+1 (208) 254-6996 essayswallet@gmail.com
  

 Lab 8 Developing an Outline for a Business Continuity Plan for an IT Infrastructure.  For Lab 8, only answer questions, 4,7,9, and 10.  Do not copy and paste content from the lab files, as this will increase the Safe Assign percentage.    

Managing Risk in Information Systems

Don't use plagiarized sources. Get Your Custom Essay on
Info Security & Risk Mgmt
Just from $13/Page
Order Essay

Powered by vLab Solutions

JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES

LABORATORY MANUAL TO ACCOMPANY

VERSION 2.0

INSTRUCTOR VERSION

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

74

Introduction

All businesses are at peak performance when things run smoothly, but it’s a well-planned

business that can still perform after a serious disruption. Every business experiences outages or

disruptions at some level. Minor disruptions are so commonplace, in fact, that they’re “just a part

of doing business.”

Examples of minor disruptions range from employee turnover to a supplier changing its prices to

a busted microwave in the office kitchen. More significant disruptions include losing valuable

executives, experiencing serious market volatility, or facing a massive water leak in the office or

warehouse. Finally, the worst-case disasters that can completely halt business include a major

fire or a flu pandemic.

Business continuity describes the set of processes an organization must act on when disruptions

occur. For the worst-case scenarios, business continuity is labeled disaster recovery, but business

continuity generally means continuing business for any disruption significant enough to benefit

from planning. No type of planning is more important to an organization than business continuity

and disaster recovery planning. The purpose of a business continuity plan (BCP) is to identify

and assess the risks, threats, and vulnerabilities that threaten a company so you can minimize

both internal and external exposure to them and so you can mitigate them. A BCP’s goal is to

document processes for prevention and recovery.

In this lab, you will explain a BCP’s goals, you will align a business impact analysis (BIA) with

the BCP’s scope, you will identify the BCP’s major parts, and you will develop a BCP outline

for a given scenario.

Learning Objectives

Upon completing this lab, you will be able to:

Define the goals and purpose of a business continuity plan (BCP) for an IT infrastructure.

Align a business impact analysis (BIA) to define the scope of a business continuity plan

(BCP) for an IT infrastructure.

Identify the major parts of a business continuity plan (BCP) unique to the scenario and IT

infrastructure.

Develop a business continuity plan (BCP) outline for a given scenario and vertical industry.

Lab #8 Developing an Outline for a Business Continuity Plan for an IT Infrastructure

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

76 | LAB #8 Developing an Outline for a Business Continuity Plan for an IT Infrastructure

Hands-On Steps

Note: This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.

3. Review the Mock IT infrastructure for a health care IT infrastructure servicing patients with life-threatening conditions (see Figure 1).

Figure 1 Mock IT infrastructure

4. Describe some of the major threats and vulnerabilities that might threaten areas of the Mock IT infrastructure in Figure 1.

Note: To identify critical business function areas subject to threats, consider what systems or processes are essential to business operations and are also single points of failure.

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

77

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Instructor Lab Manual

5. On your local computer, open a new Internet browser window.

6. Using your favorite search engine, search for information on a business impact analysis (BIA).

7. Define BIA.

8. Using your favorite search engine, search for information on a business continuity plan (BCP).

9. Define BCP and explain how a BIA fits within a BCP.

Note: In real-world scenarios, BCP testing should be as authentic as possible. Caution: It’s a thin line between genuinely testing your BCP and inadvertently causing an unrecoverable business disruption.

After every BCP test, however small, you will learn some lessons. Add these details to your BCP document after having tested it. Every detail can help minimize recovery time.

10. Create an outline of the BCP sections and subtopics that apply to the Mock IT infrastructure. Include these topics in your outline:

 Initiation of the BCP (introduction, definitions, relevant policy statements, BCP organizational structure, BCP declaration, BCP communications, and information

sharing)

 Business Impact Analysis (risk assessment and analysis prioritizing business functions and operations aligned to IT systems, applications, and resources)

 Business Continuity/Disaster Readiness/Recovery (recovery time objective [RTO], recovery point objective [RPO], business continuity benchmarks, disaster recovery

planning [DRP as a subset of a BCP plan], and recovery steps and procedures for

mission-critical IT systems, applications, and data)

 Develop and Implement the Plan (the plan is a living and breathing document that requires annual updates and change control revisions; implementation and the

instructions for how to engage the BCP are part of this section)

 Test and Update the Plan (the most important part of a BCP or DRP is to test the plan with a “mock” business continuity disruption or disaster scenario; tabletop reviews of

the processes and procedures can be conducted to inform all BCP and DRP team

members of their roles, responsibilities, and accountabilities)

Note: This completes the lab. Close the Web browser, if you have not already done so.

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

  • Pages from 9781284058680_ILMx_Risk20

Order your essay today and save 10% with the discount code ESSAYHELP