P6Ch4BCP&DRPPart4

8/10/2019 P6Ch4BCP&DRPPart4

1/48

PAPER-6 PART-4 OF5

CA A.RAFEQ, FCA

Chapter-4: Business Continuity Planningand Disaster Recovery Planning

1


2/48

Learning Objectives2

To understand the concept of Business Continuity Management

To understand the key phases and components of a Business

Continuity Plan

To understand the key aspects of Business Continuity Planimplementation

To learn about Back-up and Disaster Recovery Planning

To learn how to audit a Business Continuity Plan


3/48

Topics Covered3

PART-4

4.13 Types of Plans

4.14 Types of Back-ups

4.15 Alternate Processing Facility Arrangements

4.16 Disaster Recovery Procedural Plan


4/48

4.13 Types of Plans4

Emergency Plan

Back-up Plan

Recovery Plan

Test Plan


5/48

Emergency Plan5

Emergency plan specifies the actions

Management must identify situations

Actions to be initiated

Security review program


6/48

Four aspects of the emergency plan6

Plan must show who is to be notified immediatelywhen the disaster occurs

Plan must show actions to be undertaken

Any evacuation procedures required must bespecified

Return procedures


7/48

Back-up Plan

7

Type of backup

Could be complex

Difficult to specify

Backup plan needscontinuous updating

Key responsibilities

Backup task

Hardware and software mustbe updated


8/48

Recovery Plan8

Backup plan is intended to restore operations

Recovery plan should identify a recovery committee

Indicate Applications

Recovery committee must understand theirresponsibilities

Review and practice executing their responsibilities

Committee members


9/48

Test Plan9

Final component of a disaster recovery plan is a test plan

Identify deficienciesEnable a range of disasters

Test plans must be invoked

Top managers

Real disaster


10/48

4.14 Types of Back-ups10

Typesof Back-

ups

Full Backup

IncrementalBackup

DifferentialBackup

Mirrorback-up


11/48

Full Backup11

Backup captures all files

Backup generation containsevery file

Realistic proposition for backingup a large amount of data


12/48

Incremental Backup12

Incremental backup captures files

Economical method

Saves a lot of backup time and space

Incremental backup are very difficult torestore


13/48

Differential Backup13

Differential backup stores files that havechanged

Differential backup is obviously faster

Differential backup is a two-stepoperation

Restoring from the last full backup

Differential backup probably includes filesthat were already included


14/48

Mirror back-up14

Mirror backup is identical to

a full backup.

Backup is most frequently

used to create an exactcopy.


15/48

Question

4. Briefly explain the various types ofsystems back-up for the system anddata together.(5 Marks) (Nov 2008)

15


16/48

Answer

Types of systems Back-ups

When the back-ups are taken of the system and data together,they are called total systems back-up.

System back-up may be

Full Backup

Differential

Backup

Incremental

Backup

Mirror

back-up

16


17/48

Answer

Full Backup: Every backup generation contains every file in the backup set.

However, the amount of time and space such a backup takes prevents it frombeing a realistic proposition for backing up a large amount of data.

This is the simplest form of backup with a single restoring session for restoringall backed-up files.

Differential Backup: It contains all the files that have changed since the last

full backup.This is in contrast to incremental backup generation, which holds all the filesthat were modified since the last full or incremental backup.

It is faster and more economical in using the backup space, as only the filesthat have changed since the last full backup are saved.

17


18/48

Answer

Incremental Backup: Only the files that have changed since the last fullbackup / differential backup / or incremental backup are saved.

This is the most economical method, as only the files that changed sincethe last backup are backed up.

This saves a lot of backup time and space. Normally, it is difficult torestore as you have to start with recovering the last full backup, and thenrecovering from every incremental backup taken since.

Mirror back-up: It is identical to a full backup, with theexception that the files are not compressed in zip files andthey cannot be protected with a password.

A mirror backup is most frequently used to create an exactcopy of the backup data.

18


19/48

4.15 Alternate Processing Facility

Arrangements19

Coldsite

Hot site

Warm

site

Reciprocal

agreement


20/48

Cold site20

Organisation cantolerate

some

downtime

Cold sitehas all thefacilities

Establish itsown cold-site facility


21/48

Hot site21

Organisationmight need hot

site backup

Hardware andoperations

facilities

A hot site is

expensive tomaintain

Shared with

otherorganisations


22/48

Warm site22

A warm siteprovides anintermediate

level

Cold-sitefacilities inaddition

Warm site mightcontain selected

peripheralequipment


23/48

Reciprocal agreement23

Two or more

organisations

Backup option isrelatively cheap


24/48

Reciprocal agreement24

What controls will be in place and working at the off-site facility

The facilities and services the site provider agrees to make available

The conditions under which the site can be used

The period during which the site can be used

The priority to be given to concurrent users of the site in the event of acommon disaster

The number of organizations that will be allowed to use the site concurrentlyin the event of a disaster

How soon the site will be made available subsequent to a disaster


25/48

Question

A company has decided to outsource a thirdparty site for its alternate back-up and recovery

process.

What are the issues to be considered by thesecurity administrator while drafting the contract?

(5 Marks) (May 2010)

25


26/48

Answer

If a third party site is to be used for backup andrecovery purposes, security administrators must ensurethat a contract is written to cover the following issues

How soon the site will be made availablesubsequent to a disaster

The number of organizations that will be allowed to

use the site concurrently in the event of a disaster The priority to be given to concurrent users of thesite in the event of a common disaster

The period during which the site can be used

26


27/48

Answer

The conditions under which the site can be used

The facilities and services the site provider agrees to makeavailable

What controls will be in place and working at the off-site

facility

The above are the main issues that should be covered while drafting acontract. These issues are often poorly specified in reciprocal

agreements. Moreover, they can be difficult to enforce under areciprocal agreement because of the informal nature of the agreement

27


28/48

Question

Discuss the various backup optionsconsidered by a security administratorwhen arranging alternate processingfacility.

(4 Marks) (May 2011)

28


29/48

Answer

Security administrators shouldconsider the following backup options

while arranging alternate processingfacility:

Cold site

Hot site Warm site

Reciprocal agreement

29


30/48

Answer

Cold site

If an organization can tolerate some down time, cold site backup mightbe appropriate

A cold site has all the facilities needed to install a mainframe system,raised floors, air conditioning, power, communication lines, and so on

An organization can establish its own cold site facility or enter into anagreement with another organization to provide a cold site facility

30


31/48

Answer

Hot site

If fast recovery is critical, an organization might

need hot site backup

All hardware and operations facilities will beavailable at the host site

In some cases, software, data and supplies mightalso be stored there

A hot site is expensive to maintain

They are usually shared with other organizationsthat have hot site needs

31


32/48

Answer

Warm site

It provides an intermediate level of backup

It has all cold site facilities in addition with hardware that might

be difficult to obtain or install

For example, a warm site might contain selected peripheralequipment plus a small mainframe with sufficient power tohandle critical applications in the short run

32


33/48

Answer

Reciprocal agreement

Two or more organizations might agreeto provide backup facilities to each otherin the event of one suffering a disaster

This backup option is relatively cheap,but each participant must maintain

sufficient capacity to operate another'scritical system

33


34/48


Conditions for activating the plans

Emergency procedures

Fall-back procedures

Resumption procedures

Maintenance schedule

Awareness and education activities

Responsibilities of individuals

34


35/48

Disaster Recovery Procedural Plan

35

Resumption procedures, which describe the actions to be taken toreturn to normal business operations

A maintenance schedule, which specifies how and when theplan will be tested, and the process for maintaining the plan

Awareness and education activities, which are designed tocreate an understanding of the business continuity, process and

ensure that the business continues to be effective

The responsibilities of individuals describing who is responsible forexecuting which component of the plan. Alternatives should benominated as required


36/48


36

List of phone numbers of employees in the event of an emergency

Checklist for inventory taking and updating the contingency plan on aregular basis

List of vendors doing business with the organization, their contact numbersand address for emergency purposes

Contingency plan testing and recovery procedure

Detailed description of the purpose and scope of the plan

Contingency plan document distribution list


37/48


37

Emergency phone listfor fire, police,

hardware, software,suppliers, customers,back-up location, etc

Medical procedure tobe followed in case of

injury

Back-up locationcontractual agreement,

correspondences

Insurance papers andclaim forms

Primary computercentre hardware,

software, peripheralequipment and

software configuration


38/48


38

Location of data and program files, data dictionary,documentation manuals, source and object codes and back-

up media.

Alternate manual procedures to be followed such aspreparation of invoices.

Names of employees trained for emergency situation, firstaid and life saving techniques.

Details of airlines, hotels and transport arrangements.


39/48

Questions

3. What do you understandby the term Disaster? What

procedural plan do you

suggest for disaster recovery?(10 Marks) (Nov 2008)

4. (A) Explain the variousgeneral components of

Disaster Recovery Plan

(8 Marks) (Nov. 2011)

39


40/48

Answer

The term disastercan be defined as anincident which jeopardizes business

operations and/or human life. It could bedue to sabotage (human) or natural.

Following is the procedural plans for disasterrecovery.

Disaster Recovery Procedural Plan:Normally disaster recovery procedural plan

is made when the system is normally working.After visualizing the disaster the action to be

taken by different people of theorganization are to be documented.

40


41/48

Answer

This recovery and planning document may includethe following areas

The conditions for activating the plans, which describe the

process to be followed before each plan, are activated.

Emergency procedures, which describe the actions to betaken following an incident which jeopardises businessoperations and/or human life.

This should include arrangements for public relationsmanagement and for effective liaison with appropriatepublic authorities e.g. police, fire, services and localgovernment.

41


42/48

Answer

Fall-back procedures which describe the actions to be taken to moveessential business activities or support services to alternate temporarylocations, to bring business process back into operation in the requiredtime-scale

Resumption procedures, which describe the actions to be taken to returnto normal business operations

A maintenance schedule, which specifies how and when the plan will betested, and the process for maintaining the plan

42


43/48

Answer

Awareness and education activities, which are designed to create anunderstanding of the business continuity, process and ensure that thebusiness continues to be effective

The responsibilities of individuals describing who is responsible forexecuting which component of the plan. Alternatives should benominated as required

Contingency plan document distribution list

Detailed description of the purpose and scope of the plan

43


44/48

Answer

Contingency plan testing and recoveryprocedure.

List of vendors doing business with theorganization, their contact numbers and

address for emergency purposes.

Checklist for inventory taking andupdating the contingency plan on a

regular basis.

List of phone numbers of employees inthe event of an emergency.

44


45/48

Answer

Emergency phone list for fire, police, hardware, software,suppliers, customers, back-up location, etc.

Medical procedure to be followed in case of injury

Back-up location contractual agreement, correspondences

Insurance papers and claim forms

Primary computer centre hardware, software, peripheralequipment and software configuration

45


46/48

Answer

Location of data and program files, data dictionary,documentation manuals, source and object codes andback-up media

Alternate manual procedures to be followed such aspreparation of invoices

Names of employees trained for emergency situation,first aid and life saving techniques

Details of airlines, hotels and transport arrangements

46


47/48

Summary47

PART-4

4.13 Types of Plans

4.14 Types of Back-ups

4.15 Alternate Processing Facility Arrangements



48/48

Thank you!

48

Documents

P6Ch4BCP&DRPPart4