Disaster Recovery Plan Versus Business Continuity Plan
Disaster Recovery Plan VS Business continuity Plan
CMGT245
Differences between a Disaster Recovery Plan and a Business Continuity Plan
A Disaster Recovery Plan and a Business Continuity plan are very similar yet they also hold unique properties to themselves. Each one works with the other to keep a business working in case of an emergency. A Disaster Recovery Plan is a document of standard operating procedures and personnel are needed to execute those procedures within the IT department. It also includes specific systems that need to be recovered for critical business operations.
A Business Continuity Plan tells of what systems processes and personnel that needed to be protected in case of an emergency. It lists them according to …show more content…
a business impact analysis to determine the rank of risk to the organization by priority. Operation critical systems are at the top of the list, systems that are less critical below that, and non essential systems are at the bottom of the list.
A Disaster Recovery plans main purpose is to recover from an emergency to maintain business operations and protect company assets. As an example if a datacenter was to lose power a disaster recovery plan would dictate how the IT personnel would handle that situation and what they would need to do, including whom to contact in case of such an event.
Five Key elements of a Disaster Recovery Plan
Five key elements of a Disaster Recovery Plan are to establish a planning group, perform a risk assessment and audit, establish priorities for applications and networks, develop recovery strategies, prepare inventory and documentation for the plan, develop verification criteria, and procedures and implement the plan (The Disaster Recovery Plan, Bahan 2003).
The planning group determines which personnel would be needed to bring key systems back online. Risk assessments and audits should be documented within the disaster recovery plan to avoid mistakes and errors that may occur. Establishing priorities for applications and networks determines which systems need to be brought up first and in which order they should be. Recovery strategies will limit panic if and when the system goes down. Inventory and documentation should be updated monthly to ensure no new system is missing from the disaster recovery plan and keep its location known to the personnel for ease of access. Verification criteria is what you would use to determine if the systems were indeed brought back online as intended, and ensures accuracy of the …show more content…
plan.
Methods of testing a Disaster Recovery Plan
The 5 methods of testing a disaster recovery plan are Walk-through, Simulations, Checklists, parallel testing, and full Interruption.
A walk-through is where key units within a business get together to accurately detail the steps needed in a plan and look for mistakes or items that may be missing. Simulations are just as it sounds. Those key units meet again to perform a simulation of the emergency to act out the steps they would take if a true emergency has happened as accurately as possible. Checklists are a passive type of test for a disaster recovery plan. The key departments check off what they are responsible for in case of an emergency and they also check this list for mistakes or omissions. Parallel testing is when you run a backup system at the same time as a live system. An example of this would be running a generator to maintain power for a datacenter at the same time power is still being provided by the cities power grid. This will show the stability of the generator and length of time it can remain on that power source. Full Interruption is also known as a true/false test. A live test occurs that stops production systems to see if the backup system take affect and how they key units react the planned outage. This can show areas of failure that can be worked on incase a true disaster were to
strike.
Reason to test a Disaster Recovery Plan
A Disaster recovery plan requires testing due to the inability to plan for each possible contingency. A plan looks great on paper but until it is put into action you would never know if it would be successful if and when a true disaster strikes. Planning before a emergency happens is more successful than trying to scramble after the fact and making mistakes along the way.
References
Bahan, C. (2003). Reading Room SANS. Retrieved from http://www.sans.org/reading_room/whitepapers/recovery/disaster-recovery-plan_1164
Merkow, M, Breithaupt , Jim (2006) Information Security. Principles and Practices
CMGT245
Differences between a Disaster Recovery Plan and a Business Continuity Plan
A Disaster Recovery Plan and a Business Continuity plan are very similar yet they also hold unique properties to themselves. Each one works with the other to keep a business working in case of an emergency. A Disaster Recovery Plan is a document of standard operating procedures and personnel are needed to execute those procedures within the IT department. It also includes specific systems that need to be recovered for critical business operations.
A Business Continuity Plan tells of what systems processes and personnel that needed to be protected in case of an emergency. It lists them according to …show more content…
a business impact analysis to determine the rank of risk to the organization by priority. Operation critical systems are at the top of the list, systems that are less critical below that, and non essential systems are at the bottom of the list.
A Disaster Recovery plans main purpose is to recover from an emergency to maintain business operations and protect company assets. As an example if a datacenter was to lose power a disaster recovery plan would dictate how the IT personnel would handle that situation and what they would need to do, including whom to contact in case of such an event.
Five Key elements of a Disaster Recovery Plan
Five key elements of a Disaster Recovery Plan are to establish a planning group, perform a risk assessment and audit, establish priorities for applications and networks, develop recovery strategies, prepare inventory and documentation for the plan, develop verification criteria, and procedures and implement the plan (The Disaster Recovery Plan, Bahan 2003).
The planning group determines which personnel would be needed to bring key systems back online. Risk assessments and audits should be documented within the disaster recovery plan to avoid mistakes and errors that may occur. Establishing priorities for applications and networks determines which systems need to be brought up first and in which order they should be. Recovery strategies will limit panic if and when the system goes down. Inventory and documentation should be updated monthly to ensure no new system is missing from the disaster recovery plan and keep its location known to the personnel for ease of access. Verification criteria is what you would use to determine if the systems were indeed brought back online as intended, and ensures accuracy of the …show more content…
plan.
Methods of testing a Disaster Recovery Plan
The 5 methods of testing a disaster recovery plan are Walk-through, Simulations, Checklists, parallel testing, and full Interruption.
A walk-through is where key units within a business get together to accurately detail the steps needed in a plan and look for mistakes or items that may be missing. Simulations are just as it sounds. Those key units meet again to perform a simulation of the emergency to act out the steps they would take if a true emergency has happened as accurately as possible. Checklists are a passive type of test for a disaster recovery plan. The key departments check off what they are responsible for in case of an emergency and they also check this list for mistakes or omissions. Parallel testing is when you run a backup system at the same time as a live system. An example of this would be running a generator to maintain power for a datacenter at the same time power is still being provided by the cities power grid. This will show the stability of the generator and length of time it can remain on that power source. Full Interruption is also known as a true/false test. A live test occurs that stops production systems to see if the backup system take affect and how they key units react the planned outage. This can show areas of failure that can be worked on incase a true disaster were to
strike.
Reason to test a Disaster Recovery Plan
A Disaster recovery plan requires testing due to the inability to plan for each possible contingency. A plan looks great on paper but until it is put into action you would never know if it would be successful if and when a true disaster strikes. Planning before a emergency happens is more successful than trying to scramble after the fact and making mistakes along the way.
References
Bahan, C. (2003). Reading Room SANS. Retrieved from http://www.sans.org/reading_room/whitepapers/recovery/disaster-recovery-plan_1164
Merkow, M, Breithaupt , Jim (2006) Information Security. Principles and Practices