Page 86 - Cyber Warnings
P. 86
High Impact High Impact
Im Low Cost High Cost
pa Low Impact Low Impact
ct High Cost High Cost
Cost of Continuity
Plan Development Phase
The findings and inferences from the Business Impact Analysis Phase are presented to the
executive management who then decide the priority of the business processes (based on
criticality and impact) and accord the levels of redundancy for ensuring that the critical
business processes remain up and functional even during a disaster situation. This results in
drafting practical and cost effective continuity processes - in the form of BU level business
continuity plan (BCP) which then goes to the respective BU head for formal approval and
sign off.
Here pls note that the contents of each BU level BCP can be –
1. Cross-referenced with another BU’s BCP
2. Reviewed and updated to fulfill compliance with the respective client’s risk
management requirements and/or standards
Further, I would also like to tell you about the various levels of redundancy -
• Full Redundancy – is for mission critical processes which must remain operational at
defined service levels and whose unavailability poses threat to life and/or severe
regulatory sanctions
• Partial redundancy – is for those client processes that should remain operational, but
their unavailability does not pose threat to life but might lead to penalties and fines
• No Redundancy – is for those client processes which are routine in nature (non-
critical) and/or where implement the continuity strategy is not feasible
All the BU level BCPs get rolled up into an enterprise wide BCP. Each enterprise wide
BCP includes at least the following elements –
1. Details about the virtual command and control center
2. Primary and secondary backup procedures
3. Configuration details of the primary and secondary backup sites
4. Acceptable downtime after which the BCP must be triggered
5. Who is authorized to trigger the BCP, how to activate it and under what conditions
86 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
