What entity is responsible for creating the DR team? What roles should the DR team perform?
The CPMT. Develop DR plans, maintain and update DR plans, test plans, train.
What are the commonly used subteams of the DR team? What role does each play?
hardware team, software team, and a network team
What are some examples of special documentation or equipment that may be needed for DR team members?
Data recovery software, blueprints, keys, water lines, insurance contacts
What are the steps that are generally followed in the DR development process
Develop DR planning policy statement, review BIA, identify preventive controls, create DR contingency strategies, develop the DR plan, ensure DR plan testing, training, and exercises, and ensure DR plan maintenance.
What key elements should be included in the DR policy?
Purpose, scope, roles & responsibilities resource requirements, training requirements, exercise and testing schedules, plan maintenance schedule, special considerations.
How does a general contractor affect the DR plan?
What are the 3 general sections of planning for DR activities?
Client/server, data communications, mainframe
WHY ARE THE DR ACTIVITY GROUPS PRESENTED OUT OF SEQUENCE (DURING, AFTER, BEFORE) instead of chronological
Activities during a disaster are most urgently needed in the event of plan activation, it is the important to determine what to do immediately following a disaster, and least important to plan before a disaster.
What are the major activities planned to occur during the disaster?
Identify trigger, escalate. Identify what must be done to react.
What are the major activities planned to occur after the disaster?
What are the major activities planned to occur before the disaster?
.test, train, exercises.
What is a DR after-action review (AAR), and what are the primRY OUTCOMES FROM IT?
What worked and what didn't, improvements.
According to NIST SP 800-34, what 2 perspectives should be used to plan a system recovery strategy?
Contingency planning from DR and BC
What are the advantages of combining the DR and BC plans? What are the disadvantages?
A - saves efforts and cost D - They require different teams
What are the ongoing challenges associated with local emergency services, service providers, and community-related issues that organizations face when confronted with a disaster?
Delay under triage of requirements so that most critical get answered first. Public services such as transportation and garbage collection will be delayed. Utilities will be disrupted.
What is a worst-case scenario?
A situation that results in service disruptions for weeks or months, requiring a government to declare a state of emergency.
What are the primary goals of business resumption planning?
1) eliminate or reduce the potential for injuries or loss of human life, damage to facilities, and loss of assets and records, 2) stabilize the effects of the disaster; and 3) implement the procedures contained in the DR and business resumption plan
What are the key features of the DR plan?
- Clear delegation of roles and responsibilities - Execution of alert roster and notification of key personnel - Use of employee check0in systems - Clear establishment and communication of business resumption priorities - Complete and timely documentation of the disaster -Preparations for alternative implementations
Describe the phases in a DR plan
Preparation - Planning and rehearsal Response - Identification of disaster, notifications, and immediate response Recovery - Recovery of necessary business information and systems Resumption - The restoration of critical business functions Restoration - The reestablishment of operations are the primary site as it was before the disaster
What is job rotation? Why is it a useful practice from a DR plan perspective?
Prepares staff for personnel shortages or outages.
What does it mean when operations are in degraded mode? Should organizations prepare to operate in this mode?
Degraded mode is when operations are under adverse conditions. Organizations should prepare for this in order to learn how to adapt to these situations.
What should be the primary focus of the training that is provided to the network recovery team?
Reestablishing ad hoc networks quickly but securely.
What are the primary duties of the business interface team?
This team is responsible for working with the remainder of the organization to assist in the recovery of non technology functions.
How should the business interface team be trained?
Should combine technical and non technical functions to ensure that the technology needs of the business groups are met. Training involves interfacing with the various business groups to determine their routine needs.
Describe the various rehearsal and testing strategies that an organization can employ.
desk check - provide copies of DR plan, simulation - stop short of actual physical activity, parallel testing, full-interruption, war gaming. Sequential roster for small organization, hierarchical structure for large organizations.
Why must the alert roster and the notification procedures that use it be tested more frequently than other components of the DR plan?
It is subject to continual change because of employee turnover.
What is an auxiliary phone alert and reporting system, and what functions can it perform for an organization during DR planning?
An IS with a telephony interface that can be used to automate the alert process. It can distribute info about the disaster and collect info about status of employees. Faster than manual alert system.
Describe the use of an "I'm okay" line. When and how might an organization make use of this technology?
This service allows employees when notified of a disaster either by alert system or through public media to call a predetermined number. Employees report status by entering employee number.
What are the primary objectives of the response phase of the DR plan?
- Protect human life -Attempts to limit and contain the damage to the organization's facilities and equipment -Manage communication with employees and other stakeholders.
What are the primary objectives of the recovery phase of the DR plan?
-Recover critical business functions -Coordinate recovery efforts -Acquire resources to replace damaged or destroyed materials and equipment -Evaluate the need to implement the BC plan
What are the primary objectives of the resumption phase of the DR plan?
- Initiate implementation of secondary functions -Finalize implementation of primary functions -Identify additional needed resources -Continue planning for restoration
What are the primary objectives of the restoration phase of the DR plan?
-Repair all damage to primary location or select or build replacement facility
-Replace the damaged or destroyed contents
-Coordinate the relocation from temp offices to primary location or to a suitable new replacement facility
-Restore normal operations at the primary location, beginning with critical functions and then secondary - Stand down the DR teams and conduct the after-action review
What is a BCP?
The final response of the organization when faced with any interruption of its critical operations.
What is the difference between disaster recovery and business continuity?
DR - normal functions at primary site BC - normal functions alternative site
What are RTO and RPO?
RTO- amount of time business can tolerate until the alternate capabilities are available RPO - Point in the past to which the recovered application and data at the alternative infrastructure will be restored
What parts of the organization should the BC team draw on for its members?
-Senior management -Corporate functional units -IT managers -Information security managers