Business Continuity & Disaster Recovery



Similar documents
Lessons from Defending Cyberspace

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E (mobile)

BUSINESS CONTINUITY PLANNING

PBSi Business Continuity Planning

All. Presidential Directive (HSPD) 7, Critical Infrastructure Identification, Prioritization, and Protection, and as they relate to the NRF.

Why Should Companies Take a Closer Look at Business Continuity Planning?

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

BUSINESS CONTINUITY PLAN. Specific Issues for Public Health Emergencies. Guidelines for Air Carriers

Business Continuity and Disaster Recovery Planning

Federal Financial Institutions Examination Council FFIEC BCP. Business Continuity Planning FEBRUARY 2015 IT EXAMINATION H ANDBOOK

Intel Business Continuity Practices

Business Continuity / Disaster Recovery Context

Unit Guide to Business Continuity/Resumption Planning

Business continuity plan

An Introduction to. Business Continuity Planning

Business Continuity Planning for Risk Reduction

Creating a Business Continuity Plan for your Health Center

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION

Business Continuity Planning (800)

Continuity of Operations Planning. A step by step guide for business

State of South Carolina Policy Guidance and Training

Establishing A Secure & Resilient Water Sector. Overview. Legislative Drivers

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, February 12, 2013

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

Supplemental Tool: Executing A Critical Infrastructure Risk Management Approach

Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

Continuity of Operations Plan Template

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet

Technology Infrastructure Services

Contingency Planning and Disaster Recovery for BOMA

Appendix C Emergency Management and Related Terms and Definitions Handout

Business Resiliency Business Continuity Management - January 14, 2014

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

Business Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010

The PNC Financial Services Group, Inc. Business Continuity Program

Business Continuity Planning Instructions

Desktop Scenario Self Assessment Exercise Page 1

Business Continuity Plan

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

Prepared by Rod Davis, ABCP, MCSA November, 2011

With the large number of. How to Avoid Disaster: RIM s Crucial Role in Business Continuity Planning. Virginia A. Jones, CRM, FAI RIM FUNDAMENTALS

How To Write A Cybersecurity Framework

Cyber Security R&D (NE-1) and (NEET-4)

BUSINESS CONTINUITY POLICY

Disaster Recovery, Business Continuity & Other Lessons Learned

Preparing for the Convergence of Risk Management & Business Continuity

Interagency Statement on Pandemic Planning

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

Introduction to Business Continuity Planning. PCDC Introduction. Objectives. MPCA Series on Business Continuity Planning

Pandemic Planning. Presented by: Ron Wagner, IT Examiner with FDIC & Dana Lavey, Supervision Analyst with NCUA

Business Continuity Planning. Presentation and. Direction

National Fire Protection Association s Contribution to Business Continuity Strategies

The Homeland Security and Preparedness College of The NJ-OHSP

Business Continuity Planning and Disaster Recovery Planning

Disaster Recovery Plan The Business Imperatives

Fire Department Guide. Creating and Maintaining Business Continuity Plans (BCP)

Business Continuity Planning. Donna Curran, Director Audit and Risk Management February, 2014

BUSINESS RESILIENCE READY OR NOT

Business Continuity Management

Cybersecurity Framework. Executive Order Improving Critical Infrastructure Cybersecurity

DHS, National Cyber Security Division Overview

BCP and DR Plan With NAS Solution

Managing business risk

Overview of Homeland Security Funding 1999 to Present National Incident Management System Mandates and Training Requirements

NIST SP , Revision 1 Contingency Planning Guide for Federal Information Systems

Developing a Business Continuity Plan... More Than Disaster

Raising Business Continuity Management Awareness in Malaysia

Vendor Management. Outsourcing Technology Services

AUDITING A BCP PLAN. Thomas Bronack Auditing a BCP Plan presentation Page: 1

Fundamentals of Business Continuity Planning Have a Plan!

Business Continuity Planning from the municipal perspective

EASTERN KENTUCKY UNIVERSITY

Evaluating and Improving Your Business Continuity Plan

Business Continuity Plan For Disaster Recovery in the event of a Critical Incident

Clinic Business Continuity Plan Guidelines

WALLA WALLA COUNTY Comprehensive Emergency Management Plan

Continuity of Operations:

Subject: National Preparedness

Table of Contents ESF

Comprehensive Emergency Management Plan (CEMP) Annex V CONTINUITY OF OPERATIONS PLAN (COOP)

Cornell University EMERGENCY MANAGEMENT PROGRAM

Kuala Lumpur, Malaysia, May Report

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation

Principles for BCM requirements for the Dutch financial sector and its providers.

EMERGENCY SUPPORT FUNCTION (ESF) 14 LONG TERM RECOVERY AND MITIGATION

Business Continuity Management

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP

TEXAS HOMELAND SECURITY STRATEGIC PLAN : PRIORITY ACTIONS

Threat and Hazard Identification and Risk Assessment

cyberr by e-management The Leader in Cybersecurity Risk Intelligence (RI) Cybersecurity Risk: What You Don t Know CAN Hurt You!

Transcription:

Business Continuity & Disaster Recovery Safety First Quality Every Time 1

Business Continuity & Disaster Recovery Planning Who here has a formal Business Continuity & Disaster Recovery plan? The purpose of Business Continuity is to maintain a minimum level of business operations to ensure continuous supply to our customers. The purpose of Disaster Recovery Planning is to ensure we have the tools, approach and support infrastructure in place to fully [or partially] restore the operation to business as usual quickly. Safety First Quality Every Time 2

Business Continuity & Disaster Recovery Planning Why do you need one? Minimize any negative impact to customer operations Identify critical systems and procedures (e.g. IT) Back up systems, ensure peace of mind that ALL critical systems and procedures will be backed up and online as quickly as possible Minimize risk of delays Prioritize recovery time and objectives Document critical information and minimize decision making during a disaster Plan for extended downtime and getting back to normal Safety First Quality Every Time 3

Business Continuity & Disaster Recovery Planning What Is NFPA 1600? Evolved from Public Law 110-53 The National Commission on Terrorist Attacks Upon the United States (the 9/11 Commission), recognized NFPA 1600 as our National Preparedness Standard Widely used by public, not-for-profit, nongovernmental, and private entities on a local, regional, national, international and global basis. The NFPA 1600 has been adopted by the U.S. Department of Homeland Security as a voluntary consensus standard for emergency preparedness. http://www.nfpa.org/aboutthecodes/list_of_codes_and_standards.asp What does NFPA 1600 address? Provisions cover the development, implementation, assessment, and maintenance of programs for prevention, mitigation, preparedness, response, continuity, and recovery. Safety First Quality Every Time 4

Production Facilities and Personnel actions Notification Plan with details for immediate and ongoing internal and external communications Immediate protection of Facilities and Assets Continuing Security and Maintenance of Plant and Personnel Protection of Customer and Supplier property Transfer and transition of manufacturing to alternate facilities (as appropriate) Alternate sources for energy, communications, and utilities Technology recovery plan Preservation/recovery of BOMs, drawings, work instructions, and other vital production documents 5

Supply Base Risk Mitigation Program Supplier BCP Communications Plan from your suppliers Securing Specifications/BOM/Order details ERP Maintenance of supply activities and delivery chain Customer Related Actions Notification and ongoing Communications Plan to address supply continuity Other specific information related to continuing business operations. 6

Business Imperatives Do you know which your key business objectives are; those outcomes that would cause severe long-term damage to your organization if they failed? Can you quantify the extent to which failure of key business objectives would damage your business, in financial and other terms? If your key business objectives fail, do you know how quickly they would need to be restored to avoid long-term damage? 7

Mission Critical Activities Have you identified which business activities your key objectives depend upon; directly or indirectly? Do you understand the nature of the interdependencies between these mission critical activities (MCAs)? Do you know which of your MCAs are dependent upon the continuing ability of 3 rd parties to provide you with goods, materials or services? 8

Threats and Vulnerabilities Do you understand the spectrum of risks and threats, both internal and external to the organization, which could disrupt your key business objectives? Are there any specific threats that have a greater probability of occurring due to the location, environment or nature of your business? Do you understand how vulnerable your MCAs are to these specific and generic threats? Have you identified all the potential single-point-offailure vulnerabilities? 9