All physical facilities should be assessed (including any alternate or back-up sites if any exist). A review of all policies and procedures that ensure continued operations of critical systems and services; this should include a technical audit/assessment of the necessary systems to ensure staff has the ability of working off-site if required for continued operations;
- A Risk Assessment should be completed, and a Work Plan generated
- Testing of Modified Business Impact Analysis Worksheet
- Testing of Documented strategy document based on existing BCP and DRP.
- Deployment of Remote Access Tools Usage Policy
- Deployment of Virtual Private Network (VPN) Policy
- Deployment of Wireless Communication Policy
- Deployment of Written Information Security Plan