Sub-categorically, disaster recovery planning is normally ranked as a key business continuity component referring to technological aspects of advance planning and organizing necessary to minimize potential losses and ensure critical business functionality if catastrophic circumstances materialize. An effective business continuity capability is essential. However, for most entities, being able to recover information technology (IT) is fundamental.
Arguably, establishing a robust preparedness capability is one of the best investments an entity can pursue. Nonetheless, auditors should assure (based on a thorough risk assessment) the entity's resiliency efforts are operationally ready to respond when required. Beneficially, IT audits of business continuity and disaster recovery plans can assist in ensuring the proper attention is given to information assets supporting an entity's operations.
Objectives of the Presentation
Why Should you Attend
- Identify issues associated with business continuity planning
- Differentiate the types of Business Continuity Plan assurance services
- How to develop an effective and comprehensive Business Continuity Audit Plan
- Available procedures for studying and evaluating a Business Continuity Plan
- Methods for testing and evaluating business continuity controls
- Critical Business Continuity Audit reporting considerations
- Determining the appropriate amount of business continuity audit follow-up procedures
Considering information systems are generally critical to enhancing productivity, it is imperative deployed IT provide availability with service responsiveness meeting user utilization demands, even during crisis situations. Entity susceptibility as well as IT operational resiliency impact speedy and systematic redress for fulfilling efficiency, effectiveness, availability, and compliance requirements. Furthermore, neither business nor IT resides within static environments. Thus, environmental dynamics can generate changes altering system activities that require timely response and restoration to ensure continuous service delivery.
Threats to an entity's existence manifest in diverse forms, including disruptions, emergencies, crises or disasters. Any one of these incidents or events can jeopardize data processing services sustaining mission critical operations. When business integrated information systems are unavailable, efficiency is diminished, effectiveness is eroded, compliance is hindered, and employees are idled. As a result, entities should regularly examine their business continuity, disaster recovery, as well as back-up plans to ensure adequate operational requirements forecasting for service restoration.
Who will Benefit
- Challenges of business continuity planning in today's volatile threat landscape
- Key elements of crises management response
- How a Business Continuity Plan differs from a Disaster Recovery Plan
- Significant components for developing a Business Continuity Audit Plan
- Acquiring appropriate business continuity audit evidence
- Recommendations for analyzing a Business Continuity Plan
- Communications development before, during, and after a Business Continuity Audit
- Operations Managers
- Vendor Managers
- Disaster Recovery professionals
- Call centers
- Business Continuity Team members
- Information Security personnel
- Chief Security Officer
- Risk Managers
- Chief Information Officer
- Chief Operations Officer
- Information Security Managers
- Technology Managers
Cost effective strategies should be designed to prevent, detect and/or mitigate the impact of potential crises. Reducing system vulnerabilities is typically accomplished by delineating then remediating single as well as combined configuration failure points. Various resources that can contribute to the remediation process should be identified as continuity enablement factors. These resources - including essential personnel (and their roles and responsibilities), information, applications, and infrastructure - should be documented in a plan demonstrating commitment to continuity.