#17 Contingency Planning

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/10

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

11 Terms

1
New cards

What is contingency planning?

Contingency planning is how organisations handle unexpected events such as cyberattacks, natural disasters.

Goal: restore normal operations quickly and minimize losses

2
New cards

Why is CP Important?

  • 40% of businesses don’t reopen after disaster

  • Before: focus on prevention

  • Now: focus on recovery

  • Helps manage threats and reduces recovery time

3
New cards

Who should be involved in Contingency Planning?

  • Managers

  • IT

  • Information Security

  • Entire organisation

4
New cards

What are the four types of contingency planning?

  • Incident Response - detect, react and recover from incident

  • Disaster Recovery - recover services and assets after events

  • Business Continuity - continue operation even if systems are unavailable

  • Crisis Management - manage emergency situation and keep people informed

5
New cards

What guide should be used for contingency planning?

NIST SP800-34

6
New cards

What is the incident response (IR) planning phase?

Plan how to detect, react to and recover from incidents. It follows the NIST incident response lifecycle:

  • Preparation

  • Detection & Analysis

  • Containment Eradication and Recovery

  • Post-Incident Activity

7
New cards

What is the disaster recovery phase?

Recover critical IT systems after disasters. Plan should specify who is responsible for recovery, what to recover and how to do it.

8
New cards

What is Business Continuity phase?

Keep business operations running with minimal downtime after disaster.

  • Activated after DR is complete

  • Involves relocation

  • Managed by CEO

9
New cards

What is Crisis Management phase?

Handle emergencies and protect people, operations and reputation.

  • Protect health and welfare

  • Support employees

  • Inform public

  • Communicate with stakeholders

10
New cards

What is electronic vaulting?

Backup data sent electronically to off-site servers

11
New cards

What are the three types of servers?

  • Hot server - Fully operational backup, real time sync, takes over instantly

  • Warm server - online backup, not fully synced, used if hot server fails

  • Cold server - offline server, only used when other backups fail, slower to activate