Chapter 42 – |
Business Continuity Planning |
Michael Miora, CISSP
Chapter Contents:
|
42.1 |
|
Introduction
|
|
42.1.1 |
|
Enterprise Risks and Costs
|
|
42.1.2 |
|
Types of Disasters
|
|
42.1.3 |
|
Recovery Scenarios
|
|
42.2 |
|
Defining the Goals
|
|
42.2.1 |
|
Scope
|
|
42.2.2 |
|
Correlating Objectives to Corporate Missions and Functions
|
|
42.2.3 |
|
Validating Goals
|
|
42.2.4 |
|
Mapping Goals to Recovery Phases
|
|
42.2.5 |
|
Emergency Issues
|
|
42.3 |
|
Performing a Business Impact Analysis
|
|
42.3.1 |
|
Establishing the Scope of the Business Impact Analysis
|
|
42.3.2 |
|
Interview Process
|
|
42.3.3 |
|
Describing the Functions
|
|
42.3.4 |
|
Definition of Departments and Functions
|
|
42.3.4.1 |
|
Key Person, Key Alternate, and Department Head
|
|
42.3.4.2 |
|
Survival Time
|
|
42.3.4.3 |
|
Criticality
|
|
42.3.4.4 |
|
Operational Impact, Ranking Factor, and Number of Users
|
|
42.3.4.5 |
|
Category
|
|
42.3.4.6 |
|
System Elements
|
|
42.4 |
|
Business Impact Analysis Matrix Analysis
|
|
42.4.1 |
|
Listing the Functions Organizationally
|
|
42.4.2 |
|
Finding Cross-Department Functions
|
|
42.4.3 |
|
Using the Ranking Factor
|
|
42.5 |
|
Justifying the Costs
|
|
42.5.1 |
|
Quantitative Risk Model
|
|
42.5.2 |
|
Generalized Cost Consequence Model
|
|
42.6 |
|
For Further Reading
|
|
|
|