http://www.itbusinessedge.com/cm/community/kn?view=discussions Most recent forum messages en Sat, 27 Jun 2009 02:02:04 GMT Clearspace 2.5.5 (http://jivesoftware.com/products/clearspace/) 2009-06-27T02:02:04Z en http://www.itbusinessedge.com/cm/message/1519?tstart=0#1519 The biggest difference I see between the BCPs and the DRPs is that the BCPs goal is to provide strategies to keep business operations going before, during and after without interruption, while the DRP seems to focus on having as brief an interruption as Sat, 27 Jun 2009 02:02:04 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1519?tstart=0#1519 2009-06-27T02:02:04Z 4 months, 3 weeks ago http://www.itbusinessedge.com/cm/message/1518?tstart=0#1518 Ralph I agree that risk management is a continuous process that needs to be looked at due to risks continuously changing. I think that the amount of time before a risk revisit should be directly related to the severity of the risk, a company might even Sat, 27 Jun 2009 00:13:33 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1518?tstart=0#1518 2009-06-27T00:13:33Z 4 months, 3 weeks ago http://www.itbusinessedge.com/cm/message/1517?tstart=0#1517 The reason risk management is such an imporant part of the development of a BC/DR plan is because it is the foundation of every BC/DR plan.  The risk assessment process consists of three main steps:  Risk Analysis, Risk Assessment and Risk Mitigation.  Fri, 26 Jun 2009 21:45:09 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1517?tstart=0#1517 2009-06-26T21:45:09Z 4 months, 3 weeks ago http://www.itbusinessedge.com/cm/message/1516?tstart=0#1516 I agree that the risk assessment is the key to understanding what the risks are and how the company could deal with them. Could we also say that creating a BC / DR plan is a way to address risk? In my opinion that is the other side of the coin. I think Fri, 26 Jun 2009 20:25:18 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1516?tstart=0#1516 2009-06-26T20:25:18Z 4 months, 3 weeks ago 1 http://www.itbusinessedge.com/cm/message/1515?tstart=0#1515 BC / DR is concerned with the ability of a business to continue to function as an entity in the event that there is unavailability of the core business location. Before a BC plan can be written, it is important to have an understanding of the critical Fri, 26 Jun 2009 20:12:54 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1515?tstart=0#1515 2009-06-26T20:12:54Z 4 months, 3 weeks ago http://www.itbusinessedge.com/cm/message/1514?tstart=0#1514 Warrick, I agree that risk management is a key component when planning to protect a business and its assets but I am not sure that it is possible to be "bulletproof". But performing risk assessments when aspects of the business objectives change (the Fri, 26 Jun 2009 04:17:19 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1514?tstart=0#1514 2009-06-26T04:17:19Z 4 months, 4 weeks ago http://www.itbusinessedge.com/cm/message/1513?tstart=0#1513 Risk management is important to BC/DR plans because the object is to mitigate or avoid risks/threats to the business and daily business   functions. Although it is true that no business can be full proof to risk/threats so it is wise to be prepared for Fri, 26 Jun 2009 03:25:13 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1513?tstart=0#1513 2009-06-26T03:25:13Z 4 months, 4 weeks ago http://www.itbusinessedge.com/cm/message/1512?tstart=0#1512 I like Andre's point about considering your clients as well. Clients may rely on the products and services offered by a business, but they can usually find the same things elsewhere. On the other hand, a business can only exist because of its clients, Fri, 26 Jun 2009 01:13:20 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1512?tstart=0#1512 2009-06-26T01:13:20Z 4 months, 4 weeks ago http://www.itbusinessedge.com/cm/message/1511?tstart=0#1511 A lot has been said about risk assessment and risk management, I believe that most competent IT professionals will agree that Risk management is an integral component of any legitimate BC/DR plan. As IT security professionals whose major responsibility Fri, 26 Jun 2009 01:07:49 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1511?tstart=0#1511 2009-06-26T01:07:49Z 4 months, 4 weeks ago 1 http://www.itbusinessedge.com/cm/message/1510?tstart=0#1510 Jodfrey,   Very true. We should also note that this is a continual process as risks change. Some risks are totally mitigated and sometimes we are faced with new risks.   Ralph Wed, 24 Jun 2009 18:02:45 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1510?tstart=0#1510 2009-06-24T18:02:45Z 4 months, 4 weeks ago 1 http://www.itbusinessedge.com/cm/message/1494?tstart=0#1494 Andre,   I couldn't agree more. It does start with understanding your risks and managing to those risks.   Ralph Wed, 24 Jun 2009 17:59:31 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1494?tstart=0#1494 2009-06-24T17:59:31Z 4 months, 4 weeks ago 2 http://www.itbusinessedge.com/cm/message/1493?tstart=0#1493 When creating a business continuity plan or disaster recovery plan it is important to do your homework on the risk management as it relates to your company first so you have a grasp on what you are up against. If you don't perform risk management you Wed, 24 Jun 2009 17:47:51 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1493?tstart=0#1493 2009-06-24T17:47:51Z 4 months, 4 weeks ago 2 http://www.itbusinessedge.com/cm/message/1492?tstart=0#1492 Interesting question since Risk Management is the very reason that BC/DR plans exist to begin with. BC/DR plans are created precisely to mitigate risk by creating awareness and plans of action for those risks seen as highly probable.  In order to Tue, 23 Jun 2009 00:40:07 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1492?tstart=0#1492 2009-06-23T00:40:07Z 5 months, 1 day ago http://www.itbusinessedge.com/cm/message/1491?tstart=0#1491 Jennifer makes some great points. For any plan to be effective one must do the proper research to ensure that the plans meet the needs and requirements of not only the business, but its clients/ customers and any legal/ regulatory agencies. Cost is a Tue, 23 Jun 2009 00:15:35 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1491?tstart=0#1491 2009-06-23T00:15:35Z 5 months, 1 day ago 1 http://www.itbusinessedge.com/cm/message/1490?tstart=0#1490 You can't do a business continuity plan or disaster recovery plan if you aren't aware of what risks your business faces, and how your company is prepared to deal with those risks. An effective risk management plan ensures better preparedness by: Mon, 22 Jun 2009 22:31:57 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1490?tstart=0#1490 2009-06-22T22:31:57Z 5 months, 1 day ago 2 http://www.itbusinessedge.com/cm/message/1495?tstart=0#1495 Risk management is the process of identifying vulnerabilities and taking steps to protect assets. First, you must identify, examine, and understand the information and systems in place in your organization. Second, you must identify, examine, and Mon, 22 Jun 2009 20:54:40 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1495?tstart=0#1495 2009-06-22T20:54:40Z 5 months, 1 day ago 3 http://www.itbusinessedge.com/cm/message/1486?tstart=0#1486 "What is the importance of risk management when creating BC/DR plans?" Fri, 19 Jun 2009 14:18:55 GMT webadmin@itbusinessedge.com http://www.itbusinessedge.com/cm/message/1486?tstart=0#1486 2009-06-19T14:18:55Z 5 months, 5 days ago 16