Domain 5: Contingency Management
Terms in this set (22)
A general term for a contingency or COOP site used to assume system or organizational operations in the event that the primary site is not usable for a period of time.
A copy of files and programs made to facilitate recovery if necessary.
Business Continuity Plan
The documentation of a predetermined set of instructions or procedures that describe how an organization's mission business processes will be sustained during and after a significant disruption. (Also called Business Recovery/Resumption Plan).
Business Impact Analysis (BIA)
An analysis of an information system's requirement functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a signification disruption.
A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event that the user has to move from their main computing location to an alternate site.
See Information System Contingency Plan.
Continuity of Operations (COOP) Plan
A predetermined set of instructions or procedures that describe how an organization's mission essential functions will be sustained within 12 hours and for up 30 days as a result of a disaster event before returning to normal operations.
Disaster Recovery Plan (DRP)
A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities.
An unplanned event that causes an information system to be inoperable for a length of time (e.g., minor or extended power outage, extended unavailable network, or equipment or facility damage or destruction).
A hot site with very rapid ability to assume all operations, usually less than an hour, and often a matter of seconds. Sometimes referred to as a "Mirror Site".
A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption.
A discrete set of resources organized for the collection, processing, maintenance, use sharing, dissemination, or disposition of information.
Information System Contingency Plan (ISCP)
Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies,system failures, or disaster.
Information System Contingency Planning
The dynamic development of a coordinated recovery strategy for information systems, operations, and data after a disruption. The planning process requires seven tips: develop contingency planning policy statement; conduct the business impact analysis (BIA); identify preventive controls; develop recovery strategies; develop the information System Contingency Plan (ISCP); test and exercise the plan and train personnel; and maintain the plan.
Maximum Tolerable Downtime
The amount of time mission/business process can be disrupted without causing significant harm to the organization's mission.
An agreement that allows two organizations to back up each other.
Recovery Point Objective
The point in time to which data must be recovered after an outage.
Recovery Time Objective
The overall length of time an information system's components can be in the recovery phase before negativity impacting the organization's mission or mission/business processes.
The ability to quickly adapt and recover from any known or unknown changes to the environment through holistic implementation of risk management, contingency, and continuity planning.
The management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information.
System Development Life Cycle (SDLC)
The scope of activities associated with a system, encompassing the system's initiation, development and acquisition, implementation, operation and maintenance, and ultimately its disposal that instigates another system initiation.
An environmentally conditioned work space that is partially equipped with information systems and telecommunications equipment to support relocated operations in the event of a significant disruption.
YOU MIGHT ALSO LIKE...
Test Preparation TOEIC, SAT, TOEFL
Ch. 3 Planning for Contingencies
Business Continuity and Disaster Recovery Planning
OTHER SETS BY THIS CREATOR
Domain 1: Leadership and Business Management
Domain 4: Threat Intelligence and Incident Management
Domain 2: Systems Lifecycle Management
Domain 6: Law, Ethics and Security Compliance Management
THIS SET IS OFTEN IN FOLDERS WITH...
Domain 3: Risk Management
Chapter 7: Security Testing and Incident Handling
Chapter 8: Physical Security Managing Change and Personnel Training
Domain 5: Systems Engineering Technical Management