Page 1322 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1322

recovery effort without requiring interpretation from team members
               busy with tasks directly related to that effort.




                          Visit the Professional Practices library at

                  https://drii.org/resources/professionalpractices/EN to examine a
                  collection of documents that explain how to work through and

                  document your planning processes for BCP and disaster recovery.
                  Other good standard documents in this area includes the BCI Good
                  Practices Guideline (https://www.thebci.org/training-
                  qualifications/good-practice-guidelines.html), ISO 27001
                  (https://www.iso.org/isoiec-27001-information-security.html),
                  and NIST SP 800-34 (https://csrc.nist.gov/publications/sp).




               Emergency Response


               A disaster recovery plan should contain simple yet comprehensive
               instructions for essential personnel to follow immediately upon
               recognizing that a disaster is in progress or is imminent. These
               instructions will vary widely depending on the nature of the disaster,
               the type of personnel responding to the incident, and the time

               available before facilities need to be evacuated and/or equipment shut
               down. For example, instructions for a large-scale fire will be much
               more concise than the instructions for how to prepare for a hurricane
               that is still 48 hours away from a predicted landfall near an
               operational site. Emergency-response plans are often put together in
               the form of checklists provided to responders. When designing such
               checklists, keep one essential design principle in mind: arrange the

               checklist tasks in order of priority, with the most important task first!

               It’s essential to remember that these checklists will be executed in the
               midst of a crisis. It is extremely likely that responders will not be able
               to complete the entire checklist, especially in the event of a short-
               notice disaster. For this reason, you should put the most essential
               tasks (that is, “Activate the building alarm”) first on the checklist. The
               lower an item on the list, the lower the likelihood that it will be

               completed before an evacuation/shutdown takes place.
   1317   1318   1319   1320   1321   1322   1323   1324   1325   1326   1327