This assignment has asked us to form a group of students then to identify, analyse and evaluate any visible risks to the business continuity of the organisation and the IS and IT. Once the risks have been evaluated we then need to produce a set of countermeasures for each one to return the business to full productivity and then finally produce a disaster recovery plan for the described incident in the case study. Potential risks All businesses faces risks regardless of the size, nature, location or type of business, this is a fact of industry.
It is impossible to foresee all the possible risks for one given business as there are too many and the main thing about disasters is they are normally unexpected. When you plan for risks/disasters it is impossible to correctly predict the impact, duration and costs to the business if it occurs. Due to some data being stored on computers there is an added risk of hackers and viruses which can affect this data and possibly compromise the companies’ security and privacy.
This can affect the continuity of the company because they will need this data for tests or to send the results to customers who have sent items to test. This risk may occur due to inadequate data security on the computers which will leave the data vulnerable to attack. Also this would be a breach of laws, the data protection act 1998, that make companies’ protect all their data within their systems as a result the company can be legally viable for any data breaches which can effect continuity and cost the company a lot of money.
If the business software programmers were to leave “seek employment elsewhere” the business will be in trouble because there will be a problem with the support and maintenance of the new software. Due to the fact that there is only one security location at CosmoLabs, this presents a huge risk because the animal rights activists could easily gain entry into CosmoLabs without being detected, by avoiding direct face to face contact with the security cameras, which then means that the animal rights activists, depending on their motives, could mount an attack that will be out of range for CCTV detection.
CosmoLabs is currently running one computerised system which is used to handle information on the workers and tests needed to be carried out on which samples. It also stores the test results and has employee information in it. If CosmoLabs do not have access to this information they would to unable to test the samples accurately and also be unable to run the business.
Hackers are people who get access to computer systems without access privileges in the case of CosmoLabs if this happened it may be the downfall of the business as they only have one system in place and without that they can’t operate. Businesses use many different types of communications internally and externally such as post, email, telephone, fax etc. The most efficient way to communicate is by email as it is instantaneous and can also send documents, without these processes they would be long time delays.