chapter 11

avatar
Created by
High-pitchedBeetle8111

Cards (18)

  • Business continuity plan
    contains the actions needed to keep critical business processes running after a disruption
  • Disaster recovery plan
    details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations
  • disruption
    sudden unplanned event
  • Static Environments
    types of systems that do not change very much or at all after deployment
  • Critical business function (CBF)

    business function that is critical to an organization staying in business
  • Business impact analysis

    an analysis of CBFs to determine what kinds of events could interrupt normal operation
  • Maximum tolerable downtime
    the most time a business can survive without a specific CBF
  • Recovery time objective (RTO)
    the timeframe for restoring a CBF. RTO must be shorter than or equal to the MTD
  • Recovery point objective is the point at which the business can afford to lose data without significant impact on the business
  • Deploying two or more components that are capable of providing the same service, called...
    redundancy
  • checklist test
    a simple review of the plan by managers and the business continuity team to make sure that contact numbers are current and the plan reflects the company’s priorities and structure
  • structured walk-through test
    a tabletop exercise, used to find errors in each department’s plans, such as gaps or overlaps
  • simulation test
    staff participate in the test, which identifies reaction and response times, inefficiencies, etc.
  • parallel test
    conducted at an alternate site; the same as a full-interruption test (covered in the next section) except that processing does not stop at the primary site
  • full-interruption test

    conducted at an alternate site because it is so disruptive
  • A DRP does 3 things...
    establishes an emergency operations center (EOC) as an alternate location from which the BCP/DRP will be coordinated and implemented, names an EOC manager, determines when that manager should declare an incident a disaster
  • Reciprocal centers

    involve businesses that do the same type of work but are not direct competitors
  • service bureau
    a service provider that has extra capacity, such as a call center to handle incoming calls, and an organization can contract for its emergency use