Hi Sal, I have been following your videos from the very beginning. I am relatively new to GRC it will be great if you could make videos for beginners for e.g, ISO 27001, and so ... Also if you could put down some Documents/Checklist for what to ask and verify. There is a lot of room for freshers here and very little to no videos on such topics. Keep Sharing, keep Learning....Thanks for the informative video. Waiting for the next video !!!
1- Business continuity policy check and ensure that business policy has maitained and check on regularly basis Which consist :- Roles and responsibilities Workforces training Frameworks for setting business continuity objectives support capabilities in the event of business disruption 2-Business impact analysis Make sure business impact analysis is performed The business impact analysis is consist identification of critical product and service with inherent risk likelihood and impact of each risk countermeasures to prevent detect and react to risk RTO AND RPO 3-Business continuity strategy Ensure the business continuity policy is developed to reduce the impact of disaster 4-Business continuity plan Check and verify the business continuity plan is created and checked on regularly basis Which is consist of following activities scope of the activity roles and responseibilites clear line for communication in crisis in the event of cyber attach there is skilled incident management team ensure end point security and network security to smooth performing of the business 5-Documentation Check and verify that all the relevant documents Such as backup and restoration guidelines network and architecture diagram alternative work around for business continuity Are instant available for support business continuity *Make sure the all the documents are review for any changes* 6- plans are tested regularly Ensure all the business conitinuity plans are reviewed and tested atleast annually Check and verify the table top exerscie was performed and report was generated ensure user's contact are stored and acknowledge for all calls and messages 7 -communication crisis In times of business disruption communication between stakeholders and relevant parties is the key of successfully business continuity plan make sure the communication lines are identified Mature response structure is developed to communicate response early warnings 8- Data backup Business data is a key component at the event of disaster happens backup process is follow for secure data backup procedure check sample backup and restoration evidences 9 -Data center and redundancies To prevent from natural disatser ensure the network devices are installed at safe places redundancies is well maintaind ensure alternate sites hot warm and cold sites are designed as per business continuity requirements and tested for its effectiveness. 10 -Disaster recovery testing Check and verify disaster recover activity tested at regularly basis network switchover automatically systems and server run correctly
Hi Sal, I have been following your videos from the very beginning. I am relatively new to GRC it will be great if you could make videos for beginners for e.g, ISO 27001, and so ... Also if you could put down some Documents/Checklist for what to ask and verify. There is a lot of room for freshers here and very little to no videos on such topics. Keep Sharing, keep Learning....Thanks for the informative video. Waiting for the next video !!!
Perhaps we could make a telegram channel for the checklist...Just a suggestion.
Yes sir I have also raised same points in other video's.
I am also and fresher and it would be great if this suggestion is taken.
Thanks 😊
Thank you!! Will definitely think of adding ISO 27001
1- Business continuity policy
check and ensure that business policy has maitained and check on regularly basis
Which consist :-
Roles and responsibilities
Workforces training
Frameworks for setting business continuity objectives
support capabilities in the event of business disruption
2-Business impact analysis
Make sure business impact analysis is performed
The business impact analysis is consist
identification of critical product and service with inherent risk
likelihood and impact of each risk
countermeasures to prevent detect and react to risk
RTO AND RPO
3-Business continuity strategy
Ensure the business continuity policy is developed
to reduce the impact of disaster
4-Business continuity plan
Check and verify the business continuity plan is created and checked on regularly basis
Which is consist of following activities
scope of the activity
roles and responseibilites
clear line for communication in crisis
in the event of cyber attach there is skilled incident management team
ensure end point security and network security to smooth performing of the business
5-Documentation
Check and verify that all the relevant documents
Such as
backup and restoration guidelines
network and architecture diagram
alternative work around for business continuity
Are instant available for support business continuity
*Make sure the all the documents are review for any changes*
6- plans are tested regularly
Ensure all the business conitinuity plans are reviewed and tested atleast annually
Check and verify the table top exerscie was performed and report was generated
ensure user's contact are stored and acknowledge for all calls and messages
7 -communication crisis
In times of business disruption communication between stakeholders and relevant parties is the key of successfully business continuity plan
make sure the communication lines are identified
Mature response structure is developed to communicate response early warnings
8- Data backup
Business data is a key component at the event of disaster happens
backup process is follow for secure data backup procedure
check sample backup and restoration evidences
9 -Data center and redundancies
To prevent from natural disatser
ensure the network devices are installed at safe places
redundancies is well maintaind
ensure alternate sites hot warm and cold sites are designed as per business continuity requirements and tested for its effectiveness.
10 -Disaster recovery testing
Check and verify disaster recover activity tested at regularly basis
network switchover automatically
systems and server run correctly
Sal, could you provide me your session on VRM, 3rd party risk assessment.
Thanks in advance
I would like take the training from you for ISO 27001, NIST. Do you provide the training?
Will keep you posted on training. Stay tuned.
Thank you!
Hey pls help me to know the stress test how to perform during BCP
Thanks for the upload!!! Employ a company like P R O M O S M.