7.13 Participate in Business Continuity (BC) planning and exercises
Business Continuity is the art of keeping the business operational during a disaster, while Disaster Recovery is the art of getting it back to normal.
We must ask
- What processes and functions must remain operational for the business to function?
- What threats could attack these processes?
- Are there any third-party risks from vendors or partners?
- How do we ensure that our processes continue to operate in the event of a disaster?
- How can we test our processes to ensure that they remain operational? Can we simulate a disaster and measure the effect on our processes?
Some specific threats
- We lose some data due to ransomware, accidental deletion, malicious deletion, a failed back up, etc. How do we recover the data?
- Power outage
- Natural disaster
- Communications failure