We are looking to build a Business Continuity Plan for our organization, operational, IT, financial, etc.
I am looking for an outline of what should be included in the plan. Would appreciate it if someone would share the basic components of their bcp.
Marilyn | 5/30/2013 12:09:31 PM | COMMENTS(2)
|
There are a lot of things to do when you move all employees from one building to another new one, and one of them is, How to be properly prepared to not impair the business continuity during the go-live in the new building?. There are different key areas...
|
Are there any standards of BCPs for an organization that spans multiple sites and regions? Especially interested if the organization doesn't "own" the sites.
Examples:- An accounting closing organization. It has a service center and personnel at other lo...
Debbie | 4/7/2013 12:38:14 PM | COMMENTS(2)
|
As a consultant for quite sometime, and being in the industry, I find there is lot of investment and activity into Information Security projects like ISO27001, PCI-DSS (of course is mandated for BSFI)... but there is a very little spice around BCP/DR... ...
|
Hi Folks,
There is a Company which wants to substitute daily DAT tape database backup process to database replication to a service provider. In every 10 to 20 minutes, a file (archives) would be transfered to a third-party server (IBM, HP...) online "fe...
Edumkono | 2/8/2013 12:02:30 AM | COMMENTS(1)
|
Certain business processes have RTO of 4 hours or less. The existing IT Architecture facilitates recovery only at 8 hours. Any earlier recovery calls for substantial IT investment and more than 2 years to implement. Under this circumstance is it appropria...
|
Books
Posted by ISACA 16 days ago
|
Books
Posted by ISACA 16 days ago
|
Books
Posted by ISACA 16 days ago
|
Downloads
Posted by ISACA 16 days ago
|
Exam Preparation
Posted by ISACA 16 days ago
|
Books
Posted by ISACA 28 days ago
|
16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
|
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
|
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM is a multidimensional event featuring security and risk content, and the security programs, tools and the resources you need to be responsive to industry changes.
|
Volume 2, 2013
by Ganapathi Subramaniam, CISA, CISM
How do you audit the effectiveness of a command centre of a crisis management plan in the context of business continuity planning?
|
Volume 1, 2013
by Steven J. Ross, CISA, CISSP, MBCP
Emerging cyberattacks against the US’s critical infrastructures are rapidly outstripping the ability of security and risk management professionals to maintain high availability and uptime assurances.
|
Volume 6, 2012
by Klaus Julisch, Ph.D. and Damian Walch
This article presents a practice-tested framework that structures and prioritizes the assessment of DR programs, testing the most business-critical aspects first.
|
Volume 5, 2012
by Haris Hamidovic, CIA, ISMS IA, ITIL, IT Project+
Risk that is not identified, or at least not identified with the scale and intensity it presents, can produce a crisis.
|
Volume 4, 2012
by Adrienne Bellehumeur, CISA, CA, PMP
Documentation is essential for IT departments to achieve their objectives: protecting their intellectual capital and business continuity, and improving clarity and momentum in projects and operations.
|
Volume 4, 2012
by Haris Hamidovic, CIA, ISMS IA, ITIL, IT Project+
Deterring cybercrime is an integral component of a national cybersecurity and critical information infrastructure protection strategy.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
There is no room for error and outage on the internet anymore.
|
A bomb threat turned Monday 13th February into a day of severe disruption at Amsterdam’s Schiphol airport, one of Europe’s busiest. The airport’s two main international terminals were evacuated at about 11:30 CET, as the bomb squad and scores of police arrived at the scene. Dutch police had arrested a man who locked himself in a toilet and claimed to have a bomb. The terminals reopened about four hours later, after officers said the man posed no threat to the public. Live television streams had shown police with guns, dogs and balaclavas outside the building
|
Emergency & mass notification systems are designed to help organizations communicate to stakeholders during an incident or disruption. However, in response to the high occurrence of prominent disasters in recent years, the marketplace has been flooded with products to address emergency and mass notification needs. The need to diligently evaluate vendors is critical to ensure that services will meet an organization’s specific requirements.
To keep in touch with personnel, deliver critical messages, and send and receive vital information during a crisis, SunGard Availability Services offers seven key considerations to use during an evaluation of emergency notification systems.
|
Over half of small organizations across the UK, France and Germany are operating without a formal disaster recovery plan in place, according to research from analyst firm Freeform Dynamics, sponsored by Quest Software.
The survey of 160 IT decision-makers found that 58 percent of small organizations (50-250 employees) do not have a formal disaster recovery plan, and nearly one fifth of mid-sized enterprises (250- 1,000 employees) are in the same position.
|
Chatham House has published a new report which looks at the consequences of high-impact low-probability events. The key findings from ‘Preparing for High-impact, Low-probability Events: Lessons from Eyjafjallajökull’ include:
Governments and businesses are under-prepared to respond to high-impact, low-probability events (HILP) with worst-case scenarios rarely factored into contingency planning;
The current fragility of the global economy leaves it particularly vulnerable to unforeseen shocks. As much as 30 percent of GDP for developed countries can be directly threatened by a major crisis, especially in key sectors such as manufacturing and tourism;
A one week disruption is the maximum tolerance of our 'just-in-time' global economy. Beyond this threshold, costs start to escalate rapidly as production stalls and businesses start to fail. Yet for business, deviating from the ‘just-in-time’ model means potentially offsetting short-term profitability.
|
Business continuity planners who feel that they lack top-level support should stop blaming senior managers: the problem probably lies closer to home.
|
|
On March 1st, I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center.
Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : Umesh391 | 1 comments
|
Security is one of the major concerns which hold enterprises from embracing the cloud. But some think that this is manageable and as such have started adopting cloud based SaaS applications. Cloud based Enterprise solutions like Sales Force, Service Now, ...
Posted By : Kannan | 0 comments
|
|
Es importantísimo reconocer que la banca móvil y pagos móviles han llegado para quedarse y que aquellos bancos que no se ocupen ahora en prepararse tendrán grandes problemas en el largo plazo y esta es una opinión compartida con el equipo de BITS (Financi...
Posted By : Diego San Esteban | 0 comments
|
Posted By : masarker | 0 comments
|
|
|