Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Cover Half Title Title Page Copyright Page Dedication Table of Contents Foreword Preface About the Author 1 Understanding Organizational Context
Where to Begin? Use of Work Breakdown Structure (WBS) Understanding of Organization Structure Types of Organizational Structures
Understanding the People Culture
Understanding the IT Infrastructure of the Organization Study the Geographical Dispersion of Business Understanding Applicable Compliance Requirements of the Organization
Understanding Third-Party Service Providers
Refer to Audit Reports
2 Business Impact Analysis
Introduction to Business Impact Analysis (BIA)
Definitions Top Management Commitment Geographical Scope of a BIA
Data Gathering for the Business Impact Analysis
Some Golden Rules for Data Collection for BIA Key Deliverables from Data Collection for BIA
Observation Surveying Face-to-Face Key Informant Interviews Group Interviews Document Analysis Workshops Delphi Technique
Appendix Conducting an Interdependencies’ Workshop
Background Attendees to the Interdependencies’ Workshop Steps for Conducting Interdependencies Workshop Benefits of Dependency Workshop Conclusion
Business Impact Factors
Chief Impact Factors on Business Some Emerging Trends in Global Business Environment
External Factors That Impact Business Legal and Regulatory Factors Environmental Factors Operational Factors
Technology
Business Impact Analysis
Loss Impact Analysis PESTLE Analysis for BIA Application Impact Analysis
Identify Mission-Critical Records Recovery of Documents Minimum Business Continuity Objectives (MBCOs)
Failover and Failback Systems Content of the BIA Workbook per Business Unit Consolidate BIA Responses
Annexure A Case Study of Ambiguous Bank Inc. Disaster Recovery and Business Continuity Planning
3 Risk Assessment and Reporting
Introduction
Risk Breakdown Structure Risk Assessment and Business Impact Analysis
Risk Management
Risk Management Framework Risk Management Framework Development PPRR Risk Model
PPRR Steps Risk IT Framework (ISACA) The Risk IT Principles What Are the Benefits of Using Risk IT?
Business Rationale for Risk Management Framework Risk Identification (Risk Identification, Risk Register)
Techniques for Risk Identification Risks That Affect Business Risk Inventory and Risk Register
Risk Analysis (Threats, Vulnerabilities, Analysis, Business Impact from Risk and Recommendations for Risk Treatment Strategies) Risk Evaluation Techniques Preliminary Hazard Analysis (PHA) Risk Ranking and Filtering Supporting Statistical Tools Basic Risk Management Facilitation Methods Initiating a Quality Risk Management Process Risk Assessment Methodologies (Qualitative Assessment, Quantitative Assessment)
Risk Estimation Techniques
Qualitative Risk Analysis Risk Calculator Mixed Risk Assessment Controls Recommendations
Recommend Recovery Strategies
Risk Treatment (Accept, Avoid, Share, Transfer, Insure)
Avoid the Risk Reduce the Risk
Risk Control
Transfer the Risk Accept the Risk
Risk Management Plan, Risk Review, and Risk Monitoring
Risk Treatment Plan
Use of Dashboards for Risk Monitoring Risk Heat Map Sensitivity Analysis Internal Rating System
Risk Communication Review and Update Your Risk Management Plan Customize a Risk Management Plan for Your Organization
Conclusion Risk References Risk Glossary
4 Business Impact Analysis Reporting and Commitment of Resources
Format for Management Report Contents of the Report
Business Units, Business Processes, Criticality Benchmarks
Depiction of Critical Functions/Departments and Criticality Scores Criticality Benchmarks
Business Interdependencies Single Point of Failure Criticality Can Be Defined across Timelines Load Analysis Chart Recovery Objectives and Workaround Procedures
Turnaround Time (TAT) Recovery Objectives
Integrating Risk Assessment Findings into the Management Report Losses on Past Incidents Dollar Loss by Downtime
Formalizing Management Report and Presentation
Essential Features of BIA/RA Report to Management
Calculation of ROI on Investment in BCM
Recommendations to Management
Segregation of Duties Managing Change
Case Study
Continuous Monitoring of BIA/RA Results Keeping the BIA Alive Conclusion
5 BCM Strategy and Plans
Introduction Formulation of Business Continuity Strategy
Corporate Sponsorship Preplanning Phase
Mission Statement for Business Continuity BCM Objectives Ascertain the Budget Evaluate the Different Recovery Options Awareness and Training Other Factors
Planning and Development
Business Continuity Team Organization Review the BCM Strategy Requirements Evaluating Recovery Alternatives in the Light of BCM Objectives Documenting the BCM Strategy
Case Study—Sriman Health Insurance
Details of Company Solution BCM Strategy of Sriman Health Insurance Recommendations for Remediation Noted during BIA/RA (Preventive Measures)
Implementation and Maintenance
Introduction of BCM Applications to Review and Update BCM Plans Business Continuity Follows the PDCA Cycle (Plan-Do-Check-Act)
Business Continuity Management Plans
Business Imperatives Plan Development
Emergency Response Plan (ERP) Crisis Management Plan
Crisis Communication Plan (Suggestive)
Incident Management Plans Business Recovery Plans or Business Continuity Plans Business Resumption Plans
Components of BRP Example Business Resumption Plan
Annexures Annexure A: BCM Task List Annexure B: Emergency Preparedness Plan and Team Annexure C Annexure D: Crisis Communication Form—Incident Media Call Sheet Annexure E: Incident Declaration Criteria Annexure F: Incident Management Plan Template Annexure G: Incident-Handling Log Annexure H Annexure I Annexure J: Incident-Handling Procedures Incident-Handling Procedures—Earthquake
Earthquake Emergency Response Procedures Practice Drills
Major Considerations during an Earthquake Drill Before During an Earthquake After an Earthquake Evacuation Instructions and Plans Insurance Checklist
Establish Priorities Gather and Store Important Documents in a Fire-Proof Safe
Incident Response Procedures for Floods Hazard
Policy Notification Procedures Incident Response in Case of Building Floods
Incident Response Procedures for Terrorist Attacks
Consequences of a Terrorist Attack After the Incident Procedures
Appendix
6 Information Technology Is All Pervasive in an Organization
Introduction Emerging Technologies in Business
Features of IT in an Enabling Capacity
Information Technology Infrastructure
The Need for an Information Systems Infrastructure
Managing the Hardware Infrastructure Managing the Software Infrastructure Data and Knowledge Facilities Web Services Managing the Human Resource Infrastructure
IT Disaster Recovery Plan
Storage and Server Options
Data Backup Data Marts
Choosing the Right Backup Strategy
Disk Replication (Mirroring, Shadowing)
Server Virtualization
Business Recovery in a Cloud Cloud Services: Computing Backup to the Public Cloud
Use of IT Services to Improve Resiliency
Backup as a Service (BaaS) Storage as a Service (STaaS) DR as a Service Software as a Service
Evaluation of Business Continuity Strategy of Critical Vendors Legal and Regulatory Considerations in a Business Recovery Security of Operations, a Key Consideration in Recovery Planning IT Disaster Recovery Management Program Office IT DRM Team Organization BCM Governance Decisions BCM Program Implementation and Management Processes and Mechanisms
Preliminary Steps Developing the BCM Program
Disaster Recovery Scenario
Implement and Validate Monitor and Manage
BCM Program Metrics
Tier One Metrics in Business Continuity Programs Tier Two Metrics in Business Continuity Programs
Considerations for DR Siting
Considerations in Designing the DR Plant Considerations in Building Own DR Site Updates to the DR Plan
Audit/History
Disaster Recovery Testing Administration/Maintenance of the Plan Emerging Technology Benefits for BCM
Conclusion
7 Business Continuity Tests and Exercises
Introduction Nature of Tests and Exercises
Discussion-Based Exercises
Plan Orientation or Plan Walkthrough Game Live Play Workshop (Scenario-Based) Desk Check Exercise Checklist Exercise Desktop Exercises or Tabletop Exercises (TTXs)
Operations-Based Exercises
Drill Functional Exercise Full-Scale Exercise Simulation Exercise Technical Recovery Testing IT Environment (Systems and Application) Walkthrough Alternate Site Testing
Frequency of Tests and Exercises Debrief Teams of Testing Methodologies
Parts of BCM Testing
Scenario Planning Development of Scenarios Key Points in Scenarios Requirements of a Scenario
No Blame Scenario
Scenarios Rehearsing Lack of People Ex. Pandemic Flu Scenarios to Rehearse “Lack of Access” Scenarios to Rehearse Lack of Rehearsing “Lack of Infrastructure” Illustrative Examples
Blackout Downtime Terrorism
Debrief Assumptions in Building Scenarios Example Scenarios Aftermath of Disaster Reason Why Organizations Must Plan for People Reactions? Cyclical Testing of the Disaster Recovery Plan Preparing a Test Plan Considerations Governing Design of Exercises Formal Change Control Process Define Change Control Process Business Continuity Plan Exercise, Audit, and Maintenance Identify Postexercise Activities Establish Plan Maintenance Program Evaluating BCM Plans Set Up the Next Exercise
Annexures Annexure A: Considerations in Taking Help of Experts Annexure B: Scenario Task List Annexure C: Tabletop Exercise Walkthrough Scenario
Inject One Inject Two Inject Three
8 Aligning IT with Business Requirement
Introduction Considerations in Requirement Analysis and Specifications Application Impact Analysis
Coverage
Impact of Security Concerns Caused by IT Telecommunication Continuity Needs and Implementation of the Same
Last Mile Circuit Protection
Five Guiding Principles for Enhancing the Resilience of Communications
Impact from Data Unavailability/Corruption
Optimize Your Data Centre Environment
Impact from Failure of Supply Chain
BCM Supply Chain Vendor Checklist Key Principles
Best Results Come from Alignment and Optimization
Information Technology Service Continuity Management Why ITSCM? ITSCM Processes ITSCM Objectives Risks Addressed by ITSCM ITSCM Must Be Aligned to the Business Continuity Lifecycle Service Level Management The Business Value of ITSCM
Conclusion
9 Comparative Analysis of Requirements for Common Standards/ Compliances
Need for Standards for BCM BCM Standards
NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity ASIS SPC.1 ASIS International SPC.1-2009 Organizational Resilience: Security, Preparedness, and Continuity Management Systems
ASIS SPC.1
BS 25999 The British Standard 25999-2:2007
NFPA 1600 versus BS 25999 DRII/DRJ GAP versus BCMI GPG 2013 Professional Practice Subject Area Overview
ISO 22301 Was Published by the International Standardization Organization
ISO 22301 Standard for Societal Security COBIT 5, Risk IT, and Val IT ISO 31000 (Risk) Alignment with ERM Common Points between ISO 27001, PCI DSS, and ISO 22301 Greater Focus across Standards for Third-Party Supplier Management How PCI DSS Can Support Third-Party Aspects of ISO 27001 Audits ISO/PAS 2239:2007—Guideline for Incident Preparedness and Operational Continuity Management Overview of Information Security Standards and IT’s Role Enhance Leadership Teams and Align Response Strategies
Management to Take a Call on Certification BCM Audit Assurance Program
Annexure A
Assessment Maturity versus Target Maturity
Conclusion
Appendix: Annexures, Templates, Questionnaires, BIA and RA Forms, Graphs, and Illustrations Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion