Business Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM

Similar documents
MHA Consulting. Business Continuity Management 101

Proposal for Business Continuity Plan and Management Review 6 August 2008

Business Continuity Standards A Primer

How To Plan A Crisis Management Program

Business Continuity and Disaster Recovery Planning

With the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS

Business Continuity Planning (BCP) 101

Business Resiliency Business Continuity Management - January 14, 2014

RBC Business Continuity Management Program Exercising our Plans. BCAW Presentation

Loss Control Webcast. Disaster Recovery Planning we re not in Kansas anymore

RETAIL AUDIT FORUM - AUDITING BUSINESS CONTINUITY

Temple university. Auditing a business continuity management BCM. November, 2015

The Role of Internal Audit In Business Continuity Planning

External Supplier Control Requirements BCM

Introduction to Business Continuity Planning

Coping with a major business disruption. Some practical advice

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY

Evaluating and Improving Your Business Continuity Plan

The PNC Financial Services Group, Inc. Business Continuity Program

BCM and DRP - RFP Template

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Best Practices in Disaster Recovery Planning and Testing

Business Continuity Plan

BUILDING A SECURITY CONSCIOUS BUSINESS CONTINUITY MANAGEMENT (BCM) PROGRAM

SUPPORT ANNEX 16 TRAINING AND EXERCISES

BT Conferencing Business Continuity Management. Planning to stay in business

Professional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance

BUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION

Business Continuity Management 101. Patrick Potter, CBCP MHA Consulting ISACA November 19, 2009

Business Continuity & Disaster Recovery

#316 The Security Elements of Business Continuity & Disaster Recovery Plans

Business Continuity Roadmap -One Port s Approach. - Rich Baratta, ARM, ABCP Director, Risk Management Port of Long Beach

Business Continuity and Disaster Planning

The State Of Business Continuity Preparedness

Overview Of Emergency Management Exercises

Business Continuity Planning. Presentation and. Direction

2014 NABRICO Conference

Is Business Continuity Certification Right for Your Organization?

Business Continuity Policy and Business Continuity Management System

Business Continuity Management

The PNC Financial Services Group, Inc. Business Continuity Program

London Borough of Bromley. Executive & Resources PDS Committee. Disaster Recovery Plans for London Borough of Bromley

ISO 22301:2012 Societal Security Appendix B Business Continuity Management Systems Requirements 347

ISO 22301: Societal Security Terminology ISO 22313: BCMS Guidance ISO 22398: Exercises and Testing - Guidance

BUSINESS CONTINUITY PROGRAM (BCP) HANDBOOK FOR DEPARTMENT BCP TEAMS

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd

BCP and DR. P K Patel AGM, MoF

Business Continuity Planning for Water Utilities: Guidance Document [Project #4319]

Business Continuity Planning: An Evolutionary SQF Code Element

Using the GPGs to Solve Business Continuity Problems

Governance, Risk and Compliance Update & Hot Topics Pittsburgh Chapter IIA December 3, 2012

Business Continuity Management Systems. Protecting for tomorrow by building resilience today

Business Continuity Management Policy

How To Understand The State Of Business Continuity Preparedness

The Business Continuity Maturity Continuum

CISM Certified Information Security Manager

Global Statement of Business Continuity

Business Continuity Planning. Description and Framework. White Paper. Preface. Contents

> State Street. Corporate Continuity Program. Continuity Organizational Structure. Program Oversight

BUSINESS CONTINUITY PLAN

National Fire Protection Association s Contribution to Business Continuity Strategies

IT Service Continuity Management PinkVERIFY

PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT

Business Continuity Trends and Risk Considerations Financial Executives International Portland Chapter June

BCI Good Practice Guidelines (GPG) Location: Mauritius

1) Introduction. Why do Organizations Conduct Exercises? Exercises are used by organizations to:

Business Continuity. Port environment

Plan Development Getting from Principles to Paper

Prudential Standard CPS 232 Business Continuity Management

Why Should Companies Take a Closer Look at Business Continuity Planning?

Homeland Security Exercise and Evaluation Program Terminology, Methodology, and Compliance Guidelines

Meeting FFIEC Requirements: Enterprise-Wide Testing of Your. Business Continuity Plan

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited

Business Continuity Management Software

BUSINESS CONTINUITY STRATEGY

Business Continuity Management

Subject Area 1 Project Initiation and Management

Bryan Strawser, MBA, MBCP, MBCI, CEM, CPP, CISSP, PMP, PgMP, PfMP, CBCV

Business Continuity Management

NIST SP , Revision 1 Contingency Planning Guide for Federal Information Systems

Integrated Healthcare, Hospital and Medical Contingency Planning

Information Services IT Security Policies B. Business continuity management and planning

Business Continuity Management

Business Continuity Program Overview

Transcription:

Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM

New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit? Where do we begin? BCM is constantly changing and evolving

Disaster Recovery Critical IT systems supporting the business IT Service Continuity System replication Data replication Recovery sites vs. high availability DR tests

Program, policy, governance and standards Manage risk and exposure Develop recovery strategies Build continuity into the business Recover critical business processes Business Continuity

Resilience Automated recovery Geo-diverse Multi-instance Continuous data Operational resilience Reliability

Project Management Program governance, oversight, sponsorship Coordination of execution model Testing cycles Data repository Program refresh cycle

Certifications Disaster Recovery Institute (DRI) Business Continuity Institute (BCI) International Consortium Organizational Resilience (ICOR) Program Management PMI ITIL

Industry Standards ISO 22301 BS 25999 ISO 27001 ISO/PAS 22399:2007 NFPA 1600

Exercises & Scenarios HSEEP Table Top Failovers Functional First Responders Natural Disasters, Man-Made, Technological

Performing the Exercise Exercise Types There are two basic types of exercises: Discussion Based Operations Based

Performing the Exercise Discussion-Based Exercises Focus is primarily to strategic and policy concerns Validate roles and responsibilities Enable vetting of events that would normally disrupt business Identify gaps in resource planning Operations-Based Exercises Focuses on interaction Validates plans, policies, agreements, and procedures solidified in discussion-based exercises Identify gaps Examples Seminars Workshops Tabletop Games / Orientations Examples Structured Walk-Through Drill Functional-Exercises Full-scale Exercises

Classic Exercise Methodology Exercise project management involves five phases: Foundation Design and Development Conduct Evaluation Improvement Planning

Risk Environments Enterprise Small to Medium Businesses Supply Chains Operational Risk Assessments Business Impacts Dependencies

Approaching Risk

Hot Topics Supply Chain Enterprise Risk Environment Internet of Things Cloud

Supply Chain Council Charter Driving Business Continuity Drive program ownership Understanding & Awareness for Supply Chain BCP Bring Key Players to the table for Suppliers Steering Program Management Review/approve program objectives Set priorities for program execution Supply Chain Recovery & Resiliency Logistics & Security Infrastructure Road, Rail, Ports, Air, Labor Unrest Asset Protection Cargo Damage/Theft Warehouse Managing and Mitigating Risks Review Supply Chain risks and mitigations Provide governance over risk mitigation Ensure necessary resources are available Validate Supply Chain can sustain an Disruption Manufacturing Standards ISO 14001, 22301, and NFPA1600 Development with MSCIS & Security Ops Quality Assurance Capacity Planning Audit & Compliance SOX, Regulatory Financial Reporting Trade / Fair-Trade or American Act Environmental Security Clearance Traffic & Arms

Tools Archer LDRPS ebrp ShadowPlanner Internal Mass Notification(s) SunGard Availability

Bridge them Together What? Who? How? Why? When? Where? Next Steps?

Types of Plans Building plans BCPs DRPs SOPs (integration) ERPs Cyber Response Incident, etc. The Plan, The Plan, The Plan Boss

Professional Tool Kit What goes in here Grab n Go Professional Bag Response Expertise Blend

Questions Britt Corra Advisor Enterprise Business Continuity One Microsoft Way Redmond, WA 98052 Tel: (425) 421-0889 Mobile: (206) 818-2748 britco@microsoft.com Erika Voss, CBCP, CHS-III, CORE, MBCI Senior Business Continuity Manager One Microsoft Way Redmond, WA 98052 Tel: (425) 421-2403 Mobile: (206) 817-9317 evoss@microsoft.com

References ANSI / NFPA 1600:Standard on Disaster/Emergency Management and Business Continuity Programs. National Fire Protection Association http://www.nfpa.org British Standards BCI Good Practice Guidelines Section 5 & 6, British Standard 25999 Parts 1 & 2 BS 25777:2008 Information and Communication Technology Continuity Management www.thebci.org BS 25999-1: 2006 Business Continuity Management Part 1: Code of Practice. BSI Business Information http://www.bsi-global.com Business Continuity Guideline, A Practical Approach to Emergency Preparedness, Crisis Management, and Disaster Recovery. ASIS, http://www.asisonline.org/guidelines/guidelines.htm

References Continued ANSI / NFPA 1600:Standard on Disaster/Emergency Management and Business Continuity Programs. National Fire Protection Association http://www.nfpa.org British Standards BCI Good Practice Guidelines Section 5 & 6, British Standard 25999 Parts 1 & 2 BS 25777:2008 Information and Communication Technology Continuity Management www.thebci.org BS 25999-1: 2006 Business Continuity Management Part 1: Code of Practice. BSI Business Information http://www.bsi-global.com Business Continuity Guideline, A Practical Approach to Emergency Preparedness, Crisis Management, and Disaster Recovery. ASIS, http://www.asisonline.org/guidelines/guidelines.htm

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information