Fundamentals of Business Continuity Planning Have a Plan!
|
|
- Frederica Baker
- 8 years ago
- Views:
Transcription
1 Fundamentals of Business Continuity Planning Have a Plan! Michael Kadar, MBCP, CISSP 2008 MK Continuity & Availability LLC kadarsro@talkamerica.net InfraGard Meeting Walsh College, Novi March 25, 2008
2 Overview In this session: We will discuss the post-incident transition from emergency response to business continuity. We will review the components of business continuity planning. You will perform a quick assessment of your organization s readiness to resume business after an incident MK Continuity & Availability LLC 2
3 The Incident At 9:00 am on Tuesday a power supply overheats and starts a fire in a communication closet at Plasco Inc. A smoke sensor in the closet sets off the fire alarm. Security calls MK Continuity & Availability LLC 3
4 Emergency Response Employees are ordered to evacuate and go to designated assembly areas. Employees gather in the assembly areas and are recorded. Employees are told to go home and await further word. The fire destroys part of the building and causes heavy smoke damage before fire fighters put it out MK Continuity & Availability LLC 4
5 ER Transition BC Employees suffering smoke inhalation are treated on-site by EMS personnel. Worse cases are taken to the hospital. Transportation arrangements are made to get all employees home. Fire personnel pack up, and leave. Management and employees ask the question: What do we do next? Prepared companies have an answer. Does your company? 2008 MK Continuity & Availability LLC 5
6 Continuation of Business After personnel are safe or being treated, the next step is to begin the task of continuing business. This is undertaken in one of two ways: Reactively: Management has no plans or measures to deal with a major business disruption. They must begin by holding meetings to decide how to recover the business. Unfortunately, they have no way to quickly replace injured employees, damaged equipment, damaged computers, and lost data. Proactively: Management activates business continuity plans MK Continuity & Availability LLC 6
7 Business Continuity Planning DEFINITION* Process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue without interruption or essential change. * Disaster Recovery Institute International ( MK Continuity & Availability LLC 7
8 Professional Practices for Business Continuity Professionals 1. Project Initiation & Management 2. Risk Evaluation & Control 3. Business Impact Analysis 4. Developing Business Continuity Strategies 5. Emergency Response & Operations 6. Developing & Implementing Business Continuity Plans 7. Awareness & Training Programs 8. Maintaining & Exercising Business Continuity Plans 9. Crisis Communications 10. Coordination With External Agencies Disaster Recovery Institute International, Business Continuity Institute 2008 MK Continuity & Availability LLC 8
9 Business Continuity Components Process Output: Deliverables. Input Business Processes Business Process Sub-Process Output Business Processes Sub-Process Supporting Resources Personnel Information Finances Facilities/Equip MK Continuity & Availability LLC 9
10 From Normal to Recovery Operations NORMAL Business Process Sub-Process 1 Threat occurs: Loss of Application/System Sub-Process 2 Personnel Information/Data Facilities/Equip Finances - $. DISRUPTED Business Process Business Continuity Plan RECOVERY Business Process Loss of key data resource MK Continuity & Availability LLC 10
11 Normal & Recovery Operations Level Requirements Business Process Operations Level Normal Business Operations Level NORMAL Requirement Level Return to Normal Level Recovery Operations Level RECOVERY Requirement Level Recovery Point Objective (Max. work in progress lost) OUTAGE Recovery Time Objective (RTO) Normal Time Objective (NTO) Time 2008 MK Continuity & Availability LLC 11
12 Operations Level Requirements Key Support Processes Business Process Operations Level Recovery Operations Level Normal Business Operations Level RECOVERY Requirement Level NORMAL Requirement Level Return to Normal Level OUTAGE Recovery Time Objective (RTO) Normal Time Objective (NTO) Time 2008 MK Continuity & Availability LLC 12
13 Business Continuity Plan Phases 1. Prevention & Preparedness Phase 2. Response Phase 3. Recovery Phase 4. Restoration Phase 2008 MK Continuity & Availability LLC 13
14 Business Continuity Plan Phases Business Process Operations Level Normal Business Operations Level Return to Normal Level Response Phase Preparedness Phase Recovery Phase Preparedness Phase Restoration Phase OUTAGE Time 2008 MK Continuity & Availability LLC 14
15 1. Prevention & Preparedness Pre-incident Prevention & Preparedness ensures a readiness: to prevent injuries and property damage; and failing that >>> to minimize injuries and property damage. to recover business operations to a level and within a time period acceptable to management 2008 MK Continuity & Availability LLC 15
16 1. Prevention & Preparedness Risk Analysis (RA) Identify threats, hazards Identify existing controls and vulnerabilities to threats Identify impacts resulting from threats Identify and prioritize risk Implement needed additional controls Business Impact Analysis (BIA) Estimate tangible and intangible impacts (losses) at various times after the business disruption Identify the Recovery Time Objective Red Target Identify the Recovery Operations Level Identify interdependent processes Identify resources needed for recovery 2008 MK Continuity & Availability LLC 16
17 1. Prevention & Preparedness Recovery Strategies Develop recovery operations strategies Business Continuity Plan (BCP) development Business Continuity Team training BCP exercises Tabletop exercise Simulation exercise (more realistic) Full-scale drills that exercise most or all of the BCP BCP maintenance Review contact numbers, resource lists, etc. Awareness: articles, activities, presentations 2008 MK Continuity & Availability LLC 17
18 2. Response Post-incident Response activities Minimize injuries and property damage Primary notification of continuity team leaders Initial damage assessment Decide on whether to activate BCP Recovery procedures 2008 MK Continuity & Availability LLC 18
19 3. Recovery Post-Response Recovery activities Assemble personnel at an alternate facility, restore computer systems and data Recover business operations within the Recovery Time Objective to the Recovery Operations Level (red target) Sustain business operations at the acceptable level, replenish depleted resources Crisis Management Emergency Operations Center Crisis Communications Employees, customers, suppliers, public, stock holders 2008 MK Continuity & Availability LLC 19
20 Restoration activities 4. Restoration Assess damaged facility and equipment Determine what can be salvaged and what must be replaced Restore / rebuild facility and resources Return business operations from the alternate facility back to the permanent facility 2008 MK Continuity & Availability LLC 20
21 Is Your Organization Ready to Recover? Two key indicators of an organization s readiness to resume business after a disaster Existence and status of the Business Continuity Program Existence and status of Business Continuity Plans The following slides contain two quick assessments of the state of your business continuity program and plans 2008 MK Continuity & Availability LLC 21
22 BC Program Assessment Does your organization have: 1. Personnel dedicated to the development, exercising, and maintenance of Business Continuity Plans (BCP)? 2. A Corporate Business Continuity Policy? 3. Results from Business Impact Analyses (BIA) and/or Risk Analyses for all business processes? 4. A prioritized business process recovery sequence list based on BIA results showing the mission-critical business processes (MCBP)? 5. Documented business recovery requirements for all MCBPs? 6. An inventory of resources needed by MCBPs during a recovery? 7. An inventory of resources currently available to MCBPs during and shortly after a recovery? 8. A list of BCPs currently documented? 9. The date of last review for each BCP? 10. The frequency of exercises (drill) for each BCP? 11. The date of last exercise of each BCP? 12. The name of the person responsible for each BCP exercise? 13. A list of MCBPs that do not have a documented BCP? 14. A project plan (schedule) showing when MCBPs will have a documented BCP? Yes/No 2008 MK Continuity & Availability LLC 22
23 Business Continuity Plan Assessment Does your organization have: 1. A consistent methodology for BCP development? 2. A consistent template for BCP documentation? 3. A BCP for each mission-critical business process? 4. All BCPs document a designated continuity Team including 24 hour contact numbers? 5. All BCPs include Response, Recovery, and Restoration objectives? 6. All BCPs include Response, Recovery, and Restoration procedures? 7. All BCPs are designed to provide the resources needed during Response and Recovery? 8. All BCPs document support vendors and suppliers including 24 hour contact numbers? 9. All BCPs are reviewed and updated at least twice per year? 10. All BCPs are exercised at least once per year? 11. Each BCP exercise is documented in a report including lessons-learned and scheduled improvements? Yes/No 2008 MK Continuity & Availability LLC 23
24 Abstract Revisited In this session: We discussed the post-incident transition from emergency response to business continuity. We reviewed the components of business continuity planning. You performed a quick assessment of your organization s readiness to resume business after an incident MK Continuity & Availability LLC 24
25 Where To Get Help Business Continuity Institute - Contingency Planning & Management (CPM) - Disaster Recovery Information Exchange (DRIE) - Disaster Recovery Institute International (DRII) - Disaster Recovery Journal (DRJ) - Federal Emergency Management Administration (FEMA) - Michigan State Police / Emergency Management Division MK Continuity & Availability LLC 25
26 Questions? Michael Kadar, MBCP, CISSP MK Continuity & Availability, LLC MK Continuity & Availability LLC 26
Business Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationHow To Prepare For A Disaster
Building an effective Tabletop Exercise Presented by: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services 3/26/2013 #1 Continuity Plan Testing Flowchart 3/26/2013 #2 1 Ongoing Multi-Year
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationBusiness Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010
Business Continuity and Emergency Preparedness Planning Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010 Overview Define key terms and list essential elements of business continuity
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationPost-Class Quiz: Business Continuity & Disaster Recovery Planning Domain
1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business
More informationUniversity of Michigan Disaster Recovery / Business Continuity Administrative Information Systems 4/6/2004 1
University of Michigan Disaster Recovery / Business Continuity Administrative Information Systems. 1 Michigan Administrative Information Services (MAIS) MAIS is responsible for the production support of
More informationDisaster Recovery and Business Continuity Plan
Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
More informationSTEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015
STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015 AGENDA: Emergency Management Business Continuity Planning Q & A MONTH DAY, YEAR TITLE OF THE PRESENTATION 2 CANADIAN RED CROSS Disaster
More informationDISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS
Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More information9/3/2009. Information Systems Disaster Recovery. Learning Objectives. Why have a plan? unexpected? APPA-Institute for Facilities Management
Information Systems Disaster Recovery APPA-Institute for Facilities Management J. Craig Klimczak, D.V.M., M.S. Vice-Chancellor for Technology St. Louis Community College 300 South Broadway St. Louis, MO
More informationEMERGENCY MANAGEMENT BUSINESS CONTINUITY PLANNING TEMPLATE
EMERGENCY MANAGEMENT BUSINESS CONTINUITY PLANNING TEMPLATE A. BUSINESS CONTINUITY PLAN (BCP) To be better prepared, UHCL personnel and its programs may use this form to complete a Business Continuity Plan
More informationBusiness Continuity and Disaster Planning
WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationBy. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd
BS 25999 Business Continuity Management By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd 1 Contents slide BSI British Standards 2006 BS 25999(Business Continuity) 2002 BS 15000
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationUnit Guide to Business Continuity/Resumption Planning
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
More informationFacilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services
Facilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services 1 Today s Agenda Structure of Today s Discussion Set Objectives General overview of DR/BCP Exercise Assumptions Scenarios
More informationThis presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses.
1. An Introduction This presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses. This presentation was prepared by the South Central Economic
More informationLoss Control Webcast. Disaster Recovery Planning we re not in Kansas anymore
Loss Control Webcast Disaster Recovery Planning we re not in Kansas anymore May 15, 2013 1 The information presented in this material has been developed from sources believed to be reliable. It is presented
More informationHow To Manage A Disruption Event
BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational
More informationBusiness Continuity Planning. Presentation and. Direction
Business Continuity Planning Presentation and Direction Thomas Bronack, president Data Center Assistance Group, Inc. 15180 20 th Avenue Whitestone, NY 11357 Phone: (718) 591-5553 Email: bronackt@dcag.com
More informationWhy Should Companies Take a Closer Look at Business Continuity Planning?
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
More informationBUSINESS CONTINUITY PLANNING GUIDELINES
BUSINESS CONTINUITY PLANNING GUIDELINES Washington University in St. Louis The purpose of this guide is to serve as a tool to all departments, divisions, and labs across the University in building a Business
More informationBusiness Continuity Management Program Development Guide
Business Continuity Management Program Development Guide Prepared by The NS Emergency Management Office, Winter 2012 Version 1.1 Page 2 of 24 Document Revision History Date Author Revision Notes Fall 2011
More informationBusiness Continuity Planning Guide
Business Continuity Planning Guide For Small Businesses Prepared by the City of Vaughan Emergency Planning Department 1 Business Continuity Planning Business Continuity Planning (BCP) is a planning process
More informationBUSINESS CONTINUITY PLAN
How to Develop a BUSINESS CONTINUITY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A BUSINESS CONTINUITY PLAN? CHAPTER PREPARING TO WRITE YOUR BUSINESS CONTINUITY PLAN CHAPTER
More informationBUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION
BUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION EXCERPT FROM THE FOREWORD TO THE 2ND EDITION The events of 9/11 have cast a long shadow over the world and led to a vital reappraisal of Enterprise Risk
More informationBUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
More informationEmergency Management & Business Continuity Program Self-Assessment Checklist
Emergency Management & Business Continuity Program Self-Assessment Checklist Self-assessment tool for evaluating preparedness based on NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity
More informationRunning head: COMPONENTS OF A DISASTER RECOVERY PLAN 1
Running head: COMPONENTS OF A DISASTER RECOVERY PLAN 1 Components of a Disaster Recovery Plan DeVry Institute of Technology 2 Components of a Disaster Recovery Plan Disasters do strike without warning.
More informationAssessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC
Assessing Your Disaster Recovery Plans Gregory H. Soule, CPA, CISA, CISSP, CFE Andrews Hooper Pavlik PLC Andrews Hooper Pavlik PLC Agenda Business Continuity Concepts Impact Analysis Risk Assessment Risk
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationBusiness Unit CONTINGENCY PLAN
Contingency Plan Template Business Unit CONTINGENCY PLAN Version 1.0 (Date submitted) Submitted By: Business Unit Date Version 1.0 Page 1 1 Plan Review and Updates... 3 2 Introduction... 3 2.1 Purpose...
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationCONTINUITY OF OPERATION PLAN (COOP) FOR NONPROFIT HUMAN SERVICES PROVIDERS
A L L I A N C E F O R H U M A N S E R V I C E S www.alliance4hs.org CONTINUITY OF OPERATION PLAN (COOP) FOR NONPROFIT HUMAN SERVICES PROVIDERS ALLIANCE FOR HUMAN SERVICES & MIAMI-DADE COUNTY OFFICE OF
More informationBusiness Continuity. Port environment
Business Continuity Port environment DEFINE BUSINESS CONTINUITY WHAT IT IS NOT RECOVERY FOCUS: PEOPLE PROCESSES TECHNOLOGY DELIVERABLES INFRAGARD DEFINITION MANAGEMENT PROCESS DEVELOPING ADVANCE PROCEDURES
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationDRAFT Disaster Recovery Policy Template
DRAFT Disaster Recovery Policy Template NOTE: This is a boiler plate template much information is needed from to finalizeconsider this document pre-draft FOREWARD... 3 Policy Overview...
More informationBusiness Continuity Template
Emergency Management Business Continuity Template The Regional Municipality of Wood Buffalo would like to give credit to the Calgary Emergency Management Agency (CEMA) and the Calgary Chamber of Commerce
More informationBusiness Continuity Planning Instructions
Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,
More informationBusiness Continuity and Crisis Management
Business Continuity and Crisis Management Crisis Management, Business Continuity and The Incident Command System Understanding Differences and Putting it all together? by Max Ckonjevic FBCI, CBCP 1 Objectives
More informationWestern Intergovernmental Audit Forum
Western Intergovernmental Audit Forum Business Continuity & Disaster Recovery Planning September 12, 2013 Presented by: City of Phoenix City Auditor Department Aaron Cook, Sr Internal Auditor IT Audit
More informationSubject Area 9 Public Relations and Crisis Coordination
DRII/BCI Professional Practice Narrative: Develop, coordinate, evaluate, and exercise plans to communicate with internal stakeholders (employees, corporate management, etc.) external stakeholders (customers,
More informationBusiness Continuity Plan Template
Business Continuity Plan Template Disclaimer This publication has been produced to provide a guide for people anticipating going into business and for business owners. It should not be regarded as an
More informationBusiness Continuity Management
Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers
More informationSituation Manual Orange County Florida
Situation Manual Orange County Florida 530 Minutes Situation Manual Tabletop Exercise 1 Disaster Resistant Communities Group www.drc-group.com Comeback Ordeal Start Exercise During the exercise it will
More informationDisaster Recovery Plan
Disaster Recovery Plan Date: Revision: 8.0 EXTERNAL BCP PLAN PAGE 1 OF 12 Federal regulation states, and internal corporate policies require, that Penson Financial Services, Inc. (Penson) develop Business
More information2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP
2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.
More informationIT Disaster Recovery and Business Resumption Planning Standards
Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationYale University Business Continuity Planning (BCP) Quick Start Guide
Yale University Business Continuity Planning (BCP) Quick Start Guide Introduction Yale University s mission is to create, preserve and disseminate knowledge. Each college, division, and major administrative
More informationESCB definitions of major business continuity terms in relation to payment and securities settlement systems 1
ESCB definitions of major business continuity terms in relation to payment and securities settlement systems 1 June 2007 The ESCB has developed a glossary of major business continuity terms for market
More informationDeveloping a Business Continuity Plan... More Than Disaster
Developing a Business Continuity Plan..... More Than Disaster Recovery! April 19, 2010 UHY / MMA Business Survival Series Webinar Focus.... Understanding the components of Business Continuity Planning
More informationBusiness Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014
Business Continuity Planning Donna Curran, Director Audit and Risk Management February, 2014 Agenda Business Continuity Defined The Importance of a Plan Determining the Costs Business Impact Analysis MTO,
More informationBuilding an effective Tabletop Exercise. Presented by: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services
Building an effective Tabletop Exercise Presented by: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services 3/26/2013 #1 Con$nuity Plan Tes$ng Flowchart 3/26/2013 #2 Ongoing Mul$ Year Tes$ng
More informationBusiness Continuity & Disaster Recovery
Business Continuity & Disaster Recovery Safety First Quality Every Time 1 Business Continuity & Disaster Recovery Planning Who here has a formal Business Continuity & Disaster Recovery plan? The purpose
More informationSAMPLE IT CONTINGENCY PLAN FORMAT
SAMPLE IT CONTINGENCY PLAN FORMAT This sample format provides a template for preparing an information technology (IT) contingency plan. The template is intended to be used as a guide, and the Contingency
More informationDisaster Recovery and Unstable Furniture
Disaster Recovery and Unstable Furniture Presented by Michael Richmond, CISSP #SuperConf15 #SuperConf15 Essentials of Information Technology Where we came from Primarily single source Largely asynchronous
More informationShankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.
Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management
More informationOverview of how to test a. Business Continuity Plan
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
More informationContingency Planning and Disaster Recovery for BOMA
Contingency Planning and Disaster Recovery for BOMA Steve Elliot President & CEO Elliot Consulting Hazards & Vulnerabilities Continuity of Business Operations Normal Business Processes SALES MANUFACTURING
More informationTemple university. Auditing a business continuity management BCM. November, 2015
Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program
More informationThe Joint Commission Approach to Evaluation of Emergency Management New Standards
The Joint Commission Approach to Evaluation of Emergency Management New Standards (Effective January 1, 2008) EC. 4.11 through EC. 4.18 Revised EC. 4.20 Emergency Management Drill Standard Lewis Soloff
More informationThe handouts and presentations attached are copyright and trademark protected and provided for individual use only.
The handouts and presentations attached are copyright and trademark protected and provided for individual use only. READINESS RESOURCES American Bar Association -- www.abanet.org Disaster Recovery: www.abanet.org/lpm/lpt/articles/slc02051.html
More informationDisaster Recovery/Business Continuity
CITY AUDITOR'S OFFICE Disaster Recovery/Business Continuity March 6, 2015 AUDIT REPORT NO. 1511 CITY COUNCIL Mayor W.J. Jim Lane Suzanne Klapp Virginia Korte Kathy Littlefield Vice Mayor Linda Milhaven
More informationBusiness continuity management policy
Business continuity management policy health.wa.gov.au Effective: XXX Title: Business continuity management policy 1. Purpose All public sector bodies are required to establish, maintain and review business
More informationChapter 1: An Overview of Emergency Preparedness and Business Continuity
Chapter 1: An Overview of Emergency Preparedness and Business Continuity After completing this chapter, students will be able to: Describe organization and facility stakeholder needs during and after emergencies.
More informationOhio Conference for Payroll Professionals Disaster Recovery
Ohio Conference for Payroll Professionals Disaster Recovery Speaker Bruce E. Phipps CPP 2011 APA Payroll Man of the Year Principal Product Manager US Legislative Analyst ORACLE Corporation bruce.phipps@oracle.com
More informationPrinciples for BCM requirements for the Dutch financial sector and its providers.
Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011
More informationBusiness Continuity Management
Business Continuity Management cliftonlarsonallen.com Introductions Brian Pye CliftonLarsonAllen Senior Manager Business Risk Services group 15 years of experience with Business Continuity Megan Moore
More informationContinuity Plan Testing Flowchart
Building an effective Tabletop Exercise Presented by: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services Continuity Plan Testing Flowchart 1 Ongoing Multi-Year Testing Full Scale Exercises
More informationChanges to the 2014 Acute Care Hospital Manual on Emergency Management Compliance. January 30, 2014 Brad Keyes, CHSP
Changes to the 2014 Acute Care Hospital Manual on Emergency Management Compliance January 30, 2014 Brad Keyes, CHSP The New Manuals Why did we make changes to the old standards? Corrected some errors Eliminated
More informationEmergency Response and Business Continuity Management Policy
Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated
More information<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP
IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement
More informationGuideline on Business Continuity Management
Circular No. 033/B/2009-DSB/AMCM (Date: 14/8/2009) Guideline on Business Continuity Management The Monetary Authority of Macao (AMCM), under the powers conferred by Article 9 of the Charter approved by
More informationBeyond Disaster Recovery: Why Your Backup Plan Won t Work
Beyond Disaster Recovery: Why Your Backup Plan Won t Work Contents Introduction... 3 The Data Backup Model - Upgraded for 2015... 4 Why Disaster Recovery Isn t Enough... 5 Business Consequences with DR-Only
More informationWhy COOP? 6 Goals of COOP. 6 Goals of COOP. General Guidelines for COOP Capability. COOP Program Model 7 Phases. Phase 1: Initiate COOP program
Overview What is continuity of operations (COOP) planning? Business continuity planning the all hazard approach 466 Brian Butler Columbus Public Health, Office of Emergency Preparedness 6 goals of COOP
More informationPAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationIntegrated Healthcare, Hospital and Medical Contingency Planning
Integrated Healthcare, Hospital and Medical Contingency Planning James Paturas, CEM, EMTP, CBCP, FACCP Deputy Director, Clinical Services, Yale New Haven Center for Emergency Preparedness and Disaster
More informationAudit of Business Continuity Planning
INDIAN AFFAIRS AND NORTHERN DEVELOPMENT CANADA Audit of Business Continuity Planning Prepared by: Audit and Assurance Services Branch Project #10-12 June 2011 Table of Contents INITIALISMS AND ABBREVIATIONS...
More information2014 NABRICO Conference
Business Continuity Planning 2014 NABRICO Conference September 19, 2014 6 CityPlace Drive, Suite 900 St. Louis, Missouri 63141 314.983.1200 1520 S. Fifth Street, Suite 309 St. Charles, Missouri 63303 636.255.3000
More informationBusiness Continuity Planning: Bridging the Gap Between IT and Business
Business Continuity Planning: Bridging the Gap Between IT and Business Steve Burns, President EverGreen Data Continuity, Inc. sburns@evergreen-data.com 1 The Hard Facts One-third of businesses don t include
More informationReady for Anything BUSINESS CONTINUITY GUIDE FOR BUSINESS OWNERS. Plan to Stay in Business
BUSINESS CONTINUITY GUIDE FOR BUSINESS OWNERS Administration, Louisiana Economic Development and participating universities. All opinions, conclusions or recommendations expressed are those of the author(s)
More informationCISM Certified Information Security Manager
CISM Certified Information Security Manager Firebrand Custom Designed Courseware Chapter 4 Information Security Incident Management Exam Relevance Ensure that the CISM candidate Establish an effective
More informationClinic Business Continuity Plan Guidelines
Clinic Business Continuity Plan Guidelines Emergency notification contacts: Primary Role Name Address Home phone Mobile/Cell phone Business Continuity Plan Coordinator QSP Business Continuity Plan Coordinator
More informationEMERGENCY SUPPORT FUNCTION (ESF) 14 LONG TERM RECOVERY AND MITIGATION
EMERGENCY SUPPORT FUNCTION (ESF) 14 LONG TERM RECOVERY AND MITIGATION Primary Agency: Chatham Emergency Management Agency Support Agencies: American Red Cross Chatham County Building Safety & Regulatory
More informationThe Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
More informationDisaster Recovery Plan
Disaster Recovery Plan Date: February 2, 2009 Revision: 9.0 EXTERNAL BUSINESS CONTINUITY PLAN PAGE 1 of 13 Federal regulation states, and internal corporate policies require, that Penson Financial Services,
More informationMARQUIS DISASTER RECOVERY PLAN (DRP)
MARQUIS DISASTER RECOVERY PLAN (DRP) Disaster Recovery is an ongoing process to plan, develop, test and implement changes, processes and procedures supporting the recovery of the critical functions in
More informationPlanning for Disaster Disaster
Planning for Disaster Ramesh Ramani CISM CGEIT Ramesh Ramani CISM CGEIT Paramount-Dubai Agenda Disaster Management-Introduction Examples BCP and IT Continuity Process of Disaster Management-PDCA Disaster
More informationPBSi Business Continuity Planning
Business Continuity Planning Definition Business Continuity planning is a planning process designed to reduce the risk that disruptive failures or events could seriously harm your business. It is designed
More informationBusiness Continuity Glossary
Developed In Conjuction with Business Continuity Glossary ACTIVATION: The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration;
More informationMassachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template
Massachusetts Institute of Technology Functional Area Recovery Management Team Plan Development Template Public Distribution Version For further information, contact: Jerry Isaacson MIT Information Security
More informationa risk- based approach Tom Clark MBCI, CBCP, CHS-III, CBRM
a risk- based approach Tom Clark MBCI, CBCP, CHS-III, CBRM 1 Goal: Explore achieving Crisis Management Consistency and how it relates to the aspects of Business Continuity Management involving people,
More informationEmergency Support Function 14 Long-Term Community Recovery and Mitigation
ESF Coordinator: Grant County Emergency Management Primary Agencies: Grant County Emergency Management Grant County Assessor s Office Grant County Public Works Grant County Building Department Support
More information