SEE THE ATTACHMENT FOR THE REQUIRED READING LIST
1). Cyber disasters can take many forms, and can result from weather events (hurricanes, tornadoes, etc.), external events (cut cables, Denial of Service (DoS) attacks, phishing, etc.), or the actions of trusted insiders. What are the responsibilities of the Christian manager in preparing for the possibility of a cyber disaster? Why? To whom does he/she owe this responsibility?
2.Using the templates and guidance provided in the required reading list, begin your draft COOP by preparing a business functions analysis of the organization you’ve chosen. Be prepared to defend your reasoning to the rest of the class (who will represent the board of governors for the organization).
Your analysis should include the following:
Critical business functions for the organization.
All networks, computers, and software needed to perform, at a minimally acceptable level, all critical business functions.
All staff personnel necessary to perform critical business functions
An estimate of the time frame &/or time duration for which the plan is designed: will this plan work for 3 days? 5 days? Etc.
The estimated cost of implementing the COOP vs. the cost of lost business should the COOP not function as planned
3.Using the templates and guidance provided in the required reading list, continue your draft COOP by answering the questions:
Who is in charge? What is his/her authority? Who else is involved?
What must be done when disaster strikes? Who initiates the execution of the plan? Who decides when the disaster is over?
When does each step occur? What’s the order of occurrence
Where is the backup location? Where will the staff be housed? Where are the supplies?
Why are we doing this?
How does this all occur?
4.Using the templates and guidance provided in the required reading list, continue your draft COOP by answering the questions:
How will the plan be tested? How often?
What will be the scope of the tests? Some options:
BOGSAT: Bunch Of Guys/Gals Sitting Around A Table. Essentially, a verbal walk-thru, facilitated by an outsider, involving all of the key players up to and including the C-level, and down to and including the essential personnel involved in the execution of the plan. Needs to cover all aspects, including who/what will trigger the execution of the plan, lines of authority/responsibility, timing, backup facilities, logistics, personnel issues.
Structured Walk-Thru: A physical walk-thru of the process described in the plan:
Triggering the plan.
Notification of essential personnel, shareholders, regulatory agencies, etc.
Movement to the backup facilities.
Inspection of backup facilities and equipment.
Testing of backup computer systems, databases and networks.
Inspection of logistics facilities (messing and berthing).
Full-scale drill: Actual execution of the plan. Often scheduled for long holiday weekends to preclude business disruption. Helps to identify incorrect assumptions regarding the length of time needed to get the backup location fully up and running…