Driving Operational Risk Management Into the Customer/Product Value Chain

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Driving Operational Risk Management Into the Customer/Product Value Chain"

Transcription

1 Driving Operational Risk Management Into the Customer/Product Value Chain Eric Staffin, MBCI, CISSP Vice President, Global Head of Product & Infrastructure Risk Management Thomson Reuters, Investment & Advisory

2 The world s leading source of intelligent information for businesses and professionals. We combine industry expertise with innovative technology to deliver critical information to leading decision makers in the financial, legal, tax and accounting, scientific, healthcare and media markets, powered by the world s most trusted news organization. Financial Financial Healthcare Legal Applications used by over half a million professionals globally Media Informs healthcare decisions affecting 150 million lives Scientific Westlaw is relied upon by 98% of the world s major law firms Tax & Accounting Reuters News reaches over one billion people daily Used by more than 20 million researchers worldwide Checkpoint is used by 99 of the top 100 U.S. accounting firms

3 Presentation Outline Introduction Resiliency and Operational Risk Deriving Enterprise Requirements from Stakeholder Requirements Defining and Applying Anchor Specifications Validating Anchor Specifications Q&A

4 Is the Traditional PDLC Good Enough? Key Drivers of Product Competitiveness Product Features / Functionality Client Service / Support Reputation Price Terms and Conditions

5 Is the Traditional PDLC Good Enough? Key Drivers of Product Competitiveness Product Features / Functionality Client Service / Support Reputation Price Terms and Conditions What are we missing?

6 Resiliency Starts at the Front Line Key Drivers of Product Competitiveness Product Features / Functionality Client Service / Support Reputation Price Terms and Conditions Stakeholder Requirements Key Organizational Challenges Increasing Operation Complexity Services are Global Economic Concerns and Constraints Geo-political Threats Changing (and Growing) Regulatory Landscape Legacy Infrastructures

7 Resiliency Starts at the Front Line Key Drivers of Product Competitiveness Product Features / Functionality Client Service / Support Reputation Price Terms and Conditions Stakeholder Requirements Key Organizational Challenges Stakeholders Customers Suppliers Increasing Operation Complexity Services are Global Economic Concerns and Constraints Geo-political Threats Changing (and Growing) Regulatory Landscape Legacy Infrastructures

8 Resiliency Starts at the Front Line Key Drivers of Product Competitiveness External Stakeholders Product Features / Functionality Client Service / Support Reputation Price Terms and Conditions Stakeholder Requirements / Demands Key Organizational Challenges Increasing Operation Complexity Services are Global Economic Concerns and Constraints Geo-political Threats Changing (and Growing) Regulatory Landscape Legacy Infrastructures Customers Regulators Shareholders Community Members Emergency Responders Suppliers Local Government Agencies Internal Stakeholders Employees Dependent Systems Auditors Human Resources Sales Technology Finance Chief Risk Officer Facilities Legal

9 Organizational Certainties SEI/CERT Risk environment will not contract number of risks and complexity will increase Organizations must get better at surviving in uncertainty Knowledge and awareness of risk issues must be pervasive throughout the organization Tradition tools, techniques, and methods may not work in this environment Existing organizational structure may not be agile enough to adapt! SEI/CERT Resiliency Engineering Framework

10 Resiliency Spending Intense competition for resource allocations Continuous pull from Non-Discretionary spending Non-Discretionary Legal Regulatory Compliance Exchanges Corporate Policy Contractual Obligations Discretionary (Deterministic) New Product Development New / Reengineered Business Processes Research & Development Utility & Warranty

11 Resiliency Spending Intense competition for resource allocations Continuous pull from Non-Discretionary spending Non-Discretionary Legal Regulatory Compliance Exchanges Corporate Policy Contractual Obligations Discretionary (Deterministic) New Product Development New / Reengineered Business Processes Research & Development Utility & Warranty What s wrong with this picture?

12 Operational Risk SEI/CERT Event / Condition Human Errors / Failures Infrastructure Failures Internal Process Failures / Flaws External Threat Events Adapted from SEI/CERT Resiliency Engineering Framework

13 Operational Risk SEI/CERT Event / Condition Human Errors / Failures Infrastructure Failures Internal Process Failures / Flaws External Threat Events Likelihood 100% 100% 100% 100% Adapted from SEI/CERT Resiliency Engineering Framework

14 Resiliency Spending Non-Discretionary spending now dominates the equation Organizations must recalibrate their approach to ORM!! Non-Discretionary Legal / Regulatory / Compliance Corporate Policy Contractual Obligations Operational Risk Management Training and Awareness Discretionary (Deterministic) New Product Development New / Reengineered Business Processes Research & Development Process Changes

15 Evolution to Resiliency Long Maturation Process Increased Integration Over Time Sustainability & Repeatability Becomes Embedded in Enterprise Risk Management Framework Availability Performance Security Process Maturity Resiliency Reliability Recoverability Continuity Strategic Obj.

16 Critical Resource Specifications - FFIEC these recovery objectives require management to determine which essential personnel, technologies, facilities, communications systems, vital records, and data must be recovered and what processing sequence should be followed so that activities that fall directly on the critical path receive the highest priority.

17 Critical Resource Specifications - FFIEC these recovery objectives require management to determine which essential personnel, technologies, facilities, communications systems, vital records, and data must be recovered and what processing sequence should be followed so that activities that fall directly on the critical path receive the highest priority People Process Technology Facilities Data

18 Stakeholder Requirements Drive All Other Requirements! Customers Customer #1 Customer #2 Customer #3 Customer #4 Customer # 5 Customer # 6 Products & Services Prod #1 Prod #2 Svc #1 Svc #2 Prod #3 Prod #4 Svc #3 Svc #4 Prod #5 Svc #5 Processes Process #1 Process #2 Process #3 Process #4 Process #5 Sites Site #1 Site #2 People Site #3 Site #4 Process Platforms & Resources Technology Facilities Data Suppliers Supplier #1 Supplier #2 Supplier #3 Supplier #4 Supplier #n Copyright Vigilant Services Group. All rights reserved.

19 Now the Challenging Part!! Optimize Utility * Warranty * Product Risk Cost Maximum Competitiveness Maximum Profitability Maximum Competitiveness Optimal Resiliency Optimize Cost ** Resiliency ** Cost Optimal Product Resiliency Customer Exposure * ITIL Service Management ** Don t Over-Spend or Under-Spend

20 BCM, ORM or Both? Promoting the Art & Science of Business Continuity Management Worldwide The BCI Business Continuity Management (BCM) is not simply a management initiative BCM as part of integrated ORM is an engineering discipline that requires technical engineering and human engineering to look at people, data, systems, and facilities as an ecosystem RTOs and RPOs are no longer just independent variables and they are no longer the ONLY variables!

21 Anchor Specifications Maximum Allowable Downtime (MAD FFIEC Business Continuity Handbook) - the point in time after a significant interruption at which the product or process can no longer be inoperable Maximum Tolerable Period of Disruption (MTPoD BS25999) the point in time after a significant interruption after which an organization s viability will be irrevocably threatened if product and service delivery cannot be resumed Maximum Tolerable Downtime (MTD Sentryx) or Business-as-Usual Time Objective (BTO Vigilant Services Group) - the point in time after a significant interruption at which the product or process returns to a business-as-usual state in consideration of work queues, lost data, etc. (operating as if nothing happened)

22 Anchor Specifications Applied SEI/CERT Event / Condition Human Errors / Failures Infrastructure Failures Internal Process Failures / Flaws External Threat Events Likelihood 100% 100% 100% 100% Integrating MAD and MTPoD (anchor specifications) into organizational policy is critical Economics of design must explicitly follow anchor specifications SLAs usually follow MAD Worst case scenarios follow MTPoD Profitability metrics include penalties and SLA performance

23 Timeline Example Copyright Sentryx (

24 Anchor Specifications in Practice Should the Maximum Tolerable Period of Disruption (MTPoD) only be applied to smoke and rubble scenarios? If not, is it enough to consider MTPoD (by itself) to define our optimal resiliency solution levels?

25 When MTPoD is the ONLY Anchor! Incident Duration (Hours) Commercial Exposure ($ Millions) MTPoD = $15MM Total Product Revenue - $40MM Single Impact Exposure Maximum Tolerable Period of Disruption Exposure ($ Millions) $20 $15 $10 $5 $0 Exposure Duration (Hours) Optimal Resiliency Solution? Single Incident with Duration X MTPoD

26 When MTPoD is the ONLY Anchor! Incident Duration (Hours) Commercial Exposure ($ Millions) MTPoD = $15MM Total Product Revenue - $40MM Single Impact Exposure Maximum Tolerable Period of Disruption Exposure ($ Millions) $20 $15 $10 $5 $0 Exposure Duration (Hours) Optimal Resiliency Solution? Single Incident with Duration X MTPoD

27 MTPoD, MAD & Cumulative Incident Exposure Incident Duration (Hours) Exposure ($ Millions) Commercial Exposure ($ Millions) MAD = $2.5MM MTPoD = $15MM Total Product Revenue - $40MM $20 $15 $10 $5 $0 SIE SIE SIE MAD SIE SIE SIE Exposure Duration (Hours) MTPoD Use historical incident management data to predict the likelihood of a disruptive event occurring adjust resiliency and recoverability levels ASAP!! Optimal Resiliency Solution? Single Incident with Duration X Cumulative Incident Duration Cumulative Commercial Exposure

28 MAD & MTPoD Are Now Anchors!! Incident Duration (Hours) Commercial Exposure ($ Millions) MAD = $2.5MM MTPoD = $15MM Total Product Revenue - $40MM SIE SIE SIE SIE SIE SIE Exposure MAD MTPoD Exposure ($ Millions) $20 $15 $10 $5 $0 Optimal Resiliency Solution Optimal resiliency solutions MUST incorporate single incident and cumulative incident exposure levels to ensure that MAD and MTPoD thresholds are NOT exceeded. Anchors MUST be established in the definition and planning phases of the SDLC propositions cannot go to market if anchors aren t LOCKED in place. Duration (Hours) Single Incident with Duration X Cumulative Incident Duration Cumulative Commercial Exposure

29 Margin as a Function of Resiliency and Price Price that clients will pay for R BAU of 24 hours ($50) Maximum price that clients will pay for R BAU of 6 hours or less ($60) Price that clients would have to be willing to pay to cover the fixed costs of R BAU of 0 hours 0 Resiliency (Hours) $30 $40 $50 $60 $70 $80 $90 $100 Product Pricing

30 Discretionary Spending as a Function of Resiliency $7MM discretionary spend required for R BAU of 6 hours $5.5MM discretionary spend required for R BAU of 24 hours $11MM discretionary spend required for R BAU of 0 hours 0 Resiliency (Hours) $5 $6 $7 $8 $9 $10 $11 $12 Discretionary Spending ($MM) to Achieve Desired Resiliency Levels insurance

31 MAD vs. RTO Maximum Allowable Downtime (MAD) is the business specified time required to achieve full operational recovery RTOs have historically been applied to the time required to recover a specific technology resource (FFIEC systems & data) RTO as an independent construct does not appropriately describe the recovery of a full process, function, or product that has a number of supporting and dependent resources (FFIEC systems, data, facilities & people) Challenge Issue product and service recoverability is often described with a single RTO if so, have we captured the full exposure to the various SEI/CERT Operational Risk Events

32 Challenge Response Incident Management Timeline What is it? And why look at it? Embedded Operational Risk Management expresses resiliency in the form of aggregated RTOs based on a specific ORM event or condition. SEI/CERT Event / Condition Likelihood Human Errors / Failures Infrastructure Failures Internal Process Failures / Flaws External Threat Events 100% 100% 100% 100% Incident Starts Incident Ends

33 Challenge Response MAD is an aggregated RTO Facilities and people may have individual RTOs which contribute to MAD! these recovery objectives require management to determine which essential personnel, technologies, facilities, communications systems, vital records, and data must be recovered and what processing sequence should be followed so that activities that fall directly on the critical path receive the highest priority Event / Condition Likelihood Human Errors / Failures Infrastructure Failures Internal Process Failures / Flaws External Threat Events 100% 100% 100% 100% Incident Starts Incident Ends

34 Challenges to Embedding ORM into the Organization SEI/CERT ORM is by nature a qualitatively-driven activity Operational resiliency activities are distributed throughout the enterprise and are not coordinated Operational resiliency for system and data assets will likely be insufficient on a standalone or independent basis Is there a calibration of practices, methodologies, and validation principles across security, business continuity, IT operations, service delivery, and facilities management Funding for ORM is often a budgetary expense rather than an investment in the organization s ability to meet strategic objectives Success measures are often difficult to quantify Can the organization sustain an operational resiliency focus Is organizational success tied to the balanced efforts of people, processes, and methods as opposed to just people Do changes in the regulatory climate offer natural opportunities to increase resiliency or are they simply distractions to the product development roadmap Is the organization realistic about its ability to manage through operational risk events Adapted from SEI/CERT Resiliency Engineering Framework

35 Timeline Decomposition Lifecycle Approach RPO Interruption Incident Starts Incident Ends Permanent Restoration

36 Validating Anchor Specifications ERM* and Product Risk Management Strategic / Market Risk Product Risk (not discussed here) Operational Risk Product Resiliency Financial / Credit Risk Customer SLAs Financial Strategic Operational * Enterprise Risk Management see COSO (Committee of Sponsoring Organizations)

37 SLA Management Reactive Reactive A major product experiences a significant disruption One or more significant penalties are assessed based on SLA triggers that have been tripped Sales, Product, and Development Teams are brought in to manage client expectations and define reactive remediation and communications strategies Efforts are made to reduce the penalties and immediately improve product resiliency Discovery that risk controls cannot be implemented in the short term Commercial releases are cancelled or delayed in order to implement newly defined / developed solutions

38 SLA Management Proactive Reactive A major product experiences a significant disruption One or more significant penalties are assessed based on SLA triggers that have been tripped Sales, Product, and Development Teams are brought in to manage client expectations and define reactive remediation and communications strategies Efforts are made to reduce the penalties and immediately improve product resiliency Discovery that risk controls cannot be implemented in the short term Commercial releases are cancelled or delayed in order to implement newly defined / developed solutions Proactive Establish client and market warranty requirements as part of the product development lifecycle Standardize SLAs, as much as possible, in advance decouple from MSAs Match penalties and price warranties to the product infrastructure(s) don t over or under-engineer resiliency solutions Establish tie-ins between service level management, performance management, and capacity management functions drive homogenous solutions across accountable infrastructures, dependent infrastructures, and 3 rd parties Ensure that Infrastructure Owners are at the table with the client and have intervention rights - Gatekeepers! Provide complete transparency to the client Only accept SLAs that match the organizational model and enterprise risk / resiliency strategies

39 Proactive Approach to Customer & Supplier SLAs Limited Revenue Impact Moderate Revenue Impact Critical Brand or $ Exposure Customer and supplier warranty requirements are integrated into product design Ensure that performance guarantees extend to key internal and external suppliers BCM/RM people are at the table with clients and suppliers and have intervention rights - Gatekeeper! Incorporate Supplier RTOs into the Incident Management Timeline Only sign or accept SLAs that match the organizational model and risk / resiliency strategies Reassess annually with comprehensive supplier questionnaires

40 Summary and Conclusion Programmatically incorporate an operational risk management model into the product development lifecycle Better understand and assess threats and vulnerabilities, and the likelihood of these vulnerabilities being exposed Understand, measure, and capture commercial risk and exposure - RTOs and RPOs are the legacy specifications of BCM dating back to the days of the mainframes Establish a preventive approach to identify, assess and measure operational and product risk factors More specifications are required to fully articulate the requirements of today s more complex technology architectures and critical interdependent supporting resources FFIEC - technology, people, data, and facilities Selectively control the factors which could lead to any negative impact on revenue, profitability, and/or structural assets Anchor key requirements and specifications Continuously re-validate the program Drive execution!

41 Questions & Answers

42 Speaker Biographical Details Eric Staffin Eric Staffin, MBCI, CISSP Vice President, Global Head of Product & Infrastructure Risk Management Thomson Reuters, Investment & Advisory Eric received his Bachelor of Arts degree in Economics from the University of Michigan and his Masters Degree in Business Administration in Finance and Corporate Strategy from New York University's Stern School of Business. His twenty year career includes senior management roles driving new product development, business resilience, program management, business continuity, information security, product management, acquisition due diligence, and client engagement management. Eric is currently responsible for managing a global, cross-functional process, project, and engineering team with a span of control that includes the risk management, oversight, and execution of business resiliency and reliability initiatives for more than seventy (70) discrete infrastructures, and the negotiation and management of technical client Service Level Agreements (SLAs). Prior to joining Thomson Reuters (formerly Thomson Financial) in 2003, Eric held senior management roles at Citigroup, where he was Vice President and Business Head of Citigroup's Internet Tools and Services Group, and Bankers Trust, where he served as Principal and Director of Bankers Trust's Global Institutional Services Internet Management Group. Eric holds the MBCI (Member) certification from the Business Continuity Institute (BCI), the CISSP certification from (ISC) 2, and the Business Resilience Auditor, Business Resilience Manager, and Business Resilience Professional certifications from the Business Resilience Certification Consortium International (BRCCI). Eric is currently serving as a Board Member for the BCI-USA Chapter.

Proposal for Business Continuity Plan and Management Review 6 August 2008

Proposal for Business Continuity Plan and Management Review 6 August 2008 Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.

More information

Preparing for the Convergence of Risk Management & Business Continuity

Preparing for the Convergence of Risk Management & Business Continuity Preparing for the Convergence of Risk Management & Business Continuity Disaster Recovery Journal Webinar Series September 5, 2012 2012 Strategic BCP, Inc. All rights reserved. strategicbcp.com 1 Today

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis

More information

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition

More information

Company Management System. Business Continuity in SIA

Company Management System. Business Continuity in SIA Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT

More information

Temple university. Auditing a business continuity management BCM. November, 2015

Temple university. Auditing a business continuity management BCM. November, 2015 Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program

More information

Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013

Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013 Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013 Chitra Gopalakrishnan Director KPMG LLP Agenda Introduction Business Continuity / Disaster

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

Business Continuity Trends, Requirements and Expectations in 2009. Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting

Business Continuity Trends, Requirements and Expectations in 2009. Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting Business Continuity Trends, Requirements and Expectations in 2009 Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting Overview What Is Business Continuity? The Value Proposition What

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management

More information

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd BS 25999 Business Continuity Management By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd 1 Contents slide BSI British Standards 2006 BS 25999(Business Continuity) 2002 BS 15000

More information

Business Continuity Planning

Business Continuity Planning Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why

More information

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745 ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions

More information

Desktop Scenario Self Assessment Exercise Page 1

Desktop Scenario Self Assessment Exercise Page 1 Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking

More information

BUSINESS CONTINUITY FRAMEWORK

BUSINESS CONTINUITY FRAMEWORK BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

www.td.com.au Business Continuity - IT Disaster Recovery Discussion Paper - - Commercial in Confidence Version V2.0R Wednesday, 5 September 2012

www.td.com.au Business Continuity - IT Disaster Recovery Discussion Paper - - Commercial in Confidence Version V2.0R Wednesday, 5 September 2012 Business Continuity - IT Disaster Recovery Discussion Paper - - Version V2.0R Wednesday, 5 September 2012 Commercial in Confidence Melbourne Sydney 79-81 Coppin St Level 2 Richmond VIC 3121 414 Kent St

More information

Business Continuity Management Systems. Protecting for tomorrow by building resilience today

Business Continuity Management Systems. Protecting for tomorrow by building resilience today Business Continuity Management Systems Protecting for tomorrow by building resilience today Vital statistics 31% 40% of UK businesses have been affected by bad weather related transport problems, power

More information

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP 2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers

More information

RSA ARCHER OPERATIONAL RISK MANAGEMENT

RSA ARCHER OPERATIONAL RISK MANAGEMENT RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume

More information

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author

More information

How to Develop Successful Enterprise Risk and Vendor Management Programs

How to Develop Successful Enterprise Risk and Vendor Management Programs Project Management Institute New York City Chapter January 2014 Chapter Meeting How to Develop Successful Enterprise Risk and Vendor Management Programs Christina S. Kite Senior Vice President Corporate

More information

By: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015

By: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015 Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three Information Security- Perspective for Management Business Impact Analysis ( BIA ) and Business

More information

How to measure your business resiliency

How to measure your business resiliency How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com

More information

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Linking Risk Management to Business Strategy, Processes, Operations and Reporting Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles

More information

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

3 rd Party Vendor Risk Management

3 rd Party Vendor Risk Management 3 rd Party Vendor Risk Management Session 402 Tuesday, June 9, 2015 (11 to 12pm) Session Objectives The need for enhanced reporting on vendor risk management Current outsourcing environment Key risks faced

More information

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet Power and Utilities Fact Sh Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry A holistic approach to business resiliency and disaster recovery

More information

Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services

Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4 3.2 Service description...

More information

CSC AND THE BUSINESS CONTINUITY MATURITY ASSESSMENT PROGRAM

CSC AND THE BUSINESS CONTINUITY MATURITY ASSESSMENT PROGRAM A WHITE PAPER CSC AND THE BUSINESS CONTINUITY MATURITY ASSESSMENT PROGRAM AUTHORS: Neil A. Smith, MBCP nsmith24@csc.com Sandra Riddell, MBCI sriddel4@csc.com CSC Papers 2013 ABSTRACT The auditors said

More information

BCM and DRP - RFP Template

BCM and DRP - RFP Template BCM and DRP - The Supreme Council of Information & Communication Technology ictqatar PUBLICATION DATE Document Reference This document should be used as an example of the contents of an RFP for business

More information

Building a Security Conscious Business Continuity Management (BCM) Program

Building a Security Conscious Business Continuity Management (BCM) Program Building a Security Conscious Business Continuity Management (BCM) Program Sam Stahl, CBCP, MBCI EMC Global Professional Services Program Manager stahl_samuel@emc.com ASIS Singapore, 2014 Agenda Overview

More information

Protecting your Enterprise

Protecting your Enterprise Understanding Disaster Recovery in California Protecting your Enterprise Session Overview Why do we Prepare What is? How do I analyze (measure) it? What to do with it? How do I communicate it? What does

More information

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be

More information

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief

RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief INTRODUCTION Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet

More information

PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT

PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT Karl D Bryant, MBCP, MBCI, CBCLA, PMP Senior Vice President PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT WWW.CHICAGOLANDRISKFORUM.ORG BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW BUSINESS

More information

Solihull Clinical Commissioning Group

Solihull Clinical Commissioning Group Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience

More information

RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers

RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14 For North Simcoe Muskoka LHIN Health Service Providers Table of Contents Purpose of this document... 2 Introduction... 3 What is Risk?... 4 What

More information

Moving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide

Moving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide Transition Guide Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems Extract from The Route Map to Business Continuity Management: Meeting the

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four Data Handling in University Business Impact Analysis ( BIA ) Agenda Overview Terminologies Performing

More information

The Role of Internal Audit In Business Continuity Planning

The Role of Internal Audit In Business Continuity Planning The Role of Internal Audit In Business Continuity Planning Dan Bailey, MBCP Page 0 Introduction Dan Bailey, MBCP Senior Manager Protiviti Inc. dan.bailey@protiviti.com Actively involved in the Information

More information

Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems

Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems 9 April, 2008 2 Presentation content Drivers for Business Continuity Standards and definitions.

More information

Introduction to ITIL: A Framework for IT Service Management

Introduction to ITIL: A Framework for IT Service Management Introduction to ITIL: A Framework for IT Service Management D O N N A J A C O B S, M B A I T S E N I O R D I R E C T O R C O M P U T E R O P E R A T I O N S I N F O R M A T I O N S Y S T E M S A N D C

More information

Metrics that Matter Security Risk Analytics

Metrics that Matter Security Risk Analytics Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk

More information

Integrating Project Management and Service Management

Integrating Project Management and Service Management Integrating Project and Integrating Project and By Reg Lo with contributions from Michael Robinson. 1 Introduction Project has become a well recognized management discipline within IT. is also becoming

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY AUTHOR/ APPROVAL DETAILS Document Author Written By: Human Resources Authorised Signature Authorised By: Helen Shields Date: 20

More information

Global Statement of Business Continuity

Global Statement of Business Continuity Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.

More information

SERV SER ICE DE SIGN

SERV SER ICE DE SIGN SERVICE DESIGN Service Design Set of specialized organizational capabilities for providing value to customers in the form of services SOURCE: ITIL Service Design Publication, p. 11 Service Design Goals

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

Integrating Pandemic Readiness into Your Organization's Resiliency Model.

Integrating Pandemic Readiness into Your Organization's Resiliency Model. Integrating Pandemic Readiness into Your Organization's Resiliency Model. David M. Sarabacha Senior Manager MBCP, MBCI, CISSP, CISA, CISM Deloitte & Touche LLP Agenda TOPIC SCHEDULE Session Overview Introduction

More information

Intel Business Continuity Practices

Intel Business Continuity Practices Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business

More information

The State of Global Disaster Recovery Preparedness

The State of Global Disaster Recovery Preparedness Computer Network Solutions Disaster Recovery Preparedness Benchmark Survey The State of Global Disaster Recovery Preparedness ANNUAL REPORT 2014 The Disaster Recovery Preparedness Council publishes this

More information

Solving the Business Continuity Puzzle

Solving the Business Continuity Puzzle Solving the Business Continuity Puzzle Chris Copeland Assoc. Business Continuity Professional (ABCP) January 11, 2011 Session Overview Topics we will cover today: 1. Defining Business Continuity (BC) &

More information

Mergers and Acquisitions: The Data Dimension

Mergers and Acquisitions: The Data Dimension Global Excellence Mergers and Acquisitions: The Dimension A White Paper by Dr Walid el Abed CEO Trusted Intelligence Contents Preamble...............................................................3 The

More information

Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting

Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting Consulting and Professional Services Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting Designing an Operational Risk Program for

More information

Integrating BCM and Development Life Cycles

Integrating BCM and Development Life Cycles Emerging Issues Session B10 Integrating BCM and Development Life Cycles Doug Weldon, FBCI Vice President of Product & Infrastructure Risk Management, Thomson Reuters President of the BCI USA Chapter 1

More information

Business Continuity Management Framework 2014 2017

Business Continuity Management Framework 2014 2017 Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity

More information

Protecting against cyber threats and security breaches

Protecting against cyber threats and security breaches Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So

More information

The Business Continuity Maturity Continuum

The Business Continuity Maturity Continuum The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity

More information

ITIL Essentials Study Guide

ITIL Essentials Study Guide ITIL Essentials Study Guide Introduction Service Support Functions: Service Desk Incident Management Problem Management Change Management Configuration Management Release Management Service Delivery Functions:

More information

SECURITY RISK MANAGEMENT

SECURITY RISK MANAGEMENT SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W

More information

Business Continuity in Healthcare

Business Continuity in Healthcare Business Continuity in Healthcare Cynthia Simeone, CBCP, PMP Director Business Resilience Catholic Health Initiatives Scott Ream President Virtual Corporation 1 Session Speakers Cynthia Simeone, CBCP,

More information

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 MARCH 2008 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT

More information

Flinders University IT Disaster Recovery Framework

Flinders University IT Disaster Recovery Framework Flinders University IT Disaster Recovery Framework Establishment: Flinders University, 1 August 2013 Last Amended: Manager, ITS Security Services, 4 October 2013 Nature of Amendment: Initial release Date

More information

IT Risk Management Life Cycle and enabling it with GRC Technology. 21 March 2013

IT Risk Management Life Cycle and enabling it with GRC Technology. 21 March 2013 IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends

More information

2014 Vendor Risk Management Benchmark Study

2014 Vendor Risk Management Benchmark Study 2014 Vendor Risk Management Benchmark Study Introduction/Executive Summary You can have all the security in the world inside your company s four walls, but all it takes is a compromise at one third-party

More information

Chapter I: Fundamentals of Business Continuity Management

Chapter I: Fundamentals of Business Continuity Management Chapter I: Fundamentals of Business Continuity Management Objectives Define Business Continuity Management (BCM) Define the relationship between BCM and risk management Review BCM responsibilities Identify

More information

BUSINESS CONTINUITY PLANNING TOOL KIT GUIDE

BUSINESS CONTINUITY PLANNING TOOL KIT GUIDE BUSINESS CONTINUITY PLANNING TOOL KIT GUIDE 1 Table of Contents INTRODUCTION... 3 What is Business Continuity?... 3 When is a process critical?... 3 What is Business Continuity Planning?... 3 Why you should

More information

IBM index reveals key indicators of business continuity exposure and maturity

IBM index reveals key indicators of business continuity exposure and maturity IBM Global Technology Services Business Continuity and Resiliency Services IBM index reveals key indicators of business continuity exposure and maturity Will a more holistic approach to business continuity

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Version 1 approved by SMG December 2013 Business Continuity Policy Version 1 1 of 9 Business Continuity Management Summary description: This document provides the rationale

More information

Business Continuity for the New Millennium. The Tao of BCM Or -exploiting the subconscious mind of your enterprise

Business Continuity for the New Millennium. The Tao of BCM Or -exploiting the subconscious mind of your enterprise Business Continuity for the New Millennium The Tao of BCM Or -exploiting the subconscious mind of your enterprise A Question: When the words Business Continuity Management are heard, what image do they

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services

Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4

More information

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic

More information

and Risk Tolerance in an Effective ERM Program

and Risk Tolerance in an Effective ERM Program The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes

More information

Managing business risk

Managing business risk Managing business risk What senior managers need to know about business continuity bell.ca/businesscontinuity Information and Communications Technology (ICT) has become more vital than ever to the success

More information

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc. JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President

More information

Business Continuity Management Program Development Guide

Business Continuity Management Program Development Guide Business Continuity Management Program Development Guide Prepared by The NS Emergency Management Office, Winter 2012 Version 1.1 Page 2 of 24 Document Revision History Date Author Revision Notes Fall 2011

More information

The Big Bang: cloud resiliency and the data explosion

The Big Bang: cloud resiliency and the data explosion Deborah Orr, Forbes Insights Analyst Daniel Witteveen, Director, IBM Cloud Managed Backup and Data Virtualization 03/23/2015 The Big Bang: cloud resiliency and the data explosion 2015 IBM Corporation Agenda

More information

State of Oregon. State of Oregon 1

State of Oregon. State of Oregon 1 State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information

More information

National Fire Protection Association s Contribution to Business Continuity Strategies

National Fire Protection Association s Contribution to Business Continuity Strategies National Fire Protection Association s Contribution to Business Continuity Strategies about me 1. Retired AVP Senior Business Risk Consultant 2. FM Global Trained: 1. 35 Years Service 2. Founder Member

More information

Selling Business Continuity to SMBs. A Three-Step Process to Developing a Successful Business Continuity/Disaster Recovery Practice

Selling Business Continuity to SMBs. A Three-Step Process to Developing a Successful Business Continuity/Disaster Recovery Practice Selling Business Continuity to SMBs A Three-Step Process to Developing a Successful Business Continuity/Disaster Recovery Practice The impact of data loss and downtime can have profound effects on small

More information

how can I improve performance of my customer service level agreements while reducing cost?

how can I improve performance of my customer service level agreements while reducing cost? SOLUTION BRIEF CA Business Service Insight for Service Level Management how can I improve performance of my customer service level agreements while reducing cost? agility made possible By automating service

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective

More information

External Supplier Control Requirements BCM

External Supplier Control Requirements BCM External Supplier Control Requirements BCM BCM Requirement Description BCM Tiers Recovery Time Objective Why this is important 1. Business Continuity Policy Supplier will have a documented Business Continuity

More information

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business

More information

Coping with a major business disruption. Some practical advice

Coping with a major business disruption. Some practical advice Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps

More information

The Disaster Recovery Maturity Framework

The Disaster Recovery Maturity Framework The Disaster Recovery Maturity Framework A guide for understanding and improving your company s resiliency www.axcient.com Climbing The Recovery Maturity Curve Businesses are critically reliant upon IT

More information

Next-Generation Performance Testing with Service Virtualization and Application Performance Management

Next-Generation Performance Testing with Service Virtualization and Application Performance Management Next-Generation Performance Testing with Service Virtualization and Application Performance Management By Akshay Rao, Principal Consultant, CA Technologies Summary Current approaches for predicting with

More information

EMC RECOVERPOINT: BUSINESS CONTINUITY FOR SAP ENVIRONMENTS ACROSS DISTANCE

EMC RECOVERPOINT: BUSINESS CONTINUITY FOR SAP ENVIRONMENTS ACROSS DISTANCE White Paper EMC RECOVERPOINT: BUSINESS CONTINUITY FOR SAP ENVIRONMENTS ACROSS DISTANCE Applied Technology Abstract Business continuity is a critical component of any enterprise data protection strategy

More information

Availability Management: A CA Service Management Process Map

Availability Management: A CA Service Management Process Map TECHNOLOGY brief: AVAILABILITY MANAGEMENT Availability : A CA Process Map Malcolm Ryder ARCHITECT CA SERVICES Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 Simplifying ITIL How to Use the

More information

IT Cost Reduction. Doing More with Less. Anita Ballaney, Vishwanath Shenoy, Michael Gavigan. Strategic IT cost reduction - Doing More with Less

IT Cost Reduction. Doing More with Less. Anita Ballaney, Vishwanath Shenoy, Michael Gavigan. Strategic IT cost reduction - Doing More with Less IT Cost Reduction Doing More with Less Anita Ballaney, Vishwanath Shenoy, Michael Gavigan Strategic IT cost reduction - Doing More with Less The current economic climate will force all businesses to thoroughly

More information