Strategic Security Intelligence


NSTSSI Security Education Standards

Standards

Top - Help

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved 

10.    CONTINUITY OF OPERATIONS (COOP)
            

       a.    COOP Concepts 


             (1)     explain how alternate routing can affect INFOSEC measures;
             (2)     compare PBX security and alternate routing;
             (3)     compare application development control to COOP;
             (4)     distinguish between backup, contingency, disaster, and recovery plans;
             (5)     discuss the importance of continuity of operations;   
             (6)     define the elements of a continuity plan;
             (7)     outline the procedures for continuity planning;  
             (8)     examine the relation of emergency destruction procedures to COOP;
             (9)     associate the risks associated with environmental/natural threats to COOP to include: wind, earth
                     movement, fire, water, dust, temperature, humidity static, and power;
             (10)    recognize system fault tolerance limits;
             (11)    recommend basic recovery procedures;
             (12)    evaluate the importance of redundancy to COOP; and
             (13)    explain how the system testing & evaluation process relates to COOP.
  
             
       b.    Backup
             
             
             (1)     outline the responsibilities associated with a backup plan; and
             (2)     specify backup procedures.
             
             
       c.    Configuration Management
             (1)     discuss how change controls affect COOP;
             (2)     discuss the role of the Configuration Control Board;
             (3)     specify configuration controls;
             (4)     explain the purpose of configuration documentation maintenance; and
             (5)     discuss the role of the Configuration Review Board.
             
  
       d.    Contingency Management
             
             
             (1)     define contingency planning;
             (2)     specify the requirements within a contingency plan; and
             (3)     specify requirements for contingency plan testing.
            
                     
       e.    Disaster Recovery
             
             
             (1)     discuss the actions required by disaster recovery planning; and
             (2)     clarify the importance of disaster recovery plan testing.
             
       
       f.    Storage Area Controls
          (1)     justify the importance of storage area controls;
          (2)     explain the contents of storage area controls;
                  (a)    backup of data, information, software;
                  (b)    protection of the original diskettes for software;
                  (c)    protection of the storage media;
                  (d)    storage area locale; and
                  (e)    storage area access; and
          (3)     compare storage media protection and control to storage area controls.