258 BCP/DR Glossary
operational, the organization could suffer serious legal, financial, goodwill,
or other losses or penalties.
Critical Records: Records or documents that, if damaged or destroyed,
would cause considerable inconvenience and/or require replacement or rec-
reation at considerable expense.
Damage Assessment: The process of assessing damage, following a disaster,
to computer hardware, vital records, office facilities, etc., and determining
what can be salvaged or restored and what must be replaced.
Data Backup: The process of copying the essential elements of a data pro-
cessing function, programs, data, databases, procedures, documentation,
and so on. Data backup to support any recovery effort must include a stor-
age strategy that physically separates the backup data from the original data,
such that there is an absolutely minimal chance the same event could
destroy both copies. Offsite storage in a secure environment is the generally
accepted solution.
Data Center Recovery: The component of disaster recovery that deals with
the restoration, at an alternate location, of data center services and com-
puter processing capabilities. Similar term: mainframe recovery.
Data Center Relocation: The relocation of an organizations entire data
processing operation.
Data Synchronization: A process during recovery of a data system. The
conditions that existed at a specific point in time prior to the interruption
must be reconstructed so the processing functions can restart. Multiple
databases or copies of data must be restored to the same or a consistent
point in time. Unsuccessful synchronization of data may result in process-
ing functions restarting using databases from multiple points in time. The
products of the processing functions may not reflect an accurate picture,
and critical functions may produce serious errors.
Database Shadowing: A data backup strategy in which a full copy of the
user’s database is maintained at a remote data center, often a vendor’s facil-
ity. “Writes” to the primary database also trigger a transmission and a simi-
lar “write” to the remote database. A disaster or interruption at the primary
data center may also impact the database. A successful recovery, very near to
the point of failure, is possible using the shadow database.
Declaration: A formal statement that a state of disaster exists.
Declaration Fee: A one-time fee, charged by an alternate facility provider,
to a customer who declares a disaster. Note: Some recovery vendors apply
BCP/DR Glossary 259
Gloassary
the declaration fee against the first few days of recovery. Similar term: notifi-
cation fee.
Dedicated Line: A preestablished point-to-point communication link
between computer terminals and a computer processor, or between distrib-
uted processors, that does not require dial-up access.
Departmental Recovery Team: A group of individuals responsible for per-
forming recovery procedures specific to their department.
Dial Backup: The use of dial-up communication lines as a backup to dedi-
cated lines.
Dial-Up Line: A communication link between computer terminals and a
computer processor, which is established on demand by dialing a specific
telephone number.
Disaster: Any accidental, natural or malicious event that threatens or dis-
rupts core business processes for a sufficient time to affect the business sig-
nificantly, or to cause its failure. Impacts may affect lost revenue, life, or
both. Outside resources will be needed to respond and potentially recover
from this event. Also, any event that creates an inability on an organizations
part to provide critical business functions for some predetermined period of
time. Similar terms: business interruption, catastrophe, outage.
Disaster Management: The function of controlling the activities of an
organization taken in response to a disaster situation. The functions of an
emergency management team in an emergency operating center are func-
tions of disaster management. Disaster management continues through the
recovery stages until normal business function resumes.
Disaster Prevention: Measures employed to prevent, detect, or contain
incidents that, if unchecked, could result in disaster.
Disaster Prevention Checklist: A questionnaire used to assess preventative
measures in areas of operations such as overall security, software, data files,
data entry reports, microcomputers, and personnel.
Disaster Recovery: The ability to respond to an interruption in services by
implementing a disaster recovery plan to restore an organizations critical
business functions.
Disaster Recovery Administrator: The individual responsible for docu-
menting recovery activities and tracking recovery progress.
Disaster Recovery Coordinator: The disaster recovery coordinator may be
responsible for overall recovery of an organization or unit(s).
260 BCP/DR Glossary
Disaster Recovery Life Cycle: Consists of (1) Normal Operations—the
period of time before a disaster occurs; (2) Emergency Response—the
hours or days immediately following a disaster; (3) Interim Processing—
the period of time from the occurrence of a disaster until temporary oper-
ations are restored; and (4) Restoration—the time when operations return
to normal.
Disaster Recovery Period: The time period between a disaster and a return
to normal functions, during which the disaster recovery plan is employed.
Disaster Recovery Plan: The document that defines the resources, actions,
tasks, and data required to manage the business recovery process in the
event of a business interruption. The plan is designed to assist in restoring
the business process within the stated disaster recovery goals.
Disaster Recovery Planning: The technological aspect of business conti-
nuity planning. The advance planning and preparations necessary to mini-
mize loss and ensure continuity of the critical business functions of an
organization in the event of disaster. Similar terms: business interruption
planning, business resumption planning, contingency planning, corporate con-
tingency planning, disaster preparedness.
Disaster Recovery Software: An application program developed to assist
an organization in writing a comprehensive disaster recovery plan.
Disaster Recovery Teams: A structured group of teams ready to take con-
trol of the recovery operations if a disaster should occur. See also Business
Recovery Team.
Distributed Processing: The use of computers at various locations, typi-
cally interconnected via communication links, for the purpose of data
access and/or transfer.
Downloading: Connecting to another computer and retrieving a copy of a
program or file from that computer.
Due Diligence: The practice of gathering the necessary information on
actual or potential risks so that a well-formulated decision may be reached
regarding the potential for financial loss.
Electronic Vaulting: Transfer of data to an offsite storage facility via a com-
munication link rather than via portable media. Typically used for batch/
journal updates to critical files to supplement full backups taken periodi-
cally.
Emergency: A sudden, unexpected event requiring immediate action due
to potential threat to health and safety, the environment, or property.
BCP/DR Glossary 261
Gloassary
Emergency Management: The discipline that ensures an organizations or
communitys readiness to respond to an emergency in a coordinated, timely,
and effective manner. Similar terms: crisis management, disaster management,
emergency preparedness.
Emergency Operations Center (EOC): An operational center, located in
close proximity to the crisis or disaster, staffed to carry out event manage-
ment decisions and directives.
Emergency Preparedness: The part of the overall contingency plan or
related activities that occurs prior to the disaster or event and is focused on
the safety of personnel and the protection of critical assets. The contingency
plan may reference the emergency preparedness program of the safety office
or some other responsible organization.
Emergency Procedures: A plan of action that must be commenced imme-
diately to prevent the loss of life and minimize injury and property damage.
Employee Relief Center (ERC): A predetermined location for employees
and their families to obtain food, supplies, financial assistance, and so on in
the event of a catastrophic disaster.
Emergency Response Planning: The portion of contingency planning
that is focused on the immediate aftermath of a disaster or event. Emer-
gency response planning includes the activities required to stabilize a situa-
tion and to protect lives and property.
Emergency Response Teams (ERT): Employees trained to protect the lives
of the building’s occupants by responding to an event (e.g., fire evacuation,
injuries resulting from falling objects in an earthquake, and so on).
Escalation Procedures: The procedures that define the conditions or crite-
ria under which a plan, or a portion of a plan, will be activated. For most
incidents, the initial escalation procedures may call for the staff on duty to
handle the incident and notify their supervisor. Escalation procedures for a
data processing plan with a commercial hot site will include the conditions
under which the hot site vendor is to be notified and identify who is autho-
rized to make the official declaration of an emergency condition that war-
rants expending company and vendor resources.
Event: An occurrence of something that elicits a response. A circumstance
that causes some action to ensue in response to the situation that has
occurred. An unexpected event is an exception to the rule and poses a con-
dition or set of conditions that can escalate in severity if an appropriate and
timely response does not take place. For the contingency planner, a disaster,
262 BCP/DR Glossary
interruption, or any other occurrence that causes the contingency plan to
be activated or considered for activation.
Event Management: The process of managing a businesss preparation,
response, restoration of the work environment and recovery from a crisis or
disaster. The guidelines for managing an event are detailed in the recovery
plan.
Executive Succession: The part of the contingency plan that defines the
order in which executives will assume operational control of the organiza-
tion in the absence of the primary executive.
Exercise: An activity, announced or unannounced, that provides an oppor-
tunity for participants to validate their business continuity plans, practice
their crisis management skills, and strengthen team and organizational per-
formance in a crisis. This activity will identify areas of needed improvement
in a safe environment.
Exposure: A state of condition of being unprotected or vulnerable to harm
or loss. In the business sense, exposure is the condition of having agency
assets and/or resources subject to risk.
Extended Outage: A lengthy, unplanned interruption in system availability
due to computer hardware or software problems, or communication failures.
Extra Expense Coverage: Insurance coverage for disaster-related expenses
that may be incurred until operations are fully recovered after a disaster.
Facility: A location containing the equipment, supplies, voice, and data
communication lines to conduct business under normal conditions. Similar
terms: primary office facility, primary processing facility, primary site.
File Backup: The practice of dumping (copying) a file stored on disk or
tape to another disk or tape. This is done for protection in case the active
file gets damaged.
File Server: The central repository of shared files and applications in a com-
puter network (LAN).
File Recovery: The restoration of computer files using backup copies.
Financial Impact: An operating expense that continues following an inter-
ruption or disaster, which, as a result of the event, cannot be offset by
income and directly affects the financial position of the organization.
Foreign Corrupt Practices Act: An act of Congress mandating that corpo-
rate officers and responsible managers ensure the appropriate degree of con-
trol to effectively protect organizational assets.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.135.183.89