Articles
Welcome to our articles page. You will find articles on various aspects of Information Security and Business Continuity promulgated here. This is done on an ongoing basis for free of cost for your education. We emphasize your cooperation to refrain from redistributing our content for commercial purposes without our prior written consent. However, you are free to use it for your personal (educational and research) purposes or to implement a certain roadmap or strategy in your organization.
We partner with CyAlpha — a Calgary-based Cyber consulting firm, to offer you the above services.
Business Continuity Planning: Business Continuity vs. Disaster Recovery
Business Continuity and Disaster Recovery are entirely different strategies despite their similarities. Business Continuity is to ensure that the business continues executing critical business processes. Disaster Recovery outlines the processes and procedures to restore vital technology to execute those business processes.
Business Continuity Planning: Testing, documenting and operationalizing
In Part 13 of our Business Continuity Planning series, we discussed how to design a business recovery strategy. This article will cover the final stages of building a BCP. You will learn:
how to conduct awareness workshops
how to test your recovery strategy
how to document your BCP how to operationalize your BCP
Business Continuity Planning: Components of the recovery strategy
In Part 12 of our Business Continuity Planning series, we discussed the key inputs you need to define your organization’s recovery strategy, as well as the advantages of having a secondary physical location that can be used as a recovery site. In this article, we will discuss the components of the recovery strategy that are necessary to document and operationalize.
Business Continuity Planning: Requirements to design a recovery strategy
In Part 11 of our Business Continuity Planning series, we discussed some of the key aspects of building a recovery strategy, such as disaster categorization and classification. In this article, we will discuss what you should consider when designing your recovery strategy.
Business Continuity Planning: Preparing to draft the recovery strategy
A well executed recovery strategy could mean the difference between your organization bouncing back after a disaster or never recovering. While there are countless potential disasters you can face, if you can categorize them into two or three simple groups and assess the severity of the risks, you will find it much easier to respond quickly and effectively when something does happen.
Business Continuity Planning: Conducting the risk assessment and reporting
Once your team has prepared for the risk assessment phase, you should identify the risks to the key processes (and their dependencies, including manpower, office, information and hardware). Once identified, these risks should be analyzed and ultimately their severity and likelihood should be evaluated. These findings should then be discussed with enterprise risk teams, GRC, department heads, presented to the applicable committee(s) and transferred to your enterprise risk management team for tracking.
Business continuity planning: Preparing to conduct the risk assessment
Once the business impact reporting is done, preparation to conduct risk assessment must commence. The scope and context for the risk assessment must be defined and the analysts must be identified. A framework to conduct the risk assessment must be developed or adopted, depending on the availability of such a framework in your organization. Then you need to conduct a workshop with the risk management team to discuss your plan, incorporate their feedback and then present the strategy for this phase of the program to the committee and the champions.
Business continuity planning: BIA Analysis and reporting
In this article, we will look at the post-interview analysis, clarifications stage and the process for reporting and acceptance.
Business continuity planning: Conducting the Business impact analysis interviews
In Part 6 of our Business Continuity Planning series, we discussed the preparations required to conduct interviews for a business impact analysis (BIA). In this article we will discuss conducting interviews with your selected champions and subject matter experts (SMEs) for the analysis.
Business continuity planning: Preparing for the Business impact analysis
Business impact analysis is a crucial part in planning for business continuity, so designing a thorough data collection template is essential. The template must be designed according to your company needs and then tested with some real business scenarios. Only then, can you confirm the interview schedules and officially begin conducting your analysis. In this article, we will discuss preparing for business impact analysis which is part of the planning stage of the program.