River Publishers Series in Information Science and Technology Series

Developing an Enterprise Continuity Program

August 2021
More details
  • Publisher
    River Publishers
  • Published
    23rd August
  • ISBN 9788770223973
  • Language English
  • Pages 578 pp.
  • Size 6" x 9"
  • Request Exam Copy
Lib E-Book

Library E-Books

We have signed up with three aggregators who resell networkable e-book editions of our titles to academic libraries. These aggregators offer a variety of plans to libraries, such as simultaneous access by multiple library patrons, and access to portions of titles at a fraction of list price under what is commonly referred to as a “patron-driven demand” model.

These editions, priced at par with simultaneous hardcover editions of our titles, are not available direct from Stylus, but only from the following aggregators:

  • Ebook Library, a service of Ebooks Corporation Ltd. of Australia
  • ebrary, based in Palo Alto, a subsidiary of ProQuest
  • EBSCO / netLibrary, Alabama

as well as through the following wholesalers: The Yankee Book Peddler subsidiary of Baker & Taylor, Inc.

August 2021
More details
  • Publisher
    River Publishers
  • Published
    27th August
  • ISBN 9788770223966
  • Language English
  • Pages 578 pp.
  • Size 6" x 9"

The book discusses the activities involved in developing an Enterprise Continuity Program (ECP) that will cover both Business Continuity Management (BCM) as well as Disaster Recovery Management (DRM).

The creation of quantitative metrics for BCM are discussed as well as several models and methods that correspond to the goals and objectives of the International Standards Organization (ISO) Technical Committee ISO/TC 292 "Security and resilience.” Significantly, the book contains the results of not only qualitative, but also quantitative, measures of Cyber Resilience which for the first time regulates organizations’ activities on protecting their critical information infrastructure.

The book discusses the recommendations of the ISO 22301: 2019 standard “Security and resilience — Business continuity management systems — Requirements” for improving the BCM of organizations based on the well-known “Plan-Do-Check-Act” (PDCA) model. It also discusses the recommendations of the following ISO management systems standards that are widely used to support BCM. The ISO 9001 standard "Quality Management Systems"; ISO 14001 "Environmental Management Systems"; ISO 31000 "Risk Management", ISO/IEC 20000-1 "Information Technology - Service Management", ISO/IEC 27001 "Information Management security systems”, ISO 28000 “Specification for security management systems for the supply chain”, ASIS ORM.1-2017, NIST SP800-34, NFPA 1600: 2019, COBIT 2019, RESILIA, ITIL V4 and MOF 4.0, etc.

The book expands on the best practices of the British Business Continuity Institute’s Good Practice Guidelines (2018 Edition), along with guidance from the Disaster Recovery Institute’s Professional Practices for Business Continuity Management (2017 Edition). Possible methods of conducting ECP projects in the field of BCM are considered in detail. Based on the practical experience of the author there are examples of Risk Assessment (RA) and Business Impact Analysis (BIA), examples of Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP) and relevant BCP & DRP testing plans.

This book will be useful to Chief Information Security Officers, internal and external Certified Information Systems Auditors, senior managers within companies who are responsible for ensuring business continuity and cyber stability, as well as teachers and students of MBA’s, CIO and CSO programs.

1. ECP Relevance
2. BCM Best Practice
3. BC Project Management
4. ECP Development Sample

Sergei Petrenko

Sergei Petrenko graduated with honors in 1991 from the Leningrad State University with a degree in mathematics and engineering. In 1997 – adjuncture and in 2003, he obtained his doctorate.

He designed information security systems of critical information objects:

– Three national Centers for Monitoring Information Security Threats and two Situational-Crisis Centers (RCCs) of domestic state;

– Three operators of special information security services MSSP (Managed Security Service Provider) and MDR (Managed Detection and Response Services) and two virtual trusted communication operators MVNO;

– More than 10 State and corporate segments of the System for Detection, Prevention and Elimination of the Effects of Computer Attacks (SOPCA) and the System for Detection and Prevention of Computer Attacks (SPOCA);

– Five monitoring centers for information security threats and responding to information security incidents CERT (Computer Emergency Response Team) and CSIRT (Computer Security Incident Response Team) and two industrial CERT industrial Internet IIoT/IoT.

Dr. Petrenko is:

  • Head of the State Scientific School Mathematical and Software Support of Critical Objects of the Russian Federation
  • Expert of the Section on Information Security Problems of the Scientific Council under the Security Council of the Russian Federation
  • Scientific Editor of the magazine Inside. Data Protection
  • Doctor of Technical Sciences, Professor, Innopolis University, Russia
  • Association of Heads of Information Security Services (ARSIB), an independent non-profit organization Russian Union of IT Directors (SODIT).
  • Author and co-author of 14 monographs and practical manuals and more than 350 articles on information security issues.

Business Continuity; Management systems; Disaster Recovery Management; Cybersecurity Plans; Critical Infrastructure Planning