Csec 650 Individual Assignment 2

4263 words 18 pages
IA2: Business Continuity Plan for Information Technology
CSEC 650
University of Maryland University College

Business contingency and continuity of operations plan are vital to business, especially those reliant on digital media. Whether through nature events or the more likely interruption of computer systems and networks, a disruption of any type is a serious business concern. A disruption can harm operational revenue, services, supply-chain, and reputation. Any of the preceding effects from a disruption could possibly be severe enough to mean the end of business as a going concern. To avoid severe or long term damaging disruption, a comprehensive contingency plan can provide a guide for how resources and personnel will be
…show more content…

A carefully crafted BCP can be the key to quickly recovering operations for a business allowing it to minimize disruptions for itself and its customers. The first part of the planning process is to use the in depth analysis of the companies mission and IT operations to draft a policy for network security to prevent issues and respond to any that occur. The security policy for the network should include the development of the network with security systems included from the start (Zurcher, 2015). Following the networks development, the policy should address the need for required routine maintenance, as well as how to respond unexpected maintenance issue; including the response to an outage of service. Procedures for maintenance that requires a service outage, or when addressing an unexpected outage, should be clearly delineated; explaining how the service disruption will be addressed and what parts of the system should be prioritized for a return to service (Broder and Tucker, 2012). Each procedure should also have a requirement for documentation to be maintained for future review and training purpose, including the possibility of the need to review the IT policy. Those latter steps should be canonized as part of the policy as aspect of the need have IT and management personnel to periodically review and receive