Business Continuity and Disaster Recovery Architecture

Duration 03:00 3793 Views



Hello and Welcome to Lesson 8 of CISSP Certification Course by SimpliLearn! This lesson is about Business Continuity and Disaster Recovery Planning.

Business Continuity and Disaster Recovery Planning is one of the ten domains of the Common Body of Knowledge (CBK) for the CISSP exam.

The Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) domain is all about business. We’re not talking about infringements of security policy or unauthorized access rather, this is about making contingency plans for a business-threatening emergency and continuing the business in the event of a disaster. While the other domains are concerned with preventing risks and protecting the infrastructure against attack, this domain assumes that the worst has happened.

The business continuity planning (BCP) and disaster recovery planning (DRP) domain addresses the preparation, processes, and practices required to ensure the preservation of the business in the face of major disruptions to normal business operations. BCP and DRP involve the identification, selection, implementation, testing, and updating of processes and specific actions necessary to prudently protect critical business processes from the effects of major system and network disruptions and to ensure the timely restoration of business operations if significant disruptions occur.

The aspirants of CISSP training must have an understanding of the preparation of specific actions required to preserve the business in the event of a major disruption to normal business operations.


According to the (ISC)2 Candidate Information Bulletin, a CISSP classroom training candidate is expected to know the difference between business continuity planning and disaster recovery; business continuity planning in terms of project scope and planning, business impact analysis, recovery strategies, recovery plan development, and implementation.

Moreover, the candidate should understand disaster recovery in terms of recovery plan development, implementation, restoration, backup services, training and awareness, and plan testing.


The agenda for this lesson is as follows:

We begin this lesson with understanding some basic concepts of business continuity and disaster recovery planning. This is followed by the detailed discussion on BCP/DRP phases viz. Project Scope and Initiation; Business Impact Analysis; Preventive Controls Identification; Recovery Strategy; Plan Design and Development; Implementation, Testing, and Training; and Plan Maintenance.

Next, we will discuss BCP/DRP frameworks and finally we take a look at some of the best practices.