Professional Documents
Culture Documents
Overview
After completing your BCP outline for your scenario and IT infrastructure, answer the
following Lab #8 – Assessment Worksheet questions. These questions are specific to the
BCP you performed for your scenario and IT infrastructure. Justify your answers where
needed.
Lab Assessment Questions
BCP involves defining any and all risks that can affect the company's operations,
making it an important part of the organization's risk management strategy. Risks
may include natural disasters—fire, flood, or weather-related events—and cyber-
attacks.
Natural disasters: A BCP can help organizations prepare for and respond to
natural disasters such as hurricanes, earthquakes, wildfires, or floods.
Cybersecurity incidents: A BCP can help organizations respond to and
recover from cybersecurity incidents such as data breaches, ransomware
attacks, or denial-of-service attacks.
Equipment failures: A BCP can help organizations minimize the impact of
equipment failures such as server crashes or power outages.
Supply chain disruptions: A BCP can help organizations identify alternative
suppliers or workarounds in case of supply chain disruptions due to factors
such as shipping delays, raw material shortages, or geopolitical events.
Human error: A BCP can help organizations minimize the impact of human
errors such as accidental data deletion, misconfigured systems, or
unauthorized access.
3. If you have business liability insurance, asset replacement insurance, and natural
disaster insurance, do you still need a BCP or DRP? Why or why not?
4. From your scenario and BIA from Lab #7, what were the mission critical
business functions and operations you identified? Is this the focus of your BCP?
11. Within your BCP outline, where will you find a list of prioritized business
operations, functions, and processes?
The detailed backup and system recovery information is located in the "Recovery
Procedures" section of a Business Continuity Plan (BCP) outline. This section
provides a step-by-step guide for restoring critical systems and processes in the
event of a disruption or disaster. It includes information on backup procedures,
recovery processes, responsibility, required tools, and resources. Regular review
and update of this section are necessary to ensure its effectiveness and
relevance to the organization's IT environment and business needs.
13. Within your BCP outline, where will you find a policy definition defining how
to engage your BCP due to a major outage or disaster?
The policy defining how to engage the BCP due to a major outage or disaster is located
in the "Activation Procedures" section of a BCP outline. This section outlines the criteria
for activating the plan, steps to initiate it, and the roles/responsibilities of key personnel
involved.
14. Within your BCP outline, where will you find a policy definition defining the
resources that are needed to perform the tasks associated with BC or DR?
The policy definition for resources required to execute tasks associated with Business
Continuity (BC) or Disaster Recovery (DR) is found in the "Resource Requirements"
section of a Business Continuity Plan (BCP) outline. This section specifies the hardware,
software, communication systems, and personnel needed to execute the BC or DR plan.
It also details how these resources will be obtained during an emergency and identifies
any relevant agreements with third-party vendors and service providers. The Resource
Requirements section needs to be reviewed regularly to maintain its effectiveness and
relevance to the organization's IT environment and business goals.
15. What is the purpose of testing your BCP and DRP procedures, back-ups, and
recovery steps?
Testing BCP and DRP procedures, backups, and recovery steps is crucial to identifying
weaknesses and improving an organization's response to disruptions. It familiarizes
employees with their roles, resolves technical issues, and allows for refining processes.
Overall, testing ensures that the plans and procedures are effective and reliable during
an emergency.