7.13 Participate in Business Continuity (BC) planning and exercises

7.13 Participate in Business Continuity (BC) planning and exercises

Business Continuity is the art of keeping the business operational during a disaster, while Disaster Recovery is the art of getting it back to normal.

We must ask

• What processes and functions must remain operational for the business to function?
  
  
• What threats could attack these processes?
  
  
• Are there any third-party risks from vendors or partners?
  
  
• How do we ensure that our processes continue to operate in the event of a disaster?
  
  
• How can we test our processes to ensure that they remain operational?  Can we simulate a disaster and measure the effect on our processes?

Some specific threats

• We lose some data due to ransomware, accidental deletion, malicious deletion, a failed back up, etc.  How do we recover the data?
  
  
• Power outage
  
  
• Natural disaster
  
  
• Communications failure