1 / 12

Justification of BRP (Security) Projects

Justification of BRP (Security) Projects. Paul Rosenthal Professor of Information Systems California State University, Los Angeles. Justification of BRP (Security) Projects. 1. Estimate Losses by length of outage 2. Determine length of outage by backup/ recovery scenario

hana
Download Presentation

Justification of BRP (Security) Projects

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Justification of BRP (Security) Projects Paul Rosenthal Professor of Information Systems California State University, Los Angeles

  2. Justification of BRP (Security) Projects 1. Estimate Losses by length of outage 2. Determine length of outage by backup/ recovery scenario 3. Perform cost/benefit analysis of each feasible scenario 4. Select and sell selected scenario - prudent person (fiduciary responsibility) method - probability (insurance) method - executive (behavioral) method

  3. 1. Estimate Losses by length of outage

  4. 1. Estimate Losses by length of outage

  5. Typical Disaster Management Team (DMT) Manager, Planning- DMT Chairperson Manager, Facility Operations Manager, Transportation/Logistics Manager, Security/Safety Manager, Human Relations Manager, Public Relations Manager, Marketing/Customer Service Manager, Manufacturing/Operations Manager, Data Processing Operations Project Head- Business Continuity Planning, and DMT Secretary

  6. 2. Determine length of outage by backup/ recovery scenario Recovery analysis for a large bank

  7. 3. Perform cost/benefit analysis of each feasible scenario

  8. 4. Select and sell selected scenario A. Prudent Person (Fiduciary Responsibility) Method Executives Primary Evaluation Criteria • Eliminate personal liability • meet fiduciary responsibilities • Assure continuity of a viable organization • have a security and business resumption plan • Minimize long-term costs • proper mix of insurance, operating costs and capital investments

  9. A. Prudent Person (Fiduciary Responsibility) Method: Continued Eliminate personal liability Have a viable business resumption plan • Tested notification and activation plan (annually) • Tested backup facilities (semi-annually) • Tested emergency operations plan (semi-annually) • Tested teams activation, emergency operations and recovery decision making (every two years)

  10. 4. Select and sell selected scenario B. Probability (insurance) method

  11. 4. Select and sell selected scenario C. Executive (behavioral) method (step 1)

  12. 4. Select and sell selected scenario C. Executive (behavioral) method (step 2)

More Related