An Introduction to. Business Continuity Planning

Similar documents
Desktop Scenario Self Assessment Exercise Page 1

BUSINESS CONTINUITY POLICY

ASX SETTLEMENT OPERATING RULES Guidance Note 10

Business Continuity Plan For Disaster Recovery in the event of a Critical Incident

Coping with a major business disruption. Some practical advice

Business Continuity Management AIRM Presentation

NAIT Guidelines. Implementation Date: February 15, 2011 Replaces: July 1, Table of Contents. Section Description Page

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited

Business Continuity Planning and Disaster Recovery Planning

Business Continuity & Disaster Recovery

AUSTRACLEAR REGULATIONS Guidance Note 10

Continuity of Operations Planning. A step by step guide for business

Guidance Note XGN XXX.1

disaster recovery and contingency plan RISK MANAGEMENT MADE TO MEASURE

Business Continuity Planning Guide

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy

BUSINESS CONTINUITY PLAN

Bus incident management planning: Guidelines

EXECUTIVE CRISIS MANAGEMENT TRAINING. Presented by Roseanne Rostron, CBCP Raido Response

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

Temple university. Auditing a business continuity management BCM. November, 2015

The PNC Financial Services Group, Inc. Business Continuity Program

SCHEDULE 25. Business Continuity

Emergency Response and Business Continuity Management Policy

BUSINESS CONTINUITY PLAN

Overview of how to test a. Business Continuity Plan

How to Exercise a Business Continuity Plan (BCP)

What is an Exercise? Agenda. Types of Exercises. Tabletop Exercises for Executives. Defining the Tabletop Exercise. Types of Tabletop Exercises

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.

Why Should Companies Take a Closer Look at Business Continuity Planning?

White Paper: ISO Business Continuity Management An Overview. ISO Business Continuity Management An Overview

Emergency Preparedness Guidelines

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

Business Continuity Management For Small to Medium-Sized Businesses

Assessing Your Disaster. Andrews Hooper Pavlik PLC. Andrews Hooper Pavlik PLC

PBSi Business Continuity Planning

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

Critical Incident Policy. Document Sponsor: Dr Stephen Weller Deputy Vice-Chancellor, University Services and Head of Campus, Cairns

Business Continuity Planning: Bridging the Gap Between IT and Business

PSPSOHS606A Develop and implement crisis management processes

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

Business Continuity and Disaster Recovery for Law Firms CAROLINE POYNTON

A Business Continuity Plan for Government. George Bomar Dianne Casey Texas Department of Licensing and Regulation

Business Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014

Business Continuity Planning. Presentation and. Direction

University of California Santa Cruz EMERGENCY RESPONSE PLAN

The ABC s of BCP. Jeremy Sucharski Governance Risk and Compliance G31

CRITICAL/NON CRITICAL INCIDENT MANAGEMENT AND REPORTING PROCEDURE

NHS 24 - Business Continuity Strategy

" # $% "%&$& Lesley Fayers Exercising the BCP workbook.doc Page 1 of 12

Business Continuity Management for Small and Medium Sized Enterprises

DISASTER RECOVERY PLANNING

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

Good Security. Good Business

Risk Management Guidelines

EMERGENCY MANAGEMENT PLANNING CRITERIA FOR AMBULATORY SURGICAL CENTERS

NHS Lancashire North CCG Business Continuity Management Policy and Plan

Creating the Resilient Corporation

CISM Certified Information Security Manager

With the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS

Business Continuity Plan

OREGON STATE UNIVERSITY MASTER EMERGENCY MANAGEMENT PLAN

How to Design and Implement a Successful Disaster Recovery Plan

Business Continuity Planning

TSMC s Business Continuity Management (BCM) Introduction

BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES

A Plan Outline for Neonatal Intensive Care Unit Evacuation Institution. Draft 1

BUSINESS CONTINUITY PLAN OVERVIEW

Tips and techniques a typical audit programme

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Business Continuity Policy and Business Continuity Management System

Critical Incident Management Policy

Emergency Management Policy v Page 1 of 12

BUSINESS CONTINUITY PLAN. Specific Issues for Public Health Emergencies. Guidelines for Air Carriers

Business Continuity and Disaster Recovery Planning

Office of Human Resources A Shared Service of DHS and OHA

Internal Audit Report Disaster Recovery / Business Continuity Planning

Business Continuity Plan

1.0 Policy Statement / Intentions (FOIA - Open)

University Emergency Management Plan

Beyond Effective Security. The Art and Science of Business Continuity Planning

How To Manage A Business Continuity Strategy

Flooding Emergency Response Exercise

Learning about an Emergency Management Plan GET READY NOW!

How to Plan for Disaster Recovery and Business Continuity

November 2007 Recommendations for Business Continuity Management (BCM)

AMBULATORY SURGICAL CENTERS (Based upon AHCA Form # JUL 94)

EMERGENCY COMMUNICATION PLAN

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY STRATEGY

Why Crisis Response and Business Continuity Plans Fail

Disaster Recovery Plan Checklist

Transcription:

An Introduction to Business Continuity Planning

Company Profile Practical Experience European Head Office Extensive Client Base Established 1998 Expert Consultants Global Network

Why BCP? I am often asked what single piece of advice I can recommend that would be most helpful to the business community. My answer is a simple, but effective, business continuity plan that is regularly reviewed and tested. Eliza Manningham-Buller, the Director General of MI5 (retired)

Why BCP? Legal compliance Retailer/supply chain requirements BRC Issue 6 requires BCP (clause 3.11.1) Demonstration by senior management and board of due diligence Shareholder protection Protect production and long term business Protect brand and reputation Competitive advantage in tender situations Insurance requirements Financial services authority requirements

BCP Service Offering Risk Profiling Review Business Impact Analysis Business Continuity Testing & Training Action Plans Immediate Response Plans

Risk Profiling We work with you to identify crisis types that could affect your business Fire Bomb Threat Environmental disaster HSE Investigation Terrorist Attack Pandemic Flu Malicious Threat Gas Explosion Flood Product Contamination Loss of Key Supplier Mass Absenteeism Summary of outputs from Risk Profiling Identified list of crisis types Severity / Probability classification Existing risk mitigation processes Site tour to identify hot spots

Business Impact Analysis Identify critical processes, systems and equipment Plan for alternatives and short / medium term workarounds Calculate maximum allowable downtime Identify alternatives with lead times and costs Developed at Department or Site level Summary of outputs from Business Impact Analysis Defined impact categories Identified critical business functions, processes and equipment Options for alternatives Define maximum allowable downtime & recovery prioritisation Resource requirements for recovery Table(s) compiling BIA details and supporting data

Action Plans Development Complementary to the outputs of the BIA are the action plans that are crisis type specific. We will create draft step by step procedures per incident type Procedures will be relevant, simple, effective and practical If multiple sites are involved, personnel from each site must also be involved Procedures for each incident type will each follow the same format Summary of outputs from Action Plans Development Action plans for each crisis type at company, site or department level depending on client requirements

Immediate Response Plans The RQA consultant will develop a simple plan that will cover the requirements of: Partial / full evacuation Roll call What to say to the emergency services Key hazards on site Communication Other items relevant to the specific client Summary of outputs from Immediate Response Plans Immediate Response Plans

Example Table of Contents of a BCP Table of Contents 1. Business Continuity Policy 2. Activating the BCP 3. Team 4. Roles & Responsibilities 5. Incident classification 6. Communication 7. Incident types e.g Fire, Flood etc. a. Incident Start b. Immediate incident response c. Escalation (how, when and by who) d. Data gathering (what data do you have / need) e. Incident assessment f. Action plan g. Business continuity h. Close out i. Review

Example Table of Contents of a BCP Appendices i. Immediate response plan ii. Business impact analysis matrix iii. Alternative suppliers, costs, lead times iv. Emergency contact lists (internal) v. Emergency contact lists (external) vi. RIDDOR reporting requirements vii. Insurance incident support & claims reporting requirements

Testing Incident run through The RQA consultant would run through a specific incident type and assess your capability for incident management and business continuity A report will be compiled that will highlight strengths and weaknesses in the process from incident start to finish Table top simulation RQA develop a crisis scenario with input from a member of your team. Your team receive notification of a serious incident. A range of injects escalate the incident You will need to gather relevant information to help you manage the incident This will test how your business continuity plans work in practice. Your team will feel like they experienced an actual serious incident. Learning points from the simulation will be compiled into a report

Testing Live exercise with emergency services RQA consultants develop a scenario with input from a member of your team The serious incident will start and you will notify the emergency services (ES) The fire and rescue service, police and ambulance will arrive and the incident will be played out on site as though real. The ES will expect to be briefed on the incident and remain in contact with a member of your site team. Members of your team will provide support, and others will observe. Normally, this exercise will involve an evacuation of a discrete area, including roll call and injects to extend the scale of the incident. After the exercise, a hot debriefing session will be led by the RQA consultant involving the client team and the emergency services. On completion, a full report will be prepared highlighting findings from the exercise with recommendations for further developments of plans and capability.

Review If you already have business continuity plans and are looking for an external specialist opinion we can arrange for a RQA consultant to provide an assessment. Assessment can be carried out remotely (i.e. desktop) or via a client meeting The consultant will be looking for effective risk profiling, business impact analysis and action plans that will be truly effective for your business The consultant will provide a comprehensive report with recommendations for further improvement The assessment will be made against industry best practice and RQA experience

Contact RQA contact@rqa-europe.com www.rqa-europe.com www.rqa-training.com +44 118 935 7242

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information