Lecture5 : Contingency planning Lecturer: Kawther Abas 25/12/ CS – Management of Programming Projects
Incident response planning (IRP) Disaster recovery planning (DRP) Business continuity planning (BCP) Fundamentals of Contingency Planning Management of Information Security, 3rd ed.
contingency planners should –Identify –Anticipate –Select –Implement –Test Fundamentals of Contingency Planning
Develop the contingency planning policy statement Conduct the BIA Identify preventive controls Develop recovery strategies Develop an IT contingency plan Plan testing, training, and exercises Plan maintenance
Elements of a contingency planning policy statement 1-An introductory statement of philosophical perspective by senior management 2- A statement of the scope and purpose of the CP operations 3- A call for periodic risk assessment and business impact analysis by the CP Team
Four teams on contingency planning : 1.The CP team 2.The incident recovery (IR) team 3.The disaster recovery (DR) team 4.The business continuity plan (BC) team
The CP team should include –Champion –Project Manager –Team Members Business managers Information technology managers Information security managers
Components of Contingency Planning
Sources of Disaster Nature / Technology / Organization / People AccidentalMalicious Fire / Lightning / Smoke Earthquake / Tornado / Flood Building Collapse Strikes / Industrial Actions War / Invasion Hardware / Software Problems Loss of plant / systems / services / data “availability”