Recovery Scenario
Contact List
Call Tree Log
Call Tree Diagram
Task Table
File Incident Report
Emergency Contacts
Key Personnel
IT Security Quiz
Tools & Techniques
Contact Us

"Who're you
   gonna call?"
IT Security Risk Management (ITSRM)
The Notification Activation Phase defines the initial actions taken once a system disruption or emergency has been detected or appears to be imminent. This phase includes activities to notify recovery personnel, assess system damage, and implement the plan. 

Activation occurs after a disruption or outage that may reasonably extend beyond the Recovery Time Objective (RTO) established for a system. The outage event may result in severe damage to the facility that houses the system, severe damage or loss of equipment, or other damage that typically results in long-term loss.  Once the CP is activated, system owners and users are notified of a possible long-term outage, and a thorough outage assessment is performed for the system.  Information from the outage assessment is presented to system owners and may be used to modify recovery procedures specific to the cause of the outage.  In addition to the aforementioned RTO, the notification activation phase must also address the Recovery Point Objective (RPO) and Maximum Tolerable Downtime (MTD).
RTO defines the maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources, supported mission/business functions, and the Maximum Tolerable Downtime (MTD).  Determining the information system resource RTO is important for selecting appropriate technologies that are best suited for meeting the MTD.  When it is not feasible to immediately meet the RTO and the MTD is inflexible, a Plan of Action and Milestone should be initiated to document the situation and plan for its mitigation.

The RPO represents the point in time, prior to a disruption or system outage, to which mission/business process data can be recovered (given the most recent backup copy of the data) after an outage. Because the RTO must ensure that the MTD is not exceeded, the RTO must normally be shorter than the MTD. For example, a system outage may prevent a particular process from being completed, and because it takes time to reprocess the data, that additional processing time must be added to the RTO to stay within the time limit established by the MTD.

Maximum Tolerable Downtime (MTD)
The MTD represents the total amount of time the system owner/authorizing official is willing to accept for a mission/business process outage or disruption and includes all impact considerations.  Determining MTD is important because it could leave continuity planners with imprecise direction on 1) selection of an appropriate recovery method, and 2) the depth of detail which will be required when developing recovery procedures, including their scope and content.
Security Begins and Ends with You!

  Why You Need Our Product    |    Where Our Product Fits   |   PURCHASE PRODUCT