#Laws vs. Regulations vs. Standards#
Holistic
What Does Holistic Mean?
In simple terms, “holistic” refers to the understanding of the relationship between all of the parts of
a whole. In problem solving, a holistic approach starts by first identifying an obstacle, then taking a
step back to understand the situation as a whole.
Business Impact Analysis (BIA)
Evaluate critical processes (and IT components supporting them)
Determine time frames, priorities, resources, interdependencies
Often based on risk assessment
The auditor must be able to evaluate the BIA
Objective Definitions
Recovery Time Objective (RTO) is the amount of time allowed for the recovery of a business function
or resource to an acceptable level after a disaster occurs.
Service Delivery Objective (SDO) is the minimal level of services to be reached during the alternate
process mode until the normal situation is restored. It is directly related to business needs.
Recovery Point Objective (RPO) indicates the earliest point in time to which it is acceptable to
recover data. It effectively quantifies the permissible amount of data loss in case of interruption.It is
determined based on the acceptable data loss in case of disruption of operations.
Maximum Tolerable Outage (MTO) is the maximum time the organization can support processing in
alternate mode.
Factors that may affect the MTO: availability of fuel to operate emergency generators, accessibility of
a recovery site that might be located remotely and limited operational capacity of the recovery site.
Allowable Interruption Window (AIW) is the amount of time the normal operations can be down
before the organization faces major financial difficulties that threaten its existence.
The length of the AIW is defined by buseinss management and determines the acceptable tiem frame
between a disaster and ther restoration of criticalservices/applications. AIW is generally based on the
downtime before the organization suffers major financial damage. The technical implemenation of
the disaster recovery site will be based on this constraint, espeially the choice between a mirrored,
hot, warm or cold site.
Relationship between terms
The acceptable level of a RTO is defined by the SDO.
The MTO should in any event be as long as the AIW to minimize the risk to the organization in the
event of disaster.
MTO ≤ AIW
The RTO must be shorter than the allowable interruption windows (AIW).
RTO ≤ MTO
The RTO must be shorter than the maximum tolerable outage (MTO).
As a conclusion:
RTO ≤ MTO ≤ AIW
1 / 2 100%
La catégorie de ce document est-elle correcte?
Merci pour votre participation!

Faire une suggestion

Avez-vous trouvé des erreurs dans linterface ou les textes ? Ou savez-vous comment améliorer linterface utilisateur de StudyLib ? Nhésitez pas à envoyer vos suggestions. Cest très important pour nous !