Lab †Risk Essay

come to and Number CIS 333 LAB6 Instructor Name Professor West Lab Due Date 19 May 2013 1. What is the difference between a risk analysis (RA) and a line of descent line involve analysis (BIA)? Risk analysis is often identifying the potential threats and the associated vulnerabilities to the organizations . Risk analysis doesnt view the organization from the mission critical Business Process full point of view. More over BIA perceives the organization from the doctor that is going to occur for an organization if the critical short letter processes ar interrupted or tamperedWhat is the difference between a Disaster Recovery Plan and a Business Continuity Plan? Disaster convalescence is the older of the 2 functions. DR planning is an essential part of business planning that too often gets neglected. Part of this has to do with the fact that making a Disaster Recovery plan requires a lot of time and management from busy managers and executives from every functional departmen t within the company. Business continuity is a newer term which was first popularized as a response to the Y2K bug.In rescript to stop your company from bleeding money in these situations, you need a plan that will allow the organization to continue generating revenue and providing services although by chance with lower quality on a temporary basis until the company has regained its bearings. 3. Typically, a business continuity plan is besides a compilation or collection of other plans. What other plans might a BCP and all supporting documents include? Technical backup Plan How can you recover smoothly from practiced glitches. Communications Plan What communication will facilitate this recovery.Why is it important to have detailed backup and recovery criterions within your disaster recovery plan (DRP)? 5. What is the determination of a risk analysis? What is the purpose of a business impact analysis? Why are these an important first step in defining a BCP and DRP? The purpos e of a Business Impact and Risk Assessment is to determine the approximate business value of IT assets, to assess the impact the loss of those assets would have on business units, and to assign recovery priorities to the assets. 6. How does risk analysis (RA) relate to a business impact analysis for an organization?The purpose of a Business Impact and Risk Assessment is to determine the approximate business value of IT assets, to assess the impact the loss of those assets would have on business units, and to assign recovery priorities to the assets. 7. Given the list of identified mission critical business functions and processed, what kind of company would you say this organization is, and what do you think are its most important business processes and functions? It Company Risk Analysis & Disaster Recovery Plan to get the business up and running on the net 8.Given the prioritization list provided for the organizations identified business functions and processes, write an assessme nt of how this prioritization will impact the need for IT systems, applications, and data access? Recovery strategies should be developed for schooling engine room (IT) systems, applications and data. This includes networks, servers, desktops, laptops, piano tuner devices, data and connectivity. Priorities for IT recovery should be consistent with the priorities for recovery of business functions and processes that were developed during the business impact analysis.IT resources required to support time-sensitive business functions and processes should also be identified. The recovery time for an IT resource should match the recovery time objective for the business function or process that depends on the IT resource. Information technology systems require hardware, software, data and connectivity. Without one component of the system, the system may not run. Therefore, recovery strategies should be developed to anticipate the loss of one or more of the following system components * Computer room environment (secure computer room with climate control, conditioned and backup power supply, etc.) * Hardware (networks, servers, desktop and laptop computers, wireless devices and peripherals) * Connectivity to a service provider (fiber, cable, wireless, etc. ) * Software applications (electronic data interchange, electronic mail, enterprise resource management, office productivity, etc. ) * Data and restoration Some business applications cannot tolerate any downtime. They utilize dual data centers capable of handling all data processing needs, which run in parallel with data mirror or synchronized between the two centers. This is a very expensive solution that only larger companies can afford.However, there are other solutions for sale for small to medium sized businesses with critical business applications and data to protect. 9. For the top identified business functions and processes, what recovery time objective (RTO) would you recommend for this organization a nd why? The RTO must match or be shorter than the MTD 10. Why is payroll for employees and Human Resources listed as a co- occur 1 business priority? It is listed as a number one because it is highly what runs the office and something very important for these to parts to be correct.