Business Continuity Planning is the way an organization can prepare for and aid in Disaster Recovery (DR). It is an arrangement agreed upon in advance by management and key personnel of the steps that will be taken to help the organization recover should any type of disaster occur. Though personally, I do not like Business Continuity Planning (BCP) to be associated with DR. For me BCP is more about the continuity of business and not just IT.
Disaster Recovery (DR) is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.
Business Continuity/Disaster Recovery Plans come in various forms, each reflecting the corporation’s particular set of circumstances. It’s about using the right people, processes, and technology.
The best practices and various business continuity standards that details the steps for best business continuity plan are many and one needs to balance all these standards/requirements to get it right.
The list below does not include popular ISO, NIST, and other standards. The few below are those which you may or may not know. They are very interesting to read.
Here is an exercise. Please check the frameworks below to see if your BCP/DR team has considered them. For more information please comment on LinkedIn or email firstname.lastname@example.org.
e-InnoSec Initiated Project for Like Minded Security Professionals (www.einnosec.com)Standards/Frameworks
- NFPA 1600
- ANS/NZS 5050:2010 Business continuity – Managing disruption related Risk
- DRI Library
- ISO/IEC (various other standards)
The list is long but included few above to start the conversation.
Please check the earlier postings from e-InnoSec Team (www.einnosec.com):