Lite Contingency Plan: BIA, IRP, DRP, and Business Continuity Plan: BCP - Guidelines and Report
This assignment exercises the analysis and development of a Lite Contingency Plan (BIA, IRP, DRP, and Business Continuity Plan: BCP). The development of a workflow diagram is essential in displaying the relationship between the four components. This is critical for the IRP and DRP, as an IRP can launch a DRP when a threat disrupts a system through ransomware, DDoS, or other malicious attacks against a system.
Use the following guidelines to create an 8- to 12-page report using the same corporate profile selected earlier.
- In one to two paragraphs, summarize the objective of conducting a BIA for your selected company. Describe the benefits, potential outcomes, and company enhancements.
- Obtain the list of threats against the assets identified in your Topic 5 assignment, "Risk Management Assessment and Control," and place them in a table.
- Prioritize this list from highest impact to lowest impact to the company.
- Add a column and describe how loss of the process, system, data, etc., will impact the company.
- Assuming worst-case scenario, add a column and describe the appropriate measures to recover from the threat.
In three to four pages, detail an IRP to include:
- Brief overview
- Roles and responsibilities (from Users to CISO)
- Reporting guidelines
- Example workflows diagram – Event to resolution
- Explain the six stages of incident handling as it relates to the company
- Escalation procedures with an associated chart
Establish a DRP Policy in one to two pages that contains the following in alignment with the company:
- Purpose
- Scope
- Roles and responsibilities
- Resource requirements
- Training requirements
- Exercise and testing schedules (include IRP exercise and schedules)
- Plan maintenance schedules
In three to four pages, close out the assignment with a complete BC Plan that includes the following:
- Describe which usage strategy (Hot site, Warm site, or Cold site) the company will use and why (explain the benefit to the company).
- Explain how the company will use and sustain the usage strategy.
- Detail the critical systems/assets recovery procedures.
- Provide processes to reestablish business operations and security operations. Include disaster to alternate site and restoration back to original state.
- Provide and describe a worst-case scenario timeline (disaster to recovery).
- Describe readiness, training, exercises, and BC process reviews/updates.
Include diagrams, tables, and charts as directed by the instructor.
APA style is required, solid academic writing is expected.
This assignment uses a rubric. Review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
You are required to submit this assignment to LopesWrite.
This benchmark assignment assesses the following programmatic competencies:
Cyber Security
Conduct an exercise to test the disaster recovery plan in a predetermined scenario.
Perform activities to mitigate possible or real-time threats (e.g., system monitoring and incidence response).