CTA Home


•  About CTA
  • - Vision
  • - History
  • - Locations
  • - Management Team
  • - The CTA Logo
•  Services
  • - Program Mgmt
  • - InfoSec
  • - SETA
  • - Web Services
  • - Hardware Engineering
  • - Controlled Vehicle Access Systems
  •  Knowledge Mgmt
    • - Data Warehousing
    • - Business Processes
    • - Continuity Planning
•  Clients
  • - FAA
  • - Space & Intel
  • - Information Security
  •  DoD
    • - NAWC
    • - Health Systems
  •  Commercial IT
    • - LA World Airports
    • - Property Management
•  Careers
  • - Open Positions
•  Contract Vehicles
  • - MASS ESSA
  • - MASS T&E
  • - BITS II
  • - Millenia Lite
  •  GSA
    • - Contract Intro
    • - Position Desc
    • - GSA Rates
  •  MOBIS
    • - Contract Docs
  •  SeaPort-e
    • - Contract Intro
    • - Task Orders
    • - Tech Instructions
    • - Team Members
    • - Experience
    • - Points Of Contact
    • - QA Program
•  Publications
  • - White Papers
  • - Case Studies
•  CVAS
  • - CVAS Site
•  Health Solutions
  • - CTA Health Site
•  Feedback
  • - Client Survey
  • - Contact CTA


 Search CTA

In early 2003, a Computer Technology Associates, Inc. (CTA) property management client within a large nationwide bank requested support in the planning, development, implementation, and maintenance of business continuity alternatives in the event of a technological or natural disaster. Working within the organization's business continuity guidelines and structure, CTA prepared and validated six technology business continuity plans and one organizational business continuity plan.

Each plan provided an overview of the business resumption process, descriptions of key roles and responsibilities, and standard processes and procedures to be used in the event of a business disruption. Working with the client, CTA supported the design, implementation, and deployment of remote business resumption systems to support rapid cutover in the event of a production system failure. Plans were segregated into two basic types:

• Technology Business Continuity Plans - These plans addressed the analysis of a failed technology system such as a web server or database server, and documented the decision processes and sequence of cutover activities in restoring system access and functionality. Each plan addressed not only system failures, but also addressed the loss of access to systems, such as a data center failure.



• Organizational Business Continuity Plans - These plans addressed disasters that could affect an organization's ability to perform its function due to denied access to office space, which could include local facility disasters such as a fire that may limit access to a single office facility or more severe natural disasters such as an earthquake that may limit access to an entire region. Each plan addressed the procedures to be used for notifying employees in where to report, retaining work in process records, and executing interim processes and procedures to be used until the affected location can be re-accessed. In cases where a regional disaster would prohibit access to an office facility for an extended time, the plan addressed the establishment of an alternate regional disaster location and facility.

The key to effect business continuity planning is the identification of the critical business processes and functions. In support to plan development, CTA performed the following:

• Identified and documented all business processes/functions.



• Measured and established the quantitative and qualitative impacts of a business disruption and the related loss of specific business processes/functions.



• Provided a basis for identifying which business processes/functions will be required and develop a detailed business continuity strategy for each.



• Established a priority for restoring the business processes/functions.

These activities culminated in a Business Impact Analysis that addressed financial loss in terms of lost revenue or additional costs, customer impact in terms of customer confidence or impaired competitive position, and legal and/or regulatory penalties.

In addition to plan development, CTA also supported and coordinated maintenance activities designed to ensure the plans remain current. These activities included:

• Plan Simulation - A documented response to an incident in a production/non-production environment that includes a physical visit to the business' "Hot-Site" utilizing recovery procedures to restore technology.



• Plan Walkthrough - A roundtable discussion that reviews the entire concept of the recovery and response for the plan unit including recovery procedures.



• Plan Distribution - Ensures the most current plan has been distributed to those that need to know.



• Report Verification - A review of all required report fields ensuring that all information is accurate and complete.



• Affirmation Documentation - Documents the completion of the annual affirmation and provides a tracking mechanism to ensure all plan units are included.



• Back Up Rotation and Verification - Reviews the process of media rotation ensuring that backups are being completed, stored properly, and can be retrieved. Also verifies the integrity of randomly selected media.



• Review Recovery Time Objective and Recovery Point Objective Information - Provides for comparison of anticipated RTO/RPO timeframes between technology support group and business group. Also provides for communication of variances and changes needed.



• Quality Assurance Program Review - A thorough review of the entire plan ensuring that all required documentation is included. Verifies the accuracy of documentation.



• Review and Update Risk Assessment - Documents the completion of the risk assessment.