Tech Talk Cole Ponto, Senior Information Security Consultant, SBS CyberSecurity, LLC Four Steps to Better Business Continuity Plan Testing Business continuity planning is a process that is vital to your organization. There is always the possibility that your organization’s critical business processes could be negatively affected for reasons that are often beyond your control, so it's best to be prepared. If a disruption occurs, it’s essential that your organization has a plan to address any potential issues and ensure that your organization can still serve your customers. However, if you’ve never enacted your plan, it’s hard to be confident that your plan will be sufficient. Testing your business continuity plan (BCP) helps to continuously improve your ability to recover successfully from various scenarios, whether it be a natural disaster or a communications failure. The good news is that there’s not just one way to test your BCP. Here are four steps to help you build a better business continuity plan testing program and ensure you are prepared for any situation that may come your way. Step One: Incorporate Different BCP Testing Methods You can utilize various methods to test the usability and effectiveness of your business continuity plan. Some of the possible test methods provided by the FFIEC include: • Tabletop Exercise: A tabletop exercise (sometimes referred to as a walk-through) is a discussion during which personnel review their BCP-defined roles and discuss their responses during an adverse event simulation. The goal of a tabletop exercise is to determine whether targeted plans and procedures are reasonable, if personnel understand their responsibilities, and if different departmental or business unit plans are compatible with each other. • Limited-Scale Exercise: A limited-scale exercise is a simulation involving applicable resources (personnel and systems) to recover targeted business processes. 27
RkJQdWJsaXNoZXIy MTg3NDExNQ==