If Sybex is so great, why on BCP/DRP do they say...
Sybex is ADAMENT that "Disaster Recovery Planning (DRP) steps in where BCP leaves off." This is in direct opposition to the Harris AIO (6th ed) and pretty much everything else I've read/accessed. (Harris Lectures, Cybrary videos, Larry Greenblatt) The Sybex authors have written this statement multiple times in chapter 18, and is also a question on their test bank.
The common refrain for all of the other sources is that an immediate issue/event is covered by the DRP ("the sky is falling") and then by BCP. ("ok, the sky fell on our data center wiped it out, how to we remain in business until we build it back?") This is a BIG issue for me - everyone (Harris-AIO, Handerhan-Cybrary, Greenblatt) represents DRP being the first thing that goes into action, and then BCP if the disaster is sufficient to impair operations beyond 24 hours.
What am I missing here? I realize that not every book is going to be perfect - but this is MAJOR exam topic. Either Sybex has it completely backwards/wrong, seriously damaging their credibility as the "official study guide" - or a whole lot of other people have had it wrong for a while now.
Honestly, this is my biggest beef with ISC2 and why I'll never take another one of their exams. I'm fine with massive CBK, difficult questions that are intentional worded to be tricky, and questions that require comprehension vs. memorization - but it is simply unconscionable that if someone puts in the effort that they cannot discern the absolute CORRECT information key to answering any question.
Thoughts?
The common refrain for all of the other sources is that an immediate issue/event is covered by the DRP ("the sky is falling") and then by BCP. ("ok, the sky fell on our data center wiped it out, how to we remain in business until we build it back?") This is a BIG issue for me - everyone (Harris-AIO, Handerhan-Cybrary, Greenblatt) represents DRP being the first thing that goes into action, and then BCP if the disaster is sufficient to impair operations beyond 24 hours.
What am I missing here? I realize that not every book is going to be perfect - but this is MAJOR exam topic. Either Sybex has it completely backwards/wrong, seriously damaging their credibility as the "official study guide" - or a whole lot of other people have had it wrong for a while now.
Honestly, this is my biggest beef with ISC2 and why I'll never take another one of their exams. I'm fine with massive CBK, difficult questions that are intentional worded to be tricky, and questions that require comprehension vs. memorization - but it is simply unconscionable that if someone puts in the effort that they cannot discern the absolute CORRECT information key to answering any question.
Thoughts?
Comments
-
nothing007 Member Posts: 14 ■□□□□□□□□□Hi cledford3,
BCP- Identify the critical resource which support your business process ( where you left in your risk assessment )
DRP- If any event which affect your critical business process( which they specified in BCP ) then DRP will be kick..
I hope this the answer you are expecting in your question.... -
gespenstern Member Posts: 1,243 ■■■■■■■■□□Yeah, I also use to hate all of these business-related disciplines for this ambiguity. Or take IR steps -- everybody has their own vision on what has to be done and in what sequence. They even manage to get things confused in technical fields as well, for example, guess what OSI layer SSL/TLS works in according to (ISC)2?
Nevertheless, it's pretty naive to think that other examination bodies don't have this. If something is not standardized across this planet -- there will be an ambiguity.
So in the end your task is even harder than you expected it to be -- you have to know different frameworks, why and in what they are different and how to find out what framework they are talking about in each particular situation.
Just study for it, there's nothing impossible here