5 TYPES OF BCP TESTING

Business Continuity Planning is the key essential master plan used for recovery and restore of business. This logistical plan will layout how the organization will recover from partial or complete interruption of business. Here is a quick guide that will help you determine if the business continuity plan will work.


TEST	DESCRIPTION
CHECKLIST	*COPIES* of the plan are sent to different department managers and business unit managers for review, (WITHOUT A MEETING). This is a simple test and should be used in conjunction with other tests.
STRUCTURED WALK-THROUGH	Structured Walk-through—Team members and other individuals responsible for recovery *MEET* and walk through the plan step-by-step to identify errors or assumptions.
SIMULATION	This is a simulation of an actual emergency. Members of the response team act in the same way as if there was a real emergency.
PARALLEL	Parallel—This is similar to simulation testing, but the primary site is uninterrupted and critical systems are run in parallel at the alternative and primary sites.
FULL INTERRUPTION	This test involves all facets of the company in a response to an emergency. It mimics a real disaster where all steps are performed to test the plan. Systems are shut down at the primary site and all individuals who would be involved in a real emergency, including internal and external organizations, participate in the test. This test is the most detailed, time-consuming, and expensive all of these.

Tags: BCP, Business Continuity, CISSP

This entry was posted on October 17, 2009, 4:44 pm and is filed under Business Continuity and Disaster Recovery Planning, CISSP Review. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

Related Posts
Trackbacks (0)
Comments (0)

No comments yet.

No trackbacks yet.

C&A Life Cycle

October 19, 2009 - 6:57 pm

Tags: C&A, CISSP
Posted in CISSP Review | No Comments

A correct implementation of the Certification and Accreditation program will help the organization maintain a secure environment on the computer systems. An establish life cycle will help the organization maintain a properly revised program.

Certification and Accreditation Guidance Development Life Cycle

Phase
Task
Activity

Development
Creation
Plan for, research, and write the policy

Review
Complete an independent policy review prior to approval

Approval
Obtain management approval of [...]

Security Certifications

October 16, 2009 - 11:37 am

Tags: CISA, CISM, CISSP, GIAC, GSEC, Security +, SSCP
Posted in Certifications | No Comments

Almost 2 years ago I took the CISSP. I have to admit I have no test taking abilities, and the proctor staring at me for 6 hours killed me. I failed with a 685. This was a very tragic moment on my life; knowing that the pass rate is 70%, I felt the stupidest person [...]

TCP/IP Model

October 13, 2009 - 11:52 am

Tags: CISSP, Network, OSI Model, TCP/IP
Posted in IT Basics | No Comments

This Model should be learned and memorized, if asked you should not have to think about them. These links will guide you to their wikis for easy study access.

Internet Protocol Suite

Application Layer

BGP · DHCP · DNS · FTP · GTP · HTTP · IMAP · IRC · Megaco · MGCP · NNTP · [...]

Trusted Computer Security Evaluation Criteria

October 11, 2009 - 11:34 pm

Tags: CISSP, TCSEC
Posted in CISSP Review | No Comments

Trusted Computer System Evaluation Criteria (TCSEC) is a US Gov. DoD standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify and select computer systems being considered for the processing, storage and retrieval of sensitive or classified information.

TCSEC (Trusted Computer [...]

Security Modes of Operation

October 10, 2009 - 8:29 pm

Tags: CISSP, Security modes
Posted in CISSP Review | No Comments

There are various modes of security operations depending of the information you are protecting and it’s classification. Here is a review of some of the modes of operation.

Security Mode

Description

Dedicated Security Mode

Proper Clearance for ALL info on system.
Formal access approval for ALL info on system.
Signed NDA for ALL info on system.
Valid need to know ALL [...]

History of CRYPTOGRAPHY

October 9, 2009 - 3:50 pm

Tags: CISSP, CISSP Review, Cryptography
Posted in CISSP Review | No Comments

Cryptography can be defined as the conversion of data into a scrambled code that can be deciphered and sent across a public or private network. Cryptography is far more than helping keep integrity of the communications. It has evolved into a tool used in communications in a daily bases. Here is basic introduction to Cryptography.

Period [...]

Security Architecture & Design / Security Access Control Models

October 9, 2009 - 3:22 pm

Tags: Access Control Model, CISSP, CISSP Review, Security Design
Posted in CISSP Review | No Comments

Security Architecture include models to follow to design a security oriented network infrastructure. They will depend on the need of security classification. Each model will be focus on a specific area of the security tria Confidentiality, Integrity and Availability.

MODEL

DESCRIPTION

EMPHASIS

Access Matrix
A way of describing the rules for an access control strategy; Combination of Read, [...]

10 Common Body of Knowledge, By Shon Harris

August 13, 2009 - 9:46 am

Tags: 10 CBK, CISSP, Review
Posted in CISSP Review | No Comments

Applications and Systems Development Security
This domain examines the security components within operating
systems and applications and how to best develop and measure their
effectiveness. This domain looks at software life cycles, change control,
and application security. Some of the other topics covered include:

• Data warehousing and data mining
• Various development practices and their risks
• System storage and [...]