Page 1307 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1307

Recovery Strategy


               When a disaster interrupts your business, your disaster recovery plan
               should kick in nearly automatically and begin providing support for
               recovery operations. The disaster recovery plan should be designed so

               that the first employees on the scene can immediately begin the
               recovery effort in an organized fashion, even if members of the official
               DRP team have not yet arrived on site. In the following sections, we’ll
               cover critical subtasks involved in crafting an effective disaster
               recovery plan that can guide rapid restoration of regular business

               processes and resumption of activity at the primary business location.
               In addition to improving your response capabilities, purchasing

               insurance can reduce the risk of financial losses. When selecting
               insurance, be sure to purchase sufficient coverage to enable you to
               recover from a disaster. Simple value coverage may be insufficient to
               encompass actual replacement costs. If your property insurance
               includes an actual cash value (ACV) clause, then your damaged

               property will be compensated based on the fair market value of the
               items on the date of loss less all accumulated depreciation since the
               time of their purchase. The important point here is that unless you
               have a replacement cost clause in your insurance coverage, your
               organization is likely to be out of pocket as a result of any losses it
               might sustain. Many insurance providers offer cybersecurity liability
               policies that specifically cover breaches of confidentiality, integrity,

               and availability.

               Valuable paper insurance coverage provides protection for inscribed,
               printed, and written documents and manuscripts and other printed
               business records. However, it does not cover damage to paper money
               and printed security certificates.


               Business Unit and Functional Priorities


               To recover your business operations with the greatest possible
               efficiency, you must engineer your disaster recovery plan so that those
               business units with the highest priority are recovered first. You must
   1302   1303   1304   1305   1306   1307   1308   1309   1310   1311   1312