Business continuity plan ppt

Roongsiriwong, ss continuity a to z guide to business continuity and disaster ss continuity planning presentation ss continuity sent successfully.. Techniques: creating multimedia course - linkedin ng techniques: writing effective learning course - linkedin oint: designing better course - linkedin ss continuity planning.

Response plan

  • incidents are usually detected from complaints to help desk
  • security administrators may receive alarms based on:
    • unfamiliar files
    • unknown processes
    • unusual resource consumption
    • activities at unexpected times
    • use of dormant accounts
. Response plan
  • incident reaction involves
    • notifying proper personnel
      • involves notifying people on the alert roster
      • notification could be accomplished using a predefined tree structure
      • notification is pre-scripted to activate relevant portions of the incident response plan
    • designated personnel start documenting the incident


  • service level agreements
  • software escrow
  • iso 17799 addresses business continuity management
  • cold / warm / hot site
  • restoration vs. Response plan
    • post-incident actions
      • preserve evidence
      • activate recovery procedures
      • assess damage

    Impact analysis nt response plan

    • responsible people aware of ir plan details
    • periodic testing of ir plan as a desktop exercise
    • goals to remember (richard marcinko):
      • more sweat in training means less bleeding in combat
      • preparation hurts
      • lead from the front and not the rear
      • keep it simple
      • never assume
      • you get paid for results not your methods
    . Impact analysis
    • potential damage assessment includes:
      • actions needed immediately to recover from the attack
      • personnel who will do the restoration
      • cost estimates for management use
    • subordinate plan classification includes:
      • classification of attack as disastrous or non-disastrous
      • disastrous attacks require disaster recovery plan
      • non-disastrous attacks require incident response plan
      • most attacks are non-disastrous, e.

        Planning gency planning gency planning

        • primary goal is to restore all systems to pre-failure level
        • cp requires support of:
          • upper level management
          • it people
          • security people
        . Recovery planning
        • prioritize recovery of components
        • crisis management
        • activate recovery from backup data


        • contingency planning consists of:
          • incident response plan
          • disaster recovery plan
          • business continuity plan
        • incident response involves:
          • notification of key people
          • documenting the incident
          • contain the damage due to the incident
        . Response plan
        • additional incidence indicators:
          • ids system detects unusual activity
          • presence of hacker tools such as sniffers and keystroke loggers
          • partners detect an attack from the organization system
          • hacker taunts
        • farm (functional area recovery management) specifies plans for operational area recovery
        . Strategy
        • contingency planning
        • incident response planning
        • disaster recovery planning
        • business continuity planning

        Response plan

          • activate incident containment strategies such as:
            • take system offline
            • disable compromised accounts
            • reconfigure firewall as needed
            • shut down specific applications such as email or database
            • might necessitate shutting down the system completely
        . Impact analysis
        • bia is the first step in cp
        • takes off from where risk assessment ended
        • main steps in bia are:
          • threat attack identification
          • business unit analysis
          • attack success scenarios
          • potential damage assessment
          • subordinate plan classification

        Related slideshares at hed on apr 29, you sure you want message goes the first to ss continuity

        • continuity strategy
        • business impact
        • incident response
        • disaster recovery
        • business continuity
        . Courses and counting: david rivers on course - linkedin g skills with linkedin course - linkedin ss continuity planning.

        Impact analysis

        • business unit analysis includes:
          • prioritization of business functions
          • identify critical business units
        • attack success scenario includes:
          • known methods of attack
          • indicators of attack
          • broad consequences