Disaster Recovery
There are many types of disasters that can cause a disruption to an organization. - A Business Impact Analysis can be conducted to identify the most critical functions for an organization.
- A disaster recovery plan is created to outline an organization’s plans to recover in the event a disaster strikes.
- A business continuity plan is created to outline the order that business functions will be restored so that the most critical functions are accomplished first.
- One of the most critical elements of any disaster recovery plan is the creation and maintenance of system backups.
- Backups should include not only the organization’s critical data but critical software as well.
- Exercises can play an important role by allowing personnel to practice the procedures established by the organization in the event of a security incident.
- Drills and exercises can play an important role by allowing personnel to practice procedures the organization has established in the event of a security incident.
Policies and Procedures - Security policies are high-level statements produced by senior management to outline what security means to the organization.
- There are a number of standard policies that most organizations create including Acceptable Use, Internet Usage, and E-mail Usage policies.
- Human Resource policies are important to ensure that unacceptable risks are not taken in the event of an employee separating or being terminated.
- Incident Response Policies are critical in order to outline, in advance, the steps the organization will take to respond to a security incident.
|