> State Street. Corporate Continuity Program. Continuity Organizational Structure. Program Oversight
|
|
- Hugh Palmer
- 8 years ago
- Views:
Transcription
1 > State Street An Integrated Approach to Continuity Metrics & Progress Reporting Presented to: Continuity Insights May 2007 Presented by: Chris Glebus Continuity Organizational Structure Executive Management Corporate Continuity & Client Services (CCCS) Senior Management Business Continuity Manager Business Continuity Team Leader Business Continuity Team Leader Business Continuity Team Leader 2 Program Oversight Examining & Audit Committee of the Board of Directors Annual progress report and meeting Executive Management Annual Continuity Compliance Reporting Signoff on business and application continuity requirements Major Risk Committee Enterprise Risk Management Semi-annual presentation of Continuity Program to Major Risk Committee Corporate Audit Regulatory Audits 3 1
2 Program Foundation Program Standards Business Functions Applications & Technology Facilities Incident Management Staff Business Function Downtime Tolerance Levels Level 1 (0-4 hours) Level 2 (5-8 hours) Level 3 (9-24 hours) Level 4 (25-72 hours) Level 5 (73+ hours) Incident Management Recovery Scenarios Site Interruption Technology Interruption Counterparty and Market Human Factor Application Priority Groupings Priority 1 (0-8 hours) Priority 2 (9-24 hours) Priority 3 (+24 hours) Continuity Exercises (Facilities, Staff, Technology) Stand alone System / Application Corporate-wide / Data Center Business Relocation Call Tree / Notification Client Recovery INTRA Data Center 4 Benefits of Metrics Tracking / Compliance Reporting Well defined standards and measurements reduce subjectivity in assessing current status A repeatable measurable process demonstrates progress made in enhancing continuity capabilities Demonstrated progress can assist in gaining funding for continuity solutions Executive accountability drives home visibility and importance The value proposition - information can be used for projects other than BCP and reduce associated costs of gathering and tracking redundant data mergers and acquisition, asset management, risk management, operations, risk management, facilities, corporate security, information security, etc. Provides an effective tool for internal and external audits 5 Compliance Reporting Plan Evaluation Structure comprised of: Standards Criteria Compliance Requirement Measurement Compliance Detail / Considerations Assessing the Plans initial assessment vs. ongoing reporting 80/20 split - Self Assessment / Corporate Assessment Standards integrate both Business and Technical Continuity for an overall picture Each application / system is linked to a Business Continuity Plan Ability to break out technical detail for reporting purposes 6 2
3 Compliance Reporting Business Continuity Plan must be owned at an executive level Effective Compliance / Metric Reporting should cover several levels Overall Corporate Roll-up for benchmarking and trend analysis Executive Management - overall plan status by executive, plan status by standard, overall application by executive, detail status for each application IT Executives overall summary for applications supported, detail for applications supported Business Continuity Managers - plan level by standard and criteria, detail for applications owned Controls in place for ownership and accountability Business Continuity Plan names and executive owner sign-off Business Function names, recovery requirements, and executive owner sign-off Application names, recovery requirements, and executive owner sign-off 7 Plan Evaluation Structure Business Continuity Example Standard 2 Identification and prioritization of all business functions and their recovery time objectives. Criteria Compliance Requirement Measurement Compliance Detail / Considerations 2-b Conduct a Formal Business Impact Analysis (BIA) on a Scheduled Basis and Establish a Continuity Plan 1.For existing business units, BIA must be conducted every 18 months with EVP review & sign-off 2.New business units must complete a BIA within three (3) months of inception and or change of control, with EVP review and sign-off and a Business Continuity Plan within six (6) months of inception Green:all requirements met Red:requirements not met New business units can start building components of their Business Continuity Plan at the same time that the BIA is being conducted i.e. call tree, etc. New business units may come from mergers and acquisitions Change of control is defined as the point in time at which State Street assumes control of the acquired business When naming plans for business units, utilize standardized continuity plan naming convention: [Standard Text] _ [Free form Text] _ [ Locations] Ex: GLOBAL - SVCS _ BANKING SERVICES _MAO 3.BIA final results should be included in plan, e.g. Appendix 8 Plan Evaluation Structure Technical Continuity Example Standard 3 Identification of all technology resources required to support business functions i.e. applications and systems Criteria Compliance Requirement Measurement Compliance Detail / Considerations 3-fIdentify All Applications Owned by the Executive Manager of the Plan / Business Unit and the Corresponding Recovery Information Document the following for each application owned: Application Name Executive Manager / EVP (Business Owner) Recovery Time Objective in hours Recovery Point Objective Production location of the application* Recovery location of the application* Platform 2. Map each application to a business continuity plan Composite Applications Green: information provided for all applications owned Yellow: information missing for less than 25% of applications owned Red:information missing for 25% or more of applications owned N/A:not applicable, do not own applications Individual Application Green: all information available for a given application Red:information missing for a given application owned N/A:not applicable, do not own applications The business owner of an application is defined as an Executive Manager / EVP The business owner must approve / sign-off on recovery requirements for new applications and changes in recovery requirements for existing applications Recovery Time Objective (RTO) is defined as the total elapsed time from the time an event is declared through the time when the business unit has complete functionality of the application, including the time to recover the application Recovery Point Objective (RPO) is defined as the acceptable age of the data (defined as a point in time), relative to the recovery event that is made available to the business unit when the system is recovered. For example, an application may have an RTO of 8 hours and an RPO to point of failure, which means that no data loss can occur Verify through your Application Support department that the Application Recovery Plan is located on Oasis or comparable documentation repository 3
4 > Sample Compliance Reports Business Continuity Manager Business Continuity Manager - Plan Compliance Detail Jane Doe N/A John Doe 11 > Sample Compliance Reports Business Executive Roll-up 4
5 Executive Business Owner - Plan Compliance Summary 13 Executive Business Owner - Application Compliance Summary 14 Executive Business Owner - Application Compliance Detail Note: Location Code Legend is also provided 15 5
6 > Sample Compliance Reports Corporate Roll-up State Street Corporation Overall Plan Compliance Summary by Standard 17 State Street Corporation Overall Application Compliance Summary 18 6
7 > Sample Compliance Reports Trend Analysis Trending of Annual Compliance Reporting for All Criteria 100% 27% 80% 14% 18% 5% 7% 8% 60% 40% 65% 75% 81% 20% 0% 2003 Complete Partially Complete 2005 Incomplete > Getting Started Rome Was Not Built in A Day 7
8 Getting Started Create a steering / advisory committee of executives Business and corporate support groups Define, document, and communicate standards and measurements to Business Continuity Managers and Business Executives Start with a few metrics to get the process moving forward add more later Don t need to integrate business and technology continuity metrics in first pass announcements and workshops / training for Business Continuity Managers Determine frequency of reporting Define, develop, and implement controls and processes for plan and application ownership Multiple business units using an application? Primary BU funding the application owns it Define, develop, and implement reports required by audience Corporate Roll-up, Executive Management, IT Executives, Business Continuity Managers, etc. Provide comment capabilities on BCM reports Define, develop, and implement tools to track and report on standards Microsoft products (Excel, PowerPoint) can be used to start; consider databases and on-line distribution 22 Getting Started 23 Gather Data Use any data that has already been collected and ask for validation / changes with executive sign-off Where there is no data Obtain BUSINESS plan and application ownership list by business unit Jointly assess each plan and application to establish a solid baseline for reporting with established target dates As always get sign-off Provide preliminary view of reports to one or two Business Continuity Managers and a Business Executive for feedback Before sending reports to executives, preview reports to Business Continuity Managers make necessary modifications Conduct first round of reporting and ensure executive awareness of baseline measurement Communicate ongoing maintenance process (self assessment vs. corporate assessment) Repeat! Making Program and Reporting Enhancements Work with subject matter experts in developing enhancements i.e. Global Realty, Corporate Security, Information Technology, etc. Review proposed enhancements with steering / advisory committee for feedback and approval Ease into enhancements that strengthen and or increase standards, criteria, compliance requirements, and or measurements within a plan. Slowly eliminate partials Provide enough time for Business Continuity Managers to comply with enhancements 6 month lead time between announcement and compliance Consider exception reporting for high risk items Consider trending analysis 24 8
9 Continuity Application Suite Continuity Reporting System Dependency Reporting LDPRS Envision CBCP Business Functions Global Processing Timeframes Business to Applications, Facilities, etc. Future replacement for CPD Application Repository Future replacement for Recovery Exercise Database Compliance Reporting Database (CPD) Continuity Compliance Reporting DR APP Application Repository MS Access - Not Scaleable The Conduit Corporate Feeds People Soft Location State Street Notify Automated notification tool for Incident Management 25 Legend Strategic Continuity applications Initial continuity applications to be retired > Stand Alone Recovery Exercise Database Tracks Technology Recovery Exercise Objectives, Results, and Resolution Initial continuity applications for compliance reporting Questions? 9
External Supplier Control Requirements BCM
External Supplier Control Requirements BCM BCM Requirement Description BCM Tiers Recovery Time Objective Why this is important 1. Business Continuity Policy Supplier will have a documented Business Continuity
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationHow to measure your business resiliency
How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com
More informationProfessional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance
Professional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance The goal of this professional practice is to establish an exercise, testing, maintenance and audit program. To continue
More informationCONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT
CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT April 16, 2014 INTRODUCTION Purpose The purpose of the audit is to give assurance that the development of the Metropolitan Council s Continuity
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationD2-02_01 Disaster Recovery in the modern EPU
CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October
More informationBy: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015
Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,
More informationThe Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
More informationAudit of the Disaster Recovery Plan
Audit of the Disaster Recovery Plan Report # 11-05 Prepared by Office of Inspector General J. Timothy Beirnes, CPA, Inspector General Kit Robbins, CISA, CISM, CRISC, Lead Information Systems Auditor TABLE
More informationThe Business Continuity Maturity Continuum
The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationCITY UNIVERSITY OF HONG KONG Business Continuity Management Standard
PUBLIC Version: 1.0 CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief
More informationB U S I N E S S C O N T I N U I T Y P L A N
B U S I N E S S C O N T I N U I T Y P L A N 1 Last Review / Update: December 9, 2015 Table of Contents Purpose...3 Background...3 Books and Records Back-up and Recovery...4 Mission Critical Systems...
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationSCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com
SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationBusiness Continuity Management Program Development Guide
Business Continuity Management Program Development Guide Prepared by The NS Emergency Management Office, Winter 2012 Version 1.1 Page 2 of 24 Document Revision History Date Author Revision Notes Fall 2011
More informationShankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.
Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management
More informationCISM ITEM DEVELOPMENT GUIDE
CISM ITEM DEVELOPMENT GUIDE TABLE OF CONTENTS CISM ITEM DEVELOPMENT GUIDE Content Page Purpose of the CISM Item Development Guide 2 CISM Exam Structure 2 Item Writing Campaigns 2 Why Participate as a CISM
More informationPreparing for the Convergence of Risk Management & Business Continuity
Preparing for the Convergence of Risk Management & Business Continuity Disaster Recovery Journal Webinar Series September 5, 2012 2012 Strategic BCP, Inc. All rights reserved. strategicbcp.com 1 Today
More informationMeasuring Continuity Planning Program. Performance
Measuring Continuity Planning Program Performance Carl B Jackson Director Crisis Management & Continuity Planning Resource Center (CMCPRC) Measuring Continuity Planning Program Performance Session Agenda
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationMHA Consulting. Business Continuity Management 101
0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends
More informationISO 22301: Societal Security Terminology ISO 22313: BCMS Guidance ISO 22398: Exercises and Testing - Guidance
The Impact of ISO 22301 Moving Your BCM Program to a Management System Implementing the Newly Approved International Business Continuity Management System Standard & Guidance Documents ISO 22301: Societal
More informationEnabling DR with Smart Devices. By Greg Streder and Philip Chukwuma
Enabling DR with Smart Devices By Greg Streder and Philip Chukwuma 1 BCP Definitions: Business continuity planning (BCP) "identifies an organization's exposure to internal and external threats and synthesizes
More informationCISM ITEM DEVELOPMENT GUIDE
CISM ITEM DEVELOPMENT GUIDE Updated January 2015 TABLE OF CONTENTS Content Page Purpose of the CISM Item Development Guide 3 CISM Exam Structure 3 Writing Quality Items 3 Multiple-Choice Items 4 Steps
More information2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP
2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.
More informationInformation Technology
Information Technology Information Technology Session Structure Board of director actions Significant and emerging IT risks Practical questions Resources Compensating Controls at the Directorate Level
More informationEPRR: Toolkit Facilitator Guide
NHS England Business Continuity Management EPRR: Toolkit Facilitator Guide APPENDIX 1 1 [Intentionally Blank] INTRODUCTION The document has been designed to assist you to deliver the outcomes of the workshop
More informationInternational Business Continuity Program Management Benchmarking Report - An Exclusive Board Review
International Business Continuity Program Management Benchmarking Report - An Exclusive Board Review Prepared by BC Management and the BC Management International Benchmarking Advisory Board Benchmarking.
More informationTips and techniques a typical audit programme
Auditing Business Continuity Planning Tips and techniques a typical audit programme Karen Wills, Senior Internal Auditor St James s Place Wealth Management February 2014 Contents Background Roles and Responsibilities
More informationRSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief
RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief INTRODUCTION Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet
More informationDisaster Recovery and Unstable Furniture
Disaster Recovery and Unstable Furniture Presented by Michael Richmond, CISSP #SuperConf15 #SuperConf15 Essentials of Information Technology Where we came from Primarily single source Largely asynchronous
More informationBusiness Continuity Planning: Bridging the Gap Between IT and Business
Business Continuity Planning: Bridging the Gap Between IT and Business Steve Burns, President EverGreen Data Continuity, Inc. sburns@evergreen-data.com 1 The Hard Facts One-third of businesses don t include
More informationNational Check Payments Certification. Fraud, Risk, and Risk Mitigation Part II. Copyright 2015 by the Electronic Check Clearing House Organization
NCP 2016 Exam Cycle Core Training Series Session 11 National Check Payments Certification Fraud, Risk, and Risk Mitigation Part II Copyright 2015 by the Electronic Check Clearing House Organization NOTICES
More informationCRISC Glossary. Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data
CRISC Glossary Term Access control Access rights Application controls Asset Authentication The processes, rules and deployment mechanisms that control access to information systems, resources and physical
More informationOverview of how to test a. Business Continuity Plan
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
More informationDRAFT BUSINESS CONTINUITY MANAGEMENT POLICY
DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining
More informationBusiness Continuity (Policy & Procedure)
Business Continuity (Policy & Procedure) Publication Scheme Y/N Can be published on Force Website Department of Origin Force Operations Policy Holder Ch Supt Head of Force Ops Author Business Continuity
More informationBANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS
BANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION RS BR IBBS-2.1-2007 MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS GUIDELINES FOR SELF-ASSESSMENT OF CONFORMITY OF INFORMATION
More informationBusiness Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM
Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit?
More informationHOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING
HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYSTEMS Most organisations will, at some point, be faced with having to respond
More informationDisaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support
Disaster Recovery Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support Categories of Risk Financial Operational Reputational Market share Revenue
More informationDepartment of Information Technology Data Center Disaster Recovery Audit Report Final Report. September 2006
Department of Information Technology Data Center Disaster Recovery Audit Report Final Report September 2006 promoting efficient & effective local government Executive Summary Our audit found that a comprehensive
More informationBusiness Continuity Management. Christoph Stute Guatemala 28 29 March 2012
Financial Risk Management and Business Continuity Management Christoph Stute Guatemala 28 29 March 2012 Financial Risk Management Christoph Stute Guatemala 28 29 March 2012 Risk Management in Banks Regulatory
More informationHow To Manage A Disruption Event
BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational
More informationPHASE 9: OPERATIONS AND MAINTENANCE PHASE
PHASE 9: OPERATIONS AND MAINTENANCE PHASE During the Operations and Maintenance Phase, the information system s availability and performance in executing the work for which it was designed is maintained.
More informationFINAL Version 1.0 November 6, 2014
CENTERS for MEDICARE & MEDICAID SERVICES Enterprise Information Security Group 7500 Security Boulevard Baltimore, Maryland 21244-1850 Risk Management Handbook Volume II Procedure 4.5 FINAL Version 1.0
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationBusiness Continuity and Disaster Recovery Policy
Maine State Government Dept. of Administrative & Financial Services Office of Information Technology (OIT) Business Continuity and Disaster Recovery Policy I. Statement The Office of Information Technology
More informationInfasme Support. Incident Management Process. [Version 1.0]
Infasme Support Incident Management Process [Version 1.0] Table of Contents About this document... 1 Who should use this document?... 1 Summary of changes... 1 Chapter 1. Incident Process... 3 1.1. Primary
More informationIndustry Sound Practices for Financial and Accounting Controls at Financial Institutions
Industry Sound Practices for Financial and Accounting Controls at Financial Institutions Federal Reserve Bank of New York January 2006 FINANCIAL AND ACCOUNTING CONTROLS: INDUSTRY SOUND PRACTICES FOR FINANCIAL
More informationPROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE:
PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE: Project Name Project Management Plan Document Information Document Title Version Author Owner Project Management Plan Amendment History
More informationFlinders University IT Disaster Recovery Framework
Flinders University IT Disaster Recovery Framework Establishment: Flinders University, 1 August 2013 Last Amended: Manager, ITS Security Services, 4 October 2013 Nature of Amendment: Initial release Date
More informationwww.pwc.com/sg Technology Risk Management Are you ready?
www.pwc.com/sg Technology Risk Management Are you ready? Contents Food For Thought... Questions 2 Guidelines & Notice New technology risk management guidelines and notice impact: All financial institutions
More informationBusiness Continuity Management Charter
Province of Nova Scotia Business Continuity Management Charter Department, Agency or Commission Name Business Continuity Coordinator Name 3/14/2014 Program Charter for Business Continuity Management Program
More informationContents. About Perpetuuiti. Continuity Vault. Continuity Patrol. Ops Central. Questions & Answers. Section 2. Section 3. Section 4.
Contents Section Agenda 1 About Perpetuuiti Section 2 Continuity Vault Section 3 Continuity Patrol Section 4 Ops Central Section 5 Questions & Answers About Perpetuuiti Realising gaps in availability management,
More informationBusiness Continuity Planning
Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why
More informationCA Clarity PPM. Portfolio Management User Guide. v13.0.00
CA Clarity PPM Portfolio Management User Guide v13.0.00 This documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationThe Disaster Recovery Self-Assessment Guide and Validation Model. Jim Kates Cognizant Technology Solutions Jim.Kates@cognizant.com
The Disaster Recovery Self-Assessment Guide and Validation Model Jim Kates Cognizant Technology Solutions Jim.Kates@cognizant.com How Would You Evaluate Your DRP? (Is it a Disaster Recovery Plan or a Dilbert
More informationBPO Service Level Agreement
BPO Service Level Agreement Versión / Version: 2.2 Código Documento / Document Code: AVSP- ITSM- SD- BPO- SLA Fecha Emisión / Distribution Date: November 30, 2014 Elaboró / Created by: Revisó / Reviewed
More informationThe ABC s of BCP. Jeremy Sucharski Governance Risk and Compliance G31
The ABC s of BCP Jeremy Sucharski Governance Risk and Compliance G31 Jeremy Sucharski, CISA, CRISC Over 12 years of experience CISA and CRISC Certifications Governance, Risk and Compliance Practice Leader
More informationEffective Business Continuity Program Frameworks. Peter R. Laz, MBCP
Effective Business Continuity Program Frameworks Peter R. Laz, MBCP Agenda Session Objectives Successful BC Program Framework Critical Success Factors 2 Session Objectives Review the differences between:
More informationA BCP Tale: From Theory to Practice
A BCP Tale: From Theory to Practice Presenter: Gord Novoselnik Problem & Configuration Manager, Enterprise Solutions Division, MTS Allstream Gord.Novoselnik@mtsallstream.com 1 10 Commandments of BCM I.
More informationTELUS Business Continuity Program past and future
TELUS Business Continuity Program past and future Presentation to EPICC 6 th Annual Seminar Victoria, BC September 17, 2010 John Yamniuk, MBCP Member of the TELUS team TELUS BCM Purpose To provide an overview
More informationBC / DR Implementation Tying Disaster Recovery Investment to Measurable Business Value
BC / DR Implementation Tying Disaster Investment to Measurable Business Value Continuity Insights Conference May 16-18, 2005 Agenda Purpose Discuss best practice process and tools that might be leveraged
More informationRBC Business Continuity Management Program Exercising our Plans. BCAW Presentation
RBC Business Continuity Management Program Exercising our Plans BCAW Presentation Key Elements of the Program The RBC BCM program is global in scope Oversight of BCM is provided by the Enterprise Business
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework IT Service Management How many times we felt that Business is looking to IT as Operations center not strategy enabler 1
More informationSarbanes-Oxley Compliance for Cloud Applications
Sarbanes-Oxley Compliance for Cloud Applications What Is Sarbanes-Oxley? Sarbanes-Oxley Act (SOX) aims to protect investors and the general public from accounting errors and fraudulent practices. For this
More informationWhy Should Companies Take a Closer Look at Business Continuity Planning?
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
More informationFederal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities
More informationCISM Certified Information Security Manager
CISM Certified Information Security Manager Firebrand Custom Designed Courseware Chapter 4 Information Security Incident Management Exam Relevance Ensure that the CISM candidate Establish an effective
More informationBusiness Continuity Planning Principles and Best Practices Tom Hinkel and Zach Duke
Business Continuity Planning Principles and Best Practices Tom Hinkel and Zach Duke Agenda Key components essential to a FFIEC compliant Business Continuity Plan Recovery Time Objectives & Recovery Point
More informationSubject Area 1 Project Initiation and Management
DRII/BCI Professional Practice Narrative: Establish the need for a Business Continuity Plan (BCP), including obtaining management support and organizing and managing the BCP project to completion. (This
More informationPAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationof credit unions have backup operations in place in case of member service disruptions.
Over 90% of credit unions have backup operations in place in case of member service disruptions. Benchmarking Technology Enhancements & Business Continuity Plans February 2012 www.creditunions.com 800.446.7453
More informationYale University Business Continuity Planning (BCP) Quick Start Guide
Yale University Business Continuity Planning (BCP) Quick Start Guide Introduction Yale University s mission is to create, preserve and disseminate knowledge. Each college, division, and major administrative
More informationBusiness Continuity Management
Business Continuity Management Version 1 approved by SMG December 2013 Business Continuity Policy Version 1 1 of 9 Business Continuity Management Summary description: This document provides the rationale
More informationBank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management
Bank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management Issued under Section 27 of the Banks and Financial Institutions Act 2000 Overview and Key Requirements Business Continuity
More informationKPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity
INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM
More informationBusiness Continuity Plan Assessment Tool v1.0
Appendix 5 Annex F To NSERP Business Continuity Plan Assessment Tool v1.0 Continuity Plan Assessment Tool v1.0.doc Page 1 of 17 Business Continuity Plan Assessment Tool v1.0 This tool is designed to assess
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationPrudential Standard CPS 232 Business Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard This Prudential Standard requires each regulated institution and Level 2 group to implement
More informationMINNESOTA STATE POLICY
Version: 2.00 Approved Date: 02/24/2012 Approval: Signature on file MINNESOTA STATE POLICY From the Office of Carolyn Parnell Chief Information Officer, State of Minnesota IT Project Portfolio Data Management
More informationSoftware Inventory Best Practices. Issued: April 26, 2016. Approved: Bruce F Gordon 04/26/2016 Chairperson Date
Software Inventory Best Practices Issued: April 26, 2016 Approved: Bruce F Gordon 04/26/2016 Chairperson Date Team Members Gayle Jordan, TVA, Lead Dan Holland, PGE/DCPP Chris Meemken, STP Randy Moose,
More informationOFFICE OF AUDITS & ADVISORY SERVICES IT DISASTER RECOVERY AUDIT FINAL REPORT
County of San Diego Auditor and Controller OFFICE OF AUDITS & ADVISORY SERVICES IT DISASTER RECOVERY AUDIT FINAL REPORT Chief of Audits: Juan R. Perez Audit Manager: Lynne Prizzia, CISA, CRISC Senior Auditor:
More informationBest Practices in Developing an IT Disaster Recovery Plan. Vijaykumar Kulkarni AGM Product Management
Best Practices in Developing an IT Disaster Recovery Plan Vijaykumar Kulkarni AGM Product Management PRESENTER PROFILE Vijaykumar Kulkarni Assistant General Manager - Product Management in Netmagic Solutions,
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationBUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
More informationFebruary 22, 1995. Dear Ms. Kastrin:
February 22, 1995 Ms. Deborah C. Kastrin Executive Director Texas Department of Commerce Stephen F. Austin State Office Building 1700 North Congress, Suite 100 Austin, Texas 78711 Dear Ms. Kastrin: The
More informationBusiness Continuity Management AIRM Presentation
16 January, 2008 Business Continuity Management AIRM Presentation David Hamilton, Senior Consultant http://www.marsh.ie Presentation Overview Terms used for BCP Where BCM fits in a business plan Business
More informationBusiness Continuity & Recovery Plan Summary
Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity
More informationSound Transit Internal Audit Report - No. 2014-6
Sound Transit Internal Audit Report - No. 2014-6 Maturity Assessment: Information Technology Division Disaster Recovery Planning Report Date: June 5, 2015 Table of Contents Page Executive Summary 2 Background
More informationTaking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment
Taking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment John Linse Director of Business Continuity Services, EMC 1 Setting the Stage Taking a Proactive
More informationInternal Audit Department NeighborWorks America. Audit Review of the Business Continuity Plan (BCP) Management and Documentation
Department NeighborWorks America Audit Review of the Business Continuity Plan (BCP) and Documentation Project Number: ADMN.BCP.2013 Audit Review of of BCP Table of Contents Project Completion Letter...
More informationMGIC BUSINESS CONTINUITY PROGRAM
MGIC BUSINESS CONTINUITY PROGRAM Mortgage Guaranty Insurance Corporation ("MGIC") and its affiliates recognize the importance of maintaining a viable business continuity strategy and have developed a comprehensive
More information