This Infographic is Free to Download

Simply fill out the form below to access our ``Ready for a Pen Test?`` Infographic.

Business Impact Analysis (BIA)
Determining recovery requirements

  • Identify all functions performed for all departments within scope.
  • Map interdependencies and information flows between functions to fully
    understand the consequences of loss.
  • Determine the length of time that the organization can live without each function
    before the loss becomes unacceptable (e.g. Recovery Time Objectives [RTOs]).
    (look beyond loss of revenue as the sole criterion).
  • Identify enabling requirements (IT, personnel skill sets, etc.).
  • Validate frequency of backups.
  • Identify Single Points of Failure (SPOFs).What database users have access to sensitive data?

Recovery Strategy Analysis (RSA)
Understanding and fulfilling recovery requirements

  • Develop your recovery organization with the necessary teams and their proper
  • Understand the available recovery strategies in the industry and the Recovery Time
    Objectives (RTOs) those strategies support.
  • Map requirements from the BIA to the available strategies, determine cost and ease
    of implementation and then decide the best strategies for your organization.
  • Implement the necessary contracts and integrate those strategies into your recovery

Business Continuity Plan (BCP)
Write your plans to include the following:

  • Damage assessment procedures.
  • Activation criteria based on the comparison between the estimated time to repair
    and RTOs.
  • Recovery team(s) rosters and sub-plans for those teams that provide the activation
    procedures for the approved strategies.
  • Critical vendor / supplier POCs and contact information.

BCP Training
Develop critical skills

  • Ensure your people with recovery roles and responsibilities are trained to fulfill
    those duties.
  • Ensure all personnel in the organization have a familiarization of recovery policies
    and where to go for information in the event of an incident / disaster

Exercise Your Plan
Test to verify your plans efficacy

  • Use realistic scenarios.
  • Ensure coordination and participation among all personnel with recovery roles
    and responsibilities.
  • Use the exercise results to refine your plan and update training curriculum.