CIS 693 W7 Continuity

Requirement #5: Enterprise-Wide Business Continuity and Disaster Recovery Plan – (Due end of week 7)

Using your enterprise security plan proposal as a guide, write the enterprise business continuity and disaster recovery plan for your chosen organization. Good business continuity plans will keep your company up and running through interruptions of any kind: power failures, IT system crashes, natural disasters, supply chain problems and more. Given the human tendency to look on the bright side, many business executives are prone to ignoring “disaster recovery” because disaster seems an unlikely event.

Your plan should have the following attributes:

Disaster Recovery Plan – The disaster recovery provides detailed strategies on the steps that employees must follow during, and immediately after, a disaster. Not only does the plan provide exit procedures, it outlines communication instructions that ensure that every employee is accounted for and in communications with the central hub. This business hub includes emergency supplies, flashlights, backup business information and other items that have been outlined as important to the business and the safety of its employees and customers.

Business Continuity Plan – The business continuity plan takes the disaster recovery plan one step further. This plan outlines how the business will continue its operations after the disaster. It also outlines how the business will continue its operations after smaller, less disastrous events, such as power outages. The plan outlines how and where the business will operate if it is forced to move to a temporary location. It identifies the long-term, crucial strategies that are needed to ensure that the business maintains stability and generates profits.

Source: http://smallbusiness.chron.com/disaster-recovery-p…

Your plan should be a 3.5 page paper (a minimum of three pages of content) to discuss the enterprise Business Continuity and Disaster Recovery plan for the organization that you have chosen.

A link for articles on recovering from computer disasters (link shortened):

http://tinyurl.com/h5sla8s

How to write a Disaster Recovery Plan (link shortened):

http://tinyurl.com/zvuzfmf

On Sun, Oct 11, 2020 at 12:31 PM oduor evans <[email protected]> wrote:

On Sat, Oct 10, 2020 at 11:45 PM cosmas ngila <[email protected]> wrote:
11am
On Sat, Oct 10, 2020 at 8:49 AM cosmas ngila <[email protected]> wrote:
4 pages due 1am
Using your enterprise security plan proposal as a guide, write the enterprise risk assessment for the organization.
Enterprise Risk Management (ERM) has been defined by some as “a process, affected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
What this long definition is saying (not in so many words) is Risk Assessment includes the methods and processes used by organizations to define and manage risks and seize opportunities related to the achievement of their objectives.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM Framework has eight components and four objectives categories.
The eight components – additional components highlighted – are:
Internal Environment
Objective Setting
Event Identification
Risk Assessment
Risk Response
Control Activities
Information and Communication
MonitoringThe four objectives categories – additional components highlighted – are:
Strategy – high-level goals, aligned with and supporting the organization’s mission
Operations – effective and efficient use of resources
Financial Reporting – reliability of operational and financial reporting
Compliance – compliance with applicable laws and regulationsYour Risk Assessment plan should be a 3-5 page paper (a minimum of three pages of content) to discuss how risks are defined, assessed and responded to. Monitoring activities should be included in the assessment process you outline.
A link for an example of a Risk Assessment Plan for Purdue University:
http://www.purdue.edu/ia/erm/assessment.html
A link for knowing risks and best practices:
Neoh, D. (2004). Corporate Wireless LAN: Know the Risks and Best Practices to Mitigate Them. Retrieved from http://www.sans.org/rr/whitepapers/wireless/1350.php
Hey, It is building on the security proposal plan I will attach if needed.

Attachments area