CONTINGENCY PLANNING/BCDRP
PREVENTATIVE PLANNING & RECOVERY
Information systems are vital elements in most mission/business processes. Because information system resources are so essential to an organization’s success, it is critical that identified services provided by these systems are able to operate effectively without excessive interruption.
Contingency planning supports this requirement by establishing thorough plans, procedures, and technical measures that can enable a system to be recovered as quickly and effectively as possible following a service disruption. Contingency planning is unique to each system, providing preventive measures, recovery strategies, and technical considerations appropriate to the system’s information confidentiality, integrity, and availability requirements and the system impact level.
Leading Providers of NIST Contingency Planning Program
Metis Defense is a leading provider of NIST specific contingency planning as we help organizations all throughout North America in designing, developing, testing, and continuously monitoring their contingency plans. Federal contractors providing essential services to federal agencies must have a well-written contingency plan in place.
Metis Defense can assist.
Proven Seven Step Process for NIST Contingency Planning
Per NIST Special Publication 800-34 Rev. 1 Contingency Planning Guide for , Federal Information Systems, proper contingency planning is to include the following seven-phase lifecycle:
01
Develop the contingency planning policy statement. A formal policy provides the authority and guidance necessary to develop an effective contingency plan.
02
Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
03
Create contingency strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
04
Develop an information system contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system unique to the system’s security impact level and recovery requirements.
05
Ensure plan testing, training, and exercises. Testing validates recovery capabilities, whereas training prepares recovery personnel for plan activation & exercising the plan identifies planning gaps; combined, the activities improve plan effectiveness and overall organization preparedness.
06
Ensure plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements and organizational changes.
TRUSTED
Trusted Advisors to both Federal Agencies and Federal Contractors
RESPECTED
Well-known and Respected Throughout the Federal Agency Apparatus
UNIQUE
A Unique Combination of Knowledge, Expertise, and Capable Manpower
