Crisis Management Audit Plan
|
|
- Pamela Harrison
- 7 years ago
- Views:
Transcription
1 Contributed 8/30/99 by Denys Martin, Background and Rationale You come to your office for the beginning of your workweek and because of some unforeseen event there are no employees, no working telephones, no functioning computers, no utilities. You're the Chief Executive. What would you do? Where would you start? Unquestionably this is a crisis. Remember that you have access to almost none of your regular business tools. If this had been an actual incident; such as many businesses experienced in Wellington, New Zealand in 1997, it would already have been too late to concern yourself with developing a Crisis Management Plan! You need to have a Plan in place to ensure continuity of operations. But, what kind of Crisis Management Plan is an effective one? You need to ask: "What is a crisis for my organisation?" For this audit, the following definition will be used: A crisis can be defined as any unplanned event, occurrence or sequence of events that has a specific catastrophic consequence. Natural disasters, IT viruses, financial manipulation, societal disruption, pollution and stringent regulations are but a few examples of potential crisis situations. The reasons for focusing on these issues may result from a commitment to protect the public, the employees, to comply with government regulations or to protect their organisation from possible liabilities and litigation. The consequences for not focusing on these issues can be disastrous. Audit Standards: A cohesive Crisis Management Plan should have the following components: Compliance Preparedness Training & Resource Development Information Management Critical aspects that must be in the Crisis Management Plan: Effective coordination of activities within the organisations ; Early warning and clear instructions to all concerned if a crisis occurs; Continued assessment of actual and potential consequences of the crisis; Continuity of business operations during and immediately after the crisis. A brief synopsis of the common weaknesses in Crisis Management planning may prove helpful. Possible weaknesses to verify: Denys Martin, MBA, CIA, FCPA 08/30/99 5:53 AM 1 of 5
2 1. No systematic collection of planning information. This includes such aspects as risk analysis, organisational information, relevant laws, company policy procedures and location specific data. 2. No systematic dissemination of planning information. 3. Failure to identify and establish an incident command structure. This is a common pitfall as many planners try to fit their organisation into a standard incident command system not designed around their particular needs. 4. No, or minimal, coordination with affected entities. Poor communications with external dependencies such as the community, neighboring industries, identified support entities (fire, police, hospitals, etc.) can lead to confusion and chaos during an emergency. A simple issue such as who is the primary contact for offsite agencies during an emergency can cause major disruption during an incident. 5. Lack of, or poorly defined, Organisational Responsibilities. Failure to provide clear, concise procedures defining a person's functions, duties and tasks upon assuming their emergency organisation position. 6. Once developed the Plan is not or is, at best, poorly maintained. The Plan may have been developed to meet a regulatory requirement. 7. There is no provision for testing and review or continued evaluation and periodic update of the material. For example, changed information, such as telephone numbers maybe buried in various paragraphs throughout the plan. 8. The material that was developed is not user-friendly. The plan may contain too much information. Unfortunately, the user has to be a brain surgeon to figure out his/her role in its implementation. There should be simple, easy-to-use supplemental materials that can be used as a quick reference guide during an emergency. 9. Training relevant personnel on the plan and their role in its implementation. 10. The plan needs to be disseminated to the authorities. Failure to include appropriate parties on the distribution list most often leads to failure on their part to respond in the manner hoped for. COMPLIANCE The risk assessment is the initial step, toward reducing vulnerability. All relevant levels of management should become part of the Crisis Management Plan. This can be achieved in several ways: 1. Senior manager directly responsible to top management and the board of directors. The formal assignment of a senior manager to the position such as "Crisis Management Plans, Director," or some other appropriate title, can accomplish the initial portion of this item. Additionally, there should be within the individual's job description some measurement standard to evaluate performance. Denys Martin, MBA, CIA, FCPA 08/30/99 5:53 AM 2 of 5
3 2. Set aside specific time for reports on crisis management preparedness issues. This can be accomplished by preparing an agenda for senior staff and board of director meetings that includes a discussion of crisis management preparedness as a mandatory item. They should give it more than lip service though. Also, they must make the discussion substantive. Provide more than the dull and tiring statistics on reportable accidents, etc. Include all levels of personnel in the presentation process. 3. Make crisis management planning issues part of the strategic planning process. In one aspect, government regulations are defining strategic implications for companies. 4. Communicate compliance through all levels of the organisation through company policy and procedures. This can be accomplished through formal adoption of policy at the highest levels of the company. Generally, this will require the approval of the Board of Directors. PREPAREDNESS Preparedness used in the broadest context means any and all measures taken to prevent, prepare for, respond, mitigate and recover from a crisis. It's with this perspective that we begin to breakdown the aspect of Preparedness. Preparedness consists of four critical aspects: Preparation and Prevention Detection and Classification Response and Mitigation Reentry and Recovery Preparation and Prevention: Any set of activities that prevent a crisis, reduce the chance of a crisis happening, or reduce the damaging effects of a crisis. Preparation and Prevention activities include, but are not limited to: Development and implementation of the Crisis Management Plan Development and implementation of Crisis Management Plan Implementing Procedures Development and implementation of Crisis Management/Response Training Detection and Incident Classification: Actions taken to identify assess and classify the severity of a crisis. Detection and Classification activities include, but are not limited to: Activation of Crisis Management Systems Escalation of Crisis Management Plan Implementing Procedures Escalation of the Crisis Management/Response Organisation Response and Mitigation: Actions taken to save lives prevent further damage and reduce the effects of the crisis. Response and Mitigation activities include, but are not limited to: Crisis Management/Response operations Subsidiaries Crisis Management/Response operations Denys Martin, MBA, CIA, FCPA 08/30/99 5:53 AM 3 of 5
4 Continuity of business operations Recovery: Actions taken to return to a normal or an even safer situation following the crisis. Recovery activities include, but are not limited to: Activation of the Recovery Plan Coordination with subsidiaries TRAINING The training of the Crisis Management/Response Organisation is one of the critical success factors that must be addressed if an adequate response is to be achieved. The development of the compliance Plan, involvement of all levels of management and establishing preparedness is only part of the overall process. To ensure an adequate response, a trained organisation is required. A "systems" approach to preparing effective training Plans should consist of: 1. TASK ANALYSIS: determine the skills, knowledge and procedures required for satisfactory performance of each task. 2. INSTRUCTION: Lessons are systematically presented using appropriate instructional methods. Instruction may include lecture, self-paced or group-paced mediated instruction, simulation and team training. 3. EVALUATION: Performance standards and evaluation criteria are developed from the learning objectives. Each trainee's performance is evaluated during the course and during field performance testing. 4. DRILLS: In addition to the formal training Plan, need drills and exercises. INFORMATION MANAGEMENT The need to establish and maintain an ongoing dynamic Crisis Management Plan is essential. In order to facilitate planning requirements, a record of all initiatives should be retained. These records serve to document the accomplishments, requirements, commitments and reports relating to various Plan requirements. The identification of commitments in the areas of compliance, emergency preparedness and training is vital. The establishment of a defined information management system structure will ensure that documentation will be available when needed. Senior management must be kept well informed. Information is a corporate asset. Information is expensive. It must be shared and managed effectively. Information management is also critical during a crisis. The need for active systems to provide information on materials, personnel, capability information on materials, personnel, capabilities and processes is essential. It is extremely important to have a system (and adequate back-up systems) in place that serves to identify, catalog, Denys Martin, MBA, CIA, FCPA 08/30/99 5:53 AM 4 of 5
5 set priorities and track issues and commitments relating to crisis management and response activities. QUALITY ASSURANCE The Crisis Management Plan should be independently audited for quality assurance from an independent source who can certify the adequacy of the process. Denys Martin, MBA, CIA, FCPA 08/30/99 5:53 AM 5 of 5
Emergency Preparedness Guidelines
DM-PH&SD-P7-TG6 رقم النموذج : I. Introduction This Guideline on supports the national platform for disaster risk reduction. It specifies requirements to enable both the public and private sector to develop
More informationSCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com
SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A
More informationDISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES
APPENDIX 1 DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES March 2008 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1
More informationOhio Supercomputer Center
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationAdvisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities
Advisory Guidelines of the Financial Supervision Authority Requirements for Organising the Business Continuity Process of Supervised Entities These advisory guidelines were established by Resolution No
More informationEvaluation of the Railroad Retirement Board s Disaster Recovery Plan Report No. 06-08, August 14, 2006 INTRODUCTION
Evaluation of the Railroad Retirement Board s Disaster Recovery Plan Report No. 06-08, August 14, 2006 INTRODUCTION This report presents the results of the Office of Inspector General s evaluation of the
More informationWith the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS
How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning The world has experienced a great deal of natural and man-made upheaval and destruction in the past few years, including tornadoes,
More informationSubject: Internal Audit of Information Technology Disaster Recovery Plan
RIVERSIDE: AUDIT & ADVISORY SERVICES June 30, 2009 To: Charles Rowley, Associate Vice Chancellor Computing & Communications Subject: Internal Audit of Information Technology Disaster Recovery Plan Ref:
More informationAustralia Pacific LNG Project. Narrows Crossing Pipeline Environmental Management Plan Attachment 3 Crisis and Emergency Management Directive
Australia Pacific LNG Project Narrows Crossing Pipeline Environmental Management Plan Attachment 3 Crisis and Emergency Management Crisis and Emergency Management This document outlines the requirements
More informationBUSINESS CONTINUITY PLAN
How to Develop a BUSINESS CONTINUITY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A BUSINESS CONTINUITY PLAN? CHAPTER PREPARING TO WRITE YOUR BUSINESS CONTINUITY PLAN CHAPTER
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationSCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS
Title: DRAFT USG Continuity of Operation Plan Policy Policy Number: 2009-Julian Date Topical Security Area: Document Type: Standard Pages: Words: Lines: 5 1,387 182 Issue Date: May-09 Effective Date: Immediately
More informationIT Service Continuity Management PinkVERIFY
-11-G-001 General Criteria Does the tool use ITIL 2011 Edition process terms and align to ITIL 2011 Edition workflows and process integrations? -11-G-002 Does the tool have security controls in place to
More informationBusiness Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010
Business Continuity and Emergency Preparedness Planning Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010 Overview Define key terms and list essential elements of business continuity
More informationTitle: Rio Tinto management system
Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Document Type Corporate Policy Unique Identifier CO-038 Document Purpose To provide a structure through which: i. A comprehensive business continuity management system (BCMS)
More informationHong Kong Baptist University
Hong Kong Baptist University Disaster Recovery Standard FOR INTERNAL USE ONLY Date of Issue: JULY 2012 Revision History Version Author Date Revision 1.0 Information Security Subcommittee (ISSC) July 2012
More informationISMS Implementation Guide
atsec information security corporation 9130 Jollyville Road, Suite 260 Austin, TX 78759 Tel: 512-615-7300 Fax: 512-615-7301 www.atsec.com ISMS Implementation Guide atsec information security ISMS Implementation
More informationModule 13: Emergency Preparedness and Response
Module 13: Emergency Preparedness and Response Guidance...13-2 Tools...13-4 Tool 13-1: Emergency Preparedness and Response Worksheet...13-4 Tool 13-2: Emergency Preparedness and Response Requirements Matrix...13-5
More informationBUSINESS CONTINUITY PLANNING
Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,
More informationWhat is an Exercise? Agenda. Types of Exercises. Tabletop Exercises for Executives. Defining the Tabletop Exercise. Types of Tabletop Exercises
Tabletop Exercises for Executives Kathy Lee Patterson, CBCP, PMP Independence Blue Cross Defining the Tabletop Exercise Types of Tabletop Exercises Advantages to conducting Exercises Agenda 12 Step Approach
More informationAUDITING A BCP PLAN. Thomas Bronack Auditing a BCP Plan presentation Page: 1
AUDITING A BCP PLAN Thomas Bronack Auditing a BCP Plan presentation Page: 1 What are the Objectives of a Good BCP Plan Protect employees Restore critical business processes or functions to minimize the
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationG13 USE OF RISK ASSESSMENT IN AUDIT PLANNING
IS AUDITING GUIDELINE G13 USE OF RISK ASSESSMENT IN AUDIT PLANNING The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationCommitted to Environment, Health, & Safety
Committed to Environment, Health, & Safety Environment, Health, and Safety Management System and Policy of W.R. Grace & Co. January 1, 2015 The Grace Environment, Health, and Safety Management System,
More informationSCHEDULE 25. Business Continuity
SCHEDULE 25 Business Continuity 1. Scope 1.1 This schedule covers TfL s requirements in respect of: any circumstance or event which renders, or which TfL considers likely to render, it necessary or desirable
More informationIT Disaster Recovery and Business Resumption Planning Standards
Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:
More informationOverview. Emergency Response. Crisis Management
Prudential Financial s Preparedness Strategy Overview Emergency Response, Crisis Management, Business Continuation, Technology Disaster Recovery & Health Crisis Preparedness Prudential is committed to
More informationPROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE INTRODUCTION. 1 What is Business Continuity Management? 2 Link to Risk Management
PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE This Framework has been developed in support of both the Business Continuity and Crisis Management Policy and the Emergency and Fire Evacuation
More informationInternal Audit Checklist
Internal Audit Checklist 4.2 Policy Verify required elements Verify management commitment Verify available to the public Verify implementation by tracing links back to policy statement Check review/revisions
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationContinuity Planning and Disaster Recovery
Responsible Officer: AVP - Information Technology Services & UC Chief Information Officer Responsible Office: IT - Information Technology Services Issuance Date: 7/27/2007 Effective Date: 7/27/2007 Scope:
More informationDisaster Recovery and Business Continuity Plan
Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix
More informationHow to write a DISASTER RECOVERY PLAN. To print to A4, print at 75%.
How to write a DISASTER RECOVERY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A DRP AND HOW CAN IT HELP MY COMPANY? CHAPTER PREPARING TO WRITE YOUR DISASTER RECOVERY PLAN
More informationDeveloping Partnerships with Fire Departments and Emergency Medical Services for Achieving Business Continuity Success
Dr. Bill Lowe, EFO, EMT-P, MIFireE Jacksonville State University (Alabama) Developing Partnerships with Fire Departments and Emergency Medical Services for Achieving Business Continuity Success Dr. Bill
More informationBUSINESS CONTINUITY MANAGEMENT POLICY. October 2012
BUSINESS CONTINUITY MANAGEMENT POLICY October 2012 1 Policy Statement 1.1 PHSO s Business Continuity Management (BCM) arrangements aim to provide a mechanism for ensuring that any incidents affecting the
More informationMARQUIS DISASTER RECOVERY PLAN (DRP)
MARQUIS DISASTER RECOVERY PLAN (DRP) Disaster Recovery is an ongoing process to plan, develop, test and implement changes, processes and procedures supporting the recovery of the critical functions in
More informationBusiness Continuity Policy & Plans
Agenda Item 8.3a SNCCG Governing Body 11.03.2014 Business Continuity Policy & Plans Ref Number: Version: 1 Status: Pending Approval Author: A Brown Approval body Governing Body Date Approved Date Issued
More informationHealth, Safety and Environmental Management System
Health, Safety and Environmental Management System At Phillips 66 we take the time to work safely, every job, every day. Contents Chairman s Message...1 Operational Excellence...2 HSE Management System
More informationThis presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses.
1. An Introduction This presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses. This presentation was prepared by the South Central Economic
More informationCorporate Risk Management Policy
Corporate Risk Management Policy Managing the Risk and Realising the Opportunity www.reading.gov.uk Risk Management is Good Management Page 1 of 19 Contents 1. Our Risk Management Vision 3 2. Introduction
More informationAll Oil and Gas Companies under the Jurisdiction of the National Energy Board (the Board or NEB) and All Interested Parties
File 172-A000-73 24 April 2002 To: All Oil and Gas Companies under the Jurisdiction of the National Energy Board (the Board or NEB) and All Interested Parties SECURITY AND EMERGENCY PREPAREDNESS AND RESPONSE
More informationBUSINESS CONTINUITY MANAGEMENT POLICY
BUSINESS CONTINUITY MANAGEMENT POLICY AUTHORISED BY: DATE: Andy Buck Chief Executive March 2011 Ratifying Committee: NHS Rotherham Board Date Agreed: Issue No: NEXT REVIEW DATE: 2013 1 Lead Director John
More informationSituation Manual Orange County Florida
Situation Manual Orange County Florida 530 Minutes Situation Manual Tabletop Exercise 1 Disaster Resistant Communities Group www.drc-group.com Comeback Ordeal Start Exercise During the exercise it will
More informationGUIDE TO DEVELOPING AND CONDUCTING BUSINESS CONTINUITY EXERCISES
GUIDE TO DEVELOPING AND CONDUCTING BUSINESS CONTINUITY EXERCISES ATLANTA, GEORGIA FEBRUARY 12, 2011 Table of Contents FOREWORD... ii 1.0 Introduction... 1 1.1. Purpose... 1 1.2 Organization... 1 2.0 Rehearsal,
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationChapter 1: An Overview of Emergency Preparedness and Business Continuity
Chapter 1: An Overview of Emergency Preparedness and Business Continuity After completing this chapter, students will be able to: Describe organization and facility stakeholder needs during and after emergencies.
More informationSafety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS. April 2008 1
Safety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS April 2008 1 Contents 1 Introduction 3 2 Management Systems 2.1 Management Systems Introduction 3 2.2 Quality Management System
More informationIdentify and Protect Your Vital Records
Identify and Protect Your Vital Records INTRODUCTION The Federal Emergency Management Agency s Federal Preparedness Circular 65 states The protection and ready availability of electronic and hardcopy documents,
More informationEMERGENCY PREPAREDNESS POLICY
EMERGENCY PREPAREDNESS POLICY CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: Policy Emergency Planning PURPOSE This document sets out the strategic framework for the management of emergency preparedness
More informationBusiness Continuity (Policy & Procedure)
Business Continuity (Policy & Procedure) Publication Scheme Y/N Can be published on Force Website Department of Origin Force Operations Policy Holder Ch Supt Head of Force Ops Author Business Continuity
More informationDisaster Ready. By: Katie Tucker, Sales Representative, Rolyn Companies, Inc
By: Katie Tucker, Sales Representative, Rolyn Companies, Inc Are you and your facility disaster ready? As reported by the Red Cross, as many as 40 percent of small businesses do not reopen after a major
More informationThe Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
More informationThe Disaster Recovery Self-Assessment Guide and Validation Model. Jim Kates Cognizant Technology Solutions Jim.Kates@cognizant.com
The Disaster Recovery Self-Assessment Guide and Validation Model Jim Kates Cognizant Technology Solutions Jim.Kates@cognizant.com How Would You Evaluate Your DRP? (Is it a Disaster Recovery Plan or a Dilbert
More informationEmergency Management Audit For Businesses
Emergency Management Audit For Businesses Sponsor Acknowledgement: This manual is sponsored by NZ Safety Limited and produced for the Ministry of Civil Defence Public Education Advisory Committee by Auckland
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationOverview of how to test a. Business Continuity Plan
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
More informationIT DISASTER RECOVERY CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report 10-34 October 13, 2010
IT DISASTER RECOVERY CALIFORNIA STATE UNIVERSITY, EAST BAY Audit Report 10-34 October 13, 2010 Members, Committee on Audit Henry Mendoza, Chair Raymond W. Holdsworth, Vice Chair Nicole M. Anderson Margaret
More informationHanh Do, Director, Information System Audit Division, GAA. SUBJECT: Review of HUD s Information Technology Contingency Planning and Preparedness
Issue Date: August 31, 2006 Audit Report Number 2006-DP-0005 TO: Lisa Schlosser, Chief Information Officer, A FROM: Hanh Do, Director, Information System Audit Division, GAA SUBJECT: Review of HUD s Information
More informationIt also provides guidance for rapid alerting and warning to key officials and the general public of a potential or occurring emergency or disaster.
Emergency Support Function #2 Communications ESF Coordinator: Information Technology Department Support Agencies: Tucson Fire Department Parks and Recreation Department Tucson Police Department Tucson
More informationAsset Management Systems Scheme (AMS Scheme)
Joint Accreditation System of Australia and New Zealand Scheme (AMS Scheme) Requirements for bodies providing audit and certification of 13 April 2015 Authority to Issue Dr James Galloway Chief Executive
More informationUNION COLLEGE INCIDENT RESPONSE PLAN
UNION COLLEGE INCIDENT RESPONSE PLAN The college is committed to supporting the safety and welfare of all its students, faculty, staff and visitors. It also consists of academic, research and other facilities,
More informationLFRS Business Continuity Planning
LFRS Business Continuity Planning 1.1 INTRODUCTION The LFRS Business Continuity Plan provides a framework for the activation, allocation and deployment of Lancashire Fire and Rescue Services resources
More information85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff
85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff Because a business continuity plan affects all functional units within the organization, each functional unit must participate
More informationBusiness Continuity. Introduction. Safer Business - Better Health. Issue date - December 2007
Business Continuity Business Continuity Safer Business - Better Health Issue date - December 2007 Introduction Would your business survive if it was affected by a major incident or circumstances beyond
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
More informationBusiness Continuity Management Policy
Governance 1 Purpose The purpose of this policy is to communicate Business Continuity Management (BCM) framework, responsibilities and guiding principles for Victoria to effectively prepare for and achieve
More informationCOMCARE BUSINESS CONTINUITY MANAGEMENT
COMCARE BUSINESS CONTINUITY MANAGEMENT Title Business Continuity Management Version 2.1 Authorised by Executive Committee Effective date Authorisation date 10/7/2012 10/7/2012 COMCARE BUSINESS CONTINUITY
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security- Perspective for Management Information Security Management Program Concept
More informationBusiness Continuity Policy and Business Continuity Management System
Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain
More informationCriminal Justice and Persons with Cognitive Disabilities. Criminal Justice and Persons with Cognitive Disabilities
Criminal Justice and Persons with Cognitive Disabilities Mary U. Eberle, J.D. Katie Heffernan, LCSW Goals for Today: Enable you to better protect and serve a vulnerable population in your communities Provide
More informationBusiness Continuity and Disaster Planning
WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More informationKPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity
INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM
More informationBusiness Continuity Management & Disaster Recovery GETTING STARTED Checklist for Local Businesses & Organisations
Business Continuity Management & Disaster Recovery GETTING STARTED Checklist for Local Businesses & Organisations Name of Organisation: Date: This Document has been designed to assist local businesses
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationVICTOR KHANYE LOCAL MUNICIPALITY PLAASLIKE MUNISIPALITEIT. ICT Business Continuity Plan. DRAFT v0.1 Page 1 of 9
VICTOR KHANYE LOCAL MUNICIPALITY PLAASLIKE MUNISIPALITEIT ICT Business Continuity Plan Policy Number: Approved by Council: Resolution No: Review Date: DRAFT v0.1 Page 1 of 9 Contents 1 Purpose, scope and
More informationTaking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment
Taking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment John Linse Director of Business Continuity Services, EMC 1 Setting the Stage Taking a Proactive
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationBUSINESS CONTINUITY MANAGEMENT A Guide for Businesses In Northamptonshire
BUSINESS CONTINUITY MANAGEMENT A Guide for Businesses In Northamptonshire 1 What is Business Continuity? Business Continuity is a planning process which provides a framework to ensure the resilience of
More informationNEEDS BASED PLANNING FOR IT DISASTER RECOVERY
The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be
More informationProgram Overview. CDP is a registered certification designed and administered by Identity Management Institute (IMI).
Overview Certified in Data Protection (CDP) is a comprehensive global training and certification program which leverages international security standards and privacy laws to teach candidates on how to
More informationChecklist For Business Recovery
Checklist For Business Recovery Completed By: Name: Company: Room: Street: City, State, Zip: Phone #: Business Recovery Plan for: Business Recovery Plan (BRP)--LEVEL 1 (Executive Awareness/Authority) 1.
More informationAppendix 6c. Final Internal Audit Report Disaster Recovery Planning. June 2007. Report 6c Page 1 of 15
Appendix 6c Final Internal Audit Report Disaster Recovery Planning June 2007 Report 6c Page 1 of 15 Contents Page Executive Summary 3 Observations and Recommendations 8 Appendix 1 - Audit Framework 13
More informationBusiness Continuity Management Planning Methodology
, pp.9-16 http://dx.doi.org/10.14257/ijdrbc.2015.6.02 Business Continuity Management Planning Methodology Dr. Goh Moh Heng, Ph.D., BCCLA, BCCE, CMCE, CCCE, DRCE President, BCM Institute moh_heng@bcm-institute.org
More informationDisaster Recovery Planning Process
Disaster Recovery Planning Process By Geoffrey H. Wold Part I of III This is the first of a three-part series that describes the planning process related to disaster recovery. Based on the various considerations
More informationBuilding and Maintaining a Business Continuity Program
Building and Maintaining a Business Continuity Program Successful strategies for financial institutions for effective preparation and recovery Table of Contents Introduction...3 This white paper was written
More informationEMERGENCY MANAGEMENT ORGANIZATION
VI. EMERGENCY MANAGEMENT ORGANIZATION General 1. The overall responsibility for emergency preparedness rests with government on all levels, including all agencies of state, county and city in coordination
More informationFINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation
Facilitate Business Continuity Planning and disaster recovery for a Overview This unit is suitable for those working in risk management roles who have responsibility for facilitating business continuity
More informationNOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Specialist Operations Contingency Planning Business Continuity Manager 17.09.12
POLICY BUSINESS CONTINUITY Policy owners Policy holder Author Head of Services Specialist Operations Contingency Planning Business Continuity Manager Policy No. 132 Approved by Legal Services 17.09.12
More informationIt s the Business! Business continuity considerations for all organisations
It s the Business! Business continuity considerations for all organisations It ll never happen to me That s what they all say isn t it? But it happens a lot more than you d think. Statistics show that
More information9/3/2009. Information Systems Disaster Recovery. Learning Objectives. Why have a plan? unexpected? APPA-Institute for Facilities Management
Information Systems Disaster Recovery APPA-Institute for Facilities Management J. Craig Klimczak, D.V.M., M.S. Vice-Chancellor for Technology St. Louis Community College 300 South Broadway St. Louis, MO
More informationGLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY. 1. Occupational Health and Safety Policy Statement 1
GLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY CONTENTS PAGE 1. Occupational Health and Safety Policy Statement 1 2. Occupational Health and Safety Management System 2 3. Organisational Management
More informationBusiness Continuity Planning. A guide to loss prevention
Business Continuity Planning A guide to loss prevention There are many statistics quoted about the effect that a lack of planning for a disaster has on a business. What s certain is that any unplanned
More informationBusiness Continuity Policy
Business Continuity Policy St Mary Magdalene Academy V1.0 / September 2014 Document Control Document Details Document Title Document Type Business Continuity Policy Policy Version 2.0 Effective From 1st
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Business Continuity Management Standard for IT Systems This standard is applicable to all VCU School of Medicine
More information