MIS 5214 - Section 001 - David Lanter
March 31, 2022 by Jose Gomez 28 Comments
Dhaval Patel says
April 1, 2022 at 10:22 am
What is the difference between a business continuity plan and an information system contingency plan?
Madalyn Stiverson says
April 5, 2022 at 12:19 pm
A BCP’s goal is to get the company back up and running as soon as possible. An ISCP includes a step by step process to contain, defend, and respond to IS security threats.
Victoria Zak says
April 5, 2022 at 8:48 pm
A business continuity plan refers to a plan implemented by the organization incase of a disaster. An information system contingency plan can be created and used to prepare for a quick recovery from an attack such as a ransomware that could impact an organization.
kofi bonsu says
April 5, 2022 at 9:29 pm
I like your question. However, they are actually very different. Disaster recovery should be a part of your business continuity plan, but your business continuity plan should encompass far more than just disaster recovery.
Bernard Antwi says
April 10, 2022 at 10:14 am
Business continuity refers to the ability of businesses to carry out their normal activities and function after unplanned events have occurred. On the other hand, a contingency plan refers to an actionable and defined plan that will be enacted if an identified business risk or unfortunate event occurs.
April 2, 2022 at 5:08 pm
What’s the most important step in the contingency planning process?
Dan Xu says
April 3, 2022 at 11:44 am
The most important step should be the need to identify the risks first. Contingency planning is a large-scale exercise, so hold brainstorming sessions with relevant stakeholders to identify and discuss potential risks.
April 5, 2022 at 10:09 pm
The most important step in a contingency plan is conducting a risk assessment. In order to build the foundation of a contingency plan, an organization needs to identify their risks from low, medium, and high. This way, you can plan what the most critical process is for the business. Organizations can do table top exercise in order to know what to do in a real time scenario.
April 3, 2022 at 5:51 am
Disasters can happen at any time. What is the first part of the disaster management cycle to consider?
April 5, 2022 at 12:20 pm
The first phase is mitigation. This occurs before a disaster. It is what you do to prepare and reduce the severity and frequency of potential disasters.
Kelly Sharadin says
April 3, 2022 at 10:36 am
What are the phases of the incident response lifecycle?
Antonio Cozza says
April 4, 2022 at 12:47 am
The phases in the NIST Incident response lifecycle are preparation, detection and analysis, containment, eradication and recovery, and lastly post-incident activity / lessons learned. The lessons learned initiate a new cycle to better prepare for future incidents.
April 3, 2022 at 11:42 am
How to ensure the implementation of business continuity plan？
Vraj Patel says
April 6, 2022 at 9:45 am
There are multiple ways to ensure the business continuity plan is in place and working properly. One of the ways to identify that is through testing which would ensure the implementation of the business continuity plan is working properly and it will also identify if there there is anything needs to be updated to that plan.
April 3, 2022 at 9:27 pm
What are the steps to a Cyber Incident Response Plan?
April 4, 2022 at 12:51 am
An incident response plan can be described at large by the steps recommended by NIST: preparation, detection + analysis, containment + eradication + recovery, and lastly lessons learned.
April 3, 2022 at 9:42 pm
What are integrated logs and how does event correlation help monitor an environment?
April 5, 2022 at 10:18 pm
An integrated log is a system of logging and gives a “behind the scene” view of integrations. This can identify troubleshooting integration issues. However, event correlation that takes data from either application logs or host logs and analyzes the data to identify relationships. Event correlation can help monitor an environment by sending alerts when a hardware fails, based on rules.
Patrick Jurgelewicz says
April 3, 2022 at 11:11 pm
What are the different types of Data Backup Facilities and when might each be useful?
April 5, 2022 at 6:09 pm
Various backup facilities can be “hot”, “warm” or “cold”. An organization will choose a particular facilities depending on the needs of the business the acceptable down-time when coming back online after an incident. A hot site would be ready instantly where a cold site would require much more effort and resources to get the business back to operational status.
zijian ou says
April 4, 2022 at 11:51 am
What does a complete BCP need?
Kyuande Johnson says
April 4, 2022 at 10:40 pm
What are examples of compensating controls?
April 5, 2022 at 12:27 pm
A compensating control is a control put in place that does not follow the commonly accepted gold standard but still achieves an equal or better outcome. For example, having a single employee in charge of accepting cash payments, recording the deposit, and reconciling monthly financial reports does not follow the accepted control for separation of duties. A compensating control put in place would require that employee to have additional oversight, such as having a manager closely review and approve all reconciliations.
Lauren Deinhardt says
April 5, 2022 at 10:41 pm
What is the difference between business continuity training and incident response training?
April 6, 2022 at 9:47 am
The difference between then is business continuity training ensure the business could be operated during the incident and the incident response training ensure the team members are aware of the steps that would be require to take to effectively response to the incident and bring back the network to a normal state.
Michael Jordan says
April 5, 2022 at 11:24 pm
Why is there a differentiation between many different types of continuity planning? For example, as listed in NIST Special Publication 800-34 Rev. 1: Contingency Planning Guide for Federal Information Systems, there is: contingency planning, business continuity planning (BCP), continuity of operations planning (COOP), crisis communications planning, and more.
April 6, 2022 at 8:53 am
How often should the Contingency Plan be reviewed and updated?
Olayinka Lucas says
May 2, 2022 at 10:15 am
What is the acceptable Maximum Tolerable Down Time for Incident response that cuts across all sectors?
You must be logged in to post a comment.