WEBVTT

00:00:00.640 --> 00:00:03.040
The ability to respond to a natural or

00:00:03.040 --> 00:00:05.520
man-made threat, ensure continuity of

00:00:05.520 --> 00:00:07.200
business operations, and

00:00:07.200 --> 00:00:09.840
protect human resource and assets

00:00:09.840 --> 00:00:11.920
in the event of a disaster or a business

00:00:11.920 --> 00:00:14.240
disruption is the primary objective of

00:00:14.240 --> 00:00:15.920
any business continuity management

00:00:15.920 --> 00:00:17.279
program.

00:00:17.279 --> 00:00:18.960
Hello, and welcome to Information

00:00:18.960 --> 00:00:22.160
Security Governance, Risk, and Compliance.

00:00:22.160 --> 00:00:24.080
My name is Salvadore, and today we will

00:00:24.080 --> 00:00:26.480
learn how to audit a business continuity

00:00:26.480 --> 00:00:27.840
management program

00:00:27.840 --> 00:00:29.439
in 10 steps.

00:00:29.439 --> 00:00:31.021
Let's get started.

00:00:32.558 --> 00:00:35.200
Point number one: Check and verify that a business

00:00:35.200 --> 00:00:38.000
continuity management policy is created

00:00:38.000 --> 00:00:40.960
and reviewed on a regular basis.

00:00:40.960 --> 00:00:43.280
Ensure the policy contains the roles and

00:00:43.280 --> 00:00:44.719
responsibilities,

00:00:44.719 --> 00:00:47.440
workforce training, a framework for setting

00:00:47.440 --> 00:00:49.680
business continuity objectives,

00:00:49.680 --> 00:00:51.840
and organizational risk appetite and

00:00:51.840 --> 00:00:53.760
tolerance to plan,

00:00:53.760 --> 00:00:56.320
deliver, and support capabilities in the

00:00:56.320 --> 00:00:59.555
event of a business disruption.

00:01:00.320 --> 00:01:02.800
Point number two: Make sure a business

00:01:02.800 --> 00:01:05.680
impact analysis is performed.

00:01:05.680 --> 00:01:08.720
The business impact analysis contains

00:01:08.720 --> 00:01:11.360
identification of critical products and

00:01:11.360 --> 00:01:14.240
services with their inherent risks,

00:01:14.240 --> 00:01:17.200
the likelihood and impact of each risk,

00:01:17.200 --> 00:01:20.320
countermeasures to prevent, detect, and

00:01:20.320 --> 00:01:22.640
react to the identified risks,

00:01:22.640 --> 00:01:25.040
recovery time objectives, and recovery

00:01:25.040 --> 00:01:28.000
point objectives.

00:01:28.240 --> 00:01:30.400
Point number three: Ensure a business

00:01:30.400 --> 00:01:32.880
continuity strategy is developed to

00:01:32.880 --> 00:01:35.439
reduce the impact of a disaster,

00:01:35.439 --> 00:01:38.079
ensure business continuity, and recover

00:01:38.079 --> 00:01:40.240
from business disruptions within the

00:01:40.240 --> 00:01:42.720
enterprise risk appetite.

00:01:42.720 --> 00:01:44.560
Make sure that the strategy includes

00:01:44.560 --> 00:01:46.479
unavailability of all relevant

00:01:46.479 --> 00:01:47.680
components,

00:01:47.680 --> 00:01:50.399
and all activities and processes within

00:01:50.399 --> 00:01:54.640
the scope whether on-premise or on cloud.

00:01:54.640 --> 00:01:56.640
Point number four: Check and verify that

00:01:56.640 --> 00:01:59.520
a business continuity plan is created

00:01:59.520 --> 00:02:02.399
and reviewed on a regular basis.

00:02:02.399 --> 00:02:04.159
Ensure that the plan consists of the

00:02:04.159 --> 00:02:05.759
following components:

00:02:05.759 --> 00:02:07.759
scope of activity, roles and

00:02:07.759 --> 00:02:10.000
responsibilities, clear lines of

00:02:10.000 --> 00:02:11.280
communication,

00:02:11.280 --> 00:02:14.080
recovery procedures, and the basis for

00:02:14.080 --> 00:02:16.400
BCM invocation.

00:02:16.400 --> 00:02:18.319
With respect to cyberattacks, ensure

00:02:18.319 --> 00:02:20.400
there is a skilled incident management

00:02:20.400 --> 00:02:23.680
technical team to manage the incidents.

00:02:23.680 --> 00:02:26.000
In case of a pandemic event that the world

00:02:26.000 --> 00:02:28.160
is going through now, the users need to

00:02:28.160 --> 00:02:29.760
perform the functions

00:02:29.760 --> 00:02:31.680
working from home.

00:02:31.680 --> 00:02:34.000
Ensure endpoint security and network

00:02:34.000 --> 00:02:36.160
communication is effective to ensure

00:02:36.160 --> 00:02:39.680
smooth business operations.

00:02:39.840 --> 00:02:42.160
Point number five: Check and verify that

00:02:42.160 --> 00:02:44.319
all the relevant documents, such as

00:02:44.319 --> 00:02:46.959
backup and restoration guidelines,

00:02:46.959 --> 00:02:49.200
network, and architecture diagrams,

00:02:49.200 --> 00:02:51.599
alternate workarounds for performing

00:02:51.599 --> 00:02:54.480
business functions, and incident playbooks,

00:02:54.480 --> 00:02:57.040
are available instantly to support

00:02:57.040 --> 00:02:59.120
business continuity and operational

00:02:59.120 --> 00:03:00.480
resilience.

00:03:00.480 --> 00:03:02.400
Make sure that all the documents are

00:03:02.400 --> 00:03:05.280
reviewed for any changes that happened

00:03:05.280 --> 00:03:07.920
previously.

00:03:08.159 --> 00:03:10.239
Point number six: Make sure all

00:03:10.239 --> 00:03:12.400
business continuity and operational

00:03:12.400 --> 00:03:14.879
resilience plans are tested at least

00:03:14.879 --> 00:03:16.480
annually.

00:03:16.480 --> 00:03:18.640
Check and verify that a table top exercise

00:03:18.640 --> 00:03:21.280
was performed, and the report generated

00:03:21.280 --> 00:03:22.959
to identified if there were any

00:03:22.959 --> 00:03:25.840
shortcomings during the call.

00:03:25.840 --> 00:03:27.920
Make sure that a call tree exercise was

00:03:27.920 --> 00:03:29.120
performed

00:03:29.120 --> 00:03:31.360
to ensure the communications with all

00:03:31.360 --> 00:03:33.200
users.

00:03:33.200 --> 00:03:35.519
Ensure users' contacts are stored and

00:03:35.519 --> 00:03:38.239
acknowledged, and that all calls and messages

00:03:38.239 --> 00:03:41.680
were recorded and verified.

00:03:41.680 --> 00:03:43.680
Check and verify the stress reports to

00:03:43.680 --> 00:03:45.760
identify that the tests were conducted

00:03:45.760 --> 00:03:49.040
as per the resilience plan.

00:03:49.599 --> 00:03:51.040
Point number seven:

00:03:51.040 --> 00:03:53.360
In times of crisis, communication among

00:03:53.360 --> 00:03:55.760
stakeholders and the relevant entities

00:03:55.760 --> 00:03:58.480
is key to successfully managing business

00:03:58.480 --> 00:04:00.080
disruption.

00:04:00.080 --> 00:04:01.680
Make sure that communication lines

00:04:01.680 --> 00:04:03.840
are identified and how the communication

00:04:03.840 --> 00:04:05.920
is sent to the relevant parties,

00:04:05.920 --> 00:04:08.319
whether it be the press, municipality, or business

00:04:08.319 --> 00:04:09.599
users.

00:04:09.599 --> 00:04:11.760
Make sure that response structure is

00:04:11.760 --> 00:04:14.159
developed to communicate early warnings

00:04:14.159 --> 00:04:17.379
and communications to the stakeholders.

00:04:18.560 --> 00:04:20.079
Point number eight:

00:04:20.079 --> 00:04:22.079
Business data is a key component to

00:04:22.079 --> 00:04:24.160
recover from a disaster or a crisis

00:04:24.160 --> 00:04:25.680
situation.

00:04:25.680 --> 00:04:27.520
Make sure that a secure backup data

00:04:27.520 --> 00:04:28.400
process

00:04:28.400 --> 00:04:31.440
is followed for storing data in times

00:04:31.440 --> 00:04:32.720
of crisis.

00:04:32.720 --> 00:04:34.880
Check sample backup and restoration

00:04:34.880 --> 00:04:37.440
evidence.

00:04:38.880 --> 00:04:40.880
Point number nine: To recover from a

00:04:40.880 --> 00:04:43.040
natural disaster, like flooding or

00:04:43.040 --> 00:04:45.360
earthquakes, and other man-made disasters

00:04:45.360 --> 00:04:46.639
like fire,

00:04:46.639 --> 00:04:48.800
ensure that systems and network devices

00:04:48.800 --> 00:04:51.199
are housed in environmentally safe data

00:04:51.199 --> 00:04:54.400
centers, as well as redundancy is always

00:04:54.400 --> 00:04:55.520
maintained.

00:04:55.520 --> 00:04:58.160
Ensure alternate sites, like hot, warm, or

00:04:58.160 --> 00:05:00.240
cold sites, are designed according to

00:05:00.240 --> 00:05:02.560
business requirements and tested for

00:05:02.560 --> 00:05:05.199
effectiveness.

00:05:05.199 --> 00:05:07.280
And finally, point number ten: Check and

00:05:07.280 --> 00:05:09.919
verify that a DR or disaster recovery

00:05:09.919 --> 00:05:11.919
activity is tested.

00:05:11.919 --> 00:05:12.960
Ensure that

00:05:12.960 --> 00:05:14.720
network switching happens automatically

00:05:14.720 --> 00:05:17.600
to secondary sites,

00:05:17.600 --> 00:05:19.919
and servers and applications run without

00:05:19.919 --> 00:05:22.479
any issues.

00:05:22.880 --> 00:05:24.400
Thank you for watching the video.

00:05:24.400 --> 00:05:26.639
Do provide your feedback and subscribe

00:05:26.639 --> 00:05:28.000
the channel for

00:05:28.000 --> 00:05:29.440
upcoming videos.

00:05:29.440 --> 00:05:31.065
Thank you.