Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Business Continuity-Disaster Recovery Planning

Welcome to the Business Continuity-Disaster Recovery Planning topic!

Collaborate, contribute, consume and create knowledge around topics such as business impact analysis (BIA), business continuity planning (BCP), and disaster recovery planning (DR).

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2121 Members
1 Online
17958 Visits

Community Leader



Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 100 total

Must be a Topic member to contribute
View All »
No matter how many searches I perform on the internet I cannot seem to find any explicit language that clearly and unequivocally states DR and BC plans are NOT considered an IT General Control to be tested during SOX controls testing. I have found some po...
mpdsal | 11/16/2017 11:09:33 AM | COMMENTS(1)
Does anyone know of any frameworks to use when implementing and documenting a BCP? I've seen a number of guides but was curious if there are similar frameworks such as those that exist in other areas (e.g., NIST CyberSecurity Framework). Right now I'm goi...
Lyons4021 | 11/15/2017 2:37:45 PM | COMMENTS(5)
From what I understand, when an invocation happens from the Chairman, the RTO clock immediately begins regardless where you are. However I've seen few companies whereby when the invocation happens, but the RTO clock only begins when the IT staff have ...
Mohd Aidil595 | 11/4/2017 8:21:46 AM | COMMENTS(8)
Hi CISAs, I am developing an audit programme for my Biometric Access Control systems. What should I be looking for?
Joseph092 | 10/23/2017 7:38:09 PM | COMMENTS(2)
Many Service organisation now wanted to get ISAE3402 SOC2 report, even when they have ISO 27001 certification.  ISO 27001 consultancy (Gap assessment, preparing policies, procedures and assisting in implementation) can be done by CISA, however with respec...
Mahendra916 | 10/17/2017 11:14:49 PM | COMMENTS(1)
Hi I work in operational risk division of my employer. We maintain the BCM policy. We also conduct BIA of various systems and advise its owners to prepare their own BCP plans. Templates of the plans with all possible scenarios are included in the policy d...
Geogy373 | 10/5/2017 8:29:51 AM | COMMENTS(5)

Documents & Publications: 19 total

Must be a Topic member to contribute
View All »
Posted by ISACA 736 days ago
Posted by ISACA 1279 days ago
Posted by ISACA 1453 days ago
Posted by ISACA 1536 days ago

Events & Online Learning: 1 total

16 Aug 2017
ISACA International Event
Grapevine, Texas, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 41 total

Volume 3, 2017
by ISACA | Reviewed by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
This book is useful for security professionals, consultants and students pursuing cyber security as it provides guidance for identifying/detecting, responding and eradicating targeted cyberattacks.
Volume 2, 2017
by Steven J. Ross, CISA, CISSP, MBCP
It is those three dots that save me from accusations of rank lunacy. (Oh, well, from accusations based on this subject.)
Volume 2, 2017
by Ed Moyle
To understand how the business side of any organization intersects with technology, ask an internal auditor. This might sound counterintuitive at first, but think about what auditors need to know to do their job...
Volume 5, 2016
by Steven J. Ross, CISA, CISSP, MBCP
Still having a base in IS/IT auditing, ISACA now encompasses consultants, educators, IS security professionals, risk professionals, chief information officers and internal auditors
Volume 5, 2016
by Syed K. Ishaq, CISA, CRISC, CCISO
Although the short-term impact from a cyberattack can be overwhelming, the long-term implications can be quite burdensome
Volume 3, 2016
by Mustafa S. Poonawala, CISA, ITIL
Every organization, big or small, faces its own black swan and there is little one can do to avoid it. What can be done is taking steps to ensure that its impact is minimal.

Wikis: 2 total

Blog Posts: 8 total

“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
13 Nov 2014
Posted By : masarker | 4 comments
13 Nov 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information.1. Masquerading2. Tailgeting (Piggy back)3. Dumpster di...
Posted By : Shaklain | 1 comments
Enterprise Architecture (EA) is about holistic understanding of the enterprise including the business side. I had to stress on the business side as sometimes the EA is taken as IT Architecture. EA is a combination of IT and Business Architectures. It take...
Posted By : SA | 0 comments
28 Jan 2014
Welcome to my blog which will be dedicated to views and discussions on Enterprise Architect (EA) and Business-IT Alignment (BITA). I encourage the colleagues to join the ISACA topic group for "Strategic Planning/Alignment" for initiating and promoting...
Posted By : SA | 0 comments