Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
114 views2 pages

Contingency Planning Components

The three components of contingency planning are incident response planning, disaster recovery planning, and business continuity planning. Incident response planning focuses on immediate response to unexpected events and involves preparation, identification, containment, eradication, recovery, and lessons learned. Disaster recovery planning focuses on restoring operations at the primary site after disasters and involves setting recovery objectives, identifying professionals, documenting infrastructure, choosing data recovery techniques, defining incident criteria, documenting procedures, and regularly testing plans. Business continuity planning facilitates alternate site operations and critical business functions and involves regulatory review, risk assessment, impact analysis, strategy development, incident response planning, testing and training, and communication.

Uploaded by

Abhishek Napit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
114 views2 pages

Contingency Planning Components

The three components of contingency planning are incident response planning, disaster recovery planning, and business continuity planning. Incident response planning focuses on immediate response to unexpected events and involves preparation, identification, containment, eradication, recovery, and lessons learned. Disaster recovery planning focuses on restoring operations at the primary site after disasters and involves setting recovery objectives, identifying professionals, documenting infrastructure, choosing data recovery techniques, defining incident criteria, documenting procedures, and regularly testing plans. Business continuity planning facilitates alternate site operations and critical business functions and involves regulatory review, risk assessment, impact analysis, strategy development, incident response planning, testing and training, and communication.

Uploaded by

Abhishek Napit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

The overall planning for unexpected events is contingency planning (CP), Explain THREE
(3) Components of Contingency planning with action plan.
A contingency plan is an alternative Information Systems Security (INFOSEC) plan that is
implemented when normal business operations are interrupted by emergency, failover or disaster.
Contingency plans ensure continuous on-site and off-site business operations, customer
satisfaction and on-time product and service delivery. A contingency plan is also known as a
disaster recovery plan (DRP).

The three components of Contingency planning are as follow:


 Incident response planning (IRP) : It focuses on immediate response. The IRP is a detailed set
of processes and procedures that anticipate, detect, and mitigate the impact of an unexpected
event that might compromise information resources and assets. Incident response (IR) is a set of
procedures that commence when an incident is detected. When a threat becomes a valid attack, it
is classified as an information security incident if:
 It is directed against information assets
 It has a realistic chance of success
 It threatens the confidentiality, integrity, or availability of information assets

Action Plan for Incident response planning are as bellow:


Step 1: Preparation. The goal of the preparation stage is to ensure that the organization can
comprehensively respond to an incident at a moment's notice. ...
Step 2: Identification. ...
Step 3: Containment. ...
Step 4: Eradication. ...
Step 5: Recovery. ...
Step 6: Lessons Learned.
 Disaster recovery planning (DRP) : It focuses on restoring operations at the primary site after
disasters occur. Disaster recovery planning (DRP) is the preparation for and recovery from a
disaster, whether natural or man made
In general, an incident is a disaster when:
– The organization is unable to contain or control the impact of an incident
– The level of damage or destruction from an incident is so severe the organization is
unable to quickly recover
The important role of a DRP is defining how to reestablish operations at the location where the
organization is usually located.

Action Plan for Disaster recovery planning are as bellow:


Step 1: Set Clear Recovery Objectives
Step 2: Identify Involved Professionals
Step 3: Draft a Detailed Documentation on Network Infrastructure
Step 4: Choose Your Data Recovery Technique
Step 5: Explicitly Define an Incident Criteria Checklist
Step 6: Document Your Entire Disaster Recovery Procedure
Step 7: Regularly Test Your DRP
Step 8: Keep Updating Your Recovery Plan

 Business continuity planning (BCP): It facilitates establishment of operations at an alternate


site. It ensures critical business functions can continue in a disaster .It most properly managed by
CEO of organization. It is activated and executed concurrently with the DRP when needed
While BCP reestablishes critical functions at alternate site, DRP focuses on reestablishment at the
primary site. It relies on identification of critical business functions and the resources to support
them.

Action Plan for Business continuity planning are as bellow:


Step 1: Regulatory Review and Landscape. ...
Step 2: Risk Assessment. ...
Step 3: Perform a Business Impact Analysis. ...
Step 4: Strategy and Plan Development. ...
Step 5: Create an Incident Response Plan. ...
Step 6: Plan Testing, Training and Maintenance. ...
Step 7: Communication.

You might also like