Agenda. Perform a BIA. Introduction. What is a Business Impact Analysis? 3/27/2014. Stacy Gardner (MBCI) Managing Consultant Avalution Consulting
|
|
- Louise Daniels
- 7 years ago
- Views:
Transcription
1 Perform a BIA the ISO Way Stacy Gardner (MBCI) Managing Consultant Avalution Consulting Agenda Introduction What is a Business Impact Analysis (BIA)? How ISO Approaches BIAs Differently Components Needed to Align to ISO How Aligning to ISO Drives Enhanced Preparedness Question and Answer Introduction Stacy Gardner, Managing Consultant Avalution Consulting (8 years) Worked in business continuity industry for 10+ years BCI US Chapter Board Member (2013 Present) Conference and Association Planning Committee Marketing Committee What is a Business Impact Analysis? ISO defines a BIA as the process of analyzing activities and the effect that a business disruption might have upon them Section Business Impact Analysis: The organization shall establish, implement, and maintain a formal and documented evaluation process for determining continuity and recovery priorities, objectives, and targets. This process shall include assessing the impacts of disrupting activities that support the organization s products and services. The business impact analysis shall include the following: Identifying activities that support the provision of products and services; Assessing the impacts over time of not performing these activities; Setting prioritized timeframes for resuming these activities at a specified minimum acceptable level, taking into consideration the time within which the impacts of not resuming them would become unacceptable; and Identifying dependencies and supporting resources for these activities, including suppliers, outsource partners, and other relevant interested parties. 1
2 ISO PDCA Model What is a Business Impact Analysis? Similar concept to other standards, but ISO requires specific (arguable unique) management involvement prior to and following the BIA ISO emphasizes: Understanding Critical Products and Services Involving Management in Scoping (Based on Products and Services) Justifying Exclusions in the Scope Defining Time, Capability and Quality Requirements Receiving Management Approval of Requested Recovery Objectives Even if you have a mature BIA, you can still execute ISO activities to confirm and appropriately structure your BIA Understanding Critical Products and Services Top down perspective on priorities Focus less on the org chart and more on what drives your business What are your value adding outcomes? How/why do customers depend on your work? What organizational factors influence need to meet expectations? Regulatory oversight? Environment? Impacts on customers for failure to deliver? Approach helps relate business continuity concept to how leadership views organization and gives FOCUS Involving Management in Scoping Leadership s forest perspective can help ensure business continuity program goals reflect organizational goals (by defining critical product and service specific downtime tolerances) Scope should support achievement of these goals by: Aligning departments, activities and resources to critical products and services Defining common criteria to determine criticality/prioritization Process allows for high level identification of obligations Scope of the program should equal scope of BIA 2
3 Justifying Exclusions in Scope ISO requires management to actively define scope exclusions and provide justifications Ensures scope limits are thoughtfully considered, documented, periodically assessed, and re confirmed (or modified) Exclusions must not affect or prevent the organization s ability to meet its committed objectives Defining Time, Capability, Quality Requirements TIME: How quickly must SOME capacity exist CAPABILITY: What capabilities must be recovered and to what level (how much) QUALITY: Will normal quality levels be met or are adjustments necessary ISO emphasizes only recovering what needs recovering to: Focus priorities Minimize requirements Define acceptable changes to normal state practices Receiving Management Approval of Recovery Objectives ISO approach enables connecting businessrequested recovery objectives to management defined products and services Management can then evaluate any discrepancies between their expectations and the business requests Linking requests to products and services provides support and justification for any necessary investment Key Point: Products and Services is How Management Thinks Presenting Requirements In This Manner will Increase Support Components That Enable Alignment to ISO Upfront management involvement Defined critical products and services with maximum downtimes Link between departments/activities and resources and the products/services they support Management review of BIA derived business continuity requirements FYI: The ISO guidance document will provide detailed content to support aligned and effective BIA outcomes 3
4 How Aligning to ISO Drives Enhanced Preparedness Gets management perspective and buy in from the beginning Gives boundaries and guidance for the business to support or push back on Enables validation of recovery times, but also capability to deliver and quality of the outcome Enables metrics and reporting on capability to deliver products and services, which is how management sees the organization Product / Service Service #1 Product #1 Product #2 Measuring True Capability with Metrics Maximum Downtime 4 Hours 96 hours 1 week Departments Directly Involved in Delivery Departments Indirectly Supporting Delivery Source of Validation Description of Strategy Validation Customer Service IT Date: Procurement Finance IT Date: Operations Shipping / Receiving Procurement Finance IT Date: Operations Shipping / Receiving Alignment to Capability Expectation? Define Critical Products and Services Research your website and marketing materials Assess your organization s vision/mission statement and other goal oriented declarations Connect with other groups (e.g. risk management) to assess if any past analysis assesses and categorizes customer deliverables Develop a products and services list and present it to executive leadership for feedback, then work with them to define maximum downtime tolerances for each Involve Management in Scoping (Based on Products and Services) Use Products and Services to develop scope statement Clarify management s commitment (or expectations) regarding downtime, capability and quality Identify the resources necessary to deliver in scope products and services Facilities, people, technology, equipment and suppliers Remember, the scope can change if BIA produces (and justifies) alternate requirements 4
5 Justify Exclusions in the Scope If management opts to exclude departments and resources from the program scope, work with them to justify and formally document the exclusion Capture exclusions within governance documents (policy or SOP) Review exclusions periodically to ensure continued accuracy Receive Management Approval of Requested Recovery Objectives Following performance of the BIA, analyze outcomes and identify if business recovery objectives are lower than or exceed products and services requirements Present business justifications to management and assess if adjustments need made to scope or BIA results Following approval, assess strategy effectiveness and identify gaps ISO 22301: Conclusion Requires management involvement at multiple stages to guide and confirm outcomes Supports the presentation of data in form to which management relates Helps validate true recoverability Can improve the effectiveness and value of existing BIAs Upcoming Resource: ISO 3317 Societal Security Business Continuity Management Systems Business Impact Analysis guidance document Question and Answer Thank you! Stacy Gardner
Business Intelligence & Business Continuity
Business Intelligence & Business Continuity BCM Maturity Curve April 22, 2013 COOP Systems Briefing 2 Chris Alvord, CEO, COOP Systems CBCP, MBCI, Former DRII Certified Trainer OCEG GRC, ISO 22301 Lead
More informationPreparation for ISO 45001 OH&S Management Systems
Preparation for ISO 45001 OH&S Management Systems HEALTH & SAFETY MANAGEMENT QUALITY MANAGEMENT ACCESSIBILITY ENVIRONMENTAL MANAGEMENT ENERGY MANAGEMENT ISO 45001 TIMELINE ISO project committee ISO PC
More informationBusiness Continuity Trends, Requirements and Expectations in 2009. Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting
Business Continuity Trends, Requirements and Expectations in 2009 Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting Overview What Is Business Continuity? The Value Proposition What
More informationBCM and DRP - RFP Template
BCM and DRP - The Supreme Council of Information & Communication Technology ictqatar PUBLICATION DATE Document Reference This document should be used as an example of the contents of an RFP for business
More informationDESIGNING A BUSINESS CONTINUITY TRAINING PROGRAM TO MAXIMIZE VALUE & MINIMIZE COST
CONTENTS A Brief Introduction... 3 Where is the Value?... 3 How Can We Control Costs?... 5 The Delivery Mechanism... 7 Strategies to Deliver Training and Awareness... 8 Proving Training/Awareness Program
More informationHow to measure your business resiliency
How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com
More informationWhy are PMO s are Needed on Large Projects?
Why are PMO s are Needed on Large Projects? Keeps Project Manager focused on: Priority risks Priority issues Stakeholder alignment Technical challenges Ensures administrative tasks are completed: Projects
More informationTable of Contents... 1
... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...
More informationMHA Consulting. Business Continuity Management 101
0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends
More informationMoving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide
Transition Guide Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems Extract from The Route Map to Business Continuity Management: Meeting the
More informationProcess Management: Creating Supply Chain Value
Process Management: Creating Supply Chain Value Carol L. Marks, C.P.M., Director of Purchasing and Business Management Systems Industrial Distribution Group, Southern Division 704/398-5666; carol.l.marks@idg-corp.com
More informationGuideline - Business Continuity Plan
Guideline - Business Continuity Plan 1. Introduction: The Business Continuity Plan is a component of the Risk and Business Management suite. This suite includes: Risk Management including risk registers
More informationSolihull Clinical Commissioning Group
Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience
More informationSERV SER ICE DE SIGN
SERVICE DESIGN Service Design Set of specialized organizational capabilities for providing value to customers in the form of services SOURCE: ITIL Service Design Publication, p. 11 Service Design Goals
More informationBusiness Management System Manual. Context, Scope and Responsibilities
Business Management System BMS Manual Page 1 of 11 Business Management System Manual Context, Scope and Responsibilities ISO 9001:2015 BMS.0100 R1 MAS Solutions LLC 29810 FM 1093 Suite C Fulshear, TX 77441
More informationISO 22301: Societal Security Terminology ISO 22313: BCMS Guidance ISO 22398: Exercises and Testing - Guidance
The Impact of ISO 22301 Moving Your BCM Program to a Management System Implementing the Newly Approved International Business Continuity Management System Standard & Guidance Documents ISO 22301: Societal
More informationThe Role of Internal Audit In Business Continuity Planning
The Role of Internal Audit In Business Continuity Planning Dan Bailey, MBCP Page 0 Introduction Dan Bailey, MBCP Senior Manager Protiviti Inc. dan.bailey@protiviti.com Actively involved in the Information
More informationBuilding a Disaster Recovery Program By: Stieven Weidner, Senior Manager
Building a Disaster Recovery Program By: Stieven Weidner, Senior Manager Part two of a two-part series. If you read my first article in this series, Building a Business Continuity Program, you know that
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationBusiness Continuity Planning Instructions
Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,
More informationIs Business Continuity Certification Right for Your Organization?
2008-2013 AVALUTION CONSULTING, LLC ALL RIGHTS RESERVED i This white paper analyzes the business case for pursuing organizational business continuity certification, including what it takes to complete
More informationBusiness Continuity Planning. Presentation and. Direction
Business Continuity Planning Presentation and Direction Thomas Bronack, president Data Center Assistance Group, Inc. 15180 20 th Avenue Whitestone, NY 11357 Phone: (718) 591-5553 Email: bronackt@dcag.com
More information2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP
2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.
More informationThe Management System Track
The Management System Track 1. What Is It? 2. How Does It Relate to Certification Bodies? 3. How to Implement It? 1 Presenters Paul Grace, MS, CAE Executive Director, NBCOT Dale Cyr, MBA, CAE Executive
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationRisk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015
+ Risk, Risk Assessments and Risk Management Christopher Bowler CPA, CISA August 10, 2015 + Agenda A Few Thoughts Fundamentals of Risk Assessments Fundamentals of Risk Management Assessments vs. Management
More informationBusiness Continuity Management
Business Continuity Management cliftonlarsonallen.com Introductions Brian Pye CliftonLarsonAllen Senior Manager Business Risk Services group 15 years of experience with Business Continuity Megan Moore
More informationHow to go from Concept to Customer: Best Practices in Product Delivery Cheryl Tulkoff, Randy Schueller, Greg Caswell and Jim McLeish
How to go from Concept to Customer: Best Practices in Product Delivery Cheryl Tulkoff, Randy Schueller, Greg Caswell and Jim McLeish Introduction Having a comprehensive review methodology for Product Delivery
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationBusiness Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM
Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit?
More informationProposal for Business Continuity Plan and Management Review 6 August 2008
Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationAudit of the Disaster Recovery Plan
Audit of the Disaster Recovery Plan Report # 11-05 Prepared by Office of Inspector General J. Timothy Beirnes, CPA, Inspector General Kit Robbins, CISA, CISM, CRISC, Lead Information Systems Auditor TABLE
More informationEFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics
EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Frances CLEARY 1, Keith HOWKER 2, Fabio MASSACCI 3, Nick WAINWRIGHT 4, Nick PAPANIKOLAOU
More informationQuality Manual ISO 9001:2015 Quality Management System
Quality management input comprises the standard requirements from ISO 9001:2015 which are deployed by our organization to achieve customer satisfaction through process control. Quality Manual ISO 9001:2015
More informationIl nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità
Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Massimo Cacciotti Business Services Manager BSI Group Italia Agenda BSI: Introduction 1. Why we need BCM? 2. Benefits of BCM
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationReliability Excellence (Rx) Assessment, Master Planning and Business Case Development Process
Rx Report POINTS OF INTEREST PAGE 2: The Reliability Excellence (Rx) Model PAGE 3: Evaluation Criteria PAGE 6: Sample Implementation Master Plan PAGE 6: Sample Business Case Reliability Excellence (Rx)
More informationBy: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015
Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,
More informationA Risk Based Thinking Model for ISO 9001:2015
A Risk Based Thinking Model for ISO 9001:2015 Bob Deysher Senior Consultant 2014 QSG, Inc. Agenda Why implement Risk Based Thinking? What does ISO 9001:2015 require? What is Risk Based Thinking? What is
More informationCONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT
CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT April 16, 2014 INTRODUCTION Purpose The purpose of the audit is to give assurance that the development of the Metropolitan Council s Continuity
More informationChapter 2 ISO 9001:2008 QMS
Chapter 2 ISO 9001:2008 QMS For internal use of BSNL only Page 1 ISO 9001:2008 QMS Introduction Everyone wants to achieve profits. Profits can come by more sales with some profit margin and also by cutting
More informationNHS Hardwick Clinical Commissioning Group. Business Continuity Policy
NHS Hardwick Clinical Commissioning Group Business Continuity Policy Version Date: 26 January 2016 Version Number: 2.0 Status: Approved Next Revision Due: January 2017 Gordon Stevens MBCI Corporate Assurance
More informationDesigning a business continuity training program to maximize value and minimize cost
Designing a business continuity training program to maximize value and minimize cost Susan Yardis Introduction Employees are often unaware of the existence of a business continuity management program within
More informationMeasuring Continuity Planning Program. Performance
Measuring Continuity Planning Program Performance Carl B Jackson Director Crisis Management & Continuity Planning Resource Center (CMCPRC) Measuring Continuity Planning Program Performance Session Agenda
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationImplementing Practical Information Security Programs
Implementing Practical Information Security Programs CISO Summit March 17-19, 2013 Presented by: David Cass, SVP & Chief Information Security Officer, Elsevier Information Security & Data Protection Office
More informationBusiness Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010
Business Continuity and Emergency Preparedness Planning Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010 Overview Define key terms and list essential elements of business continuity
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationISO 9001:2008 Quality Management System Requirements (Third Revision)
ISO 9001:2008 Quality Management System Requirements (Third Revision) Contents Page 1 Scope 1 1.1 General. 1 1.2 Application.. 1 2 Normative references.. 1 3 Terms and definitions. 1 4 Quality management
More informationIntroduction to AS 9100
Introduction to AS 9100 Rev. C 1 Questions we will cover today: What is AS9100? What does a company need to do to Register to AS9100 Rev C? What are the requirements? Section 4 General Requirements Section
More informationTips and techniques a typical audit programme
Auditing Business Continuity Planning Tips and techniques a typical audit programme Karen Wills, Senior Internal Auditor St James s Place Wealth Management February 2014 Contents Background Roles and Responsibilities
More informationBeyond Disaster Recovery: Why Your Backup Plan Won t Work
Beyond Disaster Recovery: Why Your Backup Plan Won t Work Contents Introduction... 3 The Data Backup Model - Upgraded for 2015... 4 Why Disaster Recovery Isn t Enough... 5 Business Consequences with DR-Only
More informationSound Transit Internal Audit Report - No. 2014-6
Sound Transit Internal Audit Report - No. 2014-6 Maturity Assessment: Information Technology Division Disaster Recovery Planning Report Date: June 5, 2015 Table of Contents Page Executive Summary 2 Background
More informationBusiness Continuity Policy
Business Continuity Policy St Mary Magdalene Academy V1.0 / September 2014 Document Control Document Details Document Title Document Type Business Continuity Policy Policy Version 2.0 Effective From 1st
More informationSustainability through Business Continuity Management
Sustainability through Business Continuity Management R Vaidhyanathan (RV) MBCI,CBCP, TE BS25999, BS25999LA, BCCE, 27001LA, ITIL Practice Head for Crisis Management & BCM Continuity and Resilience (CORE)
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationIT Governance Regulatory. P.K.Patel AGM, MoF
IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation
More informationAssessing Your Information Technology Organization
Assessing Your Information Technology Organization Are you running it like a business? By: James Murray, Partner Trey Robinson, Director Copyright 2009 by ScottMadden, Inc. All rights reserved. Assessing
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationBusiness Continuity Policy
Business Continuity Policy 1 NHS England INFORMATION READER BOX Directorate Medical Commissioning Operations Patients and Information Nursing Trans. & Corp. Ops. Commissioning Strategy Finance Publications
More informationSample Exam. IT Service Management Foundation based on ISO/IEC 20000
Sample Exam IT Service Management Foundation based on ISO/IEC 20000 Edition April 2011 Copyright 2011 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored
More informationINFOSEC.MY KNOWLEDGE SHARING SESSION
INFOSEC.MY KNOWLEDGE SHARING SESSION Integration BCM into your Organization: Challenges & Opportunities 31 st October 2007 1 Prabha Ramanathan ( CBCP, MBCI, MBCS, MSCS) Certified Business Continuity Professional.have
More informationIFMA Facility Management Learning System - Table of Contents
Competency: Communication Chapter 1: Communication Fundamentals o Topic 1: The Nature of Communication o Topic 2: Effective and Efficient Communication o Topic 3: Cross-Cultural Communication o Topic 4:
More informationServices Providers. Ivan Soto
SOP s for Managing Application Services Providers Ivan Soto Learning Objectives At the end of this session we will have covered: Types of Managed Services Outsourcing process Quality expectations for Managed
More information> State Street. Corporate Continuity Program. Continuity Organizational Structure. Program Oversight
> State Street An Integrated Approach to Continuity Metrics & Progress Reporting Presented to: Continuity Insights May 2007 Presented by: Chris Glebus Continuity Organizational Structure Executive Management
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationStrategic Planning for Small Business. Carol Rovello * carol@strategic-workplace-solutions.com * 828.280.6253
Strategic Planning for Small Business 1 Agenda Welcome Overview of Strategic Planning Key Planning Steps and Tools 2 Planning Controlling Management Functions Organizing Leading 3 Planning Alignment Strategic
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationSound Transit Internal Audit Report - No. 2014-3
Sound Transit Internal Audit Report - No. 2014-3 IT Project Management Report Date: Dec. 26, 2014 Table of Contents Page Background 2 Audit Approach and Methodology 2 Summary of Results 4 Findings & Management
More informationOctober 7, 2011. Presented to. The PMI Washington DC Chapter. Pedro Agosto. Director of Client Services, XA Systems, LLC. pedro.agosto@xasystems.
October 7, 2011 Presented to The PMI Washington DC Chapter By Pedro Agosto Director of Client Services, XA Systems, LLC pedro.agosto@xasystems.com Introduction Re-evaluating IT Services Today s Challenges
More informationWhite Paper. Lifecycle Disaster Recovery Costs
White Paper Lifecycle Disaster Recovery Costs Lifecycle Disaster Recovery Costs Do you really understand the costs to a financial institution for IT Disaster Recovery? Most professionals working in a
More informationISO 14001:2015: Key Changes
ISO 14001:2015: Key Changes Susan LK Briggs Convenor, ISO TC207/SC1/WG5 TC207 Workshop, 9/8/15 Topics for Discussion Background on ISO 14001 Revision Highlight of key changes in ISO 14001:2015 Top Management
More informationMajor Project Governance Assessment Toolkit
Major Project Governance Assessment Toolkit Mark Ritchie, University of Edinburgh Pauline Woods-Wilson, Lancaster University Project and Change Management Group Project and Change Management Group Established
More informationProject Management Consulting Services
Project Management Consulting Services Development organizations face a long list of challenges from personnel reductions, tight budgets, rising costs, increasing security risks and ever-increasing competition
More informationPrioritizing Projects to Maximize Return on Investment
Prioritizing Projects to Maximize Return on Investment 1 Table of Contents I. Introduction: The Importance of ROI...3 II. Getting Started: Laying the Foundation...4 III. Putting It Together: A Systematic
More informationStakeholder Engagement Planning Overview
Stakeholder Engagement Planning Overview Welcome to the Stakeholder Engagement Planning Toolkit We have built a Toolkit a set of Steps, Actions and Tools to support our engagement efforts and to build
More informationHuman Performance & the Role of Human Resources
DEFENSE LOGISTICS AGENCY AMERICA S COMBAT LOGISTICS SUPPORT AGENCY Human Performance & the Role of Human Resources Ms. Cheryl Steptoe-Simon July 20, 2016 Human Performance Functions Human Performance Components
More informationBirmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy
Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author
More informationHow to Deploy BS 25999 second edition
How to Deploy BS 25999 second edition Authored By Avalution Consulting and BSI Management Systems America TABLE OF CONTENTS TABLE OF CONTENTS... 2 1. INTRODUCTION... 3 2. ACHIEVING PROGRAM CREDIBILITY
More informationIn the launch of this series, Information Security Management
Information Security Management Programs: Operational Assessments Lessons Learned and Best Practices Revealed JUSTIN SOMAINI AND ALAN HAZLETON As the authors explain, a comprehensive assessment process
More informationProject Management Office Charter
Old Dominion University Office of Computing and Communication Services Project Management Office Charter Version: 1.0 Last Update: February 18, 2010 Created By: Anthony Fox, PMP OCCS Project Management
More informationManaging information technology in a new age
IBM Global Services Managing information technology in a new age Key Topics Keeps pace with the new purpose and structure of IT Describes a dynamic, flexible IT management construct Incorporates techniques
More informationMANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION
MANAGEMENT AUDIT REPORT OF DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION REPORT NO. 13-101 City of Albuquerque Office of Internal Audit
More informationMNLARS Project Audit Checklist
Audit Checklist The following provides a detailed checklist to assist the audit team in reviewing the health of a project. Relevance (at this time) How relevant is this attribute to this project or audit?
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationManaging Change in Organizations. Sonja Streuber, PMP, SSBB
Managing Change in Organizations Sonja Streuber, PMP, SSBB Sonja Streuber Project Mgmt & Engineering, Six Sigma, Risk Mgmt & Risk Analysis: 2000 2003 Agilent Technologies 2003 2009 Lockheed Martin 2009
More informationVICTOR KHANYE LOCAL MUNICIPALITY PLAASLIKE MUNISIPALITEIT. ICT Business Continuity Plan. DRAFT v0.1 Page 1 of 9
VICTOR KHANYE LOCAL MUNICIPALITY PLAASLIKE MUNISIPALITEIT ICT Business Continuity Plan Policy Number: Approved by Council: Resolution No: Review Date: DRAFT v0.1 Page 1 of 9 Contents 1 Purpose, scope and
More informationBUSINESS CONTINUITY MANAGEMENT POLICY
This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version BUSINESS CONTINUITY MANAGEMENT POLICY DOCUMENT CONTROL Type of Document Document Title
More informationBecoming a Customer Focused Organization
Becoming a Customer Focused Organization April M. Schweighart Director of Customer Programs Semiconductor Products Sector Motorola June 5, 2001 Agenda Why Become a Customer Focused Organization? Customer
More informationImpact of PMBOK 5 th Edition
PMP Exam Changes Impact of PMBOK 5 th Edition When the PMI exam will change Major Updates X1.1 Scope of Update Comments and feedbacks for prior version Overall review for accuracy Appropriate alignment
More informationEMA CMDB Assessment Service
The Promise of the CMDB The Configuration Management Database (CMDB) provides a common trusted source for all IT data used by the business and promises to improve IT operational efficiency and increase
More informationDisaster Recovery and Business Continuity Plan
Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix
More informationBusiness Continuity / Disaster Recovery Context
Capability Business Continuity / Disaster Recovery Context What is Business Continuity? The Business Continuity Program Life Cycle Copyright: Virtual Corporation, 1994 2006 Modified U.S. DoD Graphic Normal
More informationQuality Management System Manual ISO9001:2008
Quality Management System Manual ISO9001:2008 Controlled Copy Rev. 3 Page 1 of 21 7/1/13 Table of Contents Company Profile...5 Past...5 Present...5 Mission...5 Vision...5 Locations...6 1 Scope...6 1.1
More informationAS9100:2016 Transition Guide
AS9100:2016 Transition Guide Updated August 24, 2016 AS9100 Series Overview AS9100 Aerospace Management Systems is a widely adopted and standardized quality management system for the aerospace industry.
More informationCRR Supplemental Resource Guide. Volume 6. Service Continuity Management. Version 1.1
CRR Supplemental Resource Guide Volume 6 Service Continuity Management Version 1.1 Copyright 2016 Carnegie Mellon University This material is based upon work funded and supported by Department of Homeland
More information