Developing a Business Continuity Plan... More Than Disaster
|
|
- Claude Reeves
- 8 years ago
- Views:
Transcription
1 Developing a Business Continuity Plan..... More Than Disaster Recovery! April 19, 2010 UHY / MMA Business Survival Series
2 Webinar Focus.... Understanding the components of Business Continuity Planning and resulting Business Continuity Plan (BCP) Conducting a BCP Gap Analysis/Risk Assessment Developing and implementing your BCP Establishing a Disaster Recovery Plan (DRP) Testing your BCP, DRP and associated controls UHY Advisors, Inc. UHY Advisors, Inc. is the 15 th largest professional services firm in the U.S. Provide Business Advisory, Audit and Tax services to a wide variety of companies and industries. 20 offices located through the U.S., with Michigan offices in Southfield and Sterling Heights. UHY International Limited (UHYI), is one of the largest accounting firms in the world with 198 offices in 65 countries and approximately 6,300 employees. 1
3 Definitions Business Continuity Planning (BCP): The creation and validation of a practiced logistical plan for how an organization will recover and restore critical functions within a predetermined time after a disaster or extended disruption. 2. Disaster Recovery (DR): The process, policies and procedures related to preparing for recovery after a natural or human-induced disaster. Disaster recovery includes planning for resumption of business operations. Disaster Recovery includes physical facilities, equipment, applications, data, hardware, communications (such as networking) and other critical business processes. Definitions Risk Tolerance Level (RTL): A process by which a company determines the risks, vulnerability and impact analysis of various disaster scenarios on critical business processes and/or activities. RTL incorporates: Assessing and prioritizing business functions, processes, activities, etc. Identifying interdependencies between critical operations, departments, personnel and services Identifying potential impacts of uncontrolled, non-specific events on business functions, processes, activities, etc. 2
4 Definitions Recovery Point Objective (RPO): The acceptable time delay associated with systems, data and/or process before the loss of an activity become critical. 5. Recovery Time Objective (RTO): The acceptable amount of time to restore a designated business function. 6. Probable Maximum Business Interruption Loss (PML): Losses, based on worst-case scenario, that result from a business interruption...function of Seriousness and Duration BCP Why Bother? 1. Stability: Survival rate for companies that encounter a disaster without a business continuity plan is less than 10%! Only 6% of companies suffering from a catastrophic loss survive, while 43 % never reopen and 51 % close within two years. 2. Financial: - Contingency Planning Research pegs the average hourly downtime cost at $18,000 for a small business. - Assume they are off by 90%...that s: $1,800/hr...$7,200/24 hrs...$50,400/wk 3
5 BCP Why Bother? 3. It Makes Good Business Sense! Uncovers core business weaknesses Addresses visible and concealed areas of concern Strengthens customer perception Separates your company from competition Proactive BCP A Strategy BCP as an Offensive/Competitive Strategy Helps your company stand out from others: Business Continuity Standards are coming! ISO 27001, Austrian Standard HB 221:2003, NFPA 1600, PAS 56, BS Creates a business which operates its systems at the optimum levels: Flexible with the ability to quickly identify and respond to challenges, threats and disasters. 3. Builds a Resiliency into your operation: Hardened systems fail less often and return more quickly from day-to-day glitches. 4
6 BCP UHY Perspective From our perspective... BCP process involves the recovery, resumption, and maintenance of the entire business.. More than just IT and Data. Restoration of IT systems and electronic data is important.. but.. recovery of these system will not always be enough to restore operations. BCP involves the prioritization of business objectives and critical operations that are essential for recovery. BCP UHY Perspective 5
7 BCP Protection From??? Material Shortages Natural Disasters Delivery Delays Strikes Client/Customer Insolvency Business Continuity Product Liability Terrorist - Protection From Activities? Power Failure Technological Developments Computer Viruses Example of a Risk Map BCP Protection From??? 6
8 Business Continuity Planning Critical Steps Step 1 Assessment Objectives Include: 1. Raising Awareness 2. Involving All Business Units / Departments 3. Involving All Personnel 4. Identifying the Critical Interactions Between People, Processes and Departments... Examine the company as a whole for conditions and processes that t are critical for seamless business operations... a Threat Analysis. Plan is to provide management with a complete picture of processes, dependencies and threats. 7
9 Step 2 Risks, Vulnerabilities & Impact Analysis Impact Analysis: Assessment of operations to understand d and identify precisely what functions, activities, elements, etc. would be impacted should there be a disruption or disaster Risk Assessment: Determining the potential losses from a threat verses the cost of protective e measures against the value of the asset. How Much Do We Spend to Protect? RISK / COST / ROI Step 2 Risks, Vulnerabilities & Impact Analysis UHY s approach is to utilize a Risk Tolerance Level (RTL) strategy t to combine, Risks, Vulnerabilities and Impacts. TRL incorporates a FMEA (Failure Mode & Effects Analysis) format with: - SEVERITY (impact on your business) - FREQUENCY / OCCURANCE - Impact on your Customer(s) Scale is 1 to 10 for each: 1 = No Impact / Never Occurs 10 = Critical Impact / Daily Occurrence 8
10 Step 2 Risks, Vulnerabilities & Impact Analysis RTL # Reaction Plan: Less than 20 No corrective action and/or additional controls are required. 20 to 40 Risk control(s), including control method, process and frequency should be reviewed to identify reaction steps/actions needed to ensure business continuity. 41 to 60 Risk control(s), including control method, process and frequency should be improved to incorporate actions that will lead to a reduction in the RTL #. 61 to 80 Risk control(s), including control method, process and frequency indicate a concern regarding business continuity. Control should be improved to reduce the RTL #. Greater than 80 Represents a Business Continuity concern. The Risk and associated Control(s) must be improved by implementing actions that will reduce the RTL #. Step 3 Recovery Strategies & Actions Recovery Window... Specific period in which losses become intolerable. - The shorter the window, the more recovery resources need to be in place and ready. - For longer windows, the recovery resources can be put into place following the interruption. It is critical the recovery resources be: It is critical the recovery resources be: - Identified - Listed / Documented - Pre-Arranged / Pre-Planned -Tested 9
11 Step 3 Recovery Strategies & Actions Disaster / Interruption Levels: Level I: Interruption, ti i.e., Power is Out Time Frame - 1 hour, 4 hours, >24 hours Level II: Level III: Vacate the Facilities, i.e., Fire Time Frame - 1 day, 1 week, 1 month Facilities Gone, i.e., Tornado Time Frame - Immediate Actions Business Resumption Establish Recovery Action Checklist for each scenario...action Steps and Responsibilities Step 3 Recovery Strategies & Actions Recovery plans must: 1. Identify the resources required to resume basic level of business operations. 2. Document skills, equipment, procedures, steps, etc. required by each department/activity. 3 Specify authority roles and responsibilities to 3. Specify authority, roles and responsibilities to ensure that actions and tasks are managed, completed and communicated. 10
12 Step 4 Interdependencies Predominate Recovery Goal...to re-establish essential day-today d business functions before consequential effects occur. Key concerns: - What s the priority and sequence of recovery? - What should be first, second, third, etc. - Which functions are dependant on interacting functions? Interaction or Process Flow Diagrams can be used to identify dependencies.... Risk Mapping / Interactions Step 5 Training and Awareness Employees need to know and understand: 1. The fundamental requirements of your Business Continuity Plan... Who, What, Where, When, Etc. 2. The documented recovery action steps and their role and responsibilities... Where do I go? What do I do? What don t I do? 3. The reaction plan based on who is available. Employee training should be provided on at least an annual basis. Records should be retained. 11
13 Step 6 Testing Plans BCP testing should be based on the importance of the business process to the both the company and to the customer base. The testing process should be structured to: Incorporate and address the identified risk levels Assign and designate roles and responsibilities for testing and reporting Demonstrate that the business continuity strategy and recovery action steps have the ability to sustain the business until operations can be re-established Step 6 Testing Methods Testing methods vary from simple to complex... Depends on the Risk and Business Process complexity. Level I - Structured Walk-Through: Used as a training tool and as a test to determine fundamental compliance. Level II - Walk-Through Simulation Test: Choose a specific event.. apply the established recovery actions. Level III - Functional Test: Performing actual recovery processes as defined in the company s Recover Action Checklists. Level IV - Full-Scale Test: Real-life emergency is simulated as closely as possible. 12
14 Step 7 Maintenance / Sustainability The final step in developing and implementing a BCP/DRP is maintenance to ensure sustainability and effectiveness. The resulting BCP/DRP Manual is a living document that must be kept up-to-date: This document defines the policies and sets out the steps, recovery actions, roles, guidance, etc. for disaster recovery. This document must reflect changes in business, staffing, processes, technologies, etc. Reviewed and updated on at least an annual basis. BCP/DRP Manual...Format 13
15 Business Continuity Cost/Benefit BCP entails costs....there is no rule of thumb for the level of costs involved. Depends on: - The nature of the possible losses - The potential impact - The probability of the risks occurring Fundamentals apply... The tighter the safety net and the greater the availability, the higher the costs. Example... Idle production costs and damage to a company s image as a result of business interruption i are compared with the preventive and reactive expenses involved in BCP. Remember the earlier slide....minimum of $1,800/hour! Cost/Benefit Example Suppose we are considering the installation of a backup generator so that our servers can continue operation in the event of an extended power failure. Assume that we lose on average $50k for each extended power failure, and on average there are two such failures a year. The backup generator will prevent all such failures. Calculate the Annualized Loss Expectancy (ALE) by multiplying the Annual Rate of Occurrence(ARO) by the Single Loss Expectancy (SLE): ALE = ARO * SLE = 2 * $50k = $100k 14
16 Cost/Benefit Example ALE = ARO * SLE = 2 * $50k = $100k If the annualized cost (taking into account depreciation, training, and maintenance) of our backup generator is: 1. Less than $100k...we should install the generator. 2. Greater than 100k...we should accept the risk and not buy the generator. Business continuity plan is a countermeasure (like the backup generator) its value can be established using the same technique. BCP....Cost-Benefit A Business Continuity Plan reduces the probability of failure. - Assume that it reduces the probability of failure from 5% to 3%. - Assume the company is worth $20 million. - The value of our Business Continuity program is worth the difference between these two valuations, or $400, Is a reduction of failure probability from 5% to 3% unrealistic? It might be substantially more! 15
17 BCP... Just Thoughts... Insurance: - BCP regulates the preventive and reactive action to be taken in a crisis situation. - Business interruption insurance covers the consequential financial loss of a hazard (e.g. a fire). - By paying standing charges, the cost of necessary loss minimization measures and the profits lost, business interruption insurance contributes to the company s economic recovery following a crisis. Questions....Do We Have: 1. The Right Coverage? 2. Enough Insurance? BCP... Just Thoughts... The object of business interruption insurance is to cover the consequential loss(es) arising from a business disaster. Business interruption insurance essentially covers three main areas: 1. The net profit that would have been made if there had been no consequential loss. 2. The normal standing charges that still have to be paid and cannot be reduced. 3. The (loss minimization) costs incurred in order to reduce the duration and extent of the business interruption loss. Terms to Understand - PML & SUM INSURED 16
18 BCP... To Do List Determine RISKs and Business Impact for critical processes Define Business Recovery objectives, priorities, and expectations Define critical, time-sensitive functions and systems Incorporate changes into the plan Establish the Disaster Recovery Team Conduct employee training to test and understand the plan Test the plan periodically...make amendments to the plan Conduct Business Continuity Audits Improve processes to minimize exposure during disruptions Optimize operational strategies to mitigate against threats Questions? THANK YOU! Alan Lund UHY Advisors, Inc. Southfield, Michigan (248)
Business Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationBusiness Continuity Management
Business Continuity Management cliftonlarsonallen.com Introductions Brian Pye CliftonLarsonAllen Senior Manager Business Risk Services group 15 years of experience with Business Continuity Megan Moore
More informationUniversity of Michigan Disaster Recovery / Business Continuity Administrative Information Systems 4/6/2004 1
University of Michigan Disaster Recovery / Business Continuity Administrative Information Systems. 1 Michigan Administrative Information Services (MAIS) MAIS is responsible for the production support of
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationDisaster Recovery Plan (DRP) / Business Continuity Plan (BCP)
Preface Computer systems are the core tool of today s business and are vital to every business from the smallest to giant organizations. Money transactions, customer service are just simple examples. Despite
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
More informationBusiness Continuity Management
Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationOverview of how to test a. Business Continuity Plan
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
More informationTemple university. Auditing a business continuity management BCM. November, 2015
Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program
More informationFederal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities
More informationPAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationPost-Class Quiz: Business Continuity & Disaster Recovery Planning Domain
1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business
More informationInteractive-Network Disaster Recovery
Interactive-Network Disaster Recovery BACKGROUND IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., terrorism,
More informationFederal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 MARCH 2008 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT
More informationShankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.
Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management
More informationContinuity of Operations Planning. A step by step guide for business
What is a COOP? Continuity of Operations Planning A step by step guide for business A Continuity Of Operations Plan (COOP) is a MANAGEMENT APPROVED set of agreed-to preparations and sufficient procedures
More informationSuccess or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper
Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an
More informationAudit, Finance and Legislative Committee Mayor Craig Lowe, Chair Mayor-Commissioner Pro Tem Thomas Hawkins, Member
City of Gainesville Inter-Office Communication April 3, 2012 TO: FROM: SUBJECT: Audit, Finance and Legislative Committee Mayor Craig Lowe, Chair Mayor-Commissioner Pro Tem Thomas Hawkins, Member Brent
More informationMHA Consulting. Business Continuity Management 101
0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends
More informationBusiness Continuity and Disaster Recovery Planning from an Information Technology Perspective
Business Continuity and Disaster Recovery Planning from an Information Technology Perspective Presenter: David Bird, Director of Sales, Business Technology Consultant phone: 215-672-7100 email: dbird@quatro.com
More informationBusiness Continuity Planning for Risk Reduction
Business Continuity Planning for Risk Reduction Ion PLUMB ionplumb@yahoo.com Andreea ZAMFIR zamfir_andreea_ileana@yahoo.com Delia TUDOR tudordelia@yahoo.com Faculty of Management Academy of Economic Studies
More informationNCUA LETTER TO CREDIT UNIONS
NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster
More information85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff
85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff Because a business continuity plan affects all functional units within the organization, each functional unit must participate
More informationDISASTER RECOVERY PLANNING GUIDE
DISASTER RECOVERY PLANNING GUIDE AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING FOR JD EDWARDS SOFTWARE CUSTOMERS www.wts.com WTS Disaster Recovery Planning Guide Page 1 Introduction This guide will provide
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationDisaster Recovery Planning Process
Disaster Recovery Planning Process By Geoffrey H. Wold Part I of III This is the first of a three-part series that describes the planning process related to disaster recovery. Based on the various considerations
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Three Information Security- Perspective for Management Business Impact Analysis ( BIA ) and Business
More informationFederal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES...
More informationBUSINESS CONTINUITY PLANNING GUIDELINES
BUSINESS CONTINUITY PLANNING GUIDELINES Washington University in St. Louis The purpose of this guide is to serve as a tool to all departments, divisions, and labs across the University in building a Business
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationProposal for Business Continuity Plan and Management Review 6 August 2008
Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four Data Handling in University Business Impact Analysis ( BIA ) Agenda Overview Terminologies Performing
More informationBusiness Continuity and Disaster Planning
WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and
More informationHow to write a DISASTER RECOVERY PLAN. To print to A4, print at 75%.
How to write a DISASTER RECOVERY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A DRP AND HOW CAN IT HELP MY COMPANY? CHAPTER PREPARING TO WRITE YOUR DISASTER RECOVERY PLAN
More informationWilliam Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University
William Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University Competitive Leadership- Twelve Principles For Success Brian Billick Chapter 3 Be Be Prepared The time
More informationBusiness Continuity Project Planning Process for Educational Institution
Business Continuity Project Planning Process for Educational Institution Varun Maheshwari; Rahul; Kumar Gaurav and Chandan Kumar Singh Student MSCLIS, IIIT Allahabad India Varunmaheshwari02@gmail.com Abstract
More informationWhy Should Companies Take a Closer Look at Business Continuity Planning?
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationDisaster Recovery. Hendry Taylor Tayori Limited
Disaster Recovery Hendry Taylor Tayori Limited Agenda What is Business Continuity planning (BCP) What is Disaster Recovery (DR) and Disaster Recovery Planning (DRP) Overview Lifecycle Analysis Plan design
More informationBusiness Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM
Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business
More informationUnit Guide to Business Continuity/Resumption Planning
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
More informationBusiness Continuity Planning
Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why
More informationWith 57% of small to medium-sized businesses (SMBs) having no formal disaster
Disaster Recovery For Business Owners Practical Guidance for a Critical Operation With 57% of small to medium-sized businesses (SMBs) having no formal disaster recovery plan (Symantec, 2011), and 52% believing
More informationModule 7. Business Continuity Management
Module 7 Business Continuity Management MODULE 7: BUSINESS CONTINUITY MANAGEMENT Table of Contents Module 7: Business Continuity Management... 1 SECTION 1: OVERVIEW... 7 MODLULE 7: BUSINESS CONTINUITY
More informationPlanning for Disaster Disaster
Planning for Disaster Ramesh Ramani CISM CGEIT Ramesh Ramani CISM CGEIT Paramount-Dubai Agenda Disaster Management-Introduction Examples BCP and IT Continuity Process of Disaster Management-PDCA Disaster
More informationQ uick Guide to Disaster Recovery Planning An ITtoolkit.com White Paper
This quick reference guide provides an introductory overview of the key principles and issues involved in IT related disaster recovery planning, including needs evaluation, goals, objectives and related
More informationPBSi Business Continuity Planning
Business Continuity Planning Definition Business Continuity planning is a planning process designed to reduce the risk that disruptive failures or events could seriously harm your business. It is designed
More informationKPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity
INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM
More informationPrinciples for BCM requirements for the Dutch financial sector and its providers.
Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011
More informationBusiness Continuity and the Cloud. Aaron Shaver US Signal, Solution Architect
Business Continuity and the Cloud Aaron Shaver US Signal, Solution Architect Overview What is BC/DR? Why should businesses have a strategy? Why do many business choose not to? How does the cloud change
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More informationNational Fire Protection Association s Contribution to Business Continuity Strategies
National Fire Protection Association s Contribution to Business Continuity Strategies about me 1. Retired AVP Senior Business Risk Consultant 2. FM Global Trained: 1. 35 Years Service 2. Founder Member
More informationNORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)
NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy
More informationD2-02_01 Disaster Recovery in the modern EPU
CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October
More informationAssessment of natural hazards, man made hazards, technical and societal related risks and associated impact.
Aon Business Continuity Planning The Aon Business Continuity Planning practice provides consulting services that allow Aon clients to measure and manage their strategic and tactical risks through Crisis
More informationOhio Conference for Payroll Professionals Disaster Recovery
Ohio Conference for Payroll Professionals Disaster Recovery Speaker Bruce E. Phipps CPP 2011 APA Payroll Man of the Year Principal Product Manager US Legislative Analyst ORACLE Corporation bruce.phipps@oracle.com
More informationINFOSEC.MY KNOWLEDGE SHARING SESSION
INFOSEC.MY KNOWLEDGE SHARING SESSION Integration BCM into your Organization: Challenges & Opportunities 31 st October 2007 1 Prabha Ramanathan ( CBCP, MBCI, MBCS, MSCS) Certified Business Continuity Professional.have
More informationState of South Carolina Policy Guidance and Training
State of South Carolina Policy Guidance and Training Policy Workshop All Agencies Business Continuity Management Policy June 2014 Agenda Questions & Follow-Up Policy Workshop Overview & Timeline Policy
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jeffrey P. Back 2009 Oncore Associates, LLC Business Continuity Planning Business continuity planning is the way an organization can prepare for and aid
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationILLINOIS INSTITUTE OF TECHNOLOGY School of Applied Technology. Dave Wallenberg, Mario Russo and Batchum Mataruke Edited by Ray Trygstad
ITM Whitepaper ILLINOIS INSTITUTE OF TECHNOLOGY School of Applied Technology...because knowledge is power. Selling the Boss: Convincing Senior Management of the Need for Contingency Planning Dave Wallenberg,
More informationa Disaster Recovery Plan
Construction of a Disaster Recovery Plan David Godwin, Sr. Sales Engineer March 18, 2014 Objectives Understand What Disaster Recovery is? Why is Disaster Recovery Needed? Effectively assist customers or
More informationBusiness Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014
Business Continuity Planning Donna Curran, Director Audit and Risk Management February, 2014 Agenda Business Continuity Defined The Importance of a Plan Determining the Costs Business Impact Analysis MTO,
More informationDocumentation. Disclaimer
HOME UTORprotect DOCUMENTATION AMS/ROSI SERVICES CONTACT Documentation Disaster Recovery Planning Disaster Recovery Planning Disclaimer The following project outline is provided solely as a guide. It is
More informationSCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com
SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A
More informationOhio Supercomputer Center
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More informationNovember 2007 Recommendations for Business Continuity Management (BCM)
November 2007 Recommendations for Business Continuity Management (BCM) Recommendations for Business Continuity Management (BCM) Contents 1. Background and objectives...2 2. Link with the BCP Swiss Financial
More informationCISM Certified Information Security Manager
CISM Certified Information Security Manager Firebrand Custom Designed Courseware Chapter 4 Information Security Incident Management Exam Relevance Ensure that the CISM candidate Establish an effective
More informationManaging business risk
Managing business risk What senior managers need to know about business continuity bell.ca/businesscontinuity Information and Communications Technology (ICT) has become more vital than ever to the success
More informationTable of Contents... 1
... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...
More informationDisaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International
Disaster Recovery & Business Continuity Related, but NOT the Same! Teri Stokes, Ph.D., Director GXP International BCP Definitions Business Continuity Plan: An ongoing process supported by senior management
More informationBusiness Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010
Business Continuity and Emergency Preparedness Planning Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010 Overview Define key terms and list essential elements of business continuity
More informationFundamentals of Business Continuity Planning Have a Plan!
Fundamentals of Business Continuity Planning Have a Plan! Michael Kadar, MBCP, CISSP 2008 MK Continuity & Availability LLC kadarsro@talkamerica.net InfraGard Meeting Walsh College, Novi March 25, 2008
More informationDepartment of Information Technology Data Center Disaster Recovery Audit Report Final Report. September 2006
Department of Information Technology Data Center Disaster Recovery Audit Report Final Report September 2006 promoting efficient & effective local government Executive Summary Our audit found that a comprehensive
More informationBusiness Continuity & Disaster Recovery
Business Continuity & Disaster Recovery Safety First Quality Every Time 1 Business Continuity & Disaster Recovery Planning Who here has a formal Business Continuity & Disaster Recovery plan? The purpose
More informationBUSINESS CONTINUITY PLAN OVERVIEW
BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and
More informationNEEDS BASED PLANNING FOR IT DISASTER RECOVERY
The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be
More informationOperational Risk Publication Date: May 2015. 1. Operational Risk... 3
OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...
More informationPlanning for Disaster. Ramesh Ramani CISM CGEIT ramani@pcsuae.com 02 June 2010
Planning for Disaster Ramesh Ramani CISM CGEIT ramani@pcsuae.com 02 June 2010 Agenda Disaster Management-Introduction Examples BCP and IT Continuity Process of Disaster Management-PDCA Disaster Management
More information2014 NABRICO Conference
Business Continuity Planning 2014 NABRICO Conference September 19, 2014 6 CityPlace Drive, Suite 900 St. Louis, Missouri 63141 314.983.1200 1520 S. Fifth Street, Suite 309 St. Charles, Missouri 63303 636.255.3000
More informationCITY UNIVERSITY OF HONG KONG Business Continuity Management Standard
PUBLIC Version: 1.0 CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief
More informationBusiness Continuity Planning and Disaster Recovery Planning
Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 ISC 2 Key Areas of Knowledge Understand business continuity requirements 1. Develop and document project scope and plan
More informationPrepared by Rod Davis, ABCP, MCSA November, 2011
Prepared by Rod Davis, ABCP, MCSA November, 2011 Disaster an event, which causes the loss of an essential service, or part of it, for a length of time which imperils mission achievement. (Andrew Hiles,
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationBusiness Continuity Glossary
Developed In Conjuction with Business Continuity Glossary ACTIVATION: The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration;
More informationAssessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC
Assessing Your Disaster Recovery Plans Gregory H. Soule, CPA, CISA, CISSP, CFE Andrews Hooper Pavlik PLC Andrews Hooper Pavlik PLC Agenda Business Continuity Concepts Impact Analysis Risk Assessment Risk
More informationDisaster Recovery Plan Review Checklist. A High-Level Internal Planning Tool to Assist State Agencies with Their Disaster Recovery Plans
Disaster Recovery Plan Review Checklist A High-Level Internal Planning Tool to Assist State Agencies with Their Disaster Recovery Plans November 2008 DISASTER RECOVERY PLAN REVIEW CHECKLIST - FOR INTERNAL
More informationBusiness Continuity and Disaster Survival Strategies for the Small and Mid Size Business. www.integrit-network.com
Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business www.integrit-network.com Business Continuity & Disaster Survival Strategies for the Small & Mid Size Business AGENDA:
More informationThe purpose of this white paper is to outline the 5 steps required to prepare small-to-medium businesses for these disasters.
Top 5 Steps to Disaster Preparedness for SMBs The news is filled with headlines of disasters everything from earthquakes, tsunamis and tornadoes, to computer viruses that threaten to shut down an entire
More information#316 The Security Elements of Business Continuity & Disaster Recovery Plans
#316 The Security Elements of Business Continuity & Disaster Recovery Plans Ken Doughty CISA CBCP ODAS kdoughty@ozemail.com.au Presentation Outline Introduction Overview of Business Continuity Security
More information2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP
2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.
More informationInformation Security Policy. Chapter 11. Business Continuity
Information Security Policy Chapter 11 Business Continuity Author: Policy & Strategy Team Version: 0.5 Date: July 2008 Version 0.5 Page 1 of 6 Document Control Information Document ID Document title Sefton
More informationHOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING
HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYSTEMS Most organisations will, at some point, be faced with having to respond
More informationTO AN EFFECTIVE BUSINESS CONTINUITY PLAN
5 STEPS TO AN EFFECTIVE BUSINESS CONTINUITY PLAN Introduction The Snowpocalypse of 2015 brought one winter storm after another, paralyzing the eastern half of the United States. It knocked out power for
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationDisaster Recovery and Business Continuity What Every Executive Needs to Know
Disaster Recovery and Business Continuity What Every Executive Needs to Know Bruce Campbell & Sandra Evans Contents Why you need DR and BC What constitutes a Disaster? The difference between disaster recovery
More informationSome companies never recover from a disaster related loss. A business that cannot operate will lose money, customers, credibility, and good will.
How Disaster Recovery Planning Can Be Leveraged For Electronic Discovery and Litigation Response Digital Discovery and e-evidence John Connell April 1. 2008 Hurricanes, floods, earthquakes, power outages,
More information