top of page
BUSINESS CONTINUITY & DISASTER RECOVERY
MS CyRIGo shadows NIST guidance in assisting with creating Business Continuity and Disaster Recovery Plans. Cyber Incident Response Plan (CIRP) should be developed as part of a larger Business Continuity Plan. BCP may include other plans and procedures for ensuring minimal impact to business functions, for example Disaster Recovery Plans and Crisis Communication plans which may sit alongside several existing planning documents, including Business Impact Analysis (BIA) assessments, Service/Operational Level Agreements (SLAs/OLAs), and Dependency Maps. Business Continuity and Disaster Recovery are closely related disciplines that are essential for organizations to mitigate business risks and recoup from a data breach or loss.
What is Business Continuity?
Business Continuity solutions offer a proactive framework that comprises best practices and procedures which must be implemented to ensure the business can continue to operate when an unanticipated disruption occurs. Business Continuity planning should cover the following elements:
-
Identification and analysis of threats
-
Creation of recovery teams, assignment of responsibilities and establishment of chain of command
-
Update of contact information of individual and entities that should be contacted when disaster occurs, including the management team and external disaster responders (police, fire department, ambulance and etc.)
-
Off-site backup of digital data
-
Alternative communication methods
-
Backup power arrangements, equipment and services
-
Alternative work sites
-
Recovery phase
Prioritizing resources by their relative importance to meeting the organization’s mission objectives is an important driver for determining the sequence and timeline for restoration activities during or after a cyber event. This prioritization also helps the organization to consider categories of recovery events, including cyber events, and to plan appropriate mitigation steps for each category. Responsibilities and priorities set in the BCP should be coordinated with those in the Continuity of Operations Plan (COOP) to eliminate possible conflicts. Continuity of Operations Plan (COOP). The COOP focuses on restoring an organization’s (usually a headquarters element) essential functions at an alternate site and performing those functions for up to 30 days before returning to normal operations.
What is Disaster Recovery?
A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect an IT infrastructure in the event of a disaster. The DRP, ordinarily documented in written form, specifies procedures an organization is to follow in the event of a disaster. It is a comprehensive statement of consistent actions to be taken before, during and after a disaster. The disaster could be natural, environmental or man-made. Man-made disasters could be intentional or unintentional. A Disaster Recovery plan should include the following:
-
Required response to events or conditions of varying duration and severity that would activate the recovery plan
-
Procedures for operating in manual mode with all external electronic connections severed until secure conditions can be restored
-
Roles and responsibilities of responders
-
Processes and procedures for the backup and secure storage of information
-
Complete and up-to-date logical network diagram
-
Personnel list for authorized physical and cyber access
-
Communication procedures and list of personnel to contact in the case of an emergency including vendors, network administrators, support personnel, etc
-
Current configuration information for all components
-
Schedule for exercising the DRP
The plan should also indicate requirements for the timely replacement of components in the case of an emergency. If possible, replacements for hard-to-obtain critical components should be kept in inventory. The security plan should define a comprehensive backup and restore policy.
bottom of page