Accession Number:

AD1088211

Title:

A Targeted Improvement Plan for Service Continuity

Descriptive Note:

Technical Report

Corporate Author:

Carnegie Mellon University Software Engineering Institute Pittsburgh United States

Report Date:

2019-02-01

Pagination or Media Count:

28.0

Abstract:

This technical note describes how an organization can leverage the results of a Cyber Resilience Review to create a Targeted Improvement Plan for its Service Continuity Management SCM. An organization can use the Cyber Resilience Review CRR results and prioritize SCM-specific and supporting practices using a SCM improvement profile to develop a long-term plan. The suggested Targeted Improvement Plan TIP approach engages the organizations business continuity professionals, information technology operations management staff, and security management team physical and cyber to create a resilient organization. In some organizations, it will be appropriate to engage the operational technology team as well. The technical note includes a SCM Improvement Template that prioritizes all the CRR practices it places a higher priority on those practices that enable service continuity. It describes how an organization can integrate the results of a recent CRR to create a prioritized list of practices the organization should consider implementing. This list informs decisions that take into account the organizations unique risk environment to develop a plan. This approach to developing and implementing a SCM program supports organization-specific, mission-focused objectives to protect and sustain a critical, cyber-dependent service during times of stress.

Subject Categories:

  • Cybernetics
  • Administration and Management

Distribution Statement:

APPROVED FOR PUBLIC RELEASE