Evaluating/Applying Relevant BCM Standards: Which is the Best One to Follow?
|
|
- Liliana Holland
- 7 years ago
- Views:
Transcription
1 Evaluating/Applying Relevant BCM Standards: Which is the Best One to Follow? September 23, Strategic BCP, Inc. All rights reserved. strategicbcp.com 1
2 Today s Presenter Frank Perlmutter, CBCP, MBCI Fperlmutter@strategicbcp.com President & Co-Founder of Strategic BCP, creators of ResilienceONE BCM Software 17+ years of experience in Business Continuity (BC) and Risk Management (RM) Former consultant with the Big 4 + Manager of DR/COOP (BCP) and Risk Manager for the U.S. Department of the Treasury Has directed BCP and strategic projects for 75+ clients at the C-level; 20+ for federal government 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 2
3 Background Strategic BCP established in 2004 Purpose: Elevate the productivity and relevance of business continuity professionals ResilienceONE introduced as a milestone in using technology to streamline the process of creating and maintaining plans for: Business continuity Disaster recovery Business impact analysis/risk assessment Crisis management 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 3
4 Area of Focus The Impact of Regulations, Standards & Best Practices Process Behind the BCP Genome Developed by Strategic BCP Lessons Learned to Set up Your Own Framework Comparing and Selecting Appropriate Regulations, Standards & Best Practices Getting to a Gold Standard: Q&A & Wrap-up 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 4
5 The Impact of Regulations, Standards & Best Practices 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 5
6 Definitions Regulations Mandatory authoritative rules dealing with details or procedures having the force of law, that are issued by an authority or government Standards and Best Practices Voluntary criteria, voluntary guidelines, and best practices used to enhance the quality, performance, reliability, and consistency of products, services and/or processes 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 6
7 Why Care? You are OBLIGATED Regulations mandate/require compliance There are penalties if you chose not to comply You NEED guidance Standards, regulations, and best practices can provide guidance for your Business Continuity Program as follows: Initiating it Providing a process for developing and delivering it Managing it Monitoring it Evaluating/auditing it 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 7
8 Goals Apply lessons from how we mapped the BCP Genome in developing your own Gold Standard Framework Assess strengths and weaknesses of the specific standards, regulations, and best practices to determine which ones to include in your Framework Evaluate current/potential tools and methodologies to implement or fine-tune your Business Continuity Management (BCM) program 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 8
9 Process Behind the BCP Genome Developed by Strategic BCP 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 9
10 The Inception of the BCP Genome Mission The BCP Genome project started in 2006 Goal: Develop a Gold Standard framework based on the business continuity industry s collective thought leadership Starting Seek out the best standards, regulations, and best practices in terms of ability to implement the content contained within each of them practically regardless of industry popularity Rule #1 Do NOT interpret the standards, regulations, and best practices; SYNTHESIZE them 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 10
11 Mapping the BCP Genome Selected (9) standards, regulations, and best practices to establish the original framework Diligently went point-by-point through each of them; mapping the original framework After (4) standards, the core framework was developed The (5) remaining standards were 95% redundant to the points mapped 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 11
12 The Result 101 points of a resilient Business Continuity Program mapped across (8) major categories: 1. Program Organization, Management, and Training 2. Business Impact Analysis (BIA) 3. Emergency Response and Crisis Management 4. Emergency Facilities 5. Business and IT Disaster Recovery 6. Testing 7. Maintenance 8. Auditing and General Policy 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 12
13 The BCP Genome Today Initial $300k investment over 10 months converging BC/DR insights The original framework has withstood the test of time as the additional (6) standards mapped since then along with (25) others that have been examined have conformed to the original framework with only minor alterations to the original points Proven to be a stable basis for expansion over the years It still guides the continuous refinement of our ResilienceONE BCM software, audit methodology, and consulting practice 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 13
14 Lessons Learned to Set up Your Own Framework 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 14
15 The Path to Developing a Framework Step 1: Start with regulations that you HAVE TO follow internally or because of clients Step 2: Determine the Business Continuity Management (BCM) program AREAS that you want to address Step 3: Determine if you WANT TO enhance your Business Continuity Program Framework Step 4: Select the BEST standards, regulations, and best practices Step 5: Map them to a CONSISTENT framework 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 15
16 Lesson #1: Look for Practical Guidance Many of the standards focus on program policies and procedures not program content (e.g. How to set up a planning structure vs. how to do a plan) Framework Bread Framework Meat Program Organization, Management, and Training Maintenance Auditing and General Policy Business Impact Analysis (BIA) Emergency Response and Crisis Management Emergency Facilities Business and IT Disaster Recovery Testing 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 16
17 Swimming in a Sea of Standards, Regulations, and Best Practices International Organization for Standardization (ISO) 22301:2012 Federal Financial Institutions Examination Council (FFIEC) BCP Workprogram Disaster Recovery Institute International (DRI) Professional Practices Business Continuity Institute (BCI) Good Practice Guidelines National Fire Protection Association (NFPA) 1600 Standard on Disaster/Emergency Management and Business Continuity Programs The Healthcare Insurance Portability and Accountability Act (HIPAA) Security Rule The Institute of Internal Auditors (IIA) Global Technology Audit Guide (GTAG) for Business Continuity Management National Institute of Standards & Technology (NIST) Special Publication (SP) Contingency Planning Guide for Information Technology Systems Federal Emergency Management Agency (FEMA-64) Guidelines for Dam Safety Federal Energy Regulatory Commission (FERC) Guidelines for Recovery Plan Format Control Objectives for Information and Related Technology (COBIT) Committee of Sponsoring Organizations of the Treadway Commission (COSO) ASIS SPC Plus many, many, many, many, more Basel II and III 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 17
18 Lesson #2: Beware of Jumping on the HOT Standard NFPA NFPA NFPA BS NFPA PS Prep 1600 NFPA ISO The HOT standard changes every year or two Creates a moving target (i.e. if you try to conform to a standard one year, it might not be valid the next) Corollary: Don t single thread your framework by only using ONE standard 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 18
19 Lesson #3: Don t Get Overwhelmed Many of the regulations, standards, and best practices are redundant in content You don t need all of them Select regulations with which you must comply Put its points into your framework Fill in the holes with other ones Coming Up: Which regulations, standards, and best practices fit best 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 19
20 Comparing and Selecting Appropriate Regulations, Standards & Best Practices 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 20
21 FFIEC NFPA 1600 NIST FERC GTAG ISO HIPAA TOTAL PROGRAM ORGANIZATION, MANAGEMENT & TRAINING BUSINESS IMPACT ANALYSIS (BIA) EMERGENCY RESPONSE & CRISIS MANAGEMENT EMERGENCY FACILITIES BUSINESS & SUPPORT COMPONENT RECOVERY TESTING MAINTENANCE AUDIT & GENERAL POLICY TOTAL Strategic BCP, Inc. All rights reserved. strategicbcp.com 21
22 Seek Outside Assistance DRJ has an excellent list of regulations, standards, and best practices on their website Some BCM software has it built into their methodology; ensure it s not just a marketing claim Have them show you how the software meets the different parts of regulations, standards, and best practices 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 22
23 Questions? 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 23
24 Wrap-Up For more insights and opportunities: Request a Live Demo of the BCP Genome in ResilienceONE BCM Software at Contact Frank Perlmutter, CBCP, MBCI Fperlmutter@strategicbcp.com 2013 Strategic BCP, Inc. All rights reserved. strategicbcp.com 24
Preparing for the Convergence of Risk Management & Business Continuity
Preparing for the Convergence of Risk Management & Business Continuity Disaster Recovery Journal Webinar Series September 5, 2012 2012 Strategic BCP, Inc. All rights reserved. strategicbcp.com 1 Today
More informationThe Role of Internal Audit In Business Continuity Planning
The Role of Internal Audit In Business Continuity Planning Dan Bailey, MBCP Page 0 Introduction Dan Bailey, MBCP Senior Manager Protiviti Inc. dan.bailey@protiviti.com Actively involved in the Information
More informationBusiness Continuity Standards A Primer
INTELLIGENT NOTIFICATION Alphabet Soup: Making Sense of BC/DR Standards Part 1: Business Continuity Standards A Primer Why all the attention now? One of the hottest topics in BC/DR these days is standards.
More informationPlan Development Getting from Principles to Paper
Plan Development Getting from Principles to Paper March 22, 2015 Table of Contents / Agenda Goals of the workshop Overview of relevant standards Industry standards Government regulations Company standards
More informationwww.pwc.com Governance, Risk and Compliance Update & Hot Topics Pittsburgh Chapter IIA December 3, 2012
www.pwc.com Governance, Risk and Compliance Update & Hot Topics Pittsburgh Chapter IIA December 3, 2012 Agenda Introduction Mark Gibbons 12:00 12:05 Governance, Risk and Compliance Overview Mark Gibbons
More informationBusiness Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013
Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June 12 2013 Chitra Gopalakrishnan Director KPMG LLP Agenda Introduction Business Continuity / Disaster
More informationIntroduction to Business Continuity Planning
Introduction to Business Continuity Planning Business Continuity and Disaster Resilience Forum May 10, 2012 Rizal Ballroom A, Makati Shangri-la Manila, Philippines Dr Goh Moh Heng President BCM Institute
More informationEvaluating and Improving Your Business Continuity Plan
Evaluating and Improving Your Business Continuity Plan As presented to the Northeast Florida IIA Chapter January 23, 2015 Contact Information Karen Weir, MAC, CISA, CBCP Manager kweir@accretivesolutions.com
More informationBCM Data Research within a Business Intelligence Dashboard
BCM Data Research within a Business Intelligence Dashboard A powerful, innovative assessment tool designed exclusively for the Business Continuity Profession Collecting BCM data metrics since 2000. The
More informationBusiness Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM
Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit?
More informationABA Homeland Security Law Institute Panel. Two Ounces of Prevention: The SAFETY Act and PS Prep Voluntary Programs to Mitigate Liability
ABA Homeland Security Law Institute Panel Two Ounces of Prevention: The SAFETY Act and PS Prep Voluntary Programs to Mitigate Liability March 23, 2012 Remarks of Stephen Amitay, Counsel to ASIS International
More informationContinuity of operations for critical infrastructure. Disclosure of critical information to the government.
Regulatory compliance is a significant factor influencing the development of your business resilience strategy. Moreover, while Business Continuity or Disaster Recovery regulations may not apply in every
More informationRegulatory Requirements for Disaster Recovery/Business Continuity Programs
Regulatory Requirements for Disaster Recovery/Business Continuity Programs Al Berman Business Continuity Planning Practice Post 9/11 Surge in Business Continuity Regulations and Standards Post 9-11 20
More informationIs Business Continuity Certification Right for Your Organization?
2008-2013 AVALUTION CONSULTING, LLC ALL RIGHTS RESERVED i This white paper analyzes the business case for pursuing organizational business continuity certification, including what it takes to complete
More informationINFOSEC.MY KNOWLEDGE SHARING SESSION
INFOSEC.MY KNOWLEDGE SHARING SESSION Integration BCM into your Organization: Challenges & Opportunities 31 st October 2007 1 Prabha Ramanathan ( CBCP, MBCI, MBCS, MSCS) Certified Business Continuity Professional.have
More informationGlobal Statement of Business Continuity
Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.
More informationBUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION
BUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION EXCERPT FROM THE FOREWORD TO THE 2ND EDITION The events of 9/11 have cast a long shadow over the world and led to a vital reappraisal of Enterprise Risk
More informationProposal for Business Continuity Plan and Management Review 6 August 2008
Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.
More informationMHA Consulting. Business Continuity Management 101
0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends
More informationBusiness Continuity Management Program Maturity Report - SAMPLE -
Business Continuity Management Program Maturity Report - SAMPLE - Prepared by BC Management, Inc. Benchmarking. Plan Ahead. Be Ahead. - Not Actual Data Table of Contents Introduction 4 Reporting History
More information#316 The Security Elements of Business Continuity & Disaster Recovery Plans
#316 The Security Elements of Business Continuity & Disaster Recovery Plans Ken Doughty CISA CBCP ODAS kdoughty@ozemail.com.au Presentation Outline Introduction Overview of Business Continuity Security
More informationThe United States Regulatory Landscape for Business Continuity Management
The United States Regulatory Landscape for Business Continuity Management Presented by Chloe Demrovsky Director of Global Operations, DRI International Mumbai, India January 17, 2011 Agenda The Regulatory
More informationWestern Intergovernmental Audit Forum
Western Intergovernmental Audit Forum Business Continuity & Disaster Recovery Planning September 12, 2013 Presented by: City of Phoenix City Auditor Department Aaron Cook, Sr Internal Auditor IT Audit
More informationBusiness Continuity Management
GENERALLY ACCESSIBLE Business Continuity Management Field Report from an Audit Point of View ISACA Swiss Chapter - After Hour Seminar 28 August 2006 - Urs Voigt - Group Internal Audit Disasters Happen
More informationEMBEDDING BCM IN THE ORGANIZATION S CULTURE
EMBEDDING BCM IN THE ORGANIZATION S CULTURE Page 6 AUTHOR: Andy Mason, BSc, MBCS, CITP, MBCI, Head of Business Continuity, PricewaterhouseCoopers LLP ABSTRACT: The concept of embedding business continuity
More informationISACA North Dallas Chapter
ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis
More informationTime Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301
14th Annual Time Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301 A BCM journey from variance to consistency The Road to Resilience Speaker Information Rachelle Loyear Enterprise Director
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationAssessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC
Assessing Your Disaster Recovery Plans Gregory H. Soule, CPA, CISA, CISSP, CFE Andrews Hooper Pavlik PLC Andrews Hooper Pavlik PLC Agenda Business Continuity Concepts Impact Analysis Risk Assessment Risk
More informationGAP Subject Area 2 Risk Evaluation and Control
BCI Professional Practice Narrative: Determine the events and external surroundings that can adversely affect the organization and its facilities with disruption as well as disaster, the damage such events
More informationSubject Area 9 Public Relations and Crisis Coordination
DRII/BCI Professional Practice Narrative: Develop, coordinate, evaluate, and exercise plans to communicate with internal stakeholders (employees, corporate management, etc.) external stakeholders (customers,
More informationSubject Area 1 Project Initiation and Management
DRII/BCI Professional Practice Narrative: Establish the need for a Business Continuity Plan (BCP), including obtaining management support and organizing and managing the BCP project to completion. (This
More informationHow To Plan A Crisis Management Program
Building a Security Conscious Business Continuity Management (BCM) Program Sam Stahl, CBCP, MBCI EMC Global Professional Services Program Manager stahl_samuel@emc.com ASIS Singapore, 2014 Agenda Overview
More information1.0 Policy Statement / Intentions (FOIA - Open)
Force Policy & Procedure Reference Number Business Continuity Management D269 Policy Version Date 23 July 2015 Review Date 23 July 2016 Policy Ownership Portfolio Holder Links or overlaps with other policies
More informationDeliverable: D2.2: Desktop Study Contingency Planning Methodologies and Business Continuity Version: 1.0 Seventh Framework Programme Theme
Deliverable: D2.2: Desktop Study Contingency Planning Methodologies and Business Continuity Version: 1.0 Seventh Framework Programme Theme ICT-SEC-2007-7.0-01 Project Acronym: EURACOM Project Full Title:
More informationVMIA Business Continuity Initiatives
VMIA Business Continuity Initiatives The need for Business Continuity Identified as key risk area during Risk Framework Quality Reviews (2006-7) Identified Vic Gov Risk Management Framework Particular
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More informationTips and techniques a typical audit programme
Auditing Business Continuity Planning Tips and techniques a typical audit programme Karen Wills, Senior Internal Auditor St James s Place Wealth Management February 2014 Contents Background Roles and Responsibilities
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationGuide to Business Continuity Management
Guide to Business Continuity Management Frequently Asked Questions Third Edition Contents Introduction.... v Business Continuity Basics...1 1. What is business continuity management (BCM)?...1 2. BCM seems
More informationDisaster Recovery/Business Continuity
CITY AUDITOR'S OFFICE Disaster Recovery/Business Continuity March 6, 2015 AUDIT REPORT NO. 1511 CITY COUNCIL Mayor W.J. Jim Lane Suzanne Klapp Virginia Korte Kathy Littlefield Vice Mayor Linda Milhaven
More informationGrand Millennium, Kuala Lumpur Malaysia 22th - 24 th February 2010. Advanced techniques and templates for preparing and conducting BCP tests/exercises
Business Continuity Management: Grand Millennium, Kuala Lumpur Malaysia 22th 24 th February 2010 Researched and Developed By : Insigniai HRDF claimable *subject to individual submission approval Advanced
More informationAngie M. Santiago President, CPAC Triangle Chapter
Public Policy & Regulatory Trends in Business Continuity Management Title IX - A Primer Angie M. Santiago President, CPAC Triangle Chapter 1 Agenda PL 110 53 History Governance structure Major Stakeholders
More informationCertification. Is it Right for You? 2013 Micron Technology, Inc. February 12, 2014
Certification Is it Right for You? 2013 Micron Technology, Inc. All rights reserved. Products are warranted only to meet Micron s production data sheet specifications. Information, products, and/or specifications
More informationSubject Area 1 Project Initiation and Management
DRII/BCI Professional Practice Narrative: Establish the need for a Business Continuity Plan (BCP), including obtaining management support and organizing and managing the BCP project to completion. (This
More informationIT Security & Compliance Risk Assessment Capabilities
ATIBA Governance, Risk and Compliance ATIBA provides information security and risk management consulting services for the Banking, Financial Services, Insurance, Healthcare, Manufacturing, Government,
More informationBusiness Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Trends, Considerations, & Leading Practices November 13, 2014 Presented by: Jon Bronson Los Angeles Trey MacDonald Atlanta Today s Presenters Jon Bronson is a
More informationBest in Class Business Continuity Program Benchmark Report
Best in Class Business Continuity Program Benchmark Benchmarking. Plan Ahead. Be Ahead. Customized & Prepared Exclusively for ABC Company February 22, 2010 Table of Contents Introduction ing History 4
More informationCommunity and Built Environment Localities and Safer Communities Business Continuity Management Policy Andrew Fyfe
Community and Built Environment Localities and Safer Communities Business Continuity Management Policy Andrew Fyfe 4 Aug 14 Draft v4.4 TBC Resilience Team BCM Policy draft v4.4 1 4 Aug 2014 Statement of
More informationSCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com
SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A
More informationBusiness Continuity Planning Preparing Your Organization
Business Continuity Planning Preparing Your Organization Nicholas De Laurentis, CRM, IGP nick.delaurentis.gmkj@statefarm.com 1 Objectives Understand the importance of Business Continuity Planning Know
More informationMaryland Association of Boards of Education Insurance Programs
Insurance Programs ENTERPRISE RISK MANAGEMENT John Magoon, ARM (P, E), CBCP, MBCI Risk Management Officer, MABE jmagoon@mabe.org 443 603 0399 A PERFECT DAY Our Goals 1.2 1 0.8 0.6 0.4 0.2 0 Actual Goal
More informationHow To Understand The State Of Business Continuity Preparedness
M ARKET STUDY The State of Business Continuity Preparedness Photo by Sergey Nivens Fotolia.com By STEPHANIE BALAOURAS Forrester Research and the Disaster Recovery Journal have partnered to field a number
More informationBusiness Continuity Planning. Description and Framework. White Paper. Preface. Contents
Comprehensive Consulting Solutions, Inc. Business Savvy. IT Smart. Business Continuity Planning White Paper Published: April 2001 (with revisions) Business Continuity Planning Description and Framework
More informationBUILDING A SECURITY CONSCIOUS BUSINESS CONTINUITY MANAGEMENT (BCM) PROGRAM
BUILDING A SECURITY CONSCIOUS BUSINESS CONTINUITY MANAGEMENT (BCM) PROGRAM SAM STAHL, CBCP, MBCI EMC GLOBAL PROFESSIONAL SERVICES PROGRAM MANAGER SSTAHL777@GMAIL.COM ASIS SHANGHAI, 2015 1 AGENDA Overview
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationBCM and DRP - RFP Template
BCM and DRP - The Supreme Council of Information & Communication Technology ictqatar PUBLICATION DATE Document Reference This document should be used as an example of the contents of an RFP for business
More informationMeeting FFIEC Requirements: Enterprise-Wide Testing of Your. Business Continuity Plan
Meeting FFIEC Requirements: Enterprise-Wide Testing of Your Business Continuity Plan April 25, 2012 Robin Remines, CBCP, AMBCI Certified Business Continuity Professional The OGO Difference Focus on making
More informationAppendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015. Business Continuity Policy Statement 2015
Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015 Business Continuity Policy Statement 2015 This Policy sets the direction for Business Continuity
More informationIntegrated Healthcare, Hospital and Medical Contingency Planning
Integrated Healthcare, Hospital and Medical Contingency Planning James Paturas, CEM, EMTP, CBCP, FACCP Deputy Director, Clinical Services, Yale New Haven Center for Emergency Preparedness and Disaster
More informationHow to measure your business resiliency
How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com
More informationChecklist of ISO 22301 Mandatory Documentation
Checklist of ISO 22301 Mandatory Documentation 1) Which documents and records are required? The list below shows the minimum set of documents and records required by ISO 22301:2012 (the standard refers
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
More informationBank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management
Bank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management Issued under Section 27 of the Banks and Financial Institutions Act 2000 Overview and Key Requirements Business Continuity
More informationBusiness Continuity and Disaster Recovery Planning 3/16/2011. Lee Goldstein CPCP, MBCI President Business Contingency Group
Business Continuity and Disaster Recovery Planning 3/16/2011 Lee Goldstein CPCP, MBCI President Business Contingency Group Business Continuity/Disaster Recovery Planning to ensure the continuation/recovery
More informationWelcome to Modulo Risk Manager Next Generation. Solutions for GRC
Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS
More informationBusiness Continuity Management 101. Patrick Potter, CBCP MHA Consulting ISACA November 19, 2009
Business Continuity Management 101 Patrick Potter, CBCP MHA Consulting ISACA November 19, 2009 1 Who is MHA Consulting Who We Are What We Do Leading boutique consulting firm since 1998 Provider of consulting
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More informationDISASTER RECOVERY/ BUSINESS CONTINUITY AUDITING: A CASE STUDY
1 DISASTER RECOVERY/ BUSINESS CONTINUITY AUDITING: A CASE STUDY WAYNE PURVES DIRECTOR CHRISTA VOIE IT AUDITOR MULTICARE HEALTH SYSTEM TACOMA, WA AHIA 32 nd Annual Conference August 25-28, 2013 Chicago,
More informationDisaster Recovery Journal Spring World 2014
Disaster Recovery Journal Spring World 2014 What works: Services and service supply chain business continuity risk management Don Hall, CBCP, Cisco Services Business Continuity Analyst Cisco Systems, Inc.
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationThis article will provide background on the Sarbanes-Oxley Act of 2002, prior to discussing the implications for business continuity practitioners.
Auditing the Business Continuity Process Dr. Eric Schmidt, Principal, Transitional Data Services, Inc. Business continuity audits are rapidly becoming one of the most urgent issues throughout the international
More informationIntroduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors
Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Importance of Effective Internal Controls and COSO COSO
More informationBridging the HIPAA/HITECH Compliance Gap
CyberSheath Healthcare Compliance Paper www.cybersheath.com -65 Bridging the HIPAA/HITECH Compliance Gap Security insights that help covered entities and business associates achieve compliance According
More informationVendor Management Panel Discussion. Managing 3 rd Party Risk
Vendor Management Panel Discussion Managing 3 rd Party Risk Vendor Risk at its Finest Vendor Risk at its Finest CVS Care Mark Corporation announced that it had mistakenly sent letters to approximately
More informationBusiness Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard This Prudential Standard requires each APRA-regulated institution to implement a whole-of-business
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationBy: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015
Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,
More informationThe State Of Business Continuity Preparedness
14 DISASTER RECOVERY JOURNAL WINTER 2012 MARKET STUDY The State Of Business Continuity Preparedness F DISASTER By STEPHANIE BALAOURAS orrester Research and the Disaster Recovery Journal have partnered
More informationBusiness Continuity and the Cloud. Aaron Shaver US Signal, Solution Architect
Business Continuity and the Cloud Aaron Shaver US Signal, Solution Architect Overview What is BC/DR? Why should businesses have a strategy? Why do many business choose not to? How does the cloud change
More informationVendor Risk Management Financial Organizations
Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current
More informationA GUIDE TO BUSINESS CONTINUITY PLANNING
A GUIDE TO BUSINESS CONTINUITY PLANNING Introduction The Civil Contingencies Act 2004 places a duty on Local Authorities to ensure that local businesses and voluntary sector organisations in their area
More informationDisaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International
Disaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International BCP Definitions Business Continuity Plan: An ongoing process supported by senior management
More informationRSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief
RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief INTRODUCTION Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet
More informationBusiness Continuity Policy
Business Continuity Policy Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain its essential business functions during
More informationOC Chapter. Vendor Risk Management. Cover the basics of a good VRM program, standards, frameworks, pitfall and best outcomes.
OC Chapter Vendor Risk Management. Cover the basics of a good VRM program, standards, frameworks, pitfall and best outcomes. 2 Why Assess a Vendor? You don t want to be a Target for hackers via your vendors
More informationWith the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS
How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning The world has experienced a great deal of natural and man-made upheaval and destruction in the past few years, including tornadoes,
More information2012 Business Continuity Conference Friday, November 9, 2012
South Central PA Regional Business Preparedness Campaign 2012 Conference Friday, November 9, 2012 The South Central PA Task Force will hold a Regional Conference on Friday, November 9, 2012, at the C.
More informationBusiness Continuity Planning (BCP) 101
2011/EPWG/WKSP/004 Intro 1 Business Continuity Planning (BCP) 101 Submitted by: Business Continuity Management Institute Workshop on Private Sector Emergency Preparedness Sendai, Japan 1-3 August 2011
More informationBusiness Continuity Management Policy
Business Continuity Management Policy Business Continuity Policy Version 1.0 1 Version control Version Date Changes Author 0.1 April 13 1 st draft PH 0.2 June 13 Amendments in line with guidance PH 0.3
More informationThe Business Continuity Maturity Continuum
The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity
More informationCPM-East.com. Workshops: November 18, 2013 Conference: November 19 21, 2013 Expo: November 19 20, 2013 Gaylord Texan Resort, Dallas Texas
CPM-East.com Workshops: November 18, 2013 Conference: November 19 21, 2013 Expo: November 19 20, 2013 Gaylord Texan Resort, Dallas Texas Past CPM West Registered Attendees by Title 502 ABW Emergency Manager
More informationHarmonizing Your Compliance and Security Objectives. Bonnie A. Goins Adjunct Professor, Illinois Institute of Technology
Harmonizing Your Compliance and Security Objectives Bonnie A. Goins Adjunct Professor, Illinois Institute of Technology Make sure efforts serve multiple purposes Use standards to guide effort Repeatable
More informationBryan Strawser, MBA, MBCP, MBCI, CEM, CPP, CISSP, PMP, PgMP, PfMP, CBCV
Bryan Strawser, MBA, MBCP, MBCI, CEM, CPP, CISSP, PMP, PgMP, PfMP, CBCV Recent/Current Appointments 2014 present: Principal Consultant, Founder, & CEO, Bryghtpath LLC 2009 2014: Senior Group Manager, Global
More informationBCM Trends & Careers. Assess Your Marketability & Formulate a Career Path. By Cheyene Marling, Hon, MBCI June 9, 2014
BCM Trends & Careers Assess Your Marketability & Formulate a Career Path By Cheyene Marling, Hon, MBCI June 9, 2014 What Do Companies Want? What Do You Want? Strategize Your Career Understand the Market
More informationChapter 3: Audit of business Continuity plan... 3 Learning Objectives... 3 3.1 Introduction... 3 3.2 Steps of BCP Process... 3 3.2.
Chapter 3: Audit of business Continuity plan... 3 Learning Objectives... 3 3.1 Introduction... 3 3.2 Steps of BCP Process... 3 3.2.1 Step 1: Identifying the mission or business-critical functions... 4
More informationThis is the third and final presentation on HIPAA Security Administrative Safeguards. This presentation focuses on the last 2 standards under the
This is the third and final presentation on HIPAA Security Administrative Safeguards. This presentation focuses on the last 2 standards under the HIPAA Security rule: Contingency planning and evaluation.
More informationGovernance, Risk, and Compliance (GRC) White Paper
Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:
More information