| Abstract [eng] |
Research object – Planning and maintenance of business continuity and disaster recovery in information systems. The goals of the research: to analyze business continuity and recovery policy and develop business continuity and recovery main steps. The tasks of research: to investigate the concept of information systems, identify threats, vulnerabilities which might undermine the activity of the organisation, as well as investigate business continuity, recovery management phases, present, examine and compare relevant to the topic basic international standards, develop the plan concerning the prevention of threats and business continuity ensurance in organisation in case of emergency. Of late, the importance of information technologies in organisation has increased considerably. This accounts for the information technologies being a major segment of management in an organisation. Information system – is considered as an integrity of people, hardware and software, procedures and data operating together in providing meaninful information to individuals and organisations. Currently more and more information have been automated by using computerised information systems. Information systems are composed of organisation facilities, including tangible property, information sources, intagibles, services, staff, software property. Property becomes a target for threats. The threat arises in the bottleneck, least probable situation to cause damage. Threats are posing people, groups of people, natural phenomenon, political, economical and societal phenomenon due to which threats may occur to security of information systems. In order to ensure the prevention of threats to organisation, evade the major consequences and risk in any area it is necessary to know information security management system. Information security management system – entirety of program, technical, organizational measures, developed pursuant to the legal regulations establishing the information security. The information security basis is a reliable information security management system, comprising organisational and technological segments. However the information security management system is not adequate to ensure total security for organisation activity and the proper management. For this to achieve it is needed a consistent plan of processes which is to be followed from beginning to the end of its activity. In order to ensure business continuity and performance, it is necessary to draw up a business continuity and recovery plan. The plan consists of business continuity and recovery management processes. The management of business continuity and recovery is needed for the organisation to continue its activity in cases of lost data, critical deterioration of the systems and any interruption in information technologies functions in case of disaster. Documented and well grounded information on dependency of the activity of the enterprise regarding which information systems are least critical, most critical. This will enable business leaders to effectively use and justify the investments, allocate assignations appropriate to critical systems, and to noncritical accordingly. The relevancy of the research: Upon developing the plan of business continuity and disaster recover in case of emergency in information systems, it is beneficial for the organisation, enterprise in terms of time saving and cost saving. It is important to consider the business area of the organisation, the threats and danger to security of the enterprise. Without such plan the organisation risks to have the interrupted or discontinued activity and not being timely recovered. The constructive business continuity management plan will facilitate the leaders to continually run the business. For the foreseen threats the employees will take up established preventive measures, therefore in case of disaster the business status will be recovered. |
