Business Continuity / Disaster Recovery Context



Similar documents
Business Continuity in Healthcare

Using the Business Continuity Maturity Model To Gain Executive Approval. June 20, 2006

BC / DR Implementation Tying Disaster Recovery Investment to Measurable Business Value

CSC AND THE BUSINESS CONTINUITY MATURITY ASSESSMENT PROGRAM

Business Continuity Maturity Model

Business Continuity Program. EPC Quarterly Meeting November 5 th 2009 New York Presbyterian Cornell Campus

Business Resiliency Business Continuity Management - January 14, 2014

The PNC Financial Services Group, Inc. Business Continuity Program

Best-in-Class Crisis Preparation:

How Kaiser Permanente Prepares for Emergencies

Business Continuity & Disaster Recovery

International Business Continuity Program Management Benchmarking Report - An Exclusive Board Review

The PNC Financial Services Group, Inc. Business Continuity Program

Integrated Healthcare, Hospital and Medical Contingency Planning

Business Continuity Standards A Primer

Appendix 3 Disaster Recovery Plan

How to measure your business resiliency

Contingency Planning and Disaster Recovery for BOMA

Enterprise Security Tactical Plan

Business Continuity Management Group Policy

IT Governance (Worthwhile Exercise?) January 10, 2013 Presented by Chad Murphy, CISA

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA

The Business Continuity Maturity Continuum

HEALTH AND SOCIAL CARE BOARD POLICY ON BUSINESS CONTINUITY MANAGEMENT

NUMBER: IA-643 CREDIT HOURS: 3 PREREQUISITE: IA

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years

Boost BCM Program Maturity: Arm Your Team with the Right Tools. Jason Zimmerman Vice President Operations

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

Business Continuity Management Program Development Guide

Business Continuity Trends, Requirements and Expectations in Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting

MHA Consulting. Business Continuity Management 101

Business Continuity Plan

Moving from BS to ISO The new international standard for business continuity management systems. Transition Guide

CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT

Why you should adopt the NIST Cybersecurity Framework

Business Continuity Management Policy

Business Continuity Part 2 Converting Risk Assessments to Risk Mitigation Activities to Business Recovery Plans

Preparing for the Convergence of Risk Management & Business Continuity

Sytorus Information Security Assessment Overview

Is Business Continuity Certification Right for Your Organization?

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

PBSi Business Continuity Planning

Continuity of Business

Business Continuity Management Software

P3M3 Portfolio Management Self-Assessment

Desktop Scenario Self Assessment Exercise Page 1

Information Security Managing The Risk

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY

Enterprise-Wide Risk Assessment

eet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet

Business Continuity Planning (800)

Compliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire

Chapter 1: An Overview of Emergency Preparedness and Business Continuity

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Business Continuity and Disaster Recovery Planning

Facilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services

IT Risk & Security Specialist Position Description

Principles for BCM requirements for the Dutch financial sector and its providers.

PMO Starter Kit. White Paper

Cybersecurity The role of Internal Audit

STATEMENT OF MARK A.S. HOUSE OF REPRESENTATIVES

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Mining productivity has declined 28% in the last 10 years. MineLens enables you to reverse the trend and improve productivity.

Project Management Institute STRATEGIC PLAN. Prepared by: PMI Board of Directors

Lessons from Defending Cyberspace

PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT

Creating a Business Continuity Plan for your Health Center

Business resilience: The best defense is a good offense

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E (mobile)

Delaware Cyber Security Workshop September 29, William R. Denny, Esquire Potter Anderson & Corroon LLP

A BCP Tale: From Theory to Practice

Business Continuity Planning. Presentation and. Direction

Building the business case for continuity and resiliency

Course: Information Security Management in e-governance. Day 1. Session 3: Models and Frameworks for Information Security Management

Security Management Systems (SEMS) for Air Transport Operators. Executive Summary

Rethink Your Risk Assessment Lifecycle

Information Security Policy. Chapter 11. Business Continuity

The Value of Vulnerability Management*

Overview. Emergency Response. Crisis Management

External Supplier Control Requirements BCM

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

14 ESF 14 Long-Term Community. Recovery

Customer Experience Strategy and Implementation

BUSINESS CONTINUITY PLANNING

The President issued an Executive Order Improving Critical Infrastructure Cybersecurity, on February 2013.

Business Continuity Management Policy

Q uick Guide to Disaster Recovery Planning An ITtoolkit.com White Paper

Need to protect your business from potential disruption? Prepare for the unexpected with ISO

Disaster Recovery Journal Spring World 2014

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT

Problem Management Fermilab Process and Procedure

How To Prepare For A Disaster

Why you should adopt the NIST Cybersecurity Framework

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Overview of how to test a. Business Continuity Plan

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

1.0 Policy Statement / Intentions (FOIA - Open)

Disaster Recovery Plan The Business Imperatives

Transcription:

Capability Business Continuity / Disaster Recovery Context What is Business Continuity? The Business Continuity Program Life Cycle Copyright: Virtual Corporation, 1994 2006 Modified U.S. DoD Graphic Normal Operations Incident Occurs Recovery Time Objective Return to Normal Operations Emergency Response Recovery Restoration Acceptable Business Capability Time Proactive BCM Activities Reactive BCM Activities Proactive BCM Activities Prevention and Preparedness Risk Avoidance / Mitigation / Acceptance Response, Recovery & Restoration Prevention and Preparedness Risk Avoidance / Mitigation / Acceptance 1

Business Continuity / Disaster Recovery Context Incident Occurs Normal Operations Emergency Response and Damage Assessment Business Continuity Management 6 Plans - Working Together ** Mitigation Action Plan may allow organization to avoid disruption. ** Crisis Management Plan Activated Preparing for Recovery of Critical Operations Operating in Recovery Mode Copyright: Virtual Corporation, 1994 2006 Normal Operations Acceptable Business Capability Disaster Recovery Plan Activated Implement Restoration Plan Time Hour 0 Recovery Begins Recovery In Place Restoration Begins Back to Normal Emergency Response Plan Saves lives and protects assets Conduct damage assessment Site Emergency Operations Center (EOC) Crisis Management Plan Enterprise Crisis Management Center (ECMC) Multiple EOC Activations Command, Control and Communications Risk Mitigation Plan Tasks to initiate mitigation action (s) Avoid or minimize disruption Business Recovery Plan Ensure that critical functions continue to be performed Departmental Recovery Plans Requires EOC communications and authorizations Disaster Recovery Plan Site Operations and Physical Infrastructure Ensure critical technical and operational infrastructure is available Alternate site recovery Restoration Plan A plan to return to normal operations 2

Why create a BC maturity model? The Business Continuity Maturity Model was developed to: Answer the following questions for senior mgmt: 1. Where are we now? 2. Where do we ultimately want to be? 3. What steps do we take to get there? Achieve executive buy-in to implement and/or sustain a Business Continuity program 3

Why create a BC maturity model? The Business Continuity Maturity Model was developed to: Generate consistent data from which meaningful benchmark analyses can be drawn: 1. Establish standard means of scoring BC program implementations 2. Develop historical databank tagged in meaningful ways, e.g., by industry, by region, by company size, etc. 3. Generate awareness that business continuity program effectiveness can be quantified 4

Why create a BC maturity model? The Business Continuity Maturity Model was developed to: Provide a diagnostic tool for objective evaluation of BC program effectiveness 1. Generate consistent and repeatable measurements of the current state-ofpreparedness 2. Conduct accurate and reliable analyses to identify gaps in BC program implementation 3. Propose demonstrable and justifiable actions to maximize program effectiveness and resource utilization 5

What is a Business Continuity Program? Business Continuity Program A proactive process identifying and prioritizing critical business functions and the likely threats to those functions. From this information, plans and procedures are developed through a regular program of personnel training, plan testing and maintenance. These management disciplines, processes and techniques provide business continuity of the critical business functions under the circumstances and within limits set by senior management. These circumstances and limits include: Defined scope and framework of a sustainable BC Program Approved funding and staffing of the company's BC Program 6

What is the Business Continuity Maturity Model? Assessment tool Provides standardized approach Consisting of: Six Levels Eight Corporate Competencies Associated Criteria Categories & Descriptors Associated Performance Requirements 7

Business Continuity Maturity Model 8

Business Continuity Maturity Model Leadership The commitment and understanding demonstrated by executive management regarding the implementation of a scaled, enterprise-wide business continuity program. The degree to which the business case has been articulated and understood. 9

Business Continuity Maturity Model Employee BC Awareness The breadth and depth of business continuity conceptual awareness throughout all staff levels of the organization. 10

Business Continuity Maturity Model BC Program Structure The scale and appropriateness of the business continuity program implemented across the enterprise. The degree to which the BC Program matches the articulated business case. 11

Business Continuity Maturity Model Program Pervasiveness The level of business continuity coordination between departments, functions and business units. The degree to which business continuity considerations have been incorporated in other business initiatives / programs. 12

Business Continuity Maturity Model Metrics The development and regular reporting of quantifiable criteria used to monitor the BC Program performance. The establishment of a baseline and on-going tracking of established business continuity competency goals. 13

Business Continuity Maturity Model Resource Commitment The application of sufficient, properly trained and supported personnel, financial and other resources to ensure the sustainability of the BC Program. 14

Business Continuity Maturity Model External Coordination Coordination of business continuity issues and requirements with external community including customers, vendors, government regulatory bodies, unions, local 1 st responders. Insure that critical supply chain partners have in place adequate BC Programs of their own. 15

Business Continuity Maturity Model BC Program Content Business Continuity Disciplines The degree and quality of implementation of each of the four central disciplines of BC: 1. Incident Management 3. Business Recovery 2. Technology Recovery 4. Security Management 16

Feedback From BCMM Download Users Executive Buy-In Self-Assessment Regulatory Compliance Evaluation Framework BCMM Supply Chain Vulnerability Program Design BCMM SM 17

BCMM Proprietary Tool Proprietary Model provides: A standardized methodology that is consistently applied. A diagnostic tool for objective evaluation of business continuity program effectiveness. Consistent data from which meaningful benchmark analyses could be drawn. Assessment Score Card provides: Consistent reporting format Comprehensive data presentation Comparative data 18

BCMM Assessment Toolkit Sample BCMM Scorecard BCMM SM Scorecard for (Enterprise) Scored Scored 10/10/2004 11/12/10 1:12 1:0012 PM PM BCMM SM Scorecard Score Corporate Competencies 3.8 Leadership 3.3 Employee Awareness 4.0 BC Program Structure 4.2 Program Pervasiveness 3.7 Metrics 4.2 Resource Commitment 3.8 External Coordination BC Program Content 3.6 3.7 Incident Management 4.1 Technical Recovery 4.1 Security Management 3.5 Business Recovery Total Score 3.2 3.8 19

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information