
|

The Lighthouse IT Audit and Compliance Group develops business continuity solutions that ensure an organization will provide a continuous service that satisfies business requirements and that minimize the business impact in the event of a major disruption.
Business Impact Analysis
A Business Impact Analysis (BIA) identifies the effects that a service disruption or disaster would have on your business functions. Lighthouse’s BIA identifies:
- The finite number of business units (BU) and the manager of each
- The Business Process Owners (BPO) for all “key/critical” business processes in each BU
- The Recovery Point Objective (RPO) for each “key/critical” business process
- The Recovery Time Objective (RTO) for each “key/critical” business process
- The Recovery Strategic Objective (RSO) for each “key/critical” business process
- All dependencies (Network, Application, User, Interface, Other) for all “key/critical” business processes in each BU
- The impact over time on each “key/critical” business process
- All of the “key/critical” business processes in each BU prioritized by importance
|
All key systems/files are backed up as needed
Types of data and backup cycles for all critical systems, whether the media are couriered offsite, whether the site is far enough (10+ miles) and whether the files must be encrypted before leaving the building
Business Continuity Planning
The purpose of Business Continuity Planning (BCP) is to enable an organization to continue operations in the event of an interruption to the information systems that support its critical business processes. The Business Continuity Plan should address all business and systems functions necessary to continue as a viable organization. Strong management support, extensive planning and a commitment of resources are necessary to adequately plan for both manual and automated interruptions.
Lighthouse’s BCP services focus on:
- Criticality classification
- Alternative procedures
- Disaster recovery
- Backup/Recovery of network and data
- Systematic and regular testing and training
- Monitoring and escalation processes
- Organizational responsibilities
- Activation, fallback and resumption plans
- Assessment of single points of failure
- Problem management
|
Lighthouse Provides a Comprehensive BCP Solution Incorporating:
Business Impact Analysis
Business Continuity Planning
Disaster Recovery Testing
|
Business Continuity Program Portal
Lighthouse's Business Continuity Program Portal (BCPP) is a cloud-based solution that satisfies and simplifies your Business Continuity Planning (BCP) requirements. By offering an online, hosted service, Lighthouse's BCPP provides you with an innovative solution to your BCP needs, while reducing the complexity, costs and time associated with its ongoing management. As a best practice for Business Continuity Planning, migrating your BCP to an off-site hosted platform allows key members of your staff to remotely access the plan 24x7x365 in the event of a disaster or other disruption at your primary business location.
- Provides a central location for all BCP information with controlled access both internally and remotely
- Includes built-in business process for change control including approval and publishing of plan changes
- Has complete automated audit trail and history of each part of the plan for auditor inspection
- Meets FFIEC (Federal Financial Institutions
- Examination Council) requirements for Business Continuity
Disaster Recovery Testing
Lighthouse’s Disaster Recovery (DR) services test backup sites and systems to assess your organization’s disaster recovery capabilities. Lighthouse Disaster Recovery Planning services include:
- Defining an impact analysis of the people, office space, and supplies that would be adversely affected by a crisis or disaster
- Test offsite backup systems to be sure that they work within 4 – 48 hours of a disaster
- Assist in negotiating contracts for Disaster Recovery backup sites and systems
- Perform pre-tests on contracted systems to ensure compliance with specifications
|
Our Team of Experts
Lighthouse’s IT Auditors – all of whom are either Certified Information Systems Auditors (CISA), Certified Network Engineers, Certified Project Managers or Certified in the Governance of Enterprise IT – have performed dozens of IT Audit and Compliance projects across all industries, including the highly regulated banking and financial sectors. Lighthouse is also an Approved Scanning Vendor (ASV) in the Payment Card Industry (PCI), and each of our IT Auditors is a PCI-certified Qualified Security Assessor (QSA). Our IT Auditors are the best in the business, and have multiple certifications in industry practices and testing methodologies.
|
For more information or to schedule a no-cost initial consultation, please contact info@lighthousecs.com or call 888-542-8030 x113.