BCP/DR – Do you know these frameworks?

BCP/DR – Do you know these frameworks?

Business Continuity Planning is the way an organization can prepare for and aid in Disaster Recovery (DR). It is an arrangement agreed upon in advance by management and key personnel of the steps that will be taken to help the organization recover should any type of disaster occur. Though personally, I do not like Business Continuity Planning (BCP) to be associated with DR. For me BCP is more about the continuity of business and not just IT.

Disaster Recovery (DR) is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.

Business Continuity/Disaster Recovery Plans come in various forms, each reflecting the corporation’s particular set of circumstances. It’s about using the right people, processes, and technology.dr

Standards/Frameworks:

The best practices and various business continuity standards that details the steps for best business continuity plan are many and one needs to balance all these standards/requirements to get it right.

The list below does not include popular ISO, NIST, and other standards. The few below are those which you may or may not know.  They are very interesting to read.

Please check the frameworks below to see if your BCP/DR team has considered them.

  1. NFPA 1600
  2. ANS/NZS50502010 Business continuity-Managing disruption-related risks
  3. DRI Library
  4. BS25999
  5. ISO/IEC(various standards)
      The list is long but included few above to start the conversation.

     

    For more information  contact 

    eInnoSec Initiated Project for Like Minded Security Professionals (www.einnosec.com)

    Please check the earlier postings from e-InnoSec Team (www.einnosec.com):

        1. https://www.linkedin.com/feed/update/urn:li:activity:6533692345538408448/
        2. https://www.linkedin.com/feed/update/urn:li:activity:6531139710239199232/
        3. https://www.linkedin.com/feed/update/urn:li:activity:6525881711706853376/

Cyber Security Governance

Cyber Security Governance and Frameworks

Governance describes the overall management approach through which senior executives direct and control the entire organization, using a combination of management information and hierarchical management control structures.

A Framework is a tool to enable organizations to establish a roadmap for reducing technology security risk that is well aligned with organization and sector goals, considers legal/regulatory requirements and industry best practices, and reflects risk management priorities. In addition to existing frameworks ISO 27000, NIST, ITIL (process framework), and PCI, NIST released the first version of the Framework for Improving Critical Infrastructure Cybersecurity on February 12, 2014. The Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure.

Featured offering:

  • Implementing framework and it includes: Project Management and Implementation.
  • Performing gap assessment, remediation, pre audit, and post audit.
  • Certifying ISO compliant (as per Client request) with the help of certifying partners.
  • Alignment within frameworks and control rationalization.