Information Security Management System. Business Continuity and Disaster Recovery Plan Policy. The Smart Cube. Description Change

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Information Security Management System. Business Continuity and Disaster Recovery Plan Policy. The Smart Cube. Description Change"

Transcription

1 The Smart Cube Document Release History Version Review Date Effective Date Description Change of Chapter/ Section/ Page Prepared By Reviewed by Apr- 1-May-2010 ISO CISO MD Jul Jul-2011 Document header Page 1 ISO CISO MD changed May- 15-May- Annual Review ISO CISO MD Aug Aug-2013 Annual Review ISO CISO MD Approved by Document Custodian Version Document Type (Printed/ Electronic) Custodian of Document 1.3 Electronic and Printed Maharishi Shandilya Document Distribution Name Title Department Version Document Type Effective Date (Printed/ Electronic) Sameer Walia MD Management 1.2 Electronic and Printed 15-May-2012 Maharishi ISO Management 1.2 Electronic and Printed 15-May-2012 Shandilya Maharishi Shandilya ISO Management 1.3 Electronic and Printed 18-Aug-2013 Prepared By: Information Security Officer Approved By: Managing Director Page 1, Total 6

2 1.0 PURPOSE The purpose of this policy is to formalize the Business Continuity program of TSC and to provide guidelines for developing, implementing, rehearsing, maintaining and exercising Business Continuity Plans (BCPs). This policy establishes the basic principles and framework necessary to ensure emergency response, resumption and recovery, restoration and permanent recovery of TSC s operations and business activities during a business interruption event either man-made or natural. 2.0 SCOPE This policy is applicable to TSC staff & others personnel, facilities and IT systems at all its locations. TSC shall be prepared for scenarios including, but not limited to, natural disaster, power outage, hardware/telecommunications failures, data corruption, explosives and chemical, biological and nuclear hazards. These events may be local in nature, rendering only a single TSC facility inaccessible, or could have regional impact, with multiple TSC facilities in a geographic region becoming inaccessible. This policy provides guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations. Prepared By: Information Security Officer Approved By: Managing Director Page 2, Total 6

3 3.0 POLICY A business continuity management process is implemented to reduce the disruption caused by disasters and security failures to an acceptable level through a combination of preventive and recovery controls. The following steps are involved in the Business Continuity Management procedure: Business Impact Analysis Develop strategy plan to determine the overall approach to business continuity Management endorsement of the plan Test, Maintain and Implement the Plan Testing, maintaining and re-assessing business continuity plans Business Impact Analysis: The various business services and the their criticality levels are identified as Vital / Essential / Necessary / Desirable Vital: Any disruption in service that would stop the business or function or services completely; with SLA of 4-6 hrs and needs update of the recovery process on hourly basis. Essential: Any disruption in service that would stop the business or function or services but bare minimum activities can be carried out; with SLA of 2 days and needs update of the recovery process on half day or stage wise basis. Necessary: Any disruption in service that would cause inconvenience to function or service; with SLA of few days and needs update of the recovery process on a daily basis. Desirable: This would not cause downtime to service or services; with few weeks of SLA and needs update of the recovery process on a daily basis or stage wise basis. The various business services are identified and the their criticality levels are given as Vital / Essential / Necessary / Desirable The threats associated with the service are identified; Threats specific to BCP/DR can be referred to Appendix I The likelihood of occurrences is given in terms of High, Medium and Low as per definition provided in Appendix II Prepared By: Information Security Officer Approved By: Managing Director Page 3, Total 6

4 The Impact in terms of Highly Critical, Major, Moderate, Minor and Low is obtained from the impact-probability matrix as per the matrix defined in Appendix III The existing controls and the required additional controls are identified. These activities are documented in Appendix IV: Attached Template Impact Analysis Report.XLS Develop strategy plan to determine the overall approach to Business Continuity A solution plan (Business Continuity Plan - BCP) is prepared for each of the threat associated with the services depending on the identified Minimum Service Level and Maximum Permissible Recovery Time and documented in Impact Analysis Report.XLS. The responsibilities for the implementation of the plans are allotted to the Recovery Team (BCDRT) Test, Maintain and Implement the Plan The proposed solution is tested for implementation Based on the testing performed, the plans are updated as required. The test activities are performed as per the Steps provide aid to carry out testing of BCM Plans Appendix V The effectiveness of the plan is reviewed every six months as part of the Management Review Meeting. 4.0 POINT OF CONTACT For clarification or further information on this policy, contact Designated Authority/ CISO Appendix I BCP/DR Related Threat List, this is a live list and will be updated on regular basis from the various sources and BCP/DR test results Man Made Disasters Failures Natural Prepared By: Information Security Officer Approved By: Managing Director Page 4, Total 6

5 Probabilit y of Likelihood TSC-ISMS Disasters Bomb threats AC Failure Earthquake Fire DG Failure Floods Nuclear accident Power Failure Lightning Civil disturbance UPS Failure Food poisoning Fire wall failure Building structural failure Network equipment failure Theft of equipment Server failure Data Piracy Unauthorized access of data External Sabotage by terrorist Unauthorized access to secured area sabotage by disgruntled employees Unauthorized handling of backup data Human error Security breach Misuse by end users Software malfunction Procedural errors Software virus Programming bugs Widespread erroneous data input Appendix II Likehood of Occurance of a Threat can be defined based on the following parameter: High: Likely to happen once in week Medium: Likely to happen once in month Low: Likely to happen once in quarter Appendix III Impact Probability Matrix: Defines and aid team for the value of Threat Impact and Probability during the BIA activity : High Mo Mj Hc Hc Medium Mi Mo Mj Hc Low L Mi Mo Mj Desirable Necessary Essential Vital Prepared By: Information Security Officer Approved By: Managing Director Page 5, Total 6

6 Severity Hc; Highly Critical Mj: Major Mo: Moderate Mi: Minor L: Low Appendix IV Impact Assessment Report Template aid team to carry out Impact Assessment on all the critical services and provide the necessary inputs for development of robust BCP/DR plan. Impact Analysis Report Template.xls Appendix V Business continuity plans could fail on being tested, often because of incorrect assumptions, oversights, or changes in equipment or personnel. At TSC they are tested regularly (as documented in TSC-ISMS-POL-019-Business Continuity Plan ) to ensure that they are up to date and effective. Such tests also ensure that all members of the recovery team and other relevant staff are aware of the plans. The document TSC-ISMS-POL-019-Business Continuity Plan provide detailed step by step activities to be carried out by TSC team. The test schedule for business continuity plans is part of the impact analysis report and indicates when each element of the plan is tested. The test cases are carried out as per scheduled and results documented as part of the testing report. Snapshot the Impact Analysis Report highlighting the Test Result is: Test Test Status Expected Actual Service Test ID Date Time Process (Open/Closed) Result Result Internet Sr/1/BCP/1 To ensure Alternate Prepared By: Information Security Officer Approved By: Managing Director Page 6, Total 6

7 Service Power Supply Communication Devices Generic Software Servers Sr/1/BCP/2 Sr/1/BCP/3 Sr/1/BCP/4 Sr/1/BCP/5 with ISP down with breakdown of local loop. with damaged network equipment. with UPS down with failure of power ISP problem is resolved within 5 mins To ensure restoration within 5 mins. To ensure restoration within 24 hrs. Power will be restored within 5 min. 5 min. backup dialup line was provided in 4 mins. Alternate dialup line was provided in 4 mins. The damaged equipment was restored within 10 hrs. Power was restored within 2 mins More than 10 min. backup Prepared By: Information Security Officer Approved By: Managing Director Page 7, Total 6

DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY

DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions

More information

Beyond Effective Security. The Art and Science of Business Continuity Planning

Beyond Effective Security. The Art and Science of Business Continuity Planning Beyond Effective Security The Art and Science of Business Continuity Planning Fred Young, CIPM, CRM Executive Director Risk Management RE/MAX International Holdings, Inc The Wildlife Experience Business

More information

BUSINESS CONTINUITY PLAN OVERVIEW

BUSINESS CONTINUITY PLAN OVERVIEW BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and

More information

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Temple university. Auditing a business continuity management BCM. November, 2015

Temple university. Auditing a business continuity management BCM. November, 2015 Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program

More information

Clinic Business Continuity Plan Guidelines

Clinic Business Continuity Plan Guidelines Clinic Business Continuity Plan Guidelines Emergency notification contacts: Primary Role Name Address Home phone Mobile/Cell phone Business Continuity Plan Coordinator QSP Business Continuity Plan Coordinator

More information

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy

More information

Business continuity plan

Business continuity plan Business continuity plan CONTENTS INTRODUCTION 2 - Scope - Components BUSINESS IMPACT ANALYSIS 3 - Business Affairs - Information Technology RISK ASSESSMENT 5 - Broad Categories of Hazards - Hazard Table

More information

Desktop Scenario Self Assessment Exercise Page 1

Desktop Scenario Self Assessment Exercise Page 1 Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking

More information

BUSINESS CONTINUITY MANAGEMENT GUIDELINE

BUSINESS CONTINUITY MANAGEMENT GUIDELINE BUSINESS CONTINUITY MANAGEMENT GUIDELINE April 2010 Table of Contents Preamble...3 Introduction...4 Scope...5 Coming into effect and updating...6 1. Continuity and resumption of business...7 2. Sound and

More information

NCUA LETTER TO CREDIT UNIONS

NCUA LETTER TO CREDIT UNIONS NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster

More information

Business Continuity Strategy Manual

Business Continuity Strategy Manual Business Continuity Strategy Manual Issue 03 July 2009 Authorised by: Managing Director, Date: 1. Amendments 2. Definitions 3. BCM System Management 4. Purpose 5. Scope 6. Roles & Responsibilities 7. Business

More information

Business Continuity Planning Guide

Business Continuity Planning Guide Business Continuity Planning Guide For Small Businesses Prepared by the City of Vaughan Emergency Planning Department 1 Business Continuity Planning Business Continuity Planning (BCP) is a planning process

More information

Unit Guide to Business Continuity/Resumption Planning

Unit Guide to Business Continuity/Resumption Planning Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions

More information

Clinic Business Continuity Plan Guidelines

Clinic Business Continuity Plan Guidelines Clinic Business Continuity Plan Guidelines Published: January 2015 Table of Contents Emergency Notification Contacts Primary... 2 Emergency Notification Contacts Backups (in case primary is unavailable)...

More information

Best Practices in Disaster Recovery Planning and Testing

Best Practices in Disaster Recovery Planning and Testing Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely

More information

Prepared by Rod Davis, ABCP, MCSA November, 2011

Prepared by Rod Davis, ABCP, MCSA November, 2011 Prepared by Rod Davis, ABCP, MCSA November, 2011 Disaster an event, which causes the loss of an essential service, or part of it, for a length of time which imperils mission achievement. (Andrew Hiles,

More information

Building Economic Resilience to Disasters: Developing a Business Continuity Plan

Building Economic Resilience to Disasters: Developing a Business Continuity Plan Building Economic Resilience to Disasters: Developing a Business Continuity Plan Buffalo Niagara Region February 26, 2014 Gail Moraton, CBCP Business Resiliency Manager Business Resiliency one important

More information

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business

More information

Kick Starting your Business Continuity Program

Kick Starting your Business Continuity Program 425.670.8700 www.continuityleadership.com Kick Starting your Business Continuity Program Phil Lambert President phil@continuityleadership.com The Center for Continuity Leadership Phil 20 years in field

More information

Business Continuity Policy

Business Continuity Policy Page 1 of 16 Business Continuity Policy Issue Date: Aug 2013 Document Number: 00241 Prepared by: Business Management and Continuity Senior Manager Next Review Date: April 2014 Page 2 of 16 NHS England

More information

Disaster Preparedness & Response

Disaster Preparedness & Response 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B C E INTRODUCTION AND PURPOSE REVIEW ELEMENTS ABBREVIATIONS NCUA REFERENCES EXTERNAL REFERENCES Planning - Ensuring

More information

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP) Preface Computer systems are the core tool of today s business and are vital to every business from the smallest to giant organizations. Money transactions, customer service are just simple examples. Despite

More information

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM

More information

EPRR: Toolkit Business Impact

EPRR: Toolkit Business Impact NHS England Business Continuity Management EPRR: Toolkit Business Impact Assessment (BIA) Template Appendix 3.1 0 [Intentionally Blank] 1 INTRODUCTION The purpose of this document is to assist those who

More information

Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009!

Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009! Disaster Recovery Review FREE Promotional Offer Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009! This review is designed to help the small business better

More information

BUSINESS IMPACT ANALYSIS.5

BUSINESS IMPACT ANALYSIS.5 Table of Contents I. GENERAL.3 Introduction.3 Scope.3 Components.3 II. BUSINESS IMPACT ANALYSIS.5 Academic Affairs...5 Finance and Administration.6 Planning and Accountability..8 Student Affairs.8 Institutional

More information

Guideline on Business Continuity Management

Guideline on Business Continuity Management Circular No. 033/B/2009-DSB/AMCM (Date: 14/8/2009) Guideline on Business Continuity Management The Monetary Authority of Macao (AMCM), under the powers conferred by Article 9 of the Charter approved by

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

Business Unit CONTINGENCY PLAN

Business Unit CONTINGENCY PLAN Contingency Plan Template Business Unit CONTINGENCY PLAN Version 1.0 (Date submitted) Submitted By: Business Unit Date Version 1.0 Page 1 1 Plan Review and Updates... 3 2 Introduction... 3 2.1 Purpose...

More information

Emergency Response and Business Continuity Management Policy

Emergency Response and Business Continuity Management Policy Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated

More information

Coping with a major business disruption. Some practical advice

Coping with a major business disruption. Some practical advice Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps

More information

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic

More information

BUSINESS CONTINUITY POLICY

BUSINESS CONTINUITY POLICY BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility

More information

Creating a Business Continuity Plan for your Health Center

Creating a Business Continuity Plan for your Health Center Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation

More information

Business Continuity (Policy & Procedure)

Business Continuity (Policy & Procedure) Business Continuity (Policy & Procedure) Publication Scheme Y/N Can be published on Force Website Department of Origin Force Operations Policy Holder Ch Supt Head of Force Ops Author Business Continuity

More information

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business. www.integrit-network.com

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business. www.integrit-network.com Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business www.integrit-network.com Business Continuity & Disaster Survival Strategies for the Small & Mid Size Business AGENDA:

More information

University of Nottingham Emergency Procedures and Recovery Policy

University of Nottingham Emergency Procedures and Recovery Policy University of Nottingham Emergency Procedures and Recovery Policy Guidelines for High Hazard Schools and Departments 1. Introduction The University of Nottingham is committed to the identification and

More information

(Mr. Krirk Vanikkul) Assistant Governor, Financial Institutions Policy Group Governor For

(Mr. Krirk Vanikkul) Assistant Governor, Financial Institutions Policy Group Governor For Unofficial Translation by the courtesy of The Foreign Banks' Association This translation is for the convenience of those unfamiliar with the Thai language. Please refer to the Thai text for the official

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact. Aon Business Continuity Planning The Aon Business Continuity Planning practice provides consulting services that allow Aon clients to measure and manage their strategic and tactical risks through Crisis

More information

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Business Continuity Planning (BCP) / Disaster Recovery (DR) Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made

More information

MANAGED WORKSTATIONS: Keeping your IT running

MANAGED WORKSTATIONS: Keeping your IT running MANAGED WORKSTATIONS: Keeping your IT running What state are your PCs in? Systems running slowly? PCs or laptops crashing for no reason? Too much time trying to resolve simple IT issues? Out-of-date software?

More information

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Abhi Rathinavelu Foster School of Business

Abhi Rathinavelu Foster School of Business Abhi Rathinavelu Foster School of Business What is Disaster? A disaster is considered any incident or event that results in a major interruption of business operations Major: Earthquake >5.0, Volcanic

More information

BCP and DR. P K Patel AGM, MoF

BCP and DR. P K Patel AGM, MoF BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management

More information

Business Continuity and Disaster Recovery Planning

Business Continuity and Disaster Recovery Planning Business Continuity and Disaster Recovery Planning Jeffrey P. Back 2009 Oncore Associates, LLC Business Continuity Planning Business continuity planning is the way an organization can prepare for and aid

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Page 1 of 15 Business Continuity Policy First published: Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/14 Vicky Ryan Updated to include

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 ISC 2 Key Areas of Knowledge Understand business continuity requirements 1. Develop and document project scope and plan

More information

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain 1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business

More information

Risk Assessment Guide

Risk Assessment Guide KirkpatrickPrice Assessment Guide Designed Exclusively for PRISM International Members KirkpatrickPrice. innovation. integrity. delivered. KirkpatrickPrice Assessment Guide 2 Document Purpose The Assessment

More information

Business Continuity Template

Business Continuity Template Emergency Management Business Continuity Template The Regional Municipality of Wood Buffalo would like to give credit to the Calgary Emergency Management Agency (CEMA) and the Calgary Chamber of Commerce

More information

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited Business Continuity and Risk Management Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited What does Business Continuity mean? Business Continuity Management- Definition Business Continuity

More information

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author

More information

ASX SETTLEMENT OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

The Credit Research Foundation. Disaster Recovery and Business Continuity. Of Your E-mail, Credit & A/R System. An Occasional Paper February 2003

The Credit Research Foundation. Disaster Recovery and Business Continuity. Of Your E-mail, Credit & A/R System. An Occasional Paper February 2003 Disaster Recovery and Business Continuity Of Your E-mail, Credit & A/R System Executive Summary The Credit Research Foundation An Occasional Paper February 2003 Since September 11, 2001, 67% of the 229

More information

DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning

DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning Your Documents. Our Management. DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning Dr. Robert L. Bailey, CRM, MIT, ECMp L E A R N M O R E A B O U T D A S T A A T W W W. D R M.

More information

Operational Risk Management (ORM) and Business Continuity Plans (BCP)

Operational Risk Management (ORM) and Business Continuity Plans (BCP) The World Bank Operational Risk Management (ORM) and Business Continuity Plans (BCP) Ian Storkey, Consultant ORM & BCP Why Necessary? ORM Govt Cases Anglo Leasing Affair in Kenya (2004) Orange County (1994)

More information

Protect your business. Guide to Business Continuity Planning. Preparedness...

Protect your business. Guide to Business Continuity Planning. Preparedness... Protect your business ME RGENCY M A NA GEMENT OFFICE OF E Guide to Business Continuity Planning Preparedness... TOR ONTO Table of Contents Introduction... Phase One: Getting Started... Phase Two: Risk

More information

BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE

BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE Introduction 1. Recently many organisations both public and private have directed much more time, money and effort towards protecting service

More information

AUDIT GUIDELINES FOR SCHOOL DISASTER RECOVERY PLANNING

AUDIT GUIDELINES FOR SCHOOL DISASTER RECOVERY PLANNING AUDIT GUIDELINES FOR SCHOOL DISASTER RECOVERY PLANNING Introduction It has become increasingly common for schools to place a great deal of reliance upon PC s and computer systems to manage and operate

More information

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8. micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) Revision 8.0 August, 2013 1 Table of Contents Overview /Standards: I. Information Security Policy/Standards Preface...5 I.1 Purpose....5

More information

Guideline - Business Continuity Plan

Guideline - Business Continuity Plan Guideline - Business Continuity Plan 1. Introduction: The Business Continuity Plan is a component of the Risk and Business Management suite. This suite includes: Risk Management including risk registers

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

Business Continuity Planning Toolkit. (For Deployment of BCP to Campus Departments in Phase 2)

Business Continuity Planning Toolkit. (For Deployment of BCP to Campus Departments in Phase 2) Business Continuity Planning Toolkit (For Deployment of BCP to Campus Departments in Phase 2) August 2010 CONTENTS: Background Assumptions Business Impact Analysis Risk (Vulnerabilities) Assessment Backup

More information

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning Course: Information Security Management in e-governance Day 2 Session 5: Disaster Recovery Planning Agenda Introduction to Disaster Recovery Planning (DRP) Need for disaster recovery planning Approach

More information

Business Continuity Business Continuity Management Policy

Business Continuity Business Continuity Management Policy Business Continuity Business Continuity Management Policy : Date of Issue: 28 January 2009 Version no: 1.1 Review Date: January 2010 Document Owner: Patricia Hughes Document Authoriser: Tony Curtis 1 Version

More information

Internal Audit Department NeighborWorks America. Audit Review of the Business Continuity Plan (BCP) Management and Documentation

Internal Audit Department NeighborWorks America. Audit Review of the Business Continuity Plan (BCP) Management and Documentation Department NeighborWorks America Audit Review of the Business Continuity Plan (BCP) and Documentation Project Number: ADMN.BCP.2013 Audit Review of of BCP Table of Contents Project Completion Letter...

More information

Business Continuity Planning for Risk Reduction

Business Continuity Planning for Risk Reduction Business Continuity Planning for Risk Reduction Ion PLUMB ionplumb@yahoo.com Andreea ZAMFIR zamfir_andreea_ileana@yahoo.com Delia TUDOR tudordelia@yahoo.com Faculty of Management Academy of Economic Studies

More information

Bus incident management planning: Guidelines

Bus incident management planning: Guidelines Bus incident management planning: Guidelines What is incident management planning? Incident management planning is everything your business does to prepare for potential disruptive or damaging incidents.

More information

GOVERNMENT FINANCE OFFICERS ASSOCIATION OF MISSOURI SPRING 2012 CONFERENCE IT DISASTER PLAN

GOVERNMENT FINANCE OFFICERS ASSOCIATION OF MISSOURI SPRING 2012 CONFERENCE IT DISASTER PLAN GOVERNMENT FINANCE OFFICERS ASSOCIATION OF MISSOURI SPRING 2012 CONFERENCE IT DISASTER PLAN 2012 Sikich LLP. All Rights Reserved. Presented by: Scott Wegner Partner, Director Networking Services Sikich

More information

NHS 24 - Business Continuity Strategy

NHS 24 - Business Continuity Strategy NHS 24 - Strategy Version: 0.3 Issue Date: 20/09/2005 Status: Issued for Board Approval Status: draft Page 1 of 13 Table of Contents 1 INTRODUCTION...3 2 PURPOSE...3 3 SCOPE...3 4 ASSUMPTIONS...4 5 BUSINESS

More information

By: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015

By: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015 Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,

More information

Constructing a successful business continuity plan

Constructing a successful business continuity plan Constructing a successful business continuity plan By Alan Berman Alan Berman Being prepared is the cornerstone of having a business continuity plan regardless of the size of a company. Ultimately, getting

More information

Business Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014

Business Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014 Business Continuity Planning Donna Curran, Director Audit and Risk Management February, 2014 Agenda Business Continuity Defined The Importance of a Plan Determining the Costs Business Impact Analysis MTO,

More information

BUSINESS CONTINUITY. Plan Annex

BUSINESS CONTINUITY. Plan Annex BUSINESS CONTINUITY Plan Annex 2015 IX iv The University of Texas at Austin Business Continuity Plan Annex v Acknowledgement The University of Texas at Austin Business Continuity Plan Annex has been

More information

BCP and DR Plan With NAS Solution

BCP and DR Plan With NAS Solution BCP and DR Plan With NAS Solution Happiest People Happiest Customers Contents Introduction... 3 Current State of Infrastructure...4 Requirement... 5 Proposal for NAS solution Implementation...5 Conclusion...6

More information

Why Should Companies Take a Closer Look at Business Continuity Planning?

Why Should Companies Take a Closer Look at Business Continuity Planning? whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters

More information

Effectiveness of BCM through Exercising

Effectiveness of BCM through Exercising Effectiveness of BCM through Exercising By Wan Asriah Wan Adnan Head Business Continuity & Disaster Recovery Bursa Malaysia Berhad wan_asriah@bursamalaysia.com 31 October 2007 Bursa Malaysia and its Group

More information

Business Continuity Planning Preparing Your Organization

Business Continuity Planning Preparing Your Organization Business Continuity Planning Preparing Your Organization Nicholas De Laurentis, CRM, IGP nick.delaurentis.gmkj@statefarm.com 1 Objectives Understand the importance of Business Continuity Planning Know

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

Interactive-Network Disaster Recovery

Interactive-Network Disaster Recovery Interactive-Network Disaster Recovery BACKGROUND IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., terrorism,

More information

[Insert Company Logo]

[Insert Company Logo] [Insert Company Logo] Business Continuity and Disaster Recovery Planning (BCDRP) Manual 1 Table of Contents Critical Business Information 4 Business Continuity and Disaster Recover Planning (BCDRP) Personnel

More information

Information Security Team

Information Security Team Title Document number Add document Document status number Draft Owner Approver(s) CISO Information Security Team Version Version history Version date 0.01-0.05 Initial drafts of handbook 26 Oct 2015 Preface

More information

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES...

More information

An Introduction to. Business Continuity Planning

An Introduction to. Business Continuity Planning An Introduction to Business Continuity Planning Company Profile Practical Experience European Head Office Extensive Client Base Established 1998 Expert Consultants Global Network Why BCP? I am often asked

More information

Business Continuity Planning Instructions

Business Continuity Planning Instructions Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,

More information

Continuity of Operations Planning. A step by step guide for business

Continuity of Operations Planning. A step by step guide for business What is a COOP? Continuity of Operations Planning A step by step guide for business A Continuity Of Operations Plan (COOP) is a MANAGEMENT APPROVED set of agreed-to preparations and sufficient procedures

More information

Information Services IT Security Policies B. Business continuity management and planning

Information Services IT Security Policies B. Business continuity management and planning Information Services IT Security Policies B. Business continuity management and planning Version 1 Date created: 28th May 2009 Approved by Directorate: 2nd July 2009 Review date: 1st July 2010 Primary

More information

Performance Indicators for Disaster Recovery

Performance Indicators for Disaster Recovery Disaster Recovery Plan to ISO 17799 Introduction A disaster recovery plan attempts to run associated processes to transition smoothly in the event of a natural or human-caused disaster. To plan effectively,

More information

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt. Information Security Management: Business Continuity Planning Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt. Overview BCP: Definition BCP: Need for (Why?) BCP: When BCP: Who

More information

Disaster Recovery Plan

Disaster Recovery Plan Disaster Recovery Plan This guide sets forth items to consider in the review of the firm s disaster recovery plan. You should form a committee to assess the plan and should assign activities under the

More information

D2-02_01 Disaster Recovery in the modern EPU

D2-02_01 Disaster Recovery in the modern EPU CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October

More information

DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late)

DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late) DISASTER RECOVERY 101 3 Steps You Need to Take (Before It s Too Late) Introduction... 4 Disaster Recovery vs. Business Continuity... 4 Why You Need to Read this ebook... 5 Chapter 1: The Risks (aka, The

More information

SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY. Symantec 2010 SMB Information Protection Survey. Global Data

SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY. Symantec 2010 SMB Information Protection Survey. Global Data SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY Symantec 2010 SMB Information Protection Survey Global Data June 2010 CONTENTS Executive Summary...3 Methodology...4 Finding 1: SMBs serious about information

More information

Module 7. Business Continuity Management

Module 7. Business Continuity Management Module 7 Business Continuity Management MODULE 7: BUSINESS CONTINUITY MANAGEMENT Table of Contents Module 7: Business Continuity Management... 1 SECTION 1: OVERVIEW... 7 MODLULE 7: BUSINESS CONTINUITY

More information

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Business Continuity Planning (BCP) / Disaster Recovery (DR) Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made

More information

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP 2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.

More information

Disaster Recovery and Business Continuity Plan

Disaster Recovery and Business Continuity Plan Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix

More information