Comprehensive Guide to Data Security, Business Continuity, Risk Management, and Disaster Recovery

Slide Note
Embed
Share

Explore a detailed overview covering topics such as data security revision, business continuity planning, risk analysis, management strategies, incident prevention, response, recovery, change management, and disaster recovery. Learn about risk assessment, business impact analysis, continuity plans, disaster recovery strategies, and more essential concepts for ensuring the security and resilience of organizational operations.

soleil
soleil Follow

Uploaded on Jul 02, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.



Presentation Transcript

  1. Data Security Revision 3 ISEC2001/5006, Curtin University

  2. Business Continuity (Part 1) Risk = Impact Likelihood Impact = the consequences / damage Likelihood = the chance it will happen

  3. Quantitative Risk Analysis Single loss expectancy (SLE) = Asset value x Exposure factor Annualised rate of occurrence (ARO) Annualised loss expectancy (ALE) = SLE x ARO Annual Cost of Safeguard (ACS) = the cost of the control Cost Benefit Analysis (CBA) = the higher, the better!

  4. Risk Management Strategies Require no further action: Accept Note it in the risk register then do nothing Avoid Remove the part of the system which contains the risk Transfer Shifts risk eg insurance, outsourcing* Require action: Mitigate Reduce impact and/or reduce likelihood Defend Implement security controls and safeguards

  5. Business Continuity (Part 1) Prevention Preparedness Response Recovery How to prevent incidents Business impact analysis what s the impact? Incident response plan what do we do? How to recover after an incident / disaster

  6. Business Continuity Planning Business Impact Analysis (BIA) Continuity of Operations Plan (COOP) Disaster Recovery Plan (DRP) Preparedness Recovery Response Training / Awareness Testing & Monitoring

  7. Change management Requests Impact assessment Approval Build and test Notification Implementation Validation Documentation

  8. Disaster recovery RPO Recovery Point Objective How much data can we afford to lose? RTO Recovery Time Objective What s the longest time we can tolerate without our critical systems being available? (WRT = MTD RTO) MTD Maximum Tolerable Downtime What s the longest outage time we can tolerate? (Speakers notes on hot, cold and warm sites Slide 26)

  9. Testing the BCP Structured walkthrough representatives talking through plan. This may identify gaps or weaknesses. Simulation test Involves role-playing and focuses on particular types of disasters or disruptions. Parallel test Recovery systems built/set up to see if they can perform actual transactions to support key processes. Full-scale (or full-interruption) test. Pretend the disaster actually happened and act accordingly with the plan and personnel. Expensive! https://ussignal.com/blog/disaster-recovery-plan-testing-methods-and-must-haves

Related


Understanding Risk Management in Environmental Geography and Disaster Management

Understanding Risk Management in Environmental Geography and Disaster Management

duke
Financial Recovery After Disaster Project: Comprehensive Framework for Community Resilience

Financial Recovery After Disaster Project: Comprehensive Framework for Community Resilience

acre
International experience in the field of Disaster-related Statistics

International experience in the field of Disaster-related Statistics

zimri
Understanding Disaster Management Cycle and Phases

Understanding Disaster Management Cycle and Phases

raya
Disaster Management and Local Development Through Devolution

Disaster Management and Local Development Through Devolution

rosanna
Comprehensive Overview of Security Risk Analysis and Management

Comprehensive Overview of Security Risk Analysis and Management

toula
Business Continuity Exercise Information and NHS England Emergency Preparedness

Business Continuity Exercise Information and NHS England Emergency Preparedness

emiliana
Disaster Management and Sustainable Local Development Through Devolution

Disaster Management and Sustainable Local Development Through Devolution

kyron
Comprehensive Overview of Continuity of Business in FAD Outbreaks

Comprehensive Overview of Continuity of Business in FAD Outbreaks

xanthippe
Understanding Data Governance and Security in Higher Education Institutions

Understanding Data Governance and Security in Higher Education Institutions

lucius
Alberta Emergency Management Agency Overview

Alberta Emergency Management Agency Overview

teresa
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Operational Risk Assessment for Major Accident Control: Insights from IChemE Hazards 33 Conference

Operational Risk Assessment for Major Accident Control: Insights from IChemE Hazards 33 Conference

juelz
Introduction to Flood Risk Assessment with HEC-FDA Overview

Introduction to Flood Risk Assessment with HEC-FDA Overview

theia
Understanding Data Lifecycle and Mining for Business Intelligence

Understanding Data Lifecycle and Mining for Business Intelligence

juni
Understanding Continuity and Change in the Victorian Curriculum: Levels 7 to 10

Understanding Continuity and Change in the Victorian Curriculum: Levels 7 to 10

talitha
Understanding Historical Continuity and Change Over Time

Understanding Historical Continuity and Change Over Time

mack
Exploring Continuity and Change in History Education

Exploring Continuity and Change in History Education

iwan
TSA Security Guidelines and Risk Reduction Strategies

TSA Security Guidelines and Risk Reduction Strategies

flint
Insights on Enterprise Risk Management in the Non-Life Insurance Sector

Insights on Enterprise Risk Management in the Non-Life Insurance Sector

pippa
NCI Data Collections BARPA & BARRA2 Overview

NCI Data Collections BARPA & BARRA2 Overview

karol
Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

adalwolf
BCA 601(N): Computer Network Security

BCA 601(N): Computer Network Security

danna
Understanding the Relationship Between Intangible Cultural Heritage and Disaster Risk Reduction

Understanding the Relationship Between Intangible Cultural Heritage and Disaster Risk Reduction

liana

More Related Content

Disaster Recovery & Mitigation Funding for Hurricane Sally
Disaster Recovery & Mitigation Funding for Hurricane Sally
Nebraska Department of Economic Development CDBG-DR Program Overview
Nebraska Department of Economic Development CDBG-DR Program Overview
Business Fundamentals and Emerging Technologies: Overview and Assessment
Business Fundamentals and Emerging Technologies: Overview and Assessment
Comprehensive Operational Risk Scenario Analysis Template
Comprehensive Operational Risk Scenario Analysis Template
The Digital Personal Data Protection Act 2023
The Digital Personal Data Protection Act 2023
Leveraging Data Warehouse and Cloud Computing for Informed Decision-Making
Leveraging Data Warehouse and Cloud Computing for Informed Decision-Making
Interpretation
Interpretation
Circulation/ILL Advisory Group Overview and Manual Item Recovery Discussion
Circulation/ILL Advisory Group Overview and Manual Item Recovery Discussion
Orientation to Emergency Operations in Douglas County
Orientation to Emergency Operations in Douglas County
NIH Data Management and Sharing Policy Overview
NIH Data Management and Sharing Policy Overview
2022 Thales Access Management Index
2022 Thales Access Management Index
Exploring Data Analytics: Introduction, Terminology, Challenges, Platforms, Tools, Applications
Exploring Data Analytics: Introduction, Terminology, Challenges, Platforms, Tools, Applications
Organizational Structure Overview of HSE and Security Functions
Organizational Structure Overview of HSE and Security Functions
Understanding Market Risk and Risk Management Techniques
Understanding Market Risk and Risk Management Techniques
Career Education Data Team Organization Guide
Career Education Data Team Organization Guide
Enhancing Synergies for Resilient Tomorrow: Progress and Challenges
Enhancing Synergies for Resilient Tomorrow: Progress and Challenges
Understanding Data Use Agreements (DUAs) in Sponsored Projects Office
Understanding Data Use Agreements (DUAs) in Sponsored Projects Office
Overview of Data Science: Uncovering Insights from Data
Overview of Data Science: Uncovering Insights from Data
Potential Role of Big Data in Economic Policy
Potential Role of Big Data in Economic Policy
International Approaches to Enhance Nuclear Safety and Security
International Approaches to Enhance Nuclear Safety and Security
Information Security and Machine-Level Security Concepts
Information Security and Machine-Level Security Concepts
Enhancing Security Definitions for Functional Encryption
Enhancing Security Definitions for Functional Encryption
TSA Updates on Security Training Rule for OTRB Companies
TSA Updates on Security Training Rule for OTRB Companies
Update on Flood Disaster Interventions and Responses to Committee's Reporting Requests
Update on Flood Disaster Interventions and Responses to Committee's Reporting Requests