Research Paper Contingency Planning Contingency planning is a risk mitigation process for developing back-up plans in anticipation of events (scenar

Leave a Comment / By /

Research Paper
Contingency Planning

Contingency planning is a risk mitigation process for developing back-up plans in anticipation of events (scenarios) that might disrupt business as usual. Business continuity planning is an expanded version of contingency planning that typically encompasses a more comprehensive and extended response plan for getting back to business as usual. In a well-formatted, highly-detailed research paper, address the need to contingency planning, ensuring to address the following items:
(1) Benefits of scenario events/planning.
(2) Questions to consider when implementing scenario planning.
(3) The common types of scenario planning.
Your paper should meet these requirements:

Don't use plagiarized sources. Get Your Custom Assignment on
Research Paper Contingency Planning Contingency planning is a risk mitigation process for developing back-up plans in anticipation of events (scenar
From as Little as $13/Page

Be approximately four to six pages in length, not including the required cover page and reference page.
Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Chapter 3
Business Continuity Planning

Planning for Business Continuity
Assessing risks to business processes
Minimize impact from disruptions
Maintain continuity of being able to perform mission critical business tasks
Main steps:
Project scope and planning
Business impact assessment
Continuity planning
Approval and implementation

Project Scope and Planning
Business Organization Analysis
BCP Team Selection
Resource Requirements
Legal and Regulatory Requirements

overview

Business Organization Analysis
Identify all departments
Identify critical services
Identify corporate security teams
Identify senior executives and key individuals

BCP Team Selection
Needs members from every department/division
Include members from:
IT
Cybersecurity
Senior management
Legal
Physical security and facilities
Legal and PR

Resource Requirements
BCP Development
BCP Testing, Training, and Maintenance
BCP Implementation
Mostly personnel, but may include IT and physical resource allocation

Legal and Regulatory Requirements
Federal, state, and local laws or regulations
Emergency services
Industry regulations
Country-specific laws
Service level agreements

Business Impact Assessment
Quantitative Decision Making vs.
Qualitative Decision Making
Identify Priorities
Risk Identification
Likelihood Assessment
Impact Assessment
Resource Prioritization

overview

Identify Priorities
Critical prioritization of business processes
Assess by department, then organization
Assign an AV (asset value) to each process
Determine:
MTD (maximum tolerable downtime)
MTO (maximum tolerable outage)
Choose a RTO (recovery time objective)

Risk Identification
Inventory-specific risks
Natural and man-made
Logical and physical and social
Dont overlook the cloud
Get input from all departments

Likelihood Assessment
Determine frequency of occurrence
Establish an ARO (annualized rate of occurrence)
Based on history, experience, and experts

Impact Assessment
Evaluate consequences of a breach
EF (exposure factor)
SLE (single loss expectancy)
SLE = AV x EF
ALE (annualized loss expectancy)
ALE = SLE x ARO
Consider non-monetary impacts

Resource Prioritization
Biggest ALE is biggest risk concern
Combine qualitative priorities with quantitative priorities
Work at addressing each item from largest ALE value first

Continuity Planning
Strategy Development
Provisions and Processes
Plan Approval
Plan Implementation
Training and Education

overview

Strategy Development
Bridge between BIA and BCP crafting
Determine which risks to address in this BCP crafting time frame
Determine acceptable risks vs. those that require mitigation
Commit sufficient resources to resolve priorities

Provisions and Processes
People
Building and facilities
Hardening provisions
Alternate sites
Infrastructure
Physically hardening systems
Alternative systems

Plan Approval
Top-level management endorsement
Educate top executives about plan concepts and details
Senior executive approval establishes plan credibility throughout organization

Plan Implementation
Define an implementation schedule
Use allocated implementation resources
Achieve process and provisioning goals
Implement BCP maintenance program

Training and Education
Assign responsibilities
Plan overview briefing
Dedicated training for those with assigned responsibilities
A backup or replacement person for each position

BCP Documentation
Continuity Planning Goals
Statement of Importance
Statement of Priorities
Statement of Organizational Responsibility
Statement of Urgency and Timing
Risk Assessment
Risk Acceptance/Mitigation
Vital Records Program
Emergency-Response Guidelines
Maintenance
Testing and Exercises

overview

Continuity Planning Goals
Set goals
Ensure the continuous operation of the business in the face of an emergency situation
Meet organizational needs

Statement of Importance
Reflects criticality of BCP
Disclosed in a memo to all employees
Should be signed by CEO to avoid compliance resistance

Statement of Priorities
Directly reflects designed BCP priorities
Include evaluation of priorities
Focus on importance to the continued operation of business functions in the event of an emergency

Statement of
Organizational Responsibility
Business continuity is everyones responsibility
Reinforces organization’s commitment to BCP
Informs individuals of the expectation to assist and support

Statement of Urgency and Timing
Stresses priority of implementation
Defines the roll-out timetable

Risk Assessment
A recap of the BCP decision-making process
Summary of BIA
Discloses quantitative and qualitative analysis results

Risk Acceptance/Mitigation
Identifies those risks deemed acceptable
Identifies those risks deemed unacceptable
List risk management provisions
Define processes and responses
Define how the risk is reduced or managed

Vital Records Program
Determine where critical records will be stored
Set procedures for backing up critical records
Identity critical records
Digital and paper should be considered
Vital records are those needed to reconstruct the organization in the event of a disaster

Emergency-Response Guidelines
Define responsibilities in an emergency
Details activation of BCP elements
Immediate response procedures
Individuals to notify of the incident
Secondary response procedures
Goal is to minimize response time

Maintenance
BCP is a living document
BCP should be periodically updated
Drastic changes may require a complete re-design and re-crafting
Practice good version control
Include BCP in job descriptions/responsibilities

Testing and Exercises
Establish a formalized testing program
Train personnel on their tasks and responsibilities
See disaster recovery testing in Chapter 18

Conclusion
Read the Exam Essentials
Review the Chapter
Perform the Written Labs
Answer the Review Questions

Related Questions:

  1. Strategic Management and Organizational Change The purpose of this assignment is to assess how different types of health care organizational structur
  2. Annotated Bibliography & NRP Question (A) Annotated Bibliography 4. Select one professional journal article related to patient safety. This could be
  3. “`
  4. Give a detailed response non plagiarized with a credible reference. Address the importance of standard networking in about 400 words.

Related questions

Leave a Comment

Your email address will not be published. Required fields are marked *