Jay Ranade CISA Axioms
1. DRP increases pre-and post incident operational costs but reduce business impact and recovery costs. However, recovery plan should strive to reduce RTO and recovery costs.
2. Risk assessment (RA) is usually done on an annual basis. After RA is done, the adequacy and effectiveness of the BC plan must be evaluated too.
3. Geographically dispersing resources and processing facilities mitigate vulnerabilities of a regional disaster.
4. Best evidence of the efficacy of DR plan in an organization is the practice of frequent tests and drills
5. Timely availability of hardware is a primary concern for warm site facility
6. An application when reaching the end of its life cycle can be decommissioned but not retired if the data needs to be retained for regulatory purposes
7. Protection of human life is the MOST important factor in any business continuity process. Remember, it is higher than data loss as well any other factor.
8. For email authenticity and confidentiality, it must be first encrypted with sender’s private key and then recipient’s public key.
9. Escorting visitors is the best preventive control for visitor access to a data center.
10. Most common problem with IDS is the detection of false positives (IDS detects events that are not really a security problem).
Out of 700 plus axioms
Those who will attend our classes will get the more – 700 plus axioms, plus handouts, plus 5 lectures of 4 hours each, plus sample Q/A, plus attendees can ask questions till the day before the exam.