Business Continuity and Disaster Recovery Planning – Flashcards
Unlock all answers in this set
Unlock answersquestion
Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
answer
work hand in hand to provide an organization with the means to continue and recover business operations when a disaster strikes.
question
Natural Disasters
answer
- Fires and Explosions - Earthquakes - Storms (snow, ice, hail,etc) - Floods - Hurricanes, Typhoons, and cyclone - Volcanoes and lava flows - Tornadoes - Landslides - Avalanches - Tsunamis - Pandemics
question
Man-made disasters
answer
- Accidents - Crime and Mischief - War and terrorism - Cyber attacks/cyber warfare - Civil disturbances
question
Disasters
answer
can affect businesses in a lot of ways: - Damage to business buildings - Damage to business records - Damage to business equipment - Damage to communications - Damage to public utilities - Damage to transportation systems - Injuries and loss of life - Indirect damage: suppliers and customers
question
Business Continuity Planning (BCP)
answer
deals with keeping business operations running - perhaps in another location or by using different tools and processes- after a disaster has struck
question
Disaster Recovery Planning (DRP)
answer
deals with restoring normal business operations after the disaster takes place
question
Identification of critical business functions
answer
the Business Impact Assessment (BIA) and Vulnerability Assessment identify these function
question
Identification of possible disaster scenarios
answer
the planning team identifies all the likely man-made and natural disaster scenarios, ranked by probability and impact to the organization
question
Experts
answer
People who understand the organization's critical business processes
question
Pandemic
answer
a rapid spread of a new disease for which few people have natural immunity
question
Continuity of Operations (COOP)
answer
a blended approach of BCP and DRP into a single mission: Keeping the organization running after a disaster
question
Business Continuity Planning (BCP)
answer
Project team has to make and understand some basic definitions and assumptions - Senior Management Support - Senior Management Involvement - Project team membership
question
Business Continuity Planning (BCP)
answer
this project typically has four components - Scope - Determination - The Business Continuity Plan - Implementation
question
Scope Creep
answer
what happens when a project's scope grows beyond the original intent
question
Business Impact Assessment (BIA)
answer
describes the impact that a disaster is expected to have on business operations
question
Quantitative impact
answer
generally financial, such as loss of revenue or output production
question
Qualitative impact
answer
has to do with the delivery of goods and/or services
question
Business Impact Assessment (BIA)
answer
needs to perform the following tasks well: - Perform a Vulnerability Assessment - Carry out Criticality Assessment - Determine the Maximum Tolerable Downtime - Establish recovery targets - Determine resource requirements
question
Vulnerability Assessment
answer
helps get a handle on obvious and not-so-obvious weaknesses in business critical systems.
question
Vulnerability Assessment
answer
used to determine the impact - both quantitative and qualitative - of the loss of critical business function
question
Quantitative Losses
answer
Include: - Loss of revenue - Loss of operating capital - Loss because of personal liabilities - Increase in expenses - Penalties because of violations of business contracts - Violations of laws and regulations
question
Qualitative Losses
answer
Include: - Service quality - Competitive advantages - Customer satisfactions - Market share - Prestige and reputation
question
Critical Support Areas
answer
business functions that, if lost, would cause irreparable harm to the business by jeopardizing critical business processes or the lives and safety of personnel
question
Quantitative Losses
answer
include an increase in operating expenses because of any higher costs associated with executing the contingency plan
question
Maximum Tolerable Downtime (MTD) or Maximum Tolerable Period of Disruption (MTPD)
answer
the maximum period of time that a critical business function can be inoperative before the company incurs significant and long-lasting damage
question
Maximum Tolerable Downtime (MTD) or Maximum Tolerable Period of Disruption (MTPD)
answer
a measure of the longest period of time that a critical business function can be disrupted without suffering unacceptable consequences, perhaps threatening the actual survivability of the organization
question
Recovery Time Objective (RTO)
answer
is the maximum period of time in which a business process must be restored after a disaster
question
Recovery Point Objective (RPO)
answer
the maximum period of time in which data might be lost if a disaster strikes
question
Resource Requirements
answer
a listing of the resources that an organization needs in order to continue operating each critical business function.
question
Virtual Tape Library (VTL)
answer
disk based storage. A hot pluggable RAID array, you could take these disks and send them offsite
question
Replication
answer
An organization with two or more processing centers can consider replicating data from one location to another
question
Remote backup
answer
data can be backed up to a remote processing center.
question
Off Site Media Storage
answer
purpose is to ensure that up to date data is available in the event that systems in the primary data center are damaged
question
Software Escrow agreements
answer
the software vendor sends a copy of its software code to a third-party escrow organization for safekeeping.
question
Uninterruptible Power Supplies (UPSs)
answer
used to provide electric power during prolonged power outages.
question
Continuity and Recovery documentation
answer
must exist in hard copy in the event that its unavailable via electronic means
question
Cold Site
answer
an empty computer room with environmental facilities
question
Warm site
answer
a computer room with computers and communications links already in place
question
Hot site
answer
a site equipped with the same computers as the production system, with application changes, operating system changes, and even patches kept in sync with their live production system counterparts
question
Reciprocal Site
answer
agreeing with another company to share your space or their space should a disaster strike
question
Hot Site
answer
provides the most rapid recovery capability, but it also costs the most because of the effort required to maintain its rediness
question
Senior Management's approval
answer
is needed so that all affected and involved employees in the organization understand the importance of emergency plannin
question
Salvage Team
answer
primarily concerned with the restoration of a facility and its return to operational readiness
question
Structured Walkthrough
answer
a team approach to the checklist. Business and technology experts get together to walk through the BCP plan documents.
question
Simulation
answer
all the designated recover personnel practice going through the motions associated with a real recovery.
question
Parallel test
answer
involves performing all the steps of a real recovery. Includes loading data onto recovery systems without taking production systems down.
question
Interruption test
answer
the ultimate test of the ability for a disaster recovery system to perform properly in a real disaster, but it's also the test with the highest risk
question
Organizational analysis
answer
understanding the organization is the key to creating a BCP and DRP plan
question
Operational Level Agreement (OLA)
answer
internal in departments within the organization
question
Triage
answer
the initial gathering and assessment of the information related to the incident
