Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper



Similar documents
Unit Guide to Business Continuity/Resumption Planning

Business Continuity Planning and Disaster Recovery Planning

CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

Documentation. Disclaimer

D2-02_01 Disaster Recovery in the modern EPU

Virginia Commonwealth University School of Medicine Information Security Standard

Disaster Recovery (DR) Planning with the Cloud Desktop

Why Should Companies Take a Closer Look at Business Continuity Planning?

Disaster Recovery and Business Continuity What Every Executive Needs to Know

Business Continuity and Disaster Recovery Planning from an Information Technology Perspective

DISASTER PLANNING AND RECOVERY

The Difference Between Disaster Recovery and Business Continuance

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk

DRAFT Disaster Recovery Policy Template

Ohio Supercomputer Center

Appendix J: Strengthening the Resilience of Outsourced Technology Services

Business Continuity Planning in IT

ESCB definitions of major business continuity terms in relation to payment and securities settlement systems 1

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

RISK CONTROL. Strategy guide for business continuity planning. Risk Management Guide

State of South Carolina Policy Guidance and Training

Business Continuity Management

Birkenhead Sixth Form College IT Disaster Recovery Plan

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Business Continuity Plan

How To Ensure That Non-Peoplesoft Applications Can Withstand Adverse Events

Clinic Business Continuity Plan Guidelines

Cisco Disaster Recovery: Best Practices White Paper

Business continuity management policy

Disaster Recovery Plan The Business Imperatives

Abhi Rathinavelu Foster School of Business

Business Continuity Business Continuity Management Policy

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning MARCH 2003 IT EXAMINATION H ANDBOOK

Louisiana Small Business Development Center

Interactive-Network Disaster Recovery

Code Subsidiary Document No. 0007: Business Continuity Management. September 2015

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

Chapter 1: An Overview of Emergency Preparedness and Business Continuity

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

PPSADOPTED: OCT BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

BUSINESS CONTINUITY PLANNING

Disaster Recovery Planning Process

GAO. Year 2000 Computing Crisis: Business Continuity and Contingency Planning

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy

Contingency Planning Guide

CIS 523/423 Disaster Recovery Business Continuity

Q uick Guide to Disaster Recovery Planning An ITtoolkit.com White Paper

Developing a Business Continuity Plan... More Than Disaster

APPENDIX 7. ICT Disaster Recovery Plan

SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT IT Backup, Recovery and Disaster Recovery Planning

Regulatory Framework for Disaster Recovery Planning for the ICT Industry

Table of Contents... 1

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity

Disaster Recovery & Business Continuity Dell IT Executive Learning Series

Flinders University IT Disaster Recovery Framework

Top 10 Disaster Recovery Pitfalls

Desktop Scenario Self Assessment Exercise Page 1

Table of contents. Maintaining Continuity of Operations with a Disaster Tolerance Strategy

APPENDIX 7. ICT Disaster Recovery Plan

Pervasive PSQL Meets Critical Business Requirements

IT DISASTER RECOVERY CALIFORNIA STATE UNIVERSITY, CHANNEL ISLANDS. Audit Report August 12, 2011

ISSUES PAPER PAYMENT SYSTEMS BUSINESS CONTINUITY

University of Michigan Disaster Recovery / Business Continuity Administrative Information Systems 4/6/2004 1

Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION

ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan

Disaster Recovery and Business Continuity Plan

FORMULATING YOUR BUSINESS CONTINUITY PLAN

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA

Clinic Business Continuity Plan Guidelines

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

Oadby and Wigston Borough Council. Information and Communications Technology (I.C.T.) Section

Business Continuity System for the KDPW Group

Business Continuity Overview

Disaster Prevention and Recovery for School System Technology

Technology Infrastructure Services

Protecting Your Production Document Output From Catastrophe

Dbvisit Standby Disaster Recovery Solution

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM

CISM Certified Information Security Manager

Blackboard Managed Hosting SM Disaster Recovery Planning Document

MaximumOnTM. Bringing High Availability to a New Level. Introducing the Comm100 Live Chat Patent Pending MaximumOn TM Technology

THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST. Business Continuity Plan

IT Disaster Recovery Plan Template

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E (mobile)

High Availability for Citrix XenApp

The handouts and presentations attached are copyright and trademark protected and provided for individual use only.

IBX Business Network Platform Information Security Controls Document Classification [Public]

Our Business Continuity Solutions Ensure Long-Term Success

Creating and Testing Your IT Recovery Plan

SUPERVISORY AND REGULATORY GUIDELINES: PU BUSINESS CONTINUITY GUIDELINES

Best Practices in Disaster Recovery Planning and Testing

Transcription:

Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006

Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an enterprise, public or private, we have learned, among other things, that we need to expect the unexpected. And while terrorist attacks and major weather events are the most egregious example of a disaster, we should be prepared for disruptions to the business on all fronts and all levels of severity. While it can be argued that Business Continuity Planning is an expensive and tedious endeavor, it is clear that a well thought out plan that helps assure business continuity in the event of a serious disruption to the operation of the business, may well mean the difference between business success and business failure. Purpose of Business Continuity Planning The primary objective of the business continuity plan is to reestablish essential business technology operations should a disruption occur as a result of a disaster or other potential causes. The objective is to assure that critical operations can resume normal processing within a reasonable period. Therefore, the business continuity plan should also: Identify weaknesses and implement a disaster prevention program; Minimize the duration of a serious disruption to business operations; Facilitate effective coordination of recovery tasks; and Reduce the complexity of the recovery effort. Business continuity is also about high availability. It is about maintaining the operation of the business in the event of a serious failure or disruption affecting a major enterprise business location. For instance, an objective for deploying distributed data centers is to provide redundancy, scalability and high availability. Redundancy is the first line of defense against any failure. Redundancy within a data center is just as important as redundancy between data centers, including application servers, databases, and communication and network linkages. Maintaining a comprehensive and rigorous backup and restore capability is central to establishing a business continuance strategy. In today s environment, the effects of a long-term Information Technology operations outage may be catastrophic. The development of a viable recovery strategy must, therefore, be a product not only of the providers of the organization s Information Systems, communications and operations center services, but also the users of those services and management personnel who have responsibility for the protection of the organization s assets. Success or Failure? Your Keys to Business Continuity Planning Page 1

Fail-over and Recovery Goals and Objectives Fail-over refers to rolling over the production IT operation to alternative servers, networks or locations, or to an alternative data center through automated and/or manual means. Recovery refers to the capability of restoring the primary production environment, such as the entire data center operation, if this is possible, and recovering the operations to the primary data center. The secondary data center or standby server or network environment reverts back to standby mode. Establishing this fail-over and recovery capability forms the basis of the business continuity objectives: Rapid resumption of critical operations following the loss or inaccessibility of staff at the primary business and IT operations locations; Rapid resumption of critical operations following a wide-scale, regional disruption at the primary business and IT operations locations; and A high level of confidence (through ongoing use or robust testing) that critical internal and external continuity arrangements are effective and compatible. The organization s business continuity principles should be consistent with cost effective, sound business operations and take into account the impact of the principle IT operations on the organization s various locations, customers, business partners and other stakeholders. These objectives consider the following elements of recovery: Recovery time expectations for each application component Tolerable data loss for each application component Recovery capacity or volume expectations Sound business continuity practices to support these objectives. At a high level, the Business Continuity Plan should include adequate coverage of the following elements: Emergency response procedures appropriate to any incident or activity that may endanger lives, property, or the capability to perform essential functions. Arrangements, procedures, and responsibilities, including data backup, offsite storage and contingency safeguards, that ensure critical operations can be continued and that sensitive information Success or Failure? Your Keys to Business Continuity Planning Page 2

can be protected if normal processing or data communications are interrupted for any reason for an unacceptable period of time. Recovery procedures and responsibilities to facilitate the rapid restoration of normal operations at the primary site, or if necessary, at the alternative data center facility, following the destruction, major damage or other interruptions at the primary site. Minimally acceptable prioritized level of degraded operation of critical systems or functions to guide implementation at the backup operational site. The business continuity plan must accommodate these established priorities. Interim manual processes to enable the continuance of critical operations in the absence of application, operational and general IT support. A Business Continuity Plan lays out the steps and strategies to be followed in the event of a disaster or disruptive event. However, these plans are only theoretical until they are tested. Realistic testing must be conducted on a regular basis with the critical business functions of the organization. The business continuity plan should operationally tested at a frequency commensurate with the risk and magnitude of loss or harm that could result from the disruption of a critical IT application or communication function. Further, the test plan only captures the current testing objectives and priorities at one point in time. It is the expectation that the plan is a living plan and should be updated during regular maintenance periods or when business events drive the need for new testing objectives. Readiness The development of the Business Continuity Plan is only one, albeit important, step in preparing the organization to maintain business continuity in the event of a disaster. A secondary purpose of business continuity planning process is to minimize the effect of disruptions. The organization must also be prepared by mitigating risks that would make recovery difficult no matter how good the business resumption plan is. A Vulnerability Assessment, Risk Assessment and Readiness Assessment should be conducted regularly to ensure that the organization is prepared to activate this plan and mitigate the risks to the organization in the event there are disruptions large and small. Success or Failure? Your Keys to Business Continuity Planning Page 3

Conclusion Planning for the business continuity of an organization in the aftermath of a disaster is a complex task. Preparation for, response to, and recovery from a disaster affecting the administrative, financial and operational functions of the organization requires the cooperative efforts of many support organizations in partnership with the functional areas supporting the "business" of the organization. The Business Continuity Plan is your best tool and guidance to respond to and coordinate these efforts. Success or Failure? Your Keys to Business Continuity Planning Page 4

About Ingenuity Ingenuity (www.teamingenuity.com) provides business continuity planning, telecommunications and power optimization, telecommunications invoice management services, web development and information technology solutions to a diverse group of commercial, government, and non-profit customers through its operations in Alabama, Colorado and Georgia. Success or Failure? Your Keys to Business Continuity Planning Page 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information