Dyson College of Arts and Sciences
Issue link: http://dysoncollege.uberflip.com/i/128987
that divides them into four classes: (1) Natural, (2) Technological, (3) Man-made, and (4) Biological. There are many ways to counter business disruptions (Continuity Forum; Resilience, 2011) including business continuity, disaster recovery, emergency plans, contingency plans, and so on. However, we will only examine business continuity and disaster recovery plans. Business Continuity Business continuity is the ability of an organization to respond to disaster or business disruption through the timely detection of the disruptive event, the accurate measurement of risks and business losses, and the efficient resumption of business operations. The National Fire Protection Association (NFPA), defined business continuity as follows (National Fire Protection Association, 2007) Business Continuity is an ongoing process supported by senior management and funded to ensure that the necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies, recovery plans, and continuity of services. This definition requires that management funds and supports the business continuity effort. Business continuity is a continuous process that keeps track of all possible losses and their impacts on the organization (Software Engineering Institute, 2007). It is also responsible for maintaining viable safeguards capable of an effective and quick recovery and continuity of business services. Disaster Recovery In addition to business continuity, other activities are concerned with an organization's responsive capabilities to business disruptions. Disaster recovery is an example that is related to business continuity. Disaster recovery is the activity of resuming computing operations after a disaster— like floods, severe storms, or geologic incidents—takes place. Restoring the computing environment is often achieved through the duplication of computing operations. Disaster recovery is also concerned with routine off-site backup, as well as writing and implementing procedures for activating vital information systems in a safer computing environment. That is, any organization of any size will obviously need a proactive business continuity plan to prevent any short business disruptions and a feasible reactive disaster recovery plan to be able to recover from short or long business discontinuities resulting from inevitable disasters (AT&T, 2007; National Fire Protection Association, 2007). Responding to Business Disruptions Business disruptions can happen anytime, anywhere in the organization, and without prior notice. The organization, however, should feasibly adopt all available safeguards and defense strategies to minimize the effects of any business disruptions on its business assets. Those safeguards are often divided into four classes (Raggad, 2010): 1. Deterring safeguards, 2. Detective safeguards, 3. Preventive safeguards, and 4. Corrective safeguards. The adoption of any deterrence techniques should aim at communicating to disruptive agents that the consequences of committing crimes against the organization surpass 58