Question

If companies have both a BCP and a DRP in place do they need to have an incident response plan? Please explain.

Answer 1

DRP (Disaster recovery plan)

As its name suggest itself It is a document generated by the organisations or companies that is step by step procedure and strategy to how to tackle with disasters like any information system failure, dangerous cyber attack, or man made attack like terrorist attack or any natural phenomenon like tsunami, flood , earthquake etc which affects the company

In DRP it contains types of plans like:

1. Prevention of disaster

2. Backup of important file, documents and assets.

3. Deployement of prevention and protection system

4. Recovery of loss cause by disaster.

BCP (Business continuity plan)

As its name suggests itself it to make buisness functional even at the time of disaster means this plans contain disaster prevention methods , and recovery plans like backuping of file documents , data servers and assests of the company which is required for the company to continue their business like before the disasten within a short period of time which prevent the huge loss of company due to discontiuity in work in short this plan ensures the avaiblilty of resources in the buisness even at the time of disaster strike the company.

If companies have both a BCP and a DRP in place do they need to have an incident response plan?

Yes even if companies have a BCP and a DRP in place they also need to have an incident response plan because DRP and BCP are effective on large scale disasters but for small scale problem like tampering of files and documents server failure within an organisation, and steal of documents or data from databases or any internal staff or employee violate the company or organisation policy or frequently cyber attacks like DDOS or phishing mail to tackle these small scale problems companies need to have an incident response plan.

Make sure to hit the like button if you find this helpful for you THANK YOU AND HAPPY LEARNING!!