Case Study

Drafting a Business Continuity Plan

Client Details
  • Council – Metropolitan
The Challenge(s)
  • Council has an out of date and irrelevant BCP
  • The basic backup procedures are in place but have not been tested
  • The complexity of recovering from cloud-based services
  • Lack of DR site availability
  • Limited Budget and Resources
The Solution
  • Follow an ISO 27001 ISMS approach and methodology
  • Carry out a business impact analysis and identify the key BCP requirements
  • Identifying the business risks and likelihood is a critical consideration
  • Must provide a core capability to address a Cyber Security Incidents
  • Establish current recovery capabilities; relocation of key services that need to be provided
  • Workshop DR scenarios and discuss viable practical solutions with stakeholders
  • Carry out workshops with key stakeholders (including decision makers) to make sure that everyone understands the requirements and challenges.
  • Ensure that security is maintained in a DR situation.
  • Aid include BCP requirements within the ICT Strategy.
What did we learn?
  • Building the most appropriate and efficient business continuity capability involves a large investment in time and budget. In most cases this will require careful budgetary planning which in most cases will delay the implementation.
  • Taking a practical approach and identifying the inherent capabilities within existing systems might not deliver the most comprehensive business continuity solution but it can provide partial recovery and protection to the business.
Share on facebook
Share on twitter
Share on linkedin
Share on email