Preparing for the CISA exam. Business Continuity Definitions
Pashkov Kuzma - Lead InfoSec , EMC trainer @ training.muk.ua
Years of preparation for internationally recognized certifications in the field of information security show that the most definitions of the term Business Continuity (hereinafter referred to as BC) are given by participants in seminars for information system auditors . And this is not by chance - the certification operator ISACA expects from candidates for CISA status an in-depth understanding, in particular, terminology.
')
Point of view in the form of a combination of position, industry and goals gives different definitions of BC:
1) Continuity of Operations (COOP) - the goal is to ensure the continuity of operations with both revenue / financing and without. Such a goal is usually set for strategic sectors that implement social obligations of the state, for example, energy supply or communications.
2) Continuity of Government (COG) - the goal is to prevent the organization from stopping or intercepting management and control, for example, as a result of the introduction of external management as directed by the regulator or controlling state authority.
3) Emergency Management (EM) - it is supposed to control, to the extent possible, the organization’s activities, when something went wrong, with the task of preserving everything that is still possible, first of all, the life and health of people.
4) Disaster Recovery (hereinafter referred to as DR) - the process of restoring what has been damaged as a result of an event (catastrophe) to a state prior to this event or absorbing the damage caused by the resilience of the business to such events. Often, DR ignores loss of staff, funding problems, and the irreplaceable loss of revenue as a result of customer care. Most investors and a significant part of key employees leave the organization at the first sign of disaster. These reasons led to the following definition
5) Business “Revenue” Continuity - continuity of income \ financing. This is the most accurate definition of the interest of the owner \ head of a commercial or state organization. Without income \ financing organizations can not survive. Money "buy" time and the possibility of choosing actions
In this video - an introduction to all the basic concepts of Security + certification on information security.
Security + certification preparation training video
Topic “Introduction to Business Continuity \ Disaster Recovery Management”
I invite you to the free webinar “Risk assessment, business continuity and information security metrics” - February 23 at 15:00 and February 24 at 15:00. Register for the webinar
Nearest courses on risk management, business continuity and information security metrics in TC MUK (Kiev)
09-03-16
10-03-16 MUK-MR Information Risk Management / Information Security Risk Management
11-03-16
12-03-16 MUK- BC Business Continuity Planning / Business Continuity Planning
13-03-16
13-03-16 MUK-ISM Information Security Metrics / Information Security Indicators
I am waiting for questions on training and certification in the field of information security at PashkovK@muk.com.ua
Other author's articles on information security
Lost art proof security. Part 2 of 2
Lost art proof security. Part 1 of 2
CompTIA certifications for IT professionals. CompTIA Security +
Training courses on information security, which is conducted by the author of the article (TC MUK - Kiev)
Years of preparation for internationally recognized certifications in the field of information security show that the most definitions of the term Business Continuity (hereinafter referred to as BC) are given by participants in seminars for information system auditors . And this is not by chance - the certification operator ISACA expects from candidates for CISA status an in-depth understanding, in particular, terminology.
')
Point of view in the form of a combination of position, industry and goals gives different definitions of BC:
1) Continuity of Operations (COOP) - the goal is to ensure the continuity of operations with both revenue / financing and without. Such a goal is usually set for strategic sectors that implement social obligations of the state, for example, energy supply or communications.
2) Continuity of Government (COG) - the goal is to prevent the organization from stopping or intercepting management and control, for example, as a result of the introduction of external management as directed by the regulator or controlling state authority.
3) Emergency Management (EM) - it is supposed to control, to the extent possible, the organization’s activities, when something went wrong, with the task of preserving everything that is still possible, first of all, the life and health of people.
4) Disaster Recovery (hereinafter referred to as DR) - the process of restoring what has been damaged as a result of an event (catastrophe) to a state prior to this event or absorbing the damage caused by the resilience of the business to such events. Often, DR ignores loss of staff, funding problems, and the irreplaceable loss of revenue as a result of customer care. Most investors and a significant part of key employees leave the organization at the first sign of disaster. These reasons led to the following definition
5) Business “Revenue” Continuity - continuity of income \ financing. This is the most accurate definition of the interest of the owner \ head of a commercial or state organization. Without income \ financing organizations can not survive. Money "buy" time and the possibility of choosing actions
In this video - an introduction to all the basic concepts of Security + certification on information security.
Security + certification preparation training video
Topic “Introduction to Business Continuity \ Disaster Recovery Management”
I invite you to the free webinar “Risk assessment, business continuity and information security metrics” - February 23 at 15:00 and February 24 at 15:00. Register for the webinar
Nearest courses on risk management, business continuity and information security metrics in TC MUK (Kiev)
09-03-16
10-03-16 MUK-MR Information Risk Management / Information Security Risk Management
11-03-16
12-03-16 MUK- BC Business Continuity Planning / Business Continuity Planning
13-03-16
13-03-16 MUK-ISM Information Security Metrics / Information Security Indicators
I am waiting for questions on training and certification in the field of information security at PashkovK@muk.com.ua
Other author's articles on information security
Lost art proof security. Part 2 of 2
Lost art proof security. Part 1 of 2
CompTIA certifications for IT professionals. CompTIA Security +
Training courses on information security, which is conducted by the author of the article (TC MUK - Kiev)
Source: https://habr.com/ru/post/277713/
All Articles