM Review Manual Page 235

37 Responsibilities of the CISM Developing the information security incident management and response plans Handling and coordinating information security incident response activities Validating, verifying and reporting on the effectiveness of protective controls and countermeasure solutions Planning, budgeting and program development for all matters related to information security incident management and response ISACA CISM Review Manual Page 236

38 Incident Response Responsibilities The responsibilities of the incident response include: Managing the incident so that the impact is contained and minimal damage occurs Notifying the appropriate people and escalating the incident to management when required Recovering quickly and efficiently from security incidents Balancing operational and security needs ISACA CISM Review Manual Page 236

39 Incident Response Responsibilities cont. The responsibilities of incident response include: Responding systematically and decreasing the likelihood of cascading problems or incident recurrence Dealing with legal and law enforcement-related issues Ensuring that the incident response is documented Following up on lessons learned to enhance controls ISACA CISM Review Manual Page 236

40 Requirements for Incident Response Managers Have the leadership skills necessary to manage crisis teams Understand business priorities and culture Have the experience, knowledge, and the authority to invoke the disaster recovery processes necessary to maintain or recover operational status ISACA CISM Review Manual Page 236

41 Senior Management Involvement Senior management provides strategic direction during the crisis Reporting of the incident is escalated to senior management Decisions and direction are passed down to the incident management teams ISACA CISM Review Manual Page 236

42 The Desired State Incident management and response requires Well-developed monitoring capabilities for key controls Personnel trained in assessing the situation, capable of providing triage, and managing effective responses Managers that have made provisions to capture all relevant information and apply previously learned lessons ISACA CISM Review Manual Page 240

43 Strategic Alignment of Incident Response Incident management must be aligned with the organization s strategic plan Scope what incidents are the responsibility of the Incident response team Services services should be clearly defined Organizational structure Reporting and oversight Resources sufficient staffing and skills necessary for effective response Funding sufficient funding as required to manage incident response Management buy-in Senior management buy-in is essential ISACA CISM Review Manual Page 240

44 Creating a Detailed Incident Response Plan

45 Detailed Plan of Action for Incident Management The incident management action plan outlined in the CMU/SEI technical report titled Defining Incident Management Processes: Prepare/improve/sustain (prepare) Protect infrastructure (protect) Detect events (detect) Triage events (triage) Respond ISACA CISM Review Manual Page 242

46 Detailed Plan of Action for Incident Management - Prepare Prepare/improve/sustain (prepare) phase: Coordinate planning and design. Identify incident management requirements. Establish vision and mission. Obtain funding and sponsorship. Develop implementation plan. Coordinate implementation. ISACA CISM Review Manual Page 242

47 Detailed Plan of Action for Incident Management Prepare cont. Prepare/improve/sustain (prepare) phase Develop policies, processes and plans. Establish incident handling criteria. Implement defined resources. Evaluate incident management capability. Conduct postmortem review. Determine incident management process changes. Implement incident management process changes. ISACA CISM Review Manual Page 242

48 Detailed Plan of Action for Incident Management - Protect Protect infrastructure (protect) phase Implement changes to computing infrastructure to mitigate ongoing or potential incident. Implement infrastructure protection improvements from postmortem reviews or other process improvement mechanisms. Evaluate computing infrastructure by performing proactive security assessments and evaluations. Provide input to detect processes on incidents/potential incidents. ISACA CISM Review Manual Page 242

49 Detailed Plan of Action for Incident Management - Detect Detect events (detect) phase Proactive detection The detection process is conducted prior to incident alert. This will enable the response team to detect attack precursors, false negatives and emerging threats. Reactive detection The detection process is conducted when there are reports of possible incidents from system users or other organizations ISACA CISM Review Manual Page 242

50 Detailed Plan of Action for Incident Management - Triage Triage Requires initial gathering of incident data, incident severity determination, notification and activation of incident response team Can be done on two levels Tactical - Based on a set of criteria Strategic - Based on the impact of business ISACA CISM Review Manual Page 242

51 Detailed Plan of Action for Incident Management - Response Response Technical response Collecting data for further analysis Analyzing incident supporting information such as log files Technical mitigation strategies and recovery options Development and deployment of workarounds Management response Legal response ISACA CISM Review Manual Page 242

52 Elements of an Incident Response Plan Another approach to the development of an incident response plan Preparation Identification Containment Eradication Recovery Lessons learned ISACA CISM Review Manual Page 244

53 Crisis Communications One of the greatest challenges in a crisis is effective communications Internal Staff, management, business units External Business partners Shareholders General public Government and regulatory bodies Law Enforcement ISACA CISM Review Manual Page 248

54 Challenges in Developing an Incident Management Plan Unanticipated challenges may be the result of Lack of management buy-in and organizational consensus Mismatch to organizational goals and priorities Incident management team member turnover Poor communications Complex and wide plan ISACA CISM Review Manual Page 248

55 Responding to an Incident

56 When an Incident Occurs If an incident occurs: The Incident response team should follow the procedures set out in the Incident response plan Properly document (record and preserve) all information related to the incident Follow data/evidence preservation procedures Take precautions to avoid changing, altering or contaminating any potential or actual evidence ISACA CISM Review Manual Page 258

57 During an Incident The initial response to an incident should include: Retrieving information needed to confirm an incident False positive or real event Notify incident manager and activate incident response teams ISACA CISM Review Manual Page 258

58 During an Incident cont. Identifying the scope and size of the affected environment (e.g., networks, systems, applications) Contain the incident and minimize the potential for further damage Determining the degree of loss, modification or damage (if any) Identifying the possible path or means of attack Restore critical services ISACA CISM Review Manual Page 258

59 Containment Strategies During an incident it is critically important to contain the crisis and attempt to minimize the amount of damage that occurs. Network isolation and segmentation Fire doors and fire suppression Fail secure Multiple suppliers Multiple facilities Cross trained staff ISACA CISM Review Manual Page 258

60 The Battle Box Preloaded kits containing the tools and support materials needed by the response team in a crisis Flashlights Communications (radio, satellite phones) Battery Forms and documentation, pens Tools Protective clothing First aid kits Evidence collection bags

61 Evidence Identification and Preservation The CISM must know Requirements for collecting and preserving evidence Rules for evidence, admissibility of evidence, and quality and completeness of evidence The consequences of any contamination of evidence following a security incident Consider enlisting the help of third-party specialists if detailed forensic skills are needed ISACA CISM Review Manual Page 260

62 Post Event Reviews Post Event Reviews allow lessons learned to be applied to future incidents Use information gathered to improve response procedures Do reviews with all affected staff Follow up on all lessons ISACA CISM Review Manual Page 259

63 Business Continuity and Disaster Recovery Planning

64 Disaster Recovery Planning (DRP) and Business Recovery Processes Disaster recovery has traditionally been defined as the recovery of IT systems from disastrous events Business recovery (resumption) is defined as the recovery of the critical business processes necessary to continue or resume operations. ISACA CISM Review Manual Page 249

65 Development of BCP and DRP Each of these planning processes typically includes several main phases, including: Risk and business impact assessment Response and recovery strategy definition Documenting response and recovery plans Training all users and response teams Updating response and recovery plans Testing response and recovery plans Auditing response and recovery plans ISACA CISM Review Manual Page 249

66 Plan Development Plan development factors include: Pre-incident readiness Evacuation procedures How to declare a disaster Identifying the business processes and IT resources that should be recovered Identifying the responsibilities in the plan ISACA CISM Review Manual Page 249

67 Plan Development cont. Plan development factors include: Identifying contact information The step-by-step explanation of the recovery options Identifying the various resources required for recovery and continued operations Ensuring that other logistics such as personnel relocation and temporary housing are considered ISACA CISM Review Manual Page 250

68 Developing Response and Recovery Plans Factors to consider when developing response and recovery plans include: Available resources Expected services levels Types, kinds, and severity of threats faced by the organization ISACA CISM Review Manual Page 250

69 Recovery Strategies Recovery strategies must be sustainable for the entire period of recovery until business processes are restored to normal Strategies may include: Doing nothing until recovery facilities are ready Using manual procedures / workarounds Focusing on the most important customers, suppliers, products, and systems with resources that are still available ISACA CISM Review Manual Page 251

70 Recovery Strategies The most appropriate recovery strategy is based on: The ability to recover within acceptable recovery times at a reasonable cost Which recovery strategies are available Several options may be considered including outsourcing of certain functions ISACA CISM Review Manual Page 252

71 Basis for Recovery Strategy Selections Response and recovery strategy plans should be based on the following considerations: Interruption window RTOs RPOs Services delivery objectives (SDOs) Maximum tolerable outages (MTOs) / Maximum Tolerable Period of Disruption (MTPD) Location Nature of probable disruptions ISACA CISM Review Manual Page 252

72 Disaster Recovery Sites Types of offsite backup hardware facilities available include: Hot sites Warm sites Cold sites Mobile sites Duplicate information processing facilities Mirror sites ISACA CISM Review Manual Page 250

73 Disaster Recovery Sites cont. Criteria for selecting alternate sites for processing in the event of a disaster include: The recovery site should not be subject to the same disaster(s) as the primary site Availability of similar hardware /software Ability to move people and resources to the recovery location Ability to test the recovery strategy ISACA CISM Review Manual Page 250

74 Recovery of Communications Recovery of IT facilities involves telecommunications and network recovery Alternative / Diverse routing Long-haul network diversity Voice recovery Availability of appropriate circuits and adequate bandwidth Availability of out-of-band communications in case of failure of primary communication methods ISACA CISM Review Manual Page 254

75 Notification Requirements Plan should include a call tree with a prioritized list of contacts Representatives of equipment and software vendors Contacts within companies that have been designated to provide supplies and equipment or services Contacts at recovery facilities, including hot-site representatives or predefined network communications rerouting services ISACA CISM Review Manual Page 253

76 Notification Requirements cont. Plan should include a call tree with a prioritized list of Contacts at off-site media storage facilities and the contacts within the company who are authorized to retrieve media from the offsite facility Insurance company agents Contacts at human resources (HR) and/or contract personnel services Law enforcement contacts ISACA CISM Review Manual Page 253

77 Response Teams Number of teams depends upon size of organization and magnitude of operations - examples include: The emergency action team Damage assessment team Emergency management team Relocation team Security team ISACA CISM Review Manual Page 247

78 Insurance Types of insurance coverage IT equipment and facilities Media (software) reconstruction Extra expense Business interruption Valuable papers and records Errors and omissions Fidelity coverage Media transportation ISACA CISM Review Manual Page 255

79 Testing Response and Recovery Plans Testing must include: Developing test objectives Executing the test Evaluating the test Developing recommendations to improve the effectiveness of testing processes as well as response and recovery plans Implementing a follow-up process to ensure that the recommendations are implemented ISACA CISM Review Manual Page 256

80 Types of Tests Tests can include: Desk check / Table-top walk-through of the plans Table-top walk-through with mock disaster scenarios (simulation tests) Testing the infrastructure and communication components of the recovery plan Testing the infrastructure and recovery of the critical applications (parallel tests) Full restoration and recovery tests with some personnel unfamiliar with the systems ISACA CISM Review Manual Page 256

81 Test Results The test should strive to: Verify the completeness and effectiveness of the response and recovery plans Evaluate the performance of the personnel involved in the exercise Evaluate the coordination among the team members and external vendors and suppliers Indicate areas where improvements to the plan are necessary ISACA CISM Review Manual Page 256

82 Test Results cont. The test should strive to: Measure the ability and capacity of the backup site to perform required processing Ensure vital records / data can be retrieved Evaluate the state and quantity of equipment and supplies that have been relocated to the recovery site Measure the overall performance of operational and information systems related to maintaining the business entity ISACA CISM Review Manual Page 257

83 Plan Maintenance Activities The BCP and DR plans must be maintained through: Developing a schedule for periodic review and maintenance of the plan Updating plan with personnel changes, phone numbers and responsibilities or status within the company Updating the plan whenever significant changes have occurred Organizational change Results of tests or incidents ISACA CISM Review Manual Page 255

84 BCP and DRP Training Training must be provided for all staff dependent on their responsibilities: Develop a schedule for training personnel in emergency and recovery procedures Users Team members Local business unit liaisons

85 End of Chapter This concludes the 2016 CISM Course

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain 1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business

More information

Why Should Companies Take a Closer Look at Business Continuity Planning?

Why Should Companies Take a Closer Look at Business Continuity Planning? whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities

More information

State of South Carolina Policy Guidance and Training

State of South Carolina Policy Guidance and Training State of South Carolina Policy Guidance and Training Policy Workshop All Agencies Business Continuity Management Policy June 2014 Agenda Questions & Follow-Up Policy Workshop Overview & Timeline Policy

More information

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322 Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery

More information

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information

CISM ITEM DEVELOPMENT GUIDE

CISM ITEM DEVELOPMENT GUIDE CISM ITEM DEVELOPMENT GUIDE Updated January 2015 TABLE OF CONTENTS Content Page Purpose of the CISM Item Development Guide 3 CISM Exam Structure 3 Writing Quality Items 3 Multiple-Choice Items 4 Steps

More information

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic

More information

Business Continuity and Disaster Recovery Planning

Business Continuity and Disaster Recovery Planning Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis

More information

Unit Guide to Business Continuity/Resumption Planning

Unit Guide to Business Continuity/Resumption Planning Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions

More information

Creating a Business Continuity Plan. What We ll Cover... What is a BCP? Micky Hogue, CRM

Creating a Business Continuity Plan. What We ll Cover... What is a BCP? Micky Hogue, CRM Creating a Business Continuity Plan Micky Hogue, CRM Sandia National Laboratories Albuquerque, NM 505-844-6640 Mlhogue@sandia.gov What We ll Cover... What is a Business Continuity Plan Why create a BCP?

More information

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 MARCH 2008 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT

More information

IT Disaster Recovery Plan Template

IT Disaster Recovery Plan Template HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned

More information

Business Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com

Business Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?

More information

IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement

More information

Assessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC

Assessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC Assessing Your Disaster Recovery Plans Gregory H. Soule, CPA, CISA, CISSP, CFE Andrews Hooper Pavlik PLC Andrews Hooper Pavlik PLC Agenda Business Continuity Concepts Impact Analysis Risk Assessment Risk

More information

Q uick Guide to Disaster Recovery Planning An ITtoolkit.com White Paper

Q uick Guide to Disaster Recovery Planning An ITtoolkit.com White Paper This quick reference guide provides an introductory overview of the key principles and issues involved in IT related disaster recovery planning, including needs evaluation, goals, objectives and related

More information

Disaster Recovery Plan Documentation for Agencies Instructions

Disaster Recovery Plan Documentation for Agencies Instructions California Office of Information Security Disaster Recovery Plan Documentation for Agencies Instructions () November 2009 SCOPE AND PURPOSE The requirements included in this document are applicable to

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN How to Develop a BUSINESS CONTINUITY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A BUSINESS CONTINUITY PLAN? CHAPTER PREPARING TO WRITE YOUR BUSINESS CONTINUITY PLAN CHAPTER

More information

BCP and DR. P K Patel AGM, MoF

BCP and DR. P K Patel AGM, MoF BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management

More information

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business

More information

William Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University

William Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University William Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University Competitive Leadership- Twelve Principles For Success Brian Billick Chapter 3 Be Be Prepared The time

More information

Ohio Supercomputer Center

Ohio Supercomputer Center Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original

More information

Disaster Preparedness & Response

Disaster Preparedness & Response 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B C E INTRODUCTION AND PURPOSE REVIEW ELEMENTS ABBREVIATIONS NCUA REFERENCES EXTERNAL REFERENCES Planning - Ensuring

More information

Business Continuity Planning Preparing Your Organization

Business Continuity Planning Preparing Your Organization Business Continuity Planning Preparing Your Organization Nicholas De Laurentis, CRM, IGP nick.delaurentis.gmkj@statefarm.com 1 Objectives Understand the importance of Business Continuity Planning Know

More information

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS Title: DRAFT USG Continuity of Operation Plan Policy Policy Number: 2009-Julian Date Topical Security Area: Document Type: Standard Pages: Words: Lines: 5 1,387 182 Issue Date: May-09 Effective Date: Immediately

More information

2014 NABRICO Conference

2014 NABRICO Conference Business Continuity Planning 2014 NABRICO Conference September 19, 2014 6 CityPlace Drive, Suite 900 St. Louis, Missouri 63141 314.983.1200 1520 S. Fifth Street, Suite 309 St. Charles, Missouri 63303 636.255.3000

More information

Business Continuity Planning for Risk Reduction

Business Continuity Planning for Risk Reduction Business Continuity Planning for Risk Reduction Ion PLUMB ionplumb@yahoo.com Andreea ZAMFIR zamfir_andreea_ileana@yahoo.com Delia TUDOR tudordelia@yahoo.com Faculty of Management Academy of Economic Studies

More information

Technology Recovery Plan Instructions

Technology Recovery Plan Instructions State of California California Information Security Office Technology Recovery Plan Instructions SIMM 5325-A (Formerly SIMM 65A) September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

BUSINESS CONTINUITY PLANNING GUIDELINES

BUSINESS CONTINUITY PLANNING GUIDELINES BUSINESS CONTINUITY PLANNING GUIDELINES Washington University in St. Louis The purpose of this guide is to serve as a tool to all departments, divisions, and labs across the University in building a Business

More information

BUSINESS CONTINUITY PLAN OVERVIEW

BUSINESS CONTINUITY PLAN OVERVIEW BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and

More information

Overview of how to test a. Business Continuity Plan

Overview of how to test a. Business Continuity Plan Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test

More information

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard

CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard PUBLIC Version: 1.0 CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief

More information

BUSINESS CONTINUITY POLICY

BUSINESS CONTINUITY POLICY BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility

More information

MHA Consulting. Business Continuity Management 101

MHA Consulting. Business Continuity Management 101 0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends

More information

Business Continuity Position Description

Business Continuity Position Description Position Description February 9, 2015 Position Description February 9, 2015 Page i Table of Contents General Characteristics... 2 Career Path... 3 Explanation of Proficiency Level Definitions... 8 Summary

More information

Domain 3 Business Continuity and Disaster Recovery Planning

Domain 3 Business Continuity and Disaster Recovery Planning Domain 3 Business Continuity and Disaster Recovery Planning Steps (ISC) 2 steps [Har10] Project initiation Business Impact Analysis (BIA) Recovery strategy Plan design and development Implementation Testing

More information

Temple university. Auditing a business continuity management BCM. November, 2015

Temple university. Auditing a business continuity management BCM. November, 2015 Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program

More information

Company Management System. Business Continuity in SIA

Company Management System. Business Continuity in SIA Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT

More information

PPSADOPTED: OCT. 2012 BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

PPSADOPTED: OCT. 2012 BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan OCT. 2012 PPSADOPTED: What is a professional practice statement? Professional Practice developed by the Association Forum of Chicagoland

More information

Offsite Disaster Recovery Plan

Offsite Disaster Recovery Plan 1 Offsite Disaster Recovery Plan Offsite Disaster Recovery Plan Presented By: Natan Verkhovsky President Disty Portal Inc. 2 Offsite Disaster Recovery Plan Introduction This document is a comprehensive

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

The Business Continuity Maturity Continuum

The Business Continuity Maturity Continuum The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity

More information

IT Disaster Recovery and Business Resumption Planning Standards

IT Disaster Recovery and Business Resumption Planning Standards Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:

More information

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and

More information

CISM ITEM DEVELOPMENT GUIDE

CISM ITEM DEVELOPMENT GUIDE CISM ITEM DEVELOPMENT GUIDE TABLE OF CONTENTS CISM ITEM DEVELOPMENT GUIDE Content Page Purpose of the CISM Item Development Guide 2 CISM Exam Structure 2 Item Writing Campaigns 2 Why Participate as a CISM

More information

Appendix 3 Disaster Recovery Plan

Appendix 3 Disaster Recovery Plan Appendix 3 Disaster Recovery Plan December 13, 2006 Revision XXQwest Government Services, Inc. 4250 North Fairfax DriveArlington, VA 22203(Delete this page)revision history Revision Number Revision Date

More information

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN Plan Ref No: [INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN PLAN DETAILS Date Written Plan Owner Plan Writer Version Number Review Schedule 6 monthly Annually Date of Plan Review Date of Plan Exercise

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Disaster Recovery Plan

Disaster Recovery Plan Disaster Recovery Plan Date: Revision: 8.0 EXTERNAL BCP PLAN PAGE 1 OF 12 Federal regulation states, and internal corporate policies require, that Penson Financial Services, Inc. (Penson) develop Business

More information

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745 ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan

More information

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition

More information

Business Continuity and Disaster Planning

Business Continuity and Disaster Planning WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and

More information

Table of Contents... 1

Table of Contents... 1 ... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

MARQUIS DISASTER RECOVERY PLAN (DRP)

MARQUIS DISASTER RECOVERY PLAN (DRP) MARQUIS DISASTER RECOVERY PLAN (DRP) Disaster Recovery is an ongoing process to plan, develop, test and implement changes, processes and procedures supporting the recovery of the critical functions in

More information

Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM) Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security

More information

CRR Supplemental Resource Guide. Volume 5. Incident Management. Version 1.1

CRR Supplemental Resource Guide. Volume 5. Incident Management. Version 1.1 CRR Supplemental Resource Guide Volume 5 Incident Management Version 1.1 Copyright 2016 Carnegie Mellon University This material is based upon work funded and supported by Department of Homeland Security

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

Disaster Recovery Plan. (Updated Aug 30, 2015)

Disaster Recovery Plan. (Updated Aug 30, 2015) Disaster Recovery Plan (Updated Aug 30, 2015) St. Thomas School Disaster Plan TABLE OF CONTENTS Introduction... 3 General Definition... 3 Goal... 3 Advance Preparation and Emergency Response Phase Leadership...

More information

How to Design and Implement a Successful Disaster Recovery Plan

How to Design and Implement a Successful Disaster Recovery Plan How to Design and Implement a Successful Disaster Recovery Plan Feb. 21 ASA Office-Administrative Section is Sponsored by Today s ASAPro Webinar is Brought to You by the How to Ask a Question Questions

More information

Cyber Incident Response

Cyber Incident Response State Capitol P.O. Box 2062 Albany, NY 12220-0062 www.its.ny.gov New York State Information Technology Standard IT Standard: Cyber Incident Response No: NYS-S13-005 Updated: 03/20/2015 Issued By: NYS ITS

More information

Emergency Management for Dialysis Facilities

Emergency Management for Dialysis Facilities Emergency Management for Dialysis Facilities Aaron Battle - Patient Services Director ESRD Network of New York (NW2) Laurene Jones - Community Outreach Coordinator ESRD Network of New England (NW1) July

More information

Ohio Conference for Payroll Professionals Disaster Recovery

Ohio Conference for Payroll Professionals Disaster Recovery Ohio Conference for Payroll Professionals Disaster Recovery Speaker Bruce E. Phipps CPP 2011 APA Payroll Man of the Year Principal Product Manager US Legislative Analyst ORACLE Corporation bruce.phipps@oracle.com

More information

Proposal for Business Continuity Plan and Management Review 6 August 2008

Proposal for Business Continuity Plan and Management Review 6 August 2008 Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.

More information

BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS

BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3

More information

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific documents requested,

More information

BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY PLANNING Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 ISC 2 Key Areas of Knowledge Understand business continuity requirements 1. Develop and document project scope and plan

More information

Disaster Recovery Plan

Disaster Recovery Plan Disaster Recovery Plan Date: February 2, 2009 Revision: 9.0 EXTERNAL BUSINESS CONTINUITY PLAN PAGE 1 of 13 Federal regulation states, and internal corporate policies require, that Penson Financial Services,

More information

The Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)

The Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS) Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services

More information

MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION

MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION MANAGEMENT AUDIT REPORT OF DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION REPORT NO. 13-101 City of Albuquerque Office of Internal Audit

More information

85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff

85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff 85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff Because a business continuity plan affects all functional units within the organization, each functional unit must participate

More information

D2-02_01 Disaster Recovery in the modern EPU

D2-02_01 Disaster Recovery in the modern EPU CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October

More information

Disaster Recovery and Business Continuity Plan

Disaster Recovery and Business Continuity Plan Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix

More information

ASX SETTLEMENT OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble

More information

How to write a DISASTER RECOVERY PLAN. To print to A4, print at 75%.

How to write a DISASTER RECOVERY PLAN. To print to A4, print at 75%. How to write a DISASTER RECOVERY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A DRP AND HOW CAN IT HELP MY COMPANY? CHAPTER PREPARING TO WRITE YOUR DISASTER RECOVERY PLAN

More information

Intel Business Continuity Practices

Intel Business Continuity Practices Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business

More information

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4 State Agency Cybersecurity Survey v 3.4 The purpose of this survey is to identify your agencies current capabilities with respect to information systems/cyber security and any challenges and/or successes

More information

DUUS Information Technology (IT) Incident Management Standard

DUUS Information Technology (IT) Incident Management Standard DUUS Information Technology (IT) Incident Management Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-E 1.0 Purpose and Objectives Computer systems

More information

Desktop Scenario Self Assessment Exercise Page 1

Desktop Scenario Self Assessment Exercise Page 1 Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking

More information

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES...

More information

New Clerk Academy. August 13, 2015

New Clerk Academy. August 13, 2015 New Clerk Academy August 13, 2015 Disaster Recovery OVERVIEW Presentation Agenda Introduction and Definitions DR Motivators and Drivers Recovery Challenges Scope of Disasters Components of Recovery Plans

More information

CISSP Common Body of Knowledge: Business Continuity & Disaster Recovery Planning Domain Version: 5.9.2

CISSP Common Body of Knowledge: Business Continuity & Disaster Recovery Planning Domain Version: 5.9.2 CISSP Common Body of Knowledge: Business Continuity & Disaster Recovery Planning Domain Version: 5.9.2 CISSP Common Body of Knowledge Review by Alfred Ouyang is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike

More information

Continuity of Operations Planning. A step by step guide for business

Continuity of Operations Planning. A step by step guide for business What is a COOP? Continuity of Operations Planning A step by step guide for business A Continuity Of Operations Plan (COOP) is a MANAGEMENT APPROVED set of agreed-to preparations and sufficient procedures

More information

Business Continuity and Disaster Recovery Policy

Business Continuity and Disaster Recovery Policy Maine State Government Dept. of Administrative & Financial Services Office of Information Technology (OIT) Business Continuity and Disaster Recovery Policy I. Statement The Office of Information Technology

More information

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Business Continuity Glossary

Business Continuity Glossary Developed In Conjuction with Business Continuity Glossary ACTIVATION: The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration;

More information

Emergency Operations California State University Los Angeles

Emergency Operations California State University Los Angeles Business Continuity Plan Emergency Operations California State University Los Angeles 1. Objective & Scope 2. Definition of Disaster 3. Risk and Business Impact Analysis Summary 4. Business Continuity

More information

Disaster Recovery Planning

Disaster Recovery Planning Disaster Recovery Planning NOW or NEVER Disaster Recovery Team Aura Advanced Technologies Aura Advanced Technologies Inc 1301-1121 Sixth Avenue SW Calgary, Alberta T2P 5J4 Phone: 403-269-6123 Fax: 403-269-6169

More information

Clinic Business Continuity Plan Guidelines

Clinic Business Continuity Plan Guidelines Clinic Business Continuity Plan Guidelines Published: January 2015 Table of Contents Emergency Notification Contacts Primary... 2 Emergency Notification Contacts Backups (in case primary is unavailable)...

More information

Computer Security Incident Response Team

Computer Security Incident Response Team Computer Security Incident Response Team Operational Standards The University of Scranton Information Security Office August 2014 Table of Contents 1.0 Operational Standards Document Overview... 3 2.0

More information