Business Continuity and Disaster Recovery Plan

Business Continuity and Disaster Recovery Plan

Disaster recovery plan focuses on the approaches to follow after a business faces a disaster. Most organizations adopt plans that are technology-oriented that aim at reshaping the network and systems. Business continuity deals with sustaining the organization after experiencing a disaster and involves more than technology. Numerous companies and businesses are embracing business continuity into their environment because of increased awareness of disastrous circumstances, as well as new legal requirements that assume top management obligations for financial responsibility.

Don't use plagiarized sources. Get Your Custom Essay on
Business Continuity and Disaster Recovery Plan
Just from $13/Page
Order Essay

Enterprise Business Continuity and Disaster Recovery Plan (BCDR) for ABBA Agency with 10 employees

Business Continuity and Disaster Recovery Plan (BCDR) are procedures that assist organizations prepared for unexpected events. While preparing for BCDR, the company must incorporate the following requirements.

a) Practices, standards and guidelines, for business security, risk assessment and mitigation

b) Planned for disaster recovery and business recovery to include computer and network security

c) Effective security policy, risk factors, security-related organizations, and general security threat types and access controls.

d) Using universal guidelines and principles with respect to network security, it risk assessment, risk analysis, and risk management

e) Guidelines for Cyber law, copyright, patent, and privacy laws, within the bounds of the legal systems for digital media in the U.S. Court

It is crucial that organizations value the extent of probable damage and revenues losses that business disruptions can cause. The interruptions can range from fabricated, natural calamities, technology misgivings and others. Almost any type of business disruption experienced can cause either some direct or some indirect impacts on the efficiency of a business. Businesses should discover the large and small issues that can have a negative effect on the company and discover alternatives to counteract the disasters (Alexander, 2002).

The most significant part in Business Continuity and Disaster Recovery Plan is implementing practices, standards and guidelines that endorse management support. Management must accept the significance for executing such a plan. It is necessary for any business case to obtain the management support. Some of the issues included in the disaster recovery plan entails; current vulnerabilities, regulatory and legal requirements, status of recovery plans and proposals (Alexander, 2002).

It is also necessary to incorporate cost/benefit issues as this helps in gathering preliminary numbers and estimate potential losses. In addition, the disaster recovery plan should include a computer and network security. While the implemented practices, standards and guiding principles ascertains business security, the computer and internet security ensures data maintenance. The policies implemented by ABBA agency must ensure that private and discrete data remains within the right people (Davis, 2007).

To carry on with significant business functions in the event of business disruptions, it is essential to continue with a functional risk assessment. This helps address the significant functions and make the suitable investments, in terms of time and money. The risk assessment adopted by the company helps identify the various functions, procedures, resources and suppliers. This has tremendous effect on the ability of the company to fulfill the agency’s ability to realize its mission objectives. It also involves the discovery and assessment of the viable threats, the existing vulnerabilities and the possibility that a disruption will exploit the discovered disruptions. Furthermore, it assists in the discovery of the relative risk exposure to diverse components of the business, so that there is the occurrence of fact-based decision making on mitigation plans (Alexander, 2002).

In addition to employing functional risk assessment, the company should consider adding physical securities for the offices, various rooms and facilities against foreseen business disruptions. The company should ascertain that it concentrates on safeguarding all the essential equipments, facilities and documents in order to avoid jeopardizing the network security. In administering the security policy, the company may require allotting additional human resources (Alexander, 2002).

The it security employees should have new obligations that ease control and authentication. It is necessary to manage user accounts, passwords, group membership and other authentication devices. In addition, the company will require installing and employing network security tools that observe any suspicious activity. These tools assist the company to proactively assess and authenticate servers, firewalls and routers to discover security holes or breaches.

The company will probably need to choose, set up and apply watchdog software that examines network traffic and/or OS commands and activates an alarm. This happens when an event occurs that is contrary to company’s security policy. Furthermore, the security employees will require expending time examining log files from Web and application servers, and examining audit trails, when suspicious events arise. This is in addition to assigning more routine responsibilities, for instance having backup files and recovery and installation of new software. Another guideline to security policy is helping staffs with computer related problems. The company should occasionally test the enforcement mechanisms to authenticate that they offer the projected levels of safety. When there is a violation of security policy, it will be significant for the company to assume suitable and appropriate disciplinary action (Frank, 2006).

Based on the severity of the violation caused, the penalties to the employees may range from loss of remuneration or loss of jobs. Suitable authorities for probable criminal prosecution should handle increased violation, for instance, malicious access of network by outsiders. In ascertaining appropriate handling of security threats, the company should implement effective security policy. The security policies that organizations should implement include;

Physical Access Security Policy

In ensuring there is complete access control policy, the company should develop a strong physical access policy and educate all employees on the policy. The security level of the company determines the type of physical security required. Most organizations prefer employing either guarded or non-guarded entrances. It is essential for the company to issue security access cards on guarded premises. This ascertains that only recognized and authorized personnel enters the organization (Alexander, 2002).

This policy controls the number of people accessing various places within the company as identified by their particular job descriptions. For instance, only the network and systems personnel can access servers and networks communications department. This is with personalized access cards. As a policy of ensuring effective business continuity, employees must learn how to lock doors behind them and shut out people that may follow them through the doorway. The company should encourage employees to report any suspicious persons in the premises with unknown identification. In addition, the company should publish the security policies because physical access guarantees that employees have appropriate knowledge on security policies.

Access Control Policies

The following are some of the access control policies that provide a steady business structure and procedures to control internal fraud and dishonesty in the company.

Least privilege

This principle gives users only access rights they require for effective performance of their assigned tasks. Users get limited access that prevents them from misusing their access rights.

Separation of duties

Delegation of duties ensures that every individual performs a task that is within their power. Competent personnel effectively handle the high security and risky tasks. Furthermore, several people mutually share the significant responsibilities in order to ascertain accuracy, honesty and accountability. This recovery plan ensures that those risky tasks initially entrusted to single individuals are handled by several people that are aware of the responsibilities required (Frank, 2006).

Job rotation

It is an effective disaster recovery plan policy because the employee retains an access control for a given responsibility for a period. This controls internal dishonesty from staffs that may take advantage of their loyalty to the organization and their long time service and security access.

Mandatory vacations

These policies require staffs to utilize their vacations at given times of the year or even use the entire vacation period. The policy helps identify the security issues held by employees, for instance, fraud because irregularities may occur when employees are absent from the company.

Network Security Policies

Numerous policies provide standard guiding principles for network security within the organization. They cover areas such as the internet and internet network use, data confidentiality, security incident response, human resource principles and security of documents. It is vital to develop acceptable policy that enhances performance of computer network. The policy should also regulate legal liability in the incident of security issues (Frank, 2006). Acceptable policies should encompass the following incidences;


The legal department in the company should approve the implemented policy before it is handed over for signing. This policy acts as a legal document that prevents the company from any legal liability in cases of internet related issues and other threats. Some of the threats controlled include; cracking, security interruptions among others.

Distinctiveness to company environment

This policy aims at covering the company’s specific network and the data contained in it. Every company has unique security issues.


Far from the rules of behavior, the policy entails a statement that explains the position of the company on internet use.


The internet is evolving on an everyday basis, and the policy implemented should be updated as new issues crop up. It is impossible to anticipate every event, and for this reason, the policy implemented should address the likelihood of an event occurring but not outlined (Frank, 2006).

Protection for employees

If employees adhere to the rules of the acceptable use policy, there are less liable to questionable issues. This also prevents them from engaging in hazardous internet issues, for instance, they are less likely to disclose their contacts to crackers using social engineering approaches. Moreover, ABBA should settle on using universal guidelines and principles with respect to network security, it risk assessment, risk analysis, and risk management. In this respect, regulatory compliance is a vital aspect influencing the creation of business continuity approach (Frank, 2006).

Furthermore, while Business Continuity or Disaster Recovery regulations may be insignificant in some business incidents, companies should be aware of legislation regulating data integrity, availability and compliance. This helps the company in setting up a Business Continuity strategy. The following is a universal disaster preparedness principle for a company facing network security issues with respect to it risk assessment, analysis and management (Frank, 2006).

The ABBA agency should ensure its security and flexibility against probable disasters by implementing the following policies;

1) Telecommunications Asset Management: ABBA should maintain suitable safeguarding of telecommunications assets.

2) Physical Security: ABBA should prevent illegal physical access, harm and intrusion to business premises.

3) Communications and Operations Management: ABBA should ascertain the acceptable and safe operation of telecommunication facilities.

4) Information Security: ABBA shall guarantee safeguarding of data in networks, and the secure operation of data processing facilities.

5) the company should identify the existing Telecommunication Asset (“asset”), and preserve a record of all vital assets.

Furthermore, while reviewing the overall company policies and procedures that are significant for maintaining security, ABBA agency must evaluate the rights and permissions granted to the users by the legal systems for digital media in the U.S. Court. It is essential for ABBA to regularly audit user security rights and permissions to ensure that existing security rights falls in user rights policies and users are unable to violate the rights and policies provided. One of the policies maintained by the company is data loss prevention and regulatory compliance. This policy safeguards organizational security, and concerned with internal risks and threats, for instance, malware, network attacks, and hacker intrusions internal data security and external data loss (Frank, 2006).

Data Loss Prevention is a security policy that prevents the loss of data and safeguards its discretion and privacy. The security measure encompasses the company’s data as well as the customer’s data stored and disseminated by the company. It is the role of the company to protect data from theft, loss and interference during either storage or transit.

ABBA must have Data Loss Prevention mitigation techniques that employ internal security that utilizes standard network security techniques. Some of the techniques consist of firewalls and antimalware appliances to avoid internal threats, and security for external traffic by employing content filtering and encryption technology. In addition, there are numerous government-driven regulations and policies concerning the protection of data for companies in various industries (Frank, 2006).


Alexander, D. (2002). Principles of Emergency Planning and Management Harpenden: Terra

Davis, I. (2007). ‘Learning from Disaster Recovery- Guidance to Decision Makers’ Geneva: International Recovery Programme (IRP)

Frank C. (2006) “Disaster recovery and continuity planning for digital library systems,” OCLC Systems & Services, Vol. 22 Issue: 3, pp.173-178

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.


Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.


Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

  • Most Qualified Writer $10FREE
  • Plagiarism Scan Report $10FREE
  • Unlimited Revisions $08FREE
  • Paper Formatting $05FREE
  • Cover Page $05FREE
  • Referencing & Bibliography $10FREE
  • Dedicated User Area $08FREE
  • 24/7 Order Tracking $05FREE
  • Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

  • On-time Delivery
  • 24/7 Order Tracking
  • Access to Authentic Sources
Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.


Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

All samples
Thesis/Thesis chapter
Research paper
Essay (any type)
creating a Code of Conduct
View this sample
Research paper
Week 1 Journal Assignment
Undergrad. (yrs 3-4)
Human Resources Management (HRM)
View this sample
Research paper
Cultural Intelligence Presentation
View this sample
Research paper
Communicable Disease
View this sample
Research paper
Mental health
View this sample
Essay (any type)
Personalized Glossary of Research and Assessment Terms
View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.


Happy Clients


Words Written This Week


Ongoing Orders


Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

See How We Helped 9000+ Students Achieve Success


We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

  • Clear elicitation of your requirements.
  • Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

  • Proactive analysis of your writing.
  • Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

  • Thorough research and analysis for every order.
  • Deliverance of reliable writing service to improve your grades.
Place an Order Start Chat Now