The system administrator didn’t exercise his due care neglecting the notification sent from the E-Commerce system that the RAID system is corrupting. Two RAID member disks failed in the end, that disrupted the E-Commerce services. The company cannot tolerate such business losses over three days and shall recover the E-Commerce system in 24 hours. Thanks to the inventory of spare hard drives, the failed hard drive can be replaced in 2 hours and the system can be recovered in 8 hours. To recover the system, to which of the following should the system administrator refer?
A. Disaster Recovery Plan (DRP)
B. Computer Security Incident Response Plan (CSIRP)
C. Information System Contingency Plan (ISCP) with RTO greater than 12 hours
D. The hard drive replacement procedure
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. The hard drive replacement procedure.
It doesn’t meet the activation criteria of the ISCP to replace the failed hard drives in 2 hours.
An ISCP is a system-specific plan, which provides established procedures and key information needed for system recovery following a disruption regardless of site or location. Some ISCP may consider alternative sites based on the impact level of the information system. Not all incidents meet the criteria to active the ISCP, which typically has a threshold of recovery time objective (RTO).
A DRP is primarily a site-specific plan developed with procedures to move operations of one or more information systems from a damaged or uninhabitable location to a temporary alternate location.
The BCP focuses on sustaining an organization’s mission/business processes during and after a disruption.