5.1. The Business Case for Continuity Planning

There are several three letter acronyms (TLAs) related to these processes collectively that you will need some level of familiarity with to be conversant with management about contingency planning. These acronyms all amount to roughly the same thing with some twists, depending on the focus of the presenter. Disaster Recovery Planning (DRP) is more of a technological recovery of information systems and infrastructure from a catastrophic failure. This failure could be a natural disaster, massive power outage, or anything really that keeps the operations from being able to continue their mission in their present location. Business Continuity Planning (BCP) and Business Recovery Planning (BRP) are used interchangeably to refer to the recovery of business processes to keep the organization operational in the face of lost technical systems, while the DRP process kicks in, for example. Crises Management Planning (CMP) is the whole process of manning the recovery process, doing the damage control, and marshaling resources to affect a successful recovery, thus dealing with the crisis in a planned manner. No matter how you slice it, it is a big project and cannot be effective unless senior management buy in occurs first.

If management is committed to having an ongoing and viable business, they need to manage risk to be successful as this book has now reviewed many times. Day in and day out, disruptions may occur that impact the ability of the ...

Get The CISA® Prep Guide: Mastering the Certified Information Systems Auditor Exam now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.