Ifsm Risk Assessment Assignment Discussion Topic
Please answer the discussion topic, well supported with outside research or assigned readings as appropriate, add value to the discussion, and demonstrate student’s understanding of concepts
(As a model for excellence, please consider this process,
- Answer the question in your own words.
- Provide a quote, paraphrase or reference from our textbook or other source. Use Class Assigned readings Must
- Provide examples that demonstrate your answer and understanding of the concept.
- All sources must be cited, APA Format
- Please answer the questions seperated
Question 1. Discussion Topic
Please answer the following
1. Is Business Continuity a subset of Risk Management? Support your response with references from class resources or other resources.
2. What is your experience in business continuity planning (BC) and/or disaster recovery (DR) planning? Have you ever had to respond to disaster situations?
3. What is the status of BC and/or DR planning in your organization (or one in which a family member or friend is employed?)
- Business User Guide (Read pages 1 through 10. This addresses how to use the guide and how to get started)
- FEMA Disaster Recovery Reform Act of 2018 – https://www.ncsl.org/blog/2018/10/09/2018-faa-reauthorization-act-and-disaster-recovery-reform-act-become-law.aspx
- Good introduction to BC training https://www.youtube.com/watch?v=M1H-SuF3BdM&list=PLsk8nZqQUd3ByRURPF8_p00LUCoFufZob&index=3&t=9s
- Why is BCP important! https://www.youtube.com/watch?v=-iLj8mEtK4U&index=3&list=PLsk8nZqQUd3ByRURPF8_p00LUCoFufZob
- What is the BCP process? – https://www.youtube.com/watch?v=dPWSwYa7_Lc&list=PLsk8nZqQUd3ByRURPF8_p00LUCoFufZob&index=4
Question 2.Target Breach (Discussion)
Read the following articles
The first link takes you through the original Target breach event. The second link is an autopsy of the event several years later.
For this response, assume you are an independent business continuity consultant to Target and supporting the internal review of the business continuity plan. Based on what you are able to read about the Target data breach, identify 2-3 actions you would recommend to the CIO to prepare for future cyber attacks against the network.
You can use the second link (autopsy) to help formulate your recommendations.
Be specific in the recommendations as opposed to a general recommendation of either ‘assess risk’ or ‘educate the work force.” In other words, indicate what type of risk or what specific topics should be covered and be specific to the Target breach. Be sure to support your recommendation with at least one reference.
- Business User Guide (Review the first three sections of the sample plan, pages 11-20.)
- Basic Guide to Business Continuity Planning (read through Section 2, with a focus on threats and building an execution plan)
- Every Business Should have a Plan – Business_booklet_12pg_2014.pdf
- Business Continuity Planning planning process – https://www.ready.gov/planning
- How to Create an Effective Business Continuity Plan – https://www.cio.com/article/2381021/best-practices-how-to-create-an-effective-business-continuity-plan.html
- Homeland Security – Business Continuity and Preparedness Strategy https://www.fema.gov/media-library-data/1513892735873-87f01f2fc1443479e65cff8a7b234aa3/BusinessContinuityAndPreparedness.pdf
- Risk Assessment – https://www.ready.gov/risk-assessment
Individual assignment: IFSM Risk Assessment Assignment
Question 3Regulatory Compliance Impact to BCP (Discussion)
Regulatory compliance impacts business continuity planning. Do you agree or disagree with this statement? Regardless of your response, provide an example of a US government legislative act or standard that will support your response and how it does or does not impact business continuity planning. (Note: The selected regulation or compliance requirements must be applicable to the organization’s industry. For example, FERC or NERC would apply to electricity, or SOX to publicly traded companies, etc.)
- Ready.gov IT Disaster Recovery Planning – A nice overview of the key planning activities for disaster recovery – https://www.ready.gov/business/implementation/IT
- Business Impact Analysis Form – A business impact analysis is a systemic process to prepare for an interruption to business operations https://www.ready.gov/business-impact-analysis
- Basic Guide to Business Continuity Planning – Read Section 3 which guides a business through the business impact analysis product
- View: Blog on 4-Step Approach to Building a BCP – Good overview of the approach toward BC planning – https://blog.lowersrisk.com/business-continuity-plan/
- Eight Processes for Building a BCP – https://www.bdc.ca/en/articles-tools/business-strategy-planning/manage-business/pages/business-continuity-8-steps-building-plan.aspx
- What are the Business Costs? – What are the Business Costs.pdf
- View: Five Videos on BCP Process Steps (FEMA)
Question 4.BCP Testing (Discussion)
Please address the following two discussion questions:
1. Upon viewing this week’s video on the sixth step (Test) in Business Continuity Training, provide three important “take-aways” for “testing” a business continuity plan.
2. What are some of the challenges that an organization faces to acquire management support to prepare and execute pre-test through test and post-test evaluations?
Read and View:
- A Basic Guide to Business Continuity Planning – Section 5 (Train and Test)
- Business Continuity or Disaster Recovery Testing and Training Guidelines https://www.mha-it.com/2016/11/02/disaster-recovery-testing/
- Exercising and Testing your BCP – https://emergencymanagement.georgetown.edu/
- OnSolve – Getting Back to Basics for Testing the BCP https://www.onsolve.com/blog/be-prepared-by-getting-back-to-bcp-basics/?utm_source=google&utm_medium=organic
- View: Test BCP Process Video (FEMA)