Scribd Logo
Upload

Welcome to Scribd!

  • 3.2 - DRP Analysis

    Uploaded by

    Eduardo Morales Ensastiga
    7 views9 pages
    The document outlines the analysis phase of developing a disaster recovery plan (DRP). It discusses analyzing applications' impact, identifying critical applications, and determining minimum requirements. The analysis involves prioritizing applications by their importance to daily operations and determining the impact of downtime. It allows an organization to understand tolerance times and resources needed for continued functioning. Proper documentation is needed throughout the analysis process.

    Original Description:

    Original Title

    3.2- DRP Analysis

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines the analysis phase of developing a disaster recovery plan (DRP). It discusses analyzing applications' impact, identifying critical applications, and determining minimum requirements. The analysis involves prioritizing applications by their importance to daily operations and determining the impact of downtime. It allows an organization to understand tolerance times and resources needed for continued functioning. Proper documentation is needed throughout the analysis process.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views9 pages

    3.2 - DRP Analysis

    Uploaded by

    Eduardo Morales Ensastiga
    The document outlines the analysis phase of developing a disaster recovery plan (DRP). It discusses analyzing applications' impact, identifying critical applications, and determining minimum requirements. The analysis involves prioritizing applications by their importance to daily operations and determining the impact of downtime. It allows an organization to understand tolerance times and resources needed for continued functioning. Proper documentation is needed throughout the analysis process.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    Disaster Recovery Plan

    3.2- DRP Analysis


    3.2- DRP Analysis

    A DRP Methodology is part of the ISO 27001 Information Security


    Standard. It is normally Divided in 4 Parts:

    Analysis Planning Preparation Tests

    Recovgery
    DRP Organization
    Strategies
    Action Plan Testing

    Methodology App. Impact Recovery Minimum


    Analysis Committees Requirements

    Vital Records

    Procedures
    3.2- DRP Analysis

    DRP
    Methodology
    3.2- DRP Analysis

    During the first Stages of the Organization of the Project to Drive a


    DRP, the following 9 factors need to be defined:

    1. Members of the DRP Work team


    2. Scope of the Plan
    3. Review and understanding of the Objectives
    Organization of 4. Gathering of base Information
    5. Analysis of the current Operational processes
    the Project 6. Training of the DRP Work Team
    7. Development of the Work Plan
    8. Communication of the Plan
    9. Definition of Control Points

    Proper documentation needs to be written for every step of the


    organization stage.
    3.2- DRP Analysis

    Applications Impact Analysis (AIA) is the Analysis of all the


    applications that the IS/IT area manages, in order to identify the
    most CRITICAL ONES for the business, and the minimum
    requirements they need to operate.

    It also helps identify the impact each application has in other


    applications.
    Application
    Impact Analysis The AIA has the following Objectives:

    1. Prioritize the applications that support the daily operation of


    the organization.
    2. Determine the impact of not having a specific set of
    application(s) available for a specific period of time.
    3. The mínimum HW and SW required to recover the operation of
    each organization’s system.
    3.2- DRP Analysis

    AIA allows the business to answer 3 main questions:

    1. Which are the Business functions with the higher Impact and
    Cost?.
    2. How much time can the Organization endure without its
    critical applications?
    3. How long can an organization survive without its Technology
    Application services?.
    Impact Analysis
    AIA Concepts:

     Tolerance Time: Maximum time in which Systems can be down


    without Impacting an organization. It may change depending on
    the day of the Week/Month.
     Critical periods: Specific days of the week/month/year in which
    the operation of the business increases.
    3.2- DRP Analysis

    Minimum Operational Requirements:


    List of all of the resources needed for the organization to operate,
    including technology, documentation, equipment, office supplies,
    etc.

    Other AIA
    Vital Records:
    Related
    Files, Data Bases, Documentation, Lists of Vendors, Invoices,
    Concepts Records, etc. That may be stored in different kinds of media which
    mey be needed for the operation of ther organization.
    3.2- DRP Analysis

    Several factors serve as a guideline to identify Critical


    Applications:
    1. Operational Impact.
    2. Legal / Tax Impact

    AIA 3. Image Impact

    Identification 4. Financial Impact


    Criteria 5. Third Party Impact (Customers, Vendors, Partners)
    6. Communication Impact
    3.2- DRP Analysis

    DRP

    You might also like