Background of the Study


            Due to rapid technological advancement, technology is changing the conventional way of human existence. Information had become available and accessible for anyone, information gathering and sharing had become easy and fast. The invention of the World Wide Web opened up a new door for everyone to venture. The Internet had become a big library of information that is accessible and abundant. This is the main reason why education is now incorporated to the internet. The Internet has evolved from a library to a classroom. Different educational institutions are now offering online education. Online students are enrolled in the same courseware; the difference is they are not required to personally come to class. Online education is basically a self study based education. This kind of education is widely accepted because of the convenience and portability it offers. Online business is no longer an option for companies, but an absolute necessity for the company’s success.


            Brisbane City College (BCC) provides education for students from 5 to   12 years old. The school is planning to implement a new wireless educational network project, by providing online and internet based education contents and communication services for students of all grades. This new service will be delivered through laptops and handheld devices, via Internet service. The school decided to implement online education in order to remain competitiveness in this new education industry where technology is the key to remain an d gain competitive advantage.


 


Problem overview


Purpose


            The purpose of this paper is to help the company in identifying the product /service and the competition accompanied in eCommerce operation. The company is starting a new online business and requires a competitive business plan and business case, the purpose of this paper is to provide the company with such needs by using a Business Continuity Plan (BCP). BCP will help the company in organizing a long-term business plan by carefully examining and identifying potential risk involve in eCommerce operation.


 


Scope


            The scope of this report includes a business plan in starting online business; using Business continuity plan in determining the possible risk and response to such risk by Brisbane City College. The roles and responsibilities of the different stakeholders and other parties involved are specified. The report also includes testing, maintenance, and audit plan for the proposed online system.


 


Limitations and assumptions


            The report does not include implementation, integration and testing, installation, and maintenance plan. The report aims to help BCC in formulating a business continuity plan that will help the organization in preventing system downtime to remain operational even in disaster occurrence.


Stakeholders


            The proposed E-learning system involves major stakeholders in the project. These stakeholders are the different party involved in project development (from designing, approving, implementing, and maintaining the proposed system) and the end-users or beneficiaries once the proposed system id implemented. The stakeholders are:


Ø      BCC management and faculty (instructors)


            BCC management is the major stakeholders of the proposed system. This            group of stakeholders are the one who decides to implement online   education for the school. BCC as an organization will gain new             technology; in return, the instructors of BCC will gain new skills and             understanding in using technology as a medium in learning (particularly open source and interoperable tools) to improve quality the education   offered by the school.        


Ø      System analyst/developers


            This team will be responsible in making the initial design of the proposed             online education system. They will be the in-charge of the whole technical      production of the system.


Ø      Students and Future Enrolees


            The major beneficiaries of the online education system once it is    implemented are the students and the future students/enrolees of the school. This group of stake holders will be the end-users of the proposed       system, together with the instructors of BCC.  


Acronyms and definitions


Some acronyms used in the paper and there definition:


Brisbane City College (BCC)company that serves as the background of the study.


Business Continuity Plan (BCP) – a plan that describes how an organization will deal with potential disasters. It is consists of precautions that will minimized the effects of a disaster in the organization, and the organization will be able to uphold or quickly resume mission-critical functions. BCP typically involves a critical analysis of business processes and continuity needs; it also includes disaster prevention measures. BCP is sometimes referred to as Disaster Recovery Plan (DRP) or Business Process Contingency Plan (BPCP).


Business Impact Analysis (BIA) – is a vital component of an organization’s BCP. BIA includes an exploratory component that reveals any vulnerability, and a planning component to develop strategies that will minimize organizational risk. The result of BIA is a business impact analysis report; this report describes possible risk to the organization.


Business Process Contingency Plan (BPCP) – see BCP


Disaster Recovery Plan (DRP) – see BCP


 


Business Plan and Business Case


Refer to the handout given in the class (I need you to please provide me with the said handout given to you)


 


Risk Assessment and Business Impact Assessment


            It is important for BCC to properly manage the risk involved in ecommerce; this will give complete balance between operational and economic cost with protective measures and allowing BCC to achieve gains in mission capability by protecting the IT system and data that supports the mission of the organization. E-learning in E-commerce applies the principles of accountability and learning effectiveness.  (2005) defines that risk can result to “loss resulting from inadequate or failed internal process, people, and system, or from external events”. Major types of risk involved in E-learning operation includes: Content risk (courseware preparation), Technological risk (Internet speed), People risk (facilitating instructors), and Process risk (E-learning course administration).For example, errors done by employees, reporting errors, and programming errors are part internal risks that results from the people, process, and system. On the other hand, External risks are, for instance, regulatory changes, political upheavals, and, simply, a theft (, 2005).


            Risk assessment determines potential threats and risk associated with an IT system and helps identify suitable solutions to reduce or possibly eliminate risk.  Risk assessment encompasses nine primary steps:


Ø      Step 1 – System Characterization  


Ø      Step 2 – Threat Identification


Ø      Step 3 – Vulnerability Identification


Ø      Step 4 – Control Analysis


Ø      Step 5 – Likelihood Determination


Ø      Step 6 – Impact Analysis


Ø      Step 7 – Risk Determination


Ø      Step 8 – Control Recommendations


Ø      Step 9 – Results Documentation



Risk Assessment


Content Risk


            Preparing the courseware for E-learning is a major risk that BCC needs to assess. BCC management needs to invite experts in the field of IT to help prepare the courseware content for the online education system. BCC’s proposed online education system incurs risk of insufficient academic and business contents in the courseware.


Technological Risk


            BCC’s proposed online education system critically relies on the speed of the Internet. Unexpected system downtime is cause by heavy traffic over the Internet and the availability of broadband and Internet service in some geographical areas can cause the school monetary loss and can damage the reputation of the school and the proposed system. The technologies to be used for the proposed system may not always meet the expectation. Some technologies may eventually turn out to be incapable of providing the required solution. Technological risk can include the following: hardware, software, the network connection, data, information, etc.


People Risk


            People is always a major factor in every project, this risk involves the end-users of the proposed system once it is implemented. These end-users are the instructors and the students. BCC management employs facilitating instructors to administer the proposed online education system at a ratio of 1 instructor per 40 students (1:40). Some of the instructors are comfortable with the idea of online education, while some are not. This can risk the quality of education BCC provides. Certain instructors may be up to the learning speed of students, and vice versa. Online education system provides 24/7 service, this may be difficult for an instructor to correspond to 40 students in a timely manner.


Process Risk


            Online education system will be a totally new system for BCC. In order to design an appropriate framework for BCC’s online education, the management together with the program developers sets the program director and administrative staff to oversee the E-learning operations. Even though the existing administrative system is considered to be sufficient for the new system, it is still not satisfactory due to limited experience of their task and in E-learning infrastructure.


Risk identification


The following are the potential risk identified.


Ø      The courses may be pulled for lack of registrations


            Lack of students who registered for an online course can cause the course          to be pulled out by the school. If the minimum or required number of students in a course is not reach, the school can decide to pull out the           course in order to conserve resources.


Ø      The courses may be cancelled due to poor participation


            If the instructors deem that student participation in a course is poor, such course can be cancelled.


Ø      The available e-learning tools may not be customizable and suitable to meet the needs of specific courses


            Some of the available E-learning tools in the market may be unsuitable to            meet specific demand of a specific course and some E-learning tools are fixed and may be customizable to meet the demand of a certain course.          For example: a course demands videoconferencing for better lesson             deliberation, the tool to be used must be capable to provide the needed     preference.


Ø      The students may lack technical resources to use the e-learning tools


            Online education system relies on personal computer or laptops with fast             internet connection. This means that the server and the users must both     comply with the required hardware, software, and Internet connection to        communicate. A student must ensure that he has the technical capability       to communicate with the server. For example: a student computer must     have enough hard drive space to download a course module, which also   requires fast internet connection,


Ø      The unwillingness of students and instructors to use e-learning tools


            Some students or instructors at BCC may be unwilling to accept the new system due to their technological incapacity to adapt to the new system.   This may be due to a person’s technical knowledge and capability of a       user to acquire the necessary technology required by the new system.


 


Ø      Staff turnover may cause set-backs


            BCC can not immediately implement the new system once it is complete,             because the end users need to undergo comprehensive training in order         to gain proper knowledge of how to properly use the new system. Some of       the instructors of BCC are not well equipped with the proper knowledge    and skills in conducting online education. BCC should provide sufficient time for instructors to train and learn, since online education takes place     during work settings which makes learning easily interrupted by daily task and workplace interaction.


Ø      The learning venues may not have suitable resources to use the e-learning tools


            Different regions have different technological capacity and capability. BCC          is based in Australia, and therefore has different technology from other region. Because BCC’s proposed online education system is technological           based, some region may not be capable to avail of the online education      system due to technological capability of a region. For example: online      education can cater to online students around the globe, but a certain          region must be capable to adapt to the needed technology to avail of the            service of BCC.


 


Impact of interruptions (major and minor) will have on the organisation


            BCC’s proposed E-learning system will be successful if planning, design, development, evaluation, and implementation process were done in a systematic procedure. Even though E-learning has been successfully implemented, it can still encounter some interruptions, due to the main reason that E-learning system is technology-based. Unexpected system downtime or interruptions are caused by heavy traffic over the Internet and the availability of broadband and Internet service in some geographical areas; such interruptions can cause the school monetary loss and can damage the reputation of the school and the proposed system. System interruptions or downtime is divided into three categories: people, process, and product category (, 1999). People category includes skills and training of staff to maintain and operate the system. The process category includes the steps to ensure system interruption and recovery. And the product category includes the system component, which is the hardware and software, including the network in which the system operates. System interruption can cause major and minor impact to BCC and any organizations if such interruptions are not handled and accessed properly. All three categories need continuos improvement. System interrupt may be cause by: 


Ø                  Software defects/failures


Ø                  Planned administrative downtime


o       Operating system or application upgrades


o       Database administration


o       System or Network Reconfiguration


Ø                  Operator Error


Ø                  Hardware Error/Maintenance


Ø                  Building or Site Disaster


o       (Fire, explosion, etc.)


Ø                  Metropolitan area or Regional Disaster


o       (Earthquake, Flood, Tornado, Blizzard, etc.)


Causes of system downtime (source: IEEE)


            No matter what the causes a system downtime/interrupt it will have an after effect to the organization. System downtime can have a minor and major impact to the organization. Downtime on an online education system can greatly cause BCC. Some of the impacts of system downtime on BCC are:


Ø      Minor Impact


o       Lost productivity and revenue


o       Customer complaints regarding the service


Ø      Major Impact


o       Lost of customers due to unreliable service


o       Great financial lost for the organization


o       The organization’s reputation may be damage


o       Diminishes the organization’s competitiveness in the market due to reputation damage.


 


Tolerance on system downtime


            The best way in preventing system downtime or system interruption is to prevent it from occurring on the first place in order to minimize and contain the damage that it can cause to business. Users of an online education system demands availability of the system at all times, that is why the system either planned (due to maintenance) or unplanned (due to system downfall) can never go down. System availability depends on database reliability and tolerance when system downtime occurs; the FIVE T’s are: fault tolerance, recovery tolerance, management tolerance, people tolerance, and geo-disaster tolerance:


Fault Tolerance


            Fault tolerance is the ability of a system to respond from unexpected hardware or software failure. Fault tolerance allows a user to continue operation in the event of power failure. It is technologically feasible to reduce system down time, although it is quite expansive. A more practical approach requires that the end-user of the system never notice that a failure occurred. It is always important for any system that the level of service remains satisfactory. Many of today’s fault tolerance computer system mirrors all system operation (which means that every operation done by the system is executed on two or more duplicate system, so if one fails the other can take over). Such technique requires thorough planning in order to insure success. Fault tolerance is a three-step process: First, operation execution must at least have two resources. Second, each of these resources must be capable to handle the full peak load. Third, all the resources must be kept synchronized. Fault tolerance works best in system where ease of operation or hands-off operation is required. Fault tolerance is best for organization that conducts business outside major metropolitan areas. 


Recovery Tolerance


            System downtime can greatly cause an organization. The real issue in recovery tolerance is the speed it will take the system to recover (such as database and performance recovery). One commonly used recovery tolerance solution is by deploying system backup, where important data are stored. This solution however does not protect the system application, and may leave gaps in data between the times the last backup and when the system is restored, and therefore has no data integrity.


Management Tolerance


            A planned maintenance is one of the leading causes of system downtime in off peak period; which can consume 90% of off-peak system downtime. In an environment that constantly demands system availability, the ability to maintain and to manage the system is very important. A simple task such as inserting a new table can cause system downtime to a certain period. Online system maintenance and management task (such as load and data distribution, index creation and rebuilding, and inserting and moving tables in the database) are done online. Management tolerance is the ability of an organization to perform ongoing assessment of the performance of the network by using combination of both in-house and remote management software tools.


 


 


People Tolerance


            People inevitably commit errors, and errors cause downtime. Operator errors are accounted for system downtime. BCC should ensure that end-users of the system are well-trained in managing the system to reduce and as much as possible avoid system downtime. Proper training will provide BCC system user with concrete knowledge on the system’s proper usage.


Geo-disaster tolerance


            One of the most inevitable reasons of system downtime is site (such as fire or explosion) and regional disasters (such as earthquakes, typhoons, etc.). The occurrences of such disasters can be threatening for any organization, system downtime and lost productivity means lost revenue. Occurrences of natural disasters are unpredictable and can affect business operation; it is best to deploy continuous computing technology in order to reduce and prevent system downtime. Continuos computing technology will allow a user of BCC online education to continuously use the system even though the server is in an area affected by a disaster. Users are transferred to another server outside the disaster area, allowing them to gain continuos access to the system. The highest level of geo-disaster tolerance can be achieved with a fault tolerant solution in two different locations.  If a disaster destroys one system, the other continues to operate with no loss of data and no loss of transactions (, 2001).


 


Prioritisation in case of interruptions and downtimes


            It is of great importance for any organization to have a well-planned solution to system interrupts and downtimes to provide non-stop service to clients in the event that system downtime occurred. In today’s market trends, any organization without a highly available IT infrastructure has the potential to fall behind its competitors and eventually be driven out of business. Natural disasters are unavoidable, that is why it is necessary for an organization to formulate a fault-tolerance in formation systems – A series of best practices guidelines for implementing true information-system fault tolerance comes from research, user interviews, and widely accepted concepts of systems and information theory (, 2001). This concept will help BCC in reducing downtime effects.


             (2001) states that downtime can be prevented by using real-world guidance. Redundancy is fundamental to a system, because system reliability requires redundancy. A reliable system makes the system expands either time or resources. This is to the reason that redundancy can test the system of its reliability. Minimize single points of failure; some of the options for an organization are to use alternative power source and disk to protect the system from downtime cause by failure of power supply or disk drives. It is also important to choose the right server for the job. The server to provide BCC with the service should be capable to meet the needs of the organization and the end-users.


 


Resource requirements


            BCC should use capacity planning in choosing the right server to provide the online education system with network and database needs. Capacity planning includes network loading, peak and average bandwidths capacity, disk and memory size. This plan also address the system interaction particularly the hardware and the application software under the system. These requirements are important especially for BCC that is considering high availability fail-over configuration. It is important to eliminate serial path in an online system, because serial elements are prone to bug attacks. Application softwares are considered to be the most critical of serial elements. Application software cannot be fixed while the system operates, although it can be rebooted or restart. Rebooting and restarting causes system interruption. A well written application plan can minimize data loss.          Select and manage software in order to minimize the probability of crashing a critical application. It is important for BCC to test the system before full implementation to en sure that the system won’t encounter any problems once it is fully implemented.


            It is a necessity to deploy the right solution to system downtime, in order to minimize the greater effects it can cause the organization. The first step is to fully analyse the network which includes the systems that will collect, store, and process data. Also, the analysis should determine system security performance that can cause system failures. The system and data backup and failover systems should be included in the analysis, because failure in the systems database, hardware devices, and operating system can be of threat to the organizations business.


Business Continuity Plan (BCP)


 


            A business continuity plan (sometimes referred to as Business continuance) describes the essential processes and procedures of an organization to continue conducting business during and after the occurrence of disaster. BCP prevents interruption of mission-critical services due to disaster and helps an organization to re-establish full functioning as fast and smoothly as possible. Although BCP is important for any organization, it may not be practical.


            The first step in business continuity plan is to decide which of the organization’s functions are most essential, and apportion available budget accordingly. Once the crucial components are identified, the organization can then develop failover mechanism. Business continuance has become an increasingly common area of concern since the September 2001 World Trade Center disaster, in which an unforeseen incident created a sudden and severe threat to crucial functions for a number of companies (, 2006).


            BCP is essential for any organization to profitability and competitiveness. A few seconds of system downtime can have financial impact to an organization. BCP will help to maintain long-term stability and competitiveness for BCC. It is important to determine the roles and responsibilities of those involve in project development. Knowing the possible risk and disasters that can cause system downtime is as important, as well as, disaster response and recovery plans when disaster occurs.


 


 


Roles and responsibilities


Ø      BCC management and mission owners – responsible in decision making and managing all the decisions for mission accomplishment. Ensures that the necessary resources are applied effectively in order to develop the capabilities needed in accomplishing the mission. They are also responsible in assessing and incorporating risk assessment results in decision making.


Ø      Chief Information Officer – responsible in ensuring that risk management are implemented and manages the organization’s IT plan, project budget, and performance.


Ø      IT systems owners of system hardware and/or software to support the system – responsible in providing the required hardware and/or software of the proposed system. The systems and in formation owners are also responsible in ensuring proper control are implemented to address the integrity, confidentiality, and availability of the system.


Ø      Business or functional managers – responsible in managing IT procurement process and managing business operation.


Ø      Technical support personnel (such network administrator, computer specialist, data security analyst, etc) – responsible in managing and administering network and system security for the system.


Ø      IT system and applications programmers – responsible in developing the system and maintaining code that could affect the system and data integrity.


Ø      IT quality assurance personnel – responsible in testing the system to ensure system and data integrity.


Ø      Information system auditors – responsible in auditing the system and making report about system performance.


Ø       IT consultants – responsible in supporting the end clients in terms of usage and queries regarding the system.


Disaster preparation


            Disaster can happen any day at any time. Potential disaster can be natural or man-man disasters. Disaster can cause system downtime for an organization. E-learning depends on technology, and information and communication infrastructure to be operational. Disasters pose a great threat to such infrastructure and therefore can cause system downtime and lost for any organization.


            BCC should be aware of the possible disaster that can cause system downtime in online education system, and formulate the best possible solution to solve risk that disaster can bring the organization.


Natural Disasters Ø      Earthquake       Earthquakes are natural disaster that occurs due to shifting of the earth’s seismic plates. This natural disaster can occur almost without warning.            Earthquakes can cause system downtime, especially if earthquake           occurrence is at high intensity. Infrastructure can be ruin and can cause       Internet failure to affected areas. If such incident happens, BCC should    have an alternate service provider that will provide temporary Internet      connection to affected areas. Ø      Floods             Flooding can occur almost anywhere. Floods occur due to gradual             accumulation of rainwater in rivers, and lakes. According to government         statistics, over billion of damage to business and property every year is         cause by flooding. BCC should have sufficient insurance coverage that will     cover the organization from financial impact caused by floods. Ø      Storms             Storms, as well as hurricanes and tornadoes pose high risk to business.   This natural disaster can threaten various infrastructures. Ø      Fires             Fires can start from natural or man-made cause. Fires can cause system downtime; proper measures against such disaster will help BCC in early           recovery. Man-Made Disasters Ø      Bombing/Explosions

     Explosions may be the result of man-made actions (such as gas leaks that           can ignite and cause great damage to infrastructure).


Ø      Acts of Terrorism

     The September 11 attack on United States bought many organizations to consciousness, that small businesses can easily diminished and large           businesses can suffer long-term damage from acts of terrorism.


Ø      Power Outages

            Businesses need electric power in order to operate; this is a necessity that            will greatly affect business due to electric outages. In order to address   such risk BCC may install Uninterrupted Power Supply (UPS) to take over in case of power outages to avoid system downtime.


Ø      Hardware/Software Failures

            Computers systems have the tendency to fail without warning; this applies to hardware and software. System software may crash cause by            internal errors or due to hardware and software conflicts. To solve such      issue, BCC should address how repair and replacement parts can be             obtained and install as early as possible.          


Ø      Theft

     Equipments can be stolen and client information crucial to business          continuity can be loss due to database leakage.


Disaster response


            Any organization should quickly react to solve disasters once it occurs. Disaster should be solved as early as possible because every second is a loss for the organization. BCC should deploy a team that will respond to the disaster, a plan how to properly handle the disaster, with proper measures and arrangements. BCC should response to disasters by deploying disaster managers that will manage and handle the disaster using the organized plan.


            Communication management is also important once a disaster occur. Communication management will help BCC in formulating early solutions to areas affected by the disaster.


Business continuity


            BCP technically refers to the means used by businesses to avoid loss. A BCP defines the business requirements for continuity of business operation. BCP defines the business requirements of a “Disaster Recovery Plan”. On the other hand, a Disaster recovery plan deals with restoration of computer system after a disaster occurs, and restoring software and network connection to full functionality due to disaster.


            Business continuity in every business implies higher availability rather than higher recovery. For example: a disaster happens, the system diskdrive and its data crashed. A new diskdrive is purchased, offsite tapes are bought onsite. Data from offsite tapes are transferred to the new diskdrive. Business is running in 24 hours; this is high recovery. Another example: the same disaster happened. Redundant data is on a redundant diskdrive. The system is designed such that immediately when a device is unavailable, the redundant device is accessed automatically. The user might see a 0.5 second increase in response time but is not aware, and not made aware, that a disaster even occurred; this is high availability.


Business recovery


            Disaster occurrence can interrupt businesses; disaster recovery plan should be automatically done, it is necessary to start business recovery after a disaster. This will help an organization to minimize loss due to system downtime.


Ø                  Business Unit Priorities

            In order for BCC to quickly recover from system downtime, all business     operations of the company have to be priorities; the operation with the highest priority should be recovered first and so forth. Recovering 40            percent of the highest prioritized operation would be sufficient enough for             short period of time and then to move on to a lower prioritized operation in            order to gain minimal business operation.


Ø                  Crisis Management

            BCC should train business recovery team, organized and prepared at all   times when disasters occur in the organization.


Ø                  Emergency Communications             Even when disaster strikes, businesses should still be capable to    communicate to the outside world and internally. Online education system requires continuous connection in order to communicate with all the     remote users of the system. Ø                  Alternate Processing Sites

            An alternate processing site provides alternate service when the main site            is not function due to disaster. BCC’s alternate processing site will help in   business continuity when disaster strikes the main processing site.


Ø                  Backups and Offsite Storage             Backups and offsite storage are key components of BCP. Backups will      help BCC in early full recovery. Offsite storage is a location that stores           BCC backup media. Ø                  Logistics and Supplies

            Disaster occurrence may require sudden moving of employees,      equipments and supplies to BCC prepared alternate site.


 


BCP testing, maintenance and auditing plan


Testing


            The purpose of BCP testing is to ensure organizational acceptance of the BCP and to guarantee that the BCP satisfies the organizations recovery requirements.  BCP may fail to meet organizational expectations because of insufficient or inaccurate recovery requirements, flaws in solution design, or error in solution implementation. BCP are tested on a biannual or annual schedule. The problems identified in testing process are considered in the maintenance process and then retested during the proceeding process. BCC testing may include:


Ø       Crisis command team call-out testing


      Crisis team to handle BCC business recovery should be trained to handle            disaster and perform business recovery effectively.


Ø       Technical swing test from primary to secondary work locations


      Testing BCC’s online education system on compatibility from primary to    secondary work location will ensure complete compatibility from various   transfers.      


Ø       Technical swing test from secondary to primary work locations


      The system should be test from primary to secondary, and vice versa,        from secondary to primary.


Ø       Application test


      The system should be properly and thoroughly test in order to ensure        usability and detect errors as early as possible.


Ø       Business process test        


Maintenance


Develop Plan Maintenance Procedures


            Plan maintenance procedure is categorized in two: scheduled and unscheduled. Schedule maintenance is time-driven, while, unscheduled maintenance is event-driven.


Ø      Scheduled Maintenance


            Scheduled maintenance results from scheduled review of the         organization’s BCP. Reviews are predictable (which are based on        established requirements) and scheduled at decided time intervals (can            either be weekly, monthly, quarterly, etc). The purpose of reviewing BCP   is to determine the necessary changes needed by an organization for    improvement. Scheduled plan ensures that the necessary updates are             made.


Ø      Unscheduled Maintenance


            Certain maintenance requirements are mostly unpredictable and therefore          unscheduled. Majority of unscheduled maintenance occurs as the result of           a major change in the organization, business operations, processes, functions, sudden hardware configurations, network, etc. Unscheduled            maintenance may include changes in personnel, responsibilities, processing and communications equipment and the like are common.


Auditing


            It is essential to audit BCP in order to determine the functionality of BCC online education system. BCP auditing will be of help in monitoring the performance of the online education system of BCC. This will help the organization in reviewing the system short-term and long-term IT plan. BCP auditing also reviews the IT standards, procedures, and security policy. Auditing the BCP determines it’s effectiveness for BCC.


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


References


 



Credit:ivythesis.typepad.com



0 comments:

Post a Comment

 
Top