CASP+: Chapter 3 (2of2)

Utilizing a combination of on-site and cloud services for data recovery.

Employing cloud services as the sole backup for data centers.

Adapting legacy systems to work seamlessly with public cloud platforms.

Using legacy systems alongside public cloud platforms.

DRaaS involves pre-configured systems for near real-time data backup, while relying solely on public cloud platforms does not.

Relying solely on public cloud platforms ensures near real-time data backup, while DRaaS does not.

DRaaS relies on public cloud services as a backup DR site, while relying solely on public cloud platforms does not involve backup strategies.

Relying solely on public cloud platforms requires a separate disaster recovery plan, while DRaaS does not.

To assign blame for any shortcomings identified during the test or incident.

To capture important details and outcomes of the test or incident in a standardized format.

To provide a detailed breakdown of the disaster recovery plan.

To outline the legal ramifications of the incident or test outcomes.

Identification of individuals responsible for any shortcomings during the incident or test

Detailed breakdown of the disaster recovery plan

Introduction, exercise scope, objectives, scenario description, findings, and recommendations

Legal implications

To evaluate the performance of hardware and software components.

To identify and correct any overlooked issues and verify the plans' effectiveness.

To provide emergency responders with extensive training and practice.

To simulate real emergencies and observe staff reactions.

Human errors unrelated to the IT infrastructure.

System recovery failure, data loss, missing dependencies, longer-than-expected recovery times, and software malfunctions.

Communication breakdowns between IT departments and management.

Financial discrepancies and budgetary oversights.

ISO 9001 (Quality Management)

HIPAA (Health Insurance Portability and Accountability Act)

GLBA (Gramm-Leach-Bliley Act)

FISMA (Federal Information Security Modernization Act)

FFIEC (Federal Financial Institutions Examination Council)

ISO 27031 (Guidelines for information and communication technology readiness for business continuity)

GASB (Governmental Accounting Standards Board)

FISMA (Federal Information Security Modernization Act)

Disaster Recovery Test

Failover Test

Parallel Test

Full Interruption Test

Parallel Test

Business Continuity Test

Full Interruption Test

Disaster Recovery Test