Business Continuity and Disaster Planning
|
|
- Melvyn Edwards
- 8 years ago
- Views:
Transcription
1 WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services
2 Disasters are not always the result of high winds and rain. In the past two years, 52% of businesses experienced an unforeseen interruption, and the vast majority (81%) of these interruptions caused the business to be closed for one or more days. Source: 2009 Disaster Recovery & Business Continuity Survey As healthcare s reliance on technology increases, so does the need to ensure that critical systems and processes can be recovered quickly after operational interruption and/or disaster. As a result, Business Continuity Planning (BCP) is becoming a priority. This is not just an IT issue. CEOs, CIOs, risk managers, compliance officers and security officers are becoming more aware of the need to take strategic and proactive actions to protect their organizations. By developing and implementing a comprehensive Business Continuity Plan (BCP), the organization can minimize its overall risk of outages, operational down time and loss, resulting in improved patient care reliability and operational stability. Industry Semantics There are various industry terms to describe the effort to mitigate the negative effect of interruptions on operations: Business Resumption Planning, Disaster Recovery Planning, Crisis Management and Business Continuity Planning. Although each is a bit different as outlined below, all require a plan, a process and ongoing training to be effective. A Business Resumption Plan typically describes how to resume operations after a disruption or critical event. A Disaster Recovery Plan primarily deals with recovery of information technology and services assets after a disastrous interruption. Both plans imply an outage in critical operations or services and are essentially reactive in nature. Crisis Management refers to how an organization will deal with the emergency, disaster or catastrophe during the event. The focus at this stage is to carry on through the crisis, and to mitigate its effects during it. Recently there has been a move from Business Resumption Planning to Business Continuity Planning, acknowledging that in the healthcare environment, it s not sufficient to resume critical services; they must be provided continuously. Disaster Recovery and Crisis Management focus on rebuilding or alleviating the effects of a disaster, emergency or catastrophe. Business Continuity Planning focuses on sustaining the delivery of services for ongoing operations. If your healthcare organization has a well-structured BCP, it can continue to provide mission-critical services, regardless of the nature of the interruption. The Business Continuity Plan A Business Continuity Plan (BCP) is a collection of policies, procedures, protocols and information that is developed and maintained for use in the event of a business interruption. The BCP outlines the steps the organization will be required to take to quickly carry on business and operations. The BCP should 2
3 clearly describe the enabling processes required for operations, safety and workflow. The benefits of the BCP are far reaching: from patient safety, compliance and risk avoidance to employee and patient confidence. The basic elements of a well-planned BCP include a set of practical and realistic steps that begin with the identification of mission-critical systems and processes, and are followed by the actions needed to effectively continue the operations from an interruption/disaster to normal operations. Since most interruptions are isolated to specific areas geographies, departments, facilities, etc., the BCP should not be focused solely on organization-wide scenarios. Plans need to be developed and maintained for the huge variety of interruptions that may occur. Lastly, the BCP involves more than restoring information technology. It is a plan for operational continuity and should ensure that all critical operations are maintained when faced by an interruption. Developing a Plan The process in the development and maintenance of a BCP includes the five steps identified in the diagram to the right: Analysis, Solution Design, Implementation, Testing and Acceptance and Maintenance. Although the names for these steps may vary from organization to organization, each is critical for the successful development and implementation of a BCP. 1. Impact Analysis Maintenance Testing and Acceptance Analysis Business Continuity Planning Processes Implementation There are a few specific analyses that need to be performed prior to developing a BCP: Solution Design Business Impact Analysis (BIA): The objective of the BIA is to identify and distinguish between critical and non-critical operational functions, activities and/or processes. (In healthcare, functions related to patient safety would be considered critical, for example.) The results of the BIA will include recovery requirements for each critical function. Threat Analysis: This is a list of potential threats to ongoing operations and the recommended steps to recover from each. Threats include fire, flood, earthquake, sabotage, cyber attack, hurricane, utility outage, etc. Recovery Requirements Documentation and Review: Upon completion of the BIA, the operational and technical requirements are documented and reviewed. Reviewers should include senior leaders to operational end users. All stakeholders should be represented and engaged throughout the plan development process. This review ends with acceptance and sign-off on the documented requirements. Dependency Analysis: It is important to identify the internal and external dependencies of critical services. 3
4 Internal dependencies include employee availability, corporate assets, (equipment, facilities, computer applications, data, tools, vehicles), and support services (finance, human resources, security and information technology support). External dependencies include suppliers, any external corporate assets (equipment, facilities, computer applications, data, tools, vehicles), and support services (facility management, utilities, communications, transportation, finance institutions, insurance providers, government services, legal services, and health and safety services). 2. Solution Design The purpose of the solution design phase is to identify the most cost effective restoration solution that meets the requirements from the impact analysis stage. For IT applications, this is commonly expressed as: The minimum application and application data requirements The time frame in which the minimum application and application data must be available 3. Implementation Implementation is the execution of the design elements that have been identified in the previous steps. Although testing can occur throughout the BCP development, the unit testing that takes place during components of the implementation should not take the place of organizational testing. 4. Testing and Acceptance Testing is a critical step in the planning process to ensure organizational acceptance and readiness. It ensures that the business continuity solution satisfies the organization s restoration needs. Testing may include: Testing of moves to primary and secondary sites Operational manual processes cross over Disaster command center call back If the BCP fails to meet expectations, check for insufficient and/or inaccurate data or requirements, design discrepancies, or solution implementation errors. 5. Maintenance The BCP is a living document and will need to be reviewed and maintained on a periodic, scheduled basis. Maintenance of the BCP plan/document can be divided into three activities: 1. Confirmation of the information in the document and training for staff members whose roles are identified as critical for response and restoration. 2. Periodic testing and validation that the technical solutions are in fact available and appropriate for recovery operations. 3. Testing and validation to ensure documented operational services for the organization remain unchanged for continuous operations. These should be performed on a scheduled biannual or annual maintenance cycle. 4
5 BCP Strategic Benefits Well-planned organizations survive with limited impact when interruptions occur, while those that do not plan for these incidents may place their institution in jeopardy. Disasters can and will strike at any time. They may come in multiple forms. They can happen one at a time or all at once. Planning and testing of the identified solutions make the critical difference between successfully managing an incident within acceptable parameters and having a situation that may take days or longer to fix. It is important that each staff member understands and knows his/her specific task and role during a disruption. This requires consistent and frequent staff training on the processes and solutions outlined in the BCP. Frequent reviews are also required to keep the plan updated. This preparedness is critical to the strategic goals of any healthcare organization. A BCP: helps healthcare organizations fulfill their moral responsibility to protect patients, employees, the community and the environment facilitates compliance with regulatory requirements of federal, state and local agencies enhances an organization s ability to increase patient safety, reduce financial losses, regulatory fines, loss of market share, damages to equipment, or disruption to service delivery in the event of a business interruption reduces exposure to civil or criminal liability in the event of an incident enhances an organization s image and credibility with patients, employees, clients, funders, vendors and the community may reduce the organization s insurance premiums BCP Critical Success Factors 1. Governance, leadership, and sponsorship Ensure that a governance structure (i.e., committee) is in place that will ensure senior management commitment and define senior management roles and responsibilities. The BCP senior management committee is responsible for the oversight, initiation, planning, approval, testing and audit of the BCP. It also implements the BCP, coordinates activities, approves the BIA survey, oversees the creation of continuity plans and reviews the results of quality assurance activities. 2. User involvement Remember that the BCP is more than the IT department; all organizations, units and departments should be involved in the development of the plan, from the impact analysis through testing and implementation. Ownership by all staff is needed. Staff s solid understanding and knowledge of the process is imperative for success. 3. Training and testing BCPs can be smoothly and effectively implemented if and when all employees are briefed on the contents and are properly trained on their individual responsibilities. Continuous training updates and testing should be 5
6 developed and scheduled to achieve and maintain high levels of competence and readiness. While exercises are time and resource consuming, they are the only method for validating a plan. 4. Acceptance As part of the quality assurance and acceptance process, reviews of the BCP should assess the plan's accuracy, relevance and effectiveness. It should also uncover areas that need improvement. Continuous appraisal of the BCP is essential to maintaining its effectiveness. Reviews should be coordinated with operational staff, knowledgeable managers and the BCP steering committee. 5. Communication Ensure that there is a BCP communication plan. The communication process ensures that all employees and affected personnel will have updated information. The communication plan should include links to training and specific organizational unit updates when the BCP is modified and updated. There is no such thing as over communicating when it comes to addressing the BCP. In my experience, people have the best intentions of putting together a great BCP. Then, resources and time become challenging constraints that hinder the process. However, based on industry and personal experience, it only takes one incident to put business continuity planning on the short list of priorities. Don t be caught with a skeleton plan; it could place your organization at great (and unnecessary) risk. About Hayes Hayes is ranked Top Professional Services Firm by KLAS,* and has won multiple Best in KLAS awards since Hayes is also ranked in Healthcare Informatics Top 100 and Inc s list of fastest growing companies. Hayes consultants are subject-matter experts in IT strategic planning, revenue cycle improvement, system implementation and optimization, interoperability and business and clinical operational efficiency. Hayes also offers software solutions to improve efficiency and productivity. To learn more about Hayes services, visit or call us at * Source: Top 20 Best in KLAS Awards: Software & Professional Services. 6
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationBUSINESS CONTINUITY PLAN OVERVIEW
BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and
More informationPAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationTable of Contents... 1
... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationBusiness Continuity Planning
Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationBUSINESS CONTINUITY PLAN
How to Develop a BUSINESS CONTINUITY PLAN To print to A4, print at 75%. TABLE OF CONTENTS SUMMARY SUMMARY WHAT IS A BUSINESS CONTINUITY PLAN? CHAPTER PREPARING TO WRITE YOUR BUSINESS CONTINUITY PLAN CHAPTER
More informationDISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES
APPENDIX 1 DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES March 2008 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1
More informationA Guide to Business Continuity Planning
Government of Canada Office of Critical Infrastructure Protection and Emergency Preparedness Gouvernement du Canada Bureau de la protection des infrastructures essentielles et de la protection civile A
More informationWhy Should Companies Take a Closer Look at Business Continuity Planning?
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
More informationBusiness Continuity Planning 101. +1 610 768-4120 (800) 634-2016 www.strohlsystems.com info@strohlsystems.com
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationBuilding a strong business continuity plan
Building a strong business continuity plan Protect your clients and firm with a well-planned business continuity plan A solid business continuity plan (BCP) is about more than simply staying in compliance.
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationThe Business Continuity Maturity Continuum
The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity
More informationFederal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 MARCH 2008 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT
More informationKPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity
INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM
More informationSTEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015
STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015 AGENDA: Emergency Management Business Continuity Planning Q & A MONTH DAY, YEAR TITLE OF THE PRESENTATION 2 CANADIAN RED CROSS Disaster
More informationBusiness Unit CONTINGENCY PLAN
Contingency Plan Template Business Unit CONTINGENCY PLAN Version 1.0 (Date submitted) Submitted By: Business Unit Date Version 1.0 Page 1 1 Plan Review and Updates... 3 2 Introduction... 3 2.1 Purpose...
More informationBusiness Continuity and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
More informationUnit Guide to Business Continuity/Resumption Planning
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
More informationBy: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015
Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level June 9, 2015 By: Tracy Hall MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company,
More informationTemple university. Auditing a business continuity management BCM. November, 2015
Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program
More informationProtecting your Enterprise
Understanding Disaster Recovery in California Protecting your Enterprise Session Overview Why do we Prepare What is? How do I analyze (measure) it? What to do with it? How do I communicate it? What does
More informationOverview of how to test a. Business Continuity Plan
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
More informationTO AN EFFECTIVE BUSINESS CONTINUITY PLAN
5 STEPS TO AN EFFECTIVE BUSINESS CONTINUITY PLAN Introduction The Snowpocalypse of 2015 brought one winter storm after another, paralyzing the eastern half of the United States. It knocked out power for
More informationNCUA LETTER TO CREDIT UNIONS
NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster
More informationBusiness Continuity Planning for Risk Reduction
Business Continuity Planning for Risk Reduction Ion PLUMB ionplumb@yahoo.com Andreea ZAMFIR zamfir_andreea_ileana@yahoo.com Delia TUDOR tudordelia@yahoo.com Faculty of Management Academy of Economic Studies
More informationContinuity of Business
White Paper Continuity of Business SAS Continuity of Business initiative reflects our commitment to our employees, to our customers, and to all of the stakeholders in our global business community to be
More informationFederal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationBusiness Continuity Planning Preparing Your Organization
Business Continuity Planning Preparing Your Organization Nicholas De Laurentis, CRM, IGP nick.delaurentis.gmkj@statefarm.com 1 Objectives Understand the importance of Business Continuity Planning Know
More informationBusiness Continuity Planning for Schools, Departments & Support Units
Business Continuity Planning for Schools, Departments & Support Units 1 What is Business Continuity Planning? Examples Planning for an adverse, major or catastrophic event that would cause a disruption
More information7 Steps to Healthcare Strategic Planning
WHITE PAPER 7 Steps to Healthcare Strategic Planning Rob Drewniak Director, Strategic & Advisory Services Hayes Management Consulting Hayes WHITE PAPER: Healthcare Strategic Planning In healthcare today,
More informationBusiness Continuity and Disaster Recovery Planning from an Information Technology Perspective
Business Continuity and Disaster Recovery Planning from an Information Technology Perspective Presenter: David Bird, Director of Sales, Business Technology Consultant phone: 215-672-7100 email: dbird@quatro.com
More informationBusiness Continuity Planning. Presentation and. Direction
Business Continuity Planning Presentation and Direction Thomas Bronack, president Data Center Assistance Group, Inc. 15180 20 th Avenue Whitestone, NY 11357 Phone: (718) 591-5553 Email: bronackt@dcag.com
More informationDisaster Recovery Planning Process
Disaster Recovery Planning Process By Geoffrey H. Wold Part I of III This is the first of a three-part series that describes the planning process related to disaster recovery. Based on the various considerations
More informationMidsize Enterprise Summit Business Continuity Questions
Select Q&A, D. Scott, F. DeSalvo Research Note 6 February 2003 Midsize Enterprise Summit Business Continuity Questions Current events have created a new awareness of the importance of business continuity
More information2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP
2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level Tracy L. Hall, MBCP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C.
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationFederal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES...
More informationCISM Certified Information Security Manager
CISM Certified Information Security Manager Firebrand Custom Designed Courseware Chapter 4 Information Security Incident Management Exam Relevance Ensure that the CISM candidate Establish an effective
More informationHow To Manage A Disruption Event
BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational
More informationBusiness Continuity Management
Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationBusiness Continuity Management
Business Continuity Management cliftonlarsonallen.com Introductions Brian Pye CliftonLarsonAllen Senior Manager Business Risk Services group 15 years of experience with Business Continuity Megan Moore
More informationFundamentals of Business Continuity Planning Have a Plan!
Fundamentals of Business Continuity Planning Have a Plan! Michael Kadar, MBCP, CISSP 2008 MK Continuity & Availability LLC kadarsro@talkamerica.net InfraGard Meeting Walsh College, Novi March 25, 2008
More informationPBSi Business Continuity Planning
Business Continuity Planning Definition Business Continuity planning is a planning process designed to reduce the risk that disruptive failures or events could seriously harm your business. It is designed
More informationINFOSEC.MY KNOWLEDGE SHARING SESSION
INFOSEC.MY KNOWLEDGE SHARING SESSION Integration BCM into your Organization: Challenges & Opportunities 31 st October 2007 1 Prabha Ramanathan ( CBCP, MBCI, MBCS, MSCS) Certified Business Continuity Professional.have
More informationDRAFT BUSINESS CONTINUITY MANAGEMENT POLICY
DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining
More informationBeyond Disaster Recovery: Why Your Backup Plan Won t Work
Beyond Disaster Recovery: Why Your Backup Plan Won t Work Contents Introduction... 3 The Data Backup Model - Upgraded for 2015... 4 Why Disaster Recovery Isn t Enough... 5 Business Consequences with DR-Only
More informationSome companies never recover from a disaster related loss. A business that cannot operate will lose money, customers, credibility, and good will.
How Disaster Recovery Planning Can Be Leveraged For Electronic Discovery and Litigation Response Digital Discovery and e-evidence John Connell April 1. 2008 Hurricanes, floods, earthquakes, power outages,
More informationBusiness Continuity Planning
Business Continuity Planning CSH5 Chapter 58 Business Continuity Planning Michael Miora Justifying Costs of BCP 1 Copyright 2014 M. E. Kabay. All rights reserved. 2 Copyright 2014 M. E. Kabay. All rights
More informationBusiness Continuity Planning in IT
Introduction: Business Continuity Planning in IT The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions
More informationNORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)
NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy
More informationBUSINESS CONTINUITY PLANNING GUIDELINES
BUSINESS CONTINUITY PLANNING GUIDELINES Washington University in St. Louis The purpose of this guide is to serve as a tool to all departments, divisions, and labs across the University in building a Business
More informationBusiness Continuity Policy
Page 1 of 16 Business Continuity Policy Issue Date: Aug 2013 Document Number: 00241 Prepared by: Business Management and Continuity Senior Manager Next Review Date: April 2014 Page 2 of 16 NHS England
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationDisaster Recovery Planning
Disaster Recovery Planning NOW or NEVER Disaster Recovery Team Aura Advanced Technologies Aura Advanced Technologies Inc 1301-1121 Sixth Avenue SW Calgary, Alberta T2P 5J4 Phone: 403-269-6123 Fax: 403-269-6169
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationPrinciples for BCM requirements for the Dutch financial sector and its providers.
Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011
More informationBusiness Continuity Policy
Business Continuity Policy Page 1 of 15 Business Continuity Policy First published: Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/14 Vicky Ryan Updated to include
More informationMastering Disaster A DATA CENTER CHECKLIST
Mastering Disaster A DATA CENTER CHECKLIST Disaster Doesn t Sleep It s not always a hurricane or a power grid failure that causes businesses to lose their data. More often than not, an isolated event like
More informationHanh Do, Director, Information System Audit Division, GAA. SUBJECT: Review of HUD s Information Technology Contingency Planning and Preparedness
Issue Date: August 31, 2006 Audit Report Number 2006-DP-0005 TO: Lisa Schlosser, Chief Information Officer, A FROM: Hanh Do, Director, Information System Audit Division, GAA SUBJECT: Review of HUD s Information
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationBusiness Continuity and Disaster Recovery Policy
Maine State Government Dept. of Administrative & Financial Services Office of Information Technology (OIT) Business Continuity and Disaster Recovery Policy I. Statement The Office of Information Technology
More informationBUSINESS CONTINUITY PLANNING
Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,
More informationNEEDS BASED PLANNING FOR IT DISASTER RECOVERY
The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be
More informationIT Disaster Recovery and Business Resumption Planning Standards
Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:
More informationIntel Business Continuity Practices
Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business
More informationDeveloping a Business Continuity Plan... More Than Disaster
Developing a Business Continuity Plan..... More Than Disaster Recovery! April 19, 2010 UHY / MMA Business Survival Series Webinar Focus.... Understanding the components of Business Continuity Planning
More informationD2-02_01 Disaster Recovery in the modern EPU
CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October
More informationBusiness Continuity Management 101. Patrick Potter, CBCP MHA Consulting ISACA November 19, 2009
Business Continuity Management 101 Patrick Potter, CBCP MHA Consulting ISACA November 19, 2009 1 Who is MHA Consulting Who We Are What We Do Leading boutique consulting firm since 1998 Provider of consulting
More informationBusiness Continuity Planning:
Business Continuity Planning: How prepared must a CFO & other Executives be for a potential interruption to the business Presenter: Bruce L Scott, Partner Risk & Business Continuity Services June 2005
More informationBusiness Continuity Management Policy
Business Continuity Management Policy Business Continuity Policy Version 1.0 1 Version control Version Date Changes Author 0.1 April 13 1 st draft PH 0.2 June 13 Amendments in line with guidance PH 0.3
More informationBUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE
BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE Introduction 1. Recently many organisations both public and private have directed much more time, money and effort towards protecting service
More informationCoping with a major business disruption. Some practical advice
Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps
More informationCisco Disaster Recovery: Best Practices White Paper
Table of Contents Disaster Recovery: Best Practices White Paper...1 Introduction...1 Performance Indicators for Disaster Recovery...1 High Level Process Flow for Disaster Recovery...2 Management Awareness...2
More informationBUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility
More informationInteractive-Network Disaster Recovery
Interactive-Network Disaster Recovery BACKGROUND IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., terrorism,
More informationThis presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses.
1. An Introduction This presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses. This presentation was prepared by the South Central Economic
More informationBusiness Continuity Planning Instructions
Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,
More informationWith the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS
How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning The world has experienced a great deal of natural and man-made upheaval and destruction in the past few years, including tornadoes,
More informationDepartment of Information Technology Data Center Disaster Recovery Audit Report Final Report. September 2006
Department of Information Technology Data Center Disaster Recovery Audit Report Final Report September 2006 promoting efficient & effective local government Executive Summary Our audit found that a comprehensive
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationInformation Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.
Information Security Management: Business Continuity Planning Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt. Overview BCP: Definition BCP: Need for (Why?) BCP: When BCP: Who
More informationPerformance Indicators for Disaster Recovery
Disaster Recovery Plan to ISO 17799 Introduction A disaster recovery plan attempts to run associated processes to transition smoothly in the event of a natural or human-caused disaster. To plan effectively,
More informationCONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT
CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT April 16, 2014 INTRODUCTION Purpose The purpose of the audit is to give assurance that the development of the Metropolitan Council s Continuity
More informationHow To Plan For An Event Like Ebola
DOES YOUR BUSINESS CONTINUITY PLAN ADDRESS AN EVENT LIKE EBOLA? The degree of spread of Ebola in the months ahead is uncertain. In the unlikely event of a worst- case scenario, can your organization meet
More informationBUSINESS CONTINUITY PLAN. Specific Issues for Public Health Emergencies. Guidelines for Air Carriers
BUSINESS CONTINUITY PLAN Specific Issues for Public Health Emergencies Guidelines for Air Carriers 1 Contents PART 1 BACKGROUND 1.1. Introduction 1.2. Purpose 1.3. Scope and Application 1.4. Definition
More informationEVALUATING YOUR DISASTER READINESS?
EVALUATING YOUR DISASTER READINESS? START WITH YOUR RESPONSE MANAGEMENT VENDOR Business Continuity and Disaster Recovery: Best Practices for Successful Planning What would happen to your organization if
More informationHow to Prepare for an Emergency: A Disaster and Business Recovery Plan
How to Prepare for an Emergency: A Disaster and Business Recovery Plan Chapter 1: Overview of the Disaster and Business Recovery Plan Purpose: To develop and establish a comprehensive Disaster and Business
More informationBusiness Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM
Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business
More informationBusiness Continuity Planning for Water Utilities: Guidance Document [Project #4319]
Business Continuity Planning for Water Utilities: Guidance Document [Project #4319] ORDER NUMBER: 4319 DATE AVAILABLE: June 2013 PRINCIPAL INVESTIGATORS: Jack Moyer, Rhiannon Kincaid, Kory Wilmot, Kate
More informationThe Service Desk. Increase adoption and leverage IT investments with a well-trained support function. WHITE PAPER
WHITE PAPER The Service Desk Increase adoption and leverage IT investments with a well-trained support function. Robert Drewniak Director, Strategic & Advisory Services No Support? No Adoption. Electronic
More information