Professional Documents
Culture Documents
MANAGEMENT
LECTURE 3:
PLANNING FOR
CONTINGENCIES
You got to be careful if you dont know where youre going,
because you might not get there. Yogi Berra
1.
2.
3.
4.
5.
6.
http://csrc.nist.gov/publications/PubsTC.html
Introduction
Contingency Planning
Contingency planning (CP)
The overall planning for unexpected events
Involves preparing for, detecting, reacting to, and
recovering from events that threaten the security of
information resources and assets
Incident Response
Disaster Recovery
Business Continuity
Developing a CP Document
Develop the contingency planning policy
statement
Conduct the BIA
Identify preventive controls
Develop recovery strategies
Develop an IT contingency plan
Plan testing, training, and exercises
Plan maintenance
http://www.npr.org/blogs/thetwo-way/2013/01/16/169528579/outsourced-employee-sends-own-job-tochina-surfs-web
BCP: Strategies
Continuity strategies
Name of agency
Date of completion or update of the plan and test date
Agency staff to be called in the event of a disaster
Emergency services to be called (if needed) in event of a
disaster
Desk check
Structured walkthrough
Simulation
Parallel testing
Full interruption testing