Upload
jonnajon92-1
View
214
Download
0
Embed Size (px)
Citation preview
8/10/2019 P6Ch4BCP&DRPPart4
1/48
PAPER-6 PART-4 OF5
CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planningand Disaster Recovery Planning
1
8/10/2019 P6Ch4BCP&DRPPart4
2/48
Learning Objectives2
To understand the concept of Business Continuity Management
To understand the key phases and components of a Business
Continuity Plan
To understand the key aspects of Business Continuity Planimplementation
To learn about Back-up and Disaster Recovery Planning
To learn how to audit a Business Continuity Plan
8/10/2019 P6Ch4BCP&DRPPart4
3/48
Topics Covered3
PART-4
4.13 Types of Plans
4.14 Types of Back-ups
4.15 Alternate Processing Facility Arrangements
4.16 Disaster Recovery Procedural Plan
8/10/2019 P6Ch4BCP&DRPPart4
4/48
4.13 Types of Plans4
Emergency Plan
Back-up Plan
Recovery Plan
Test Plan
8/10/2019 P6Ch4BCP&DRPPart4
5/48
Emergency Plan5
Emergency plan specifies the actions
Management must identify situations
Actions to be initiated
Security review program
8/10/2019 P6Ch4BCP&DRPPart4
6/48
Four aspects of the emergency plan6
Plan must show who is to be notified immediatelywhen the disaster occurs
Plan must show actions to be undertaken
Any evacuation procedures required must bespecified
Return procedures
8/10/2019 P6Ch4BCP&DRPPart4
7/48
Back-up Plan
7
Type of backup
Could be complex
Difficult to specify
Backup plan needscontinuous updating
Key responsibilities
Backup task
Hardware and software mustbe updated
8/10/2019 P6Ch4BCP&DRPPart4
8/48
Recovery Plan8
Backup plan is intended to restore operations
Recovery plan should identify a recovery committee
Indicate Applications
Recovery committee must understand theirresponsibilities
Review and practice executing their responsibilities
Committee members
8/10/2019 P6Ch4BCP&DRPPart4
9/48
Test Plan9
Final component of a disaster recovery plan is a test plan
Identify deficienciesEnable a range of disasters
Test plans must be invoked
Top managers
Real disaster
8/10/2019 P6Ch4BCP&DRPPart4
10/48
4.14 Types of Back-ups10
Typesof Back-
ups
Full Backup
IncrementalBackup
DifferentialBackup
Mirrorback-up
8/10/2019 P6Ch4BCP&DRPPart4
11/48
Full Backup11
Backup captures all files
Backup generation containsevery file
Realistic proposition for backingup a large amount of data
8/10/2019 P6Ch4BCP&DRPPart4
12/48
Incremental Backup12
Incremental backup captures files
Economical method
Saves a lot of backup time and space
Incremental backup are very difficult torestore
8/10/2019 P6Ch4BCP&DRPPart4
13/48
Differential Backup13
Differential backup stores files that havechanged
Differential backup is obviously faster
Differential backup is a two-stepoperation
Restoring from the last full backup
Differential backup probably includes filesthat were already included
8/10/2019 P6Ch4BCP&DRPPart4
14/48
Mirror back-up14
Mirror backup is identical to
a full backup.
Backup is most frequently
used to create an exactcopy.
8/10/2019 P6Ch4BCP&DRPPart4
15/48
Question
4. Briefly explain the various types ofsystems back-up for the system anddata together.(5 Marks) (Nov 2008)
15
8/10/2019 P6Ch4BCP&DRPPart4
16/48
Answer
Types of systems Back-ups
When the back-ups are taken of the system and data together,they are called total systems back-up.
System back-up may be
Full Backup
Differential
Backup
Incremental
Backup
Mirror
back-up
16
8/10/2019 P6Ch4BCP&DRPPart4
17/48
Answer
Full Backup: Every backup generation contains every file in the backup set.
However, the amount of time and space such a backup takes prevents it frombeing a realistic proposition for backing up a large amount of data.
This is the simplest form of backup with a single restoring session for restoringall backed-up files.
Differential Backup: It contains all the files that have changed since the last
full backup.This is in contrast to incremental backup generation, which holds all the filesthat were modified since the last full or incremental backup.
It is faster and more economical in using the backup space, as only the filesthat have changed since the last full backup are saved.
17
8/10/2019 P6Ch4BCP&DRPPart4
18/48
Answer
Incremental Backup: Only the files that have changed since the last fullbackup / differential backup / or incremental backup are saved.
This is the most economical method, as only the files that changed sincethe last backup are backed up.
This saves a lot of backup time and space. Normally, it is difficult torestore as you have to start with recovering the last full backup, and thenrecovering from every incremental backup taken since.
Mirror back-up: It is identical to a full backup, with theexception that the files are not compressed in zip files andthey cannot be protected with a password.
A mirror backup is most frequently used to create an exactcopy of the backup data.
18
8/10/2019 P6Ch4BCP&DRPPart4
19/48
4.15 Alternate Processing Facility
Arrangements19
Coldsite
Hot site
Warm
site
Reciprocal
agreement
8/10/2019 P6Ch4BCP&DRPPart4
20/48
Cold site20
Organisation cantolerate
some
downtime
Cold sitehas all thefacilities
Establish itsown cold-site facility
8/10/2019 P6Ch4BCP&DRPPart4
21/48
Hot site21
Organisationmight need hot
site backup
Hardware andoperations
facilities
A hot site is
expensive tomaintain
Shared with
otherorganisations
8/10/2019 P6Ch4BCP&DRPPart4
22/48
Warm site22
A warm siteprovides anintermediate
level
Cold-sitefacilities inaddition
Warm site mightcontain selected
peripheralequipment
8/10/2019 P6Ch4BCP&DRPPart4
23/48
Reciprocal agreement23
Two or more
organisations
Backup option isrelatively cheap
8/10/2019 P6Ch4BCP&DRPPart4
24/48
Reciprocal agreement24
What controls will be in place and working at the off-site facility
The facilities and services the site provider agrees to make available
The conditions under which the site can be used
The period during which the site can be used
The priority to be given to concurrent users of the site in the event of acommon disaster
The number of organizations that will be allowed to use the site concurrentlyin the event of a disaster
How soon the site will be made available subsequent to a disaster
8/10/2019 P6Ch4BCP&DRPPart4
25/48
Question
A company has decided to outsource a thirdparty site for its alternate back-up and recovery
process.
What are the issues to be considered by thesecurity administrator while drafting the contract?
(5 Marks) (May 2010)
25
8/10/2019 P6Ch4BCP&DRPPart4
26/48
Answer
If a third party site is to be used for backup andrecovery purposes, security administrators must ensurethat a contract is written to cover the following issues
How soon the site will be made availablesubsequent to a disaster
The number of organizations that will be allowed to
use the site concurrently in the event of a disaster The priority to be given to concurrent users of thesite in the event of a common disaster
The period during which the site can be used
26
8/10/2019 P6Ch4BCP&DRPPart4
27/48
Answer
The conditions under which the site can be used
The facilities and services the site provider agrees to makeavailable
What controls will be in place and working at the off-site
facility
The above are the main issues that should be covered while drafting acontract. These issues are often poorly specified in reciprocal
agreements. Moreover, they can be difficult to enforce under areciprocal agreement because of the informal nature of the agreement
27
8/10/2019 P6Ch4BCP&DRPPart4
28/48
Question
Discuss the various backup optionsconsidered by a security administratorwhen arranging alternate processingfacility.
(4 Marks) (May 2011)
28
8/10/2019 P6Ch4BCP&DRPPart4
29/48
Answer
Security administrators shouldconsider the following backup options
while arranging alternate processingfacility:
Cold site
Hot site Warm site
Reciprocal agreement
29
8/10/2019 P6Ch4BCP&DRPPart4
30/48
Answer
Cold site
If an organization can tolerate some down time, cold site backup mightbe appropriate
A cold site has all the facilities needed to install a mainframe system,raised floors, air conditioning, power, communication lines, and so on
An organization can establish its own cold site facility or enter into anagreement with another organization to provide a cold site facility
30
8/10/2019 P6Ch4BCP&DRPPart4
31/48
Answer
Hot site
If fast recovery is critical, an organization might
need hot site backup
All hardware and operations facilities will beavailable at the host site
In some cases, software, data and supplies mightalso be stored there
A hot site is expensive to maintain
They are usually shared with other organizationsthat have hot site needs
31
8/10/2019 P6Ch4BCP&DRPPart4
32/48
Answer
Warm site
It provides an intermediate level of backup
It has all cold site facilities in addition with hardware that might
be difficult to obtain or install
For example, a warm site might contain selected peripheralequipment plus a small mainframe with sufficient power tohandle critical applications in the short run
32
8/10/2019 P6Ch4BCP&DRPPart4
33/48
Answer
Reciprocal agreement
Two or more organizations might agreeto provide backup facilities to each otherin the event of one suffering a disaster
This backup option is relatively cheap,but each participant must maintain
sufficient capacity to operate another'scritical system
33
8/10/2019 P6Ch4BCP&DRPPart4
34/48
4.16 Disaster Recovery Procedural Plan
Conditions for activating the plans
Emergency procedures
Fall-back procedures
Resumption procedures
Maintenance schedule
Awareness and education activities
Responsibilities of individuals
34
8/10/2019 P6Ch4BCP&DRPPart4
35/48
Disaster Recovery Procedural Plan
35
Resumption procedures, which describe the actions to be taken toreturn to normal business operations
A maintenance schedule, which specifies how and when theplan will be tested, and the process for maintaining the plan
Awareness and education activities, which are designed tocreate an understanding of the business continuity, process and
ensure that the business continues to be effective
The responsibilities of individuals describing who is responsible forexecuting which component of the plan. Alternatives should benominated as required
8/10/2019 P6Ch4BCP&DRPPart4
36/48
Disaster Recovery Procedural Plan
36
List of phone numbers of employees in the event of an emergency
Checklist for inventory taking and updating the contingency plan on aregular basis
List of vendors doing business with the organization, their contact numbersand address for emergency purposes
Contingency plan testing and recovery procedure
Detailed description of the purpose and scope of the plan
Contingency plan document distribution list
8/10/2019 P6Ch4BCP&DRPPart4
37/48
Disaster Recovery Procedural Plan
37
Emergency phone listfor fire, police,
hardware, software,suppliers, customers,back-up location, etc
Medical procedure tobe followed in case of
injury
Back-up locationcontractual agreement,
correspondences
Insurance papers andclaim forms
Primary computercentre hardware,
software, peripheralequipment and
software configuration
8/10/2019 P6Ch4BCP&DRPPart4
38/48
Disaster Recovery Procedural Plan
38
Location of data and program files, data dictionary,documentation manuals, source and object codes and back-
up media.
Alternate manual procedures to be followed such aspreparation of invoices.
Names of employees trained for emergency situation, firstaid and life saving techniques.
Details of airlines, hotels and transport arrangements.
8/10/2019 P6Ch4BCP&DRPPart4
39/48
Questions
3. What do you understandby the term Disaster? What
procedural plan do you
suggest for disaster recovery?(10 Marks) (Nov 2008)
4. (A) Explain the variousgeneral components of
Disaster Recovery Plan
(8 Marks) (Nov. 2011)
39
8/10/2019 P6Ch4BCP&DRPPart4
40/48
Answer
The term disastercan be defined as anincident which jeopardizes business
operations and/or human life. It could bedue to sabotage (human) or natural.
Following is the procedural plans for disasterrecovery.
Disaster Recovery Procedural Plan:Normally disaster recovery procedural plan
is made when the system is normally working.After visualizing the disaster the action to be
taken by different people of theorganization are to be documented.
40
8/10/2019 P6Ch4BCP&DRPPart4
41/48
Answer
This recovery and planning document may includethe following areas
The conditions for activating the plans, which describe the
process to be followed before each plan, are activated.
Emergency procedures, which describe the actions to betaken following an incident which jeopardises businessoperations and/or human life.
This should include arrangements for public relationsmanagement and for effective liaison with appropriatepublic authorities e.g. police, fire, services and localgovernment.
41
8/10/2019 P6Ch4BCP&DRPPart4
42/48
Answer
Fall-back procedures which describe the actions to be taken to moveessential business activities or support services to alternate temporarylocations, to bring business process back into operation in the requiredtime-scale
Resumption procedures, which describe the actions to be taken to returnto normal business operations
A maintenance schedule, which specifies how and when the plan will betested, and the process for maintaining the plan
42
8/10/2019 P6Ch4BCP&DRPPart4
43/48
Answer
Awareness and education activities, which are designed to create anunderstanding of the business continuity, process and ensure that thebusiness continues to be effective
The responsibilities of individuals describing who is responsible forexecuting which component of the plan. Alternatives should benominated as required
Contingency plan document distribution list
Detailed description of the purpose and scope of the plan
43
8/10/2019 P6Ch4BCP&DRPPart4
44/48
Answer
Contingency plan testing and recoveryprocedure.
List of vendors doing business with theorganization, their contact numbers and
address for emergency purposes.
Checklist for inventory taking andupdating the contingency plan on a
regular basis.
List of phone numbers of employees inthe event of an emergency.
44
8/10/2019 P6Ch4BCP&DRPPart4
45/48
Answer
Emergency phone list for fire, police, hardware, software,suppliers, customers, back-up location, etc.
Medical procedure to be followed in case of injury
Back-up location contractual agreement, correspondences
Insurance papers and claim forms
Primary computer centre hardware, software, peripheralequipment and software configuration
45
8/10/2019 P6Ch4BCP&DRPPart4
46/48
Answer
Location of data and program files, data dictionary,documentation manuals, source and object codes andback-up media
Alternate manual procedures to be followed such aspreparation of invoices
Names of employees trained for emergency situation,first aid and life saving techniques
Details of airlines, hotels and transport arrangements
46
8/10/2019 P6Ch4BCP&DRPPart4
47/48
Summary47
PART-4
4.13 Types of Plans
4.14 Types of Back-ups
4.15 Alternate Processing Facility Arrangements
4.16 Disaster Recovery Procedural Plan
8/10/2019 P6Ch4BCP&DRPPart4
48/48
Thank you!
48