Offsite Location
- alternate facilities: at least 5 miles away from the primary site- low-to-medium critical environments: 15 miles is recommended
- critical operations:50 to 200 miles is recommended
Data Backup (692頁)
- Full : restoration process is just one step,backup and restore processes could take a long time- Differential (差量備份): backs up the files that have been modified since the last full backup
- Incremental (增量備份): backs up all the files that have changed since the last full or incremental backup and sets the archive bit to 0
High Availability (HA) (697頁) - ensure that some specific thing is always up and running
- Redundancy: commonly built into the network at a routing protocol level.- Fault Tolerance: capability of a technology to continue to operate as expected even if something unexpected takes place (a fault).
- Failover: if there is a failure that cannot be handled through normal means, then processing is “switched over” to a working system.
Due Care: 應有的注意
a company practiced common sense and prudent management and acted responsibly.
Due care pertains to acting responsibly and “doing the right thing.”. Due care ensures
that a minimal level of protection is in place in accordance with the best practice
in the industry.
Many times due diligence (data gathering) has to be performed so that proper due care (prudent actions) can take place.
未執行due care => Negligence (玩忽職守)
Due care pertains to acting responsibly and “doing the right thing.”. Due care ensures
that a minimal level of protection is in place in accordance with the best practice
in the industry.
Many times due diligence (data gathering) has to be performed so that proper due care (prudent actions) can take place.
未執行due care => Negligence (玩忽職守)
Due Diligence: 應有的努力
the company properly investigated all of its possible weaknesses and vulnerabilities.Due diligence is the act of gathering the necessary information so the best decision-
making activities can take place.
Cost Recover and Cost Disruption
Summary of BCP Plans
1. Business Resumption Plan
- Address business procedures. Not IT focused.
2. Continuity Of Operation Plan (COOP)
- Describe the procedures required to maintain operations during a disaster
3. IT Contingency Plan
- Recovery a major application or general support system
4. Crisis Communication Plan
- Disseminating status reports to personnel and he public
5. Cyber Incident Response Plan
- Detect, respond to and limit consequences of malicious cyber incident
6. Disaster Recovery Plan
- Recovery of capabilities at an alternative site
7. Occupant Emergency Plan
- Minimize lost of life or injury and protecting properly damage in response to a physical threat
2. RTO(Recovery Time Objective):earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences
3. WRT(Work Recovery Time): RTO usually deals with getting the infrastructure and systems back up and running, and WRT deals with restoring data, testing processes
4. RPO(Recovery Point Objective):acceptable amount of data loss measured in time.
Recovery Strategy
1. MTD(Maximum tolerable downtime) => RTO + WRT2. RTO(Recovery Time Objective):earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences
3. WRT(Work Recovery Time): RTO usually deals with getting the infrastructure and systems back up and running, and WRT deals with restoring data, testing processes
4. RPO(Recovery Point Objective):acceptable amount of data loss measured in time.
Testing Plan
1. Checklist Test (desk check test)
- BCP are distributed to the different departments and functional areas for review.
2. Structured Walk-Through Test
- each department or functional area come together
and go over the plan to ensure its accuracy.
3. Simulation Test
- all employees who participate in operational and support functions, or their representatives, come
together to practice executing the disaster recovery plan based on a specific scenario.
4. Parallel Test
- perform adequately at the alternate offsite facility.
5. Full-Interruption Test
- The original site is actually shut down, and processing takes place at the alternate site.
- BCP are distributed to the different departments and functional areas for review.
2. Structured Walk-Through Test
- each department or functional area come together
and go over the plan to ensure its accuracy.
3. Simulation Test
- all employees who participate in operational and support functions, or their representatives, come
together to practice executing the disaster recovery plan based on a specific scenario.
4. Parallel Test
- perform adequately at the alternate offsite facility.
5. Full-Interruption Test
- The original site is actually shut down, and processing takes place at the alternate site.
沒有留言:
張貼留言