This chapter covered the details on BCPs. The primary purpose of a BCP is to ensure that an organization can continue to operate after a disruption or disaster. The BCP includes details on the CBFs, including what needs to be done to keep them operating. Many individuals and teams share responsibilities. The BCP program manager oversees all BCPs, and the BCP coordinator manages one or more BCPs. Multiple teams with individual team leads also provide support to the BCP coordinator during development and implementation of a BCP.
A BCP has three primary phases. In the notification and activation phase, the BCP coordinator initiates the activity; in the recovery phase, critical systems are recovered and restored; and in the reconstitution phase, normal operations are restored when the disaster has passed. All BCP team members and leads should be trained on the BCP, and it should be tested and exercises done to ensure its completeness. The BCP coordinator is responsible for regularly updating the BCP, which includes regular updates and additional ones when warranted.
A(n) ________ is a plan that helps an organization continue to operate during and after a disruption or disaster.
Business continuity and disaster recovery are the same thing.
True
False
A BCP includes specific locations, systems, employees, and vendors, and these requirements are identified in the ________ statement.
What is the purpose of a BCP?
To identify CBFs
To reduce or eliminate threats
To ensure mission-critical elements of an organization continue to operate after a disruption
All of the above
What does a BCP help to protect during and after a disruption or disaster?
Confidentiality, information, and authentication
Certifications, identities, and accreditations
Mission-critical and non–mission-critical CBFs
Confidentiality, integrity, and availability
The ________ is responsible for declaring an emergency and activating the BCP.
After a BCP has been activated, who has overall authority for the recovery of systems?
EMT
DAT
TRT
CAT
After a BCP has been activated, who will assess the damages?
BCP coordinator
EMT
DAT
TRT
After a BCP has been activated, who will recover and restore critical IT services?
BCP coordinator
EMT
DAT
TRT
What are the three phases of a BCP?
Notification and activation, transfer, and recovery
Notification and activation, recovery, and reconstitution
Recovery, renewal, and reconstitution
Transfer, recovery, and notification
A major disruption has forced a company to move operations to an alternate location. The disruption is over, and now the process of normalizing operations needs to begin. What operations should be moved back to the original location first?
Least CBFs
Most CBFs
Non–mission-critical personnel
Mission-critical personnel
A major disruption has forced a company to move operations to an alternate location. The disruption is over, and now the process of normalizing operations needs to begin. Several servers have been rebuilt at the primary location. What should be done?
Test the servers and then turn off the servers at the alternate location.
Bring the servers online and turn off the alternate location servers.
Run the servers concurrently with the alternate location for three to five days.
Test the servers for three to five days before bringing them online.
What can be done to show that the BCP will work as planned?
BCP planning
BCP training
BCP testing
BCP exercises
What types of exercises can demonstrate a BCP in action? (Select three.)
Tabletop exercises
Functional exercises
Pull-the-plug exercises
Full-scale exercises
Once a BCP has been developed, it should be reviewed and updated on a regular basis, such as annually.