Chapter 8: Business Continuity and Disaster Recovery

Disaster Recovery Plan (DRP):

• The DRP is in effect when everything is still in emergency mode and critical systems need to be back online.
• Goal of disaster recovery is to minimize the effects of a disaster or disruption.
• Taking necessary steps to ensure resources, personnel, and business processes are able to resume operations in a timely manner.

Business Continuity Plan (BCP):

• BRP involves getting critical systems to another environment while repair of the original families is under day.
• Getting the right people to the right place during the disaster times.
• Performing business in a different mode until regular conditions are back in place.
• Dealing with customers, partners, and shareholders through different channels until everything returns to normal.

Business Continuity Management (BCM):

• BCM is a general management process that should cover both BRP and DRP.
• Main objective is to allow the organization to continue to perform business operations under various conditions.  

Standards and Best Practices:

Special Publication 800-34, Continuity Planning Guide for Information Technology System is what the US government organizations must have and “good to have” for other nongovernment entities.

• Develop the continuity planning policy statement
• Conduct the business impact analysis (BIA)
•  Identify preventive controls
• Develop recovery strategies
• Develop the contingency plan
• Test the plan and conduct training and exercise
• Maintain the plan