| Term 
 
        | disaster recovery plan (DRP) |  | Definition 
 
        | carried out when everything is still in emergencymode, and everyone is scrambling to get all critical systems back online. to minimize the effects of a disaster or disruption. It means taking the necessary steps to ensure that the resources, personnel, and business
 processes are able to resume operation in a timely manner.
 |  | 
        |  | 
        
        | Term 
 
        | business continuity plan (BCP) |  | Definition 
 
        | provides methods and procedures for dealing with longer-term outages and disasters.
 |  | 
        |  | 
        
        | Term 
 
        | business continuity management (BCM)
 |  | Definition 
 
        | the holistic management process that should cover both of them. BCM provides a framework for integrating resilience with the capability for effective
 responses that protects the interests of an organization’s key stakeholders. The
 main objective of BCM is to allow the organization to continue to perform business
 operations under various conditions.
 |  | 
        |  | 
        
        | Term 
 
        | business continuity coordinator |  | Definition 
 
        | This person will be the leader for the BCP team and will oversee the development, implementation, and testing of the continuity and disaster recovery plans
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | The team must comprise people who are familiar with the different departments within the company, because each department is unique in its functionality
 and has distinctive risks and threats.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | supplies the framework for and governance of designing and building the BCP effort. The policy helps the organization understand the importance of
 BCP by outlining BCP’s purpose. It provides an overview of the principles of the organization
 and those behind BCP, and the context for how the BCP team will proceed
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | Strengths/Weaknesses/Opportunities/Threats |  | 
        |  | 
        
        | Term 
 
        | BIA (business impact analysis) |  | Definition 
 
        | considered a functional analysis, in which a team collects data through interviews and documentary sources; documents business functions,
 activities, and transactions; develops a hierarchy of business functions; and finally
 applies a classification scheme to indicate each individual function’s criticality
 level.
 |  | 
        |  | 
        
        | Term 
 
        | risk assessment equation: |  | Definition 
 
        | Risk = Threat × Impact × Probability x Time |  | 
        |  | 
        
        | Term 
 
        | maximum tolerable downtime (MTD) |  | Definition 
 
        | The outage time that can be endured by a company |  | 
        |  | 
        
        | Term 
 
        | Recovery Time Objective (RTO) |  | Definition 
 
        | the earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptableconsequences associated with a break in business continuity |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the remainder of the overall MTD value after Recovery Time Objective (RTO). deals with restoring data, testing processes, and then making everything “live” for production purposes.
 |  | 
        |  | 
        
        | Term 
 
        | Recovery Point Objective (RPO) |  | Definition 
 
        | the acceptable amount of data loss measured in time. This value represents the earliest point in time at which data must be recovered. The higher the value of data, the more funds or other resources that can be put into place to ensure a smaller amount of data is lost in the event of a disaster. |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the team approaches the information gathered during the BIA stage from a practical perspective. It has to figure out what the company needs
 to do to actually recover the items it has identified as being so important to the organization
 overall.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | a disruption in service due to a device malfunction or failure |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | an event that causes the entire facility to be unusable for a day or longer.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | a major disruption that destroys the facility altogether. This requires both a short-term solution, which would be an offsite facility, and a long-term
 solution, which may require rebuilding the original facility.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | A facility that is leased or rented and is fully configured and ready to operate within a few hours
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | A leased or rented facility that is usually partially configured with some equipment, such as HVAC, and foundational infrastructure components,
 but not the actual computers
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | A leased or rented facility that supplies the basic environment, electrical wiring, air conditioning, plumbing, and flooring, but none of the
 equipment or additional services. A cold site is essentially an empty data
 center. It may take weeks to get the site activated and ready for work
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | company A agrees to allow company B to use its facilities if company B is hit by a disaster, and vice versa
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | more than two organizations agree to help one other in case of an emergency. |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the back of a large truck or a trailer is turned into a data processing or working area |  | 
        |  | 
        
        | Term 
 
        | executive succession planning |  | Definition 
 
        | if someone in a senior executive position retires, leaves the company, or is killed, the organization has predetermined steps to carry out to protect the company
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | method of transmitting data offsite, but this usually only includes moving the journal or transaction logs to the offsite facility,
 not the actual files
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the data are sent over a serial line to a backup tape system at the offsite facility
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the primary and secondary data volumes are out of sync. Synchronization may take place in seconds, hours, or
 days, depending upon the technology in place.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the primary and secondary repositories are always in sync, which provides true real-time duplication
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | a combination of technologies and processes that work together to ensure that some specific thing is always up and running
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | configured so if one link goes down or gets congested, then traffic is routed over a different network link. Redundant hardware can also be
 available so if a primary device goes down, the backup component can be swapped out
 and activated.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | the capability of a technology to continue to operate as expected even if something unexpected takes place (a fault
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | if there is a failure that cannot be handled through normal means, then processing is “switched over” to a working
 system.
 |  | 
        |  | 
        
        | Term 
 | Definition 
 
        | Some systems are moved to the alternate site and processing takes place. The results are compared with the regular processing that is
 done at the original site. This points out any necessary tweaking or reconfiguring
 |  | 
        |  |