4. A pre-arranged agreement between two or more entities to provide assistance to the parties to the agreement. An agreement that allows two organizations to secure each other. Source(s): NIST SP 800-34 Rev. 1 3rd Agreement between two organizations (or two internal business groups) with essentially the same equipment/environment that allows each organization to recover on the site of the other. A mutual agreement is an agreement between two or more companies to use each other`s resources during a disaster. It should be ensured that mutual agreements are concluded to ensure that the undertakings concerned are not at risk of being affected by the same disaster. For example, nearby businesses can all be affected by the same evacuation order, power outage in the area, telecommunications loss, flooding, etc. (Source: Business Continuity Management Institute – BCM Institute) 2. Agreement by which an organization agrees to use the resources of another organization in the event of business continuity E/I/C. Related terms: Alternative location, mutual agreement. .
Although some people believe that creating a disaster recovery plan completes the process, the truth is that there is no proven recovery until the plan has been tested. A DRP can be tested in several steps, including the table, complete interrupts, checklists, and functional tests. Comments on the presentation and functionality of the glossary should be addressed to secglossary@nist.gov. Most of this book focused on ways to prevent security incidents. The Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) address the need to prepare for and respond to cases where something goes wrong. For a company to succeed under the pressure of hardship or disaster, it must plan how to maintain its business operations in the face of these major disruptions. A BCP identifies how a business would respond after a severe loss and only grows as a result of a risk assessment that identifies the potential for serious harm. It is a sad reality that this critical planning of disasters and disruptions is an often overlooked area of IT security. One of the best sources of information on disaster recovery is www.drii.org, the Disaster Recovery Institute International (DRII). A candidate for the CISSP exam must be familiar with the steps that make up the BCP process to succeed in the field of business continuity and disaster recovery. Key elements of this area include project management and planning, Business Impact Assessment (BIA), continuity planning design and development, and BCP testing and training. The DRP is a subset of the overall BCP plan and describes the planning and recovery a company would undertake after a catastrophic event.
Note (2): These agreements are generally used by large companies with many subsidiaries. Even in these cases, it is rare that there is enough free processing time and equipment capacity to support a mutual recovery agreement. Comments on specific definitions should be sent to the authors of the linked source publication. For NIST publications, there is usually an email inside the document. Note (1): Mutual sites can be created between two similarly configured organizations. Each organization must have free processing time, hardware capacity, or limited capacity to support the critical business functions and applications of the ailing organization. Notable recent events such as tsunamis in Southeast Asia, 9/11 in New York, Pennsylvania and Washington, D.C., Hurricane Katrina in New Orleans, earthquakes in China, and Hurricane Ike in Houston continue to underscore the need for organizations to be properly prepared. Even after these catastrophic events, DRII reports that most U.S. companies still spend an average of only 3.7% of their IT budget on disaster recovery planning, while best practices require 6%. A mutual agreement can also be described as a consortium agreement. .