IP4_RaymondMartinez
docx
keyboard_arrow_up
School
Colorado Technical University *
*We aren’t endorsed by this school
Course
126
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
9
Uploaded by EarlKoalaPerson755
1
BCP
Do it Yourself Business Continuity Plan
Raymond Martinez
Colorado Technical University
2
BCP
Do it Yourself Business Continuity Plan
I.
Introduction
a.
This Business Continuity Plan is to give guidance and actions to take when Do It
Yourself faces an incident that affects any business operations. It will be used to
give guidelines on how to effectively address incidents and how to make sure
business operations are slowed down or become halted.
b.
This plan will cover areas of risk assessment, business impact analysis,
resumption strategies, incident response, and disaster recovery. Risk assessment
will cover possible risks the company faces and how to mitigate them. The
business impact analysis will show how certain amounts of downtime will affect
operations and cause financial harm. Resumption strategies covers how to backup
data and how to start operations in a site predetermined. Incident response covers
how we respond and handle incidents that may occur. The disaster recovery
section will give the guidelines that need to be followed to recover from any
disaster that impacts the business.
II.
Risk Assessment
a.
Do It Yourself faces many risks from hackers, viruses, malware, age of
equipment, power outages, to storms and other natural disasters. If our businesses
network is attacked by hackers, or if it is infected with viruses or malware, it can
cause data to be stolen or worse the system to crash. Age of equipment is a risk
that can cause a way for our network to be infiltrated due to unsupported
equipment. Natural disasters, storms, and power outages can cause loss of power
3
BCP
to crucial equipment, which if left down for long periods of time can cause crucial
systems to fail.
b.
The best way to handle these risks is for us to instill mitigation techniques to help
protect or vital systems. For hackers, viruses, and malware we must make sure
that our systems are updated weekly, patches are push to systems across the
network, and that we configure our firewall to prevent unwanted access. Our
employees will also attend training monthly, held by our cybersecurity team.
Letting our equipment become outdated is unacceptable and our IT department
will create a Hardware Lifecycle Replacement Plan and conduct quarterly checks
to ensure it is up to date. To ensure we don’t face hardware failure due to loss of
power UPS devices will be install on all crucial network equipment, surge
protectors will be used on all devices, and the building will have a generator rated
for workload installed and maintained.
III.
Business Impact Analysis
a.
Any incident that happens to our network causes some type of impact to our
business. The Business Impact conduct show how certain incidents will affect the
business in different ways. The affect operations of the business and cause a
financial impact to the business.
b.
Most of the risks that the network faces can happen anytime and we must stay
vigilante to get our systems isolated or back up. If we allow our downtime from
an incident involving hackers to be greater than 1 hour, than we can see impacts
in our operations from loss of sales to worse loss of customers, financially this
would impact us medium depending on how long it takes to isolate. Viruses and
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
BCP
malware are more easily isolate than hackers and won’t cause the same impacts
unless we cannot get them isolate within a 1-to-8-hour timeframe. Allowing our
Equipment to become outdated and unsupported is unacceptable and can cause
the company to spend money it didn’t have to if the problem was found sooner.
Power can cause the biggest impact if not corrected or an alternated source is
found. Any outage lasting more than 8 hours will cause harm to the systems by
having hardware fail, and UPS devices no longer being able to maintain the power
needed by systems.
IV.
Resumption Strategies
a.
The biggest part to our business being able to comeback from an incident is
having a good backup to use to recover either damaged or infected systems.
Server data is to be backed up local to a backup serve and to our cloud-based
servers provided by AWS. Our store locations will locally backup data nightly
after the store closes, and data will also be backed up to AWS cloud servers
nightly at 12am local time to the store’s location.
b.
If a disaster strikes and the headquarters location is deemed unsafe to work in, our
operations will move to one of two warm sites. The reason for two sites is just
incase two out of the three sites are affected we still have one to operate out of.
The first location will be located at 6860 Campus Dr, Colorado Springs, CO
80920, and is located on the first floor. The second location is located at 1317 Q
St, Lincoln, NE 68508, on the third floor of the building. These sites have the
necessary equipment needed to run operations and will be setup in no more than
48hrs.
5
BCP
V.
Incident Response
a.
Preparation
The Cybersecurity Team will prepare security awareness training, and
malware/antivirus/spyware awareness training
help prevent incidents from occurring.
The security team will instill personal and physical security measures to make sure
that no unwanted access incident happens. Network administrators will maintain
event logs and conduct patching and updating of systems to prevent attacks and to
help indefinity unwanted access to the network.
b. Detection and Analysis
Any incident that is detected will be forwarded to the Incident Response team which
will be comprised of 2 members from Cybersecurity Team and 2 members from the
Network Administrators team. The Incident Response team will Analysis the incident or
incidents and work them from most crucial to least.
c. Containment, Eradication, and Recovery
The Incident Response Team will contain either incident by the best means necessary
to still allow business function to continue. After the incident is contain, the team will
than investigate the best possible strategy to eradicate the problem. After the incident
is removed from the network the team will either bring the equipment back online
after patching the known problem or they will recover the equipment to a previous
known good backup.
d. Post-Incident Activity
Findings from the incident will be given to the Cybersecurity team. The
Cybersecurity Team will then update security policies and rework training programs to
6
BCP
cover the incident that occurred. After policies are update and training is updated, the
Cybersecurity Team will schedule training and make sure it is push out to all locations to
be conducted there as well.
VI.
Disaster Recovery Plan
a.
Response Phase
In the case of fire, natural disaster, or any other incident that may cause harm to
the network for a period lasting longer than what is stated as reasonable in the
BIA, the Incident Response Team will now become the Disaster Recovery Team.
During this phase the DRT will contact Management and start to determine the
degree of damage and make the decision if operations will need to be moved to
one of the two warm sites. If the decision is to move to an alternate site, a member
of the DRT will call the site and start the process of starting equipment up to
prepare for the transfer of data and employees. The two leads from the DRT, one
from the cybersecurity and one from the network admins, will create a team to go
to the warm site with employees and one to stay at the current facility to help
access damages.
b.
Recovery Phase
1.
If damage from disaster doesn’t cause enough damage to have the
operations of the business to move to a warm site, then the DRT main goal
is to begin to startup and recover equipment as it becomes safe to do so. If
any equipment is damaged, the DRT will replace with current back stock,
and if no replacement is available the order form with be turned in to the
Purchase Manager as soon as possible to be ordered.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
7
BCP
2.
If operations are moved to a warm site, then the Warm Site Team chosen
by the DRT will begin the process of transferring known good backups
from the current servers to the warm site servers. Once on site at the new
location for operations the WST will ensure all workstations, servers, and
network devices are operational and connection to the network is enable
and connected. If there are any items or equipment needed to begin
operations the WST will submit a purchase order to the Purchasing
Manager within the first 48 hours of getting to the warm site.
c.
Restoration Phase
1.
The team that is located at the main facility is called the Disaster
Assessment Team, and their job is to do a complete inspection of the
facility and determine the extent of the damage. If the DAT determines
that the damage at the facility is minimal and operations could be
reinstated within 48 hours of the shut down of the warm site, they will
begin the process of repairing or replacing damaged equipment.
2.
If the DAT determines that the damages to the main facility are to
extensive and the amount to repair is more than the value of the building,
they will submit a project to the Management Team for the needs of a new
building. Management will than contact the Project Manager and begin the
steps to obtain a new building and equipment to make a new headquarters.
During this time the members of the DAT, and DRT will locate to the
warm site with the WST to continue daily operations. Once the new site is
finished, The original WST will stay at the warm site until the new site is
8
BCP
operational, and they will confirm a good transfer of data and shut of
warm site equipment.
3.
Whether a new site is needed, or the original site is brought back into
operation, the DRT will conduct an after-action review with the WST, and
the DAT. They will then use the answers given by the teams to review this
BCP and its policies and make any necessary adjustments that may be
needed.
9
BCP
References
Brush, K. (2022, May).
disaster recovery plan (DRP).
Retrieved from TechTarget:
https://www.techtarget.com/searchdisasterrecovery/definition/disaster-recovery-plan
Business Impact Analysis
. (2023, September 7). Retrieved from Ready:
https://www.ready.gov/business/planning/impact-analysis
Disaster Recovery Plan Template Basic.
(2019, 09 27). Retrieved from DISASTER RECOVERY PLAN
TEMPLATE: https://www.disasterrecoveryplantemplate.org/download/disaster-recovery-plan-
template-basic/
Gouveia, A. (2023, April 27).
Conducting Cybersecurity Risk Assessments Guide: The Complete
Introduction.
Retrieved from Auditboard: https://www.auditboard.com/blog/conducting-
cybersecurity-risk-assessments-guide-the-complete-introduction/
Igoe, K. J. (2018, September 26).
Critical Risk Analysis for Our Daily Lives.
Retrieved from Harvard T.H.
Chan School of Public Health: https://www.hsph.harvard.edu/ecpe/critical-risk-analysis-daily-
lives/
Kenton, W. (2023, May 30).
What Is a Business Continuity Plan (BCP), and How Does It Work?
Retrieved
from Investopedia: https://www.investopedia.com/terms/b/business-continuity-planning.asp
Willis, J. (2014, April 16). Disaster Recovery Site Considerations. Burbank, California, United States of
America.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help