CIS527- IT Risk Management/ Title: Business Continuity Plan
Assignment 4: Business Continuity Plan
The phrase “the show must go on” is perhaps more true in business than in performing arts. Organizations need to be prepared to run continuously regardless of environmental conditions.
For this assessment, imagine that you are the IT manager for the only print shop in a small town in Idaho. The shop is connected to the internet by satellite link. Orders are received via the internet as well as by walk-ins with portable storage drives or smart phones that can transfer files via Bluetooth network.
Write a four to five (4-5) business continuity plan (BCP) in which you:
- Identify the organization's exposure to internal and external threats.
- Identify ways that the organization can maintain its risk.
- Describe the foreseen security risks.
- Assess the importance of training the shop personnel on security risks.
- Recommend at least two (2) strategies for continually improving the quality and effectiveness of the BCP.
- Analyze the organizational risks inherent in the execution of the BCP plan.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
- Perform a business impact analysis for a provided scenario.
- Create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization.
- Describe the components of an effective organizational risk management program.
- Use technology and information resources to research issues in IT risk management.
- Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions.