Home
Purpose & Scope
Concept of Operations
Notification Activation
Recovery
Reconstitution
File Incident Report
Emergency Contacts
Key Personel
IT Security Quiz
Tools & Techniques
Contact Us

SECURITY WEB SITES
CONTINGENCY PLANNING
 Breaking the cycle of normality to panic in an emergency!
WHY A CONTINGENCY PLAN
Business owners and managers must accept a well known fact:  There is no such thing as a risk free operation!  Things happen!  Information and data disappear!  Equipment fail!  Employees and contractors become disgruntled!  A viable contingency plan will assure prompt resumption of business in the event of a mishap, sabotage, or catastrophe.  Business Continuity Management (BCM) and supporting contingency management and planning tools help answer asset questions such as:  What they are?  Where they are?  Their value?  Replacement costs?  The alternatives? How long can the organization function without them?

IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., equipment destruction, fire) from a variety of sources such as natural disasters to terrorists actions. While vulnerabilities may be minimized or eliminated through technical, management, or operational solutions as part of the organization’s risk management effort, it is virtually impossible to completely eliminate all risks. In many cases, critical resources may reside outside the organization’s control (such as electric power or telecommunications), and the organization may be unable to ensure their availability. Thus effective contingency planning, execution, and testing are essential to mitigate the risk of system and service unavailability.
Our contingency management tools address basic issues such as asset identification, location, value, alternatives, replacement, and intangible costs; and most importantly, how long the organization can function without the asset!  Since no asset is impervious to loss, the prudent leader will ensure that mechanisms are in place for a secure & rapid recovery.  Our intent is to help managers break the cycle from normality to panic with crisis management.

THE CONTINGENCY PLAN (CP) vs. THE DISASTER RECOVERY PLAN (DRP)
Contingency planning refers to interim measures to recover IT services following an emergency or system disruption. Interim measures may include the relocation of IT systems and operations to an alternate site, the recovery of IT functions using alternate equipment, or the performance of IT functions using manual methods.  Where the CP refers to interim measures, i.e., temporary disruption of business, the DRP addresses preparing for a permanent or long term disruption of business which requires the relocation to an alternate or new site.  The primary site may have to be rebuilt or a new permanent site must be established.  Once the replacement site is operational, a new Contingency Plan for that site must be developed and tested.

 ENSURING THE CONTINGENCY PLAN
In order for contingency planning to be successful, management must ensure the following:  1) An understanding of the IT Contingency Planning Process and its place within the overall Continuity of Operations and Business Continuity process.  2) The development or reexamination of the contingency policy and planning process and applying the elements of the planning cycle, including preliminary planning, business impact analysis, alternate site selection, and recovery strategies.  3) Developing or reexamining the IT contingency planning policies and plans with emphasis on maintenance, training, and exercising the contingency plan.

 POLICY STATEMENT
 The following is an example of a contingency Plan policy statement:  It is the organization's policy that each component or sub-unit  will have a management approved contingency plan (CP) for mission critical applications (MCA), major applications (MA), and critical support systems CSS).  It is the responsibility of the system or business owner to ensure that a CP is developed and maintained for their respective assets.  CPs will be reviewed least annually, and/or when significant updates or modifications have been made as to warrant updating.  An independent team - not associated with the target asset - will review and test the CP and record the result.  The CP is a living document and must be periodically reviewed and updated to accurately depict the status of the respective asset. 

ASSETS REQUIRING A CONTINGENCY PLAN
 This product addresses contingency planning (i.e., strategies and techniques) for the IT environment including, but not limited to:  1) Human resources, 2) Infrastructure, 3) Desktops and portable systems, 4) Servers, 5) Web sites, 6) Local area networks, 7) Wide area networks, 8) Distributed systems, and 9) Mainframe systems.
Features Benefits
  • Contingency Planning (CP) tools
    • Scope Determination
    • Business Impact Analysis
    • Asset Specification
    • Asset Valuation
    • Preventive Controls
    • Asset Inventory
  • User Friendly, Interactive Recovery Tools
    • Notification - Activation
    • Recovery
    • Reconstitution
    • Call Tree Logs and Diagrams
    • Task Tables
    • Contact Lists
  • Tools and techniques based on Common Office Environment (COE)
  • Support for automated and manual processes
  • Self generating planning and recovery scripts
  • Self documenting
  • Modular components for concurrent access and maintenance
  • Easily created and maintained by non-technical staff and end-users
  • Competed contingency plans easily uploaded to intranet, off-site facility and/or cloud computing environment for maintenance and/or archiving
  • Makes asset owner, users, and/or administrators responsible and accountable for completeness and accuracy of the contingency plan
Why You Need Our Product    |    Where Our Product Fits   |   PURCHASE PRODUCT