298 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
workforce. In recent years, the rate of industrial action has been variable. However,
this does not negate the need to include provision for alternative resources in the
event that industrial action could occur.
Separate from your business continuity and disaster recovery plans, you would
be advised to develop a set of industrial action plans for operational, tactical, and
strategic levels of your organization. Hopefully you will never have to employ them,
but at least you will be prepared.
Theft
e theft of components or IT, network, or other business assets is a criminal
oense and should be treated as such when you are conducting your investigation.
You should follow a forensic approach to securing your crime scene and collecting
data. e theft of a laptop or any small component may seem trivial; however, the
consequences can be signicant.
An organization, which will remain anonymous, was conducting a planned
systems outage to service components. During the service, two brass cylinders were
removed and cleaned, then set aside to be reconnected the next day. However, an
enterprising employee realized that they could sell the cylinders for $75 each and
promptly increased their bank balance by doing so.
e cost to the organization was not $150. First the cylinders had to be ordered
and there was a lead-time of two weeks. e system could not be reconnected until
the cylinders were in place—the consequence was two weeks’ loss of productivity
and revenue generation. is sum totaled $500,000.
e organization had mitigated by taking insurance and promptly claimed for
the business losses. However, the insurance company deemed that the company was
complicit and negligent and thus no payment was made. is is a real example of
understanding the business impact and risk consequences to the end-to-end process.
Critical Business Processes
Business functions, processes, activities, and systems can be classied as core and
non-core. e core business functions/processes are those without which the busi-
ness would collapse. e non-core business functions/processes, activities systems
are those that provide support and improve eectiveness and eciency. eir loss,
however, while impairing productivity, will not cause the collapse of the business.
us we should focus our primary attention on the design, development, and deliv-
ery of BR, DR, and COOP for the core business functions. ese become our
critical systems.
Once the critical needs have been documented, management can set priorities
within departments for the overall recovery of the organization. Activities of each
department could be given priorities in the following manner: