Posted by: Robert Davis
BCP, Business Continuity, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Crisis Management, Disaster Recovery, DRP, IT Audit
After a catastrophic incident or event; losing the capability to process, retrieve, and protect information maintained electronically can significantly affect an entity’s ability to accomplish its mission. For this reason, an entity should have: (1) controls in place to protect information assets as well as minimize the risk of unplanned interruptions, and (2) a plan to recover critical operations should interruptions occur. Consequently, these plans should consider the activities performed at general support facilities, such as data processing centers and telecommunications facilities, as well as the activities performed by users of specific resources.