Exercising, Maintaining and Reviewing BCM Arrangements ERMAN TASKIN www.ermantaskin.com.

Slides:

Advertisements

Similar presentations

Project Quality Plans Gillian Sandilands Director of Quality

Advertisements

Module N° 7 – SSP training programme

Module N° 4 – ICAO SSP framework

Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS

Project Management Concepts

Business Continuity Training & Awareness by Sulia Toutai (ANZ)

Ensuring Better Services and Fair Value “Introduction and roadmap to implementation of ISO in Zambia’s water utilities” Kasenga Hara March 2015.

Environmental Management System (EMS)

 Capacity Development; National Systems / Global Fund Summary of the implementation capacities for National Programs and Global Fund Grants For HIV /TB.

Buying Better Outcomes Workshop 4 Equalities and Contract Management If you do not take it seriously, why should the supplier?

ORGANIZATION. 2 Problem scenario  Develop an organizational chart for your laboratory showing lines of authority from the head of the organization to.

Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.

ERMAN TAŞKIN What is BS 25999? BS is a two-part British Standard that illustrates what organisations should do to establish.

Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.

IS Audit Function Knowledge

Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.7 Commissioning Geoff Vaughan University of Central.

Quality evaluation and improvement for Internal Audit

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)

Computer Security: Principles and Practice

Stephen S. Yau CSE , Fall Security Strategies.

Purpose of the Standards

OHSAS 18001: Occupational health and safety management systems - Specification Karen Lawrence.

Coaching Workshop.

4. Quality Management System (QMS)

4. Quality Management System (QMS)

Charting a course PROCESS.

Internal Auditing and Outsourcing

EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)

1 Module 4: Designing Performance Indicators for Environmental Compliance and Enforcement Programs.

Continual Service Improvement Process

SMS Operation.  Internal safety (SMS) audits are used to ensure that the structure of an SMS is sound.  It is also a formal process to ensure continuous.

Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

ISA 562 Internet Security Theory & Practice

ISO 14001:2004, Environmental Management System

Verification: Quality Assurance in Assessment Verification is the main quality assurance process associated with assessment systems and practice - whether.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.

Roles and Responsibilities

Implementing and Auditing Ethics Programs

Getting Started Conservation Coaches Network New Coach Training.

Programme Objectives Analyze the main components of a competency-based qualification system (e.g., Singapore Workforce Skills) Analyze the process and.

Paul Hardiman and Rob Brown SMMT IF Planning and organising an audit.

Portfolio Committee on Appropriations Audit of predetermined objectives 26 March 2013.

Divisional Chief Executives Supported by Divisional Risk Committees Executive Committee Group Chief Executive Group Functions Group Finance Director Group.

ISO DOCUMENTATION. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Name.

NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.

Systems Accreditation Berkeley County School District School Facilitator Training October 7, 2014 Dr. Rodney Thompson Superintendent.

TREASURY REGULATIONS’ CHANGES AND POTENTIAL IMPACT

Census Processing Baku Training Module.  Discuss:  Processing Strategies  Processing operations  Quality Assurance for processing  Technology Issues.

AUSTRALIA. A National Strategy for Enhancing the Safety and Security of our Food Supply ที่มา : We pride ourselves on our high safety and security standards.

TOTAL QUALITY MANAGEMENT

1 Pertemuan 22 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.

SOLGM Wanaka Retreat Health and Safety at Work Act 2015 Ready? 4 February 2016 Samantha Turner Partner DDI: Mob:

Managing a functional exercise for the first time Graham Leonard, Business Continuity Manager Insights and lessons 17 June 2014.

Revision N° 11ICAO Safety Management Systems (SMS) Course01/01/08 Module N° 9 – SMS operation.

Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

ISO 9001:2015 Subject: Quality Management System Clause 8 - Operation

Business Continuity Planning 101

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

TEMPUS ME-TEMPUS-JPHES “IMPROVEMENT OF PARTNERSHIP WITH ENTERPISES BY ENHENCEMENT OF A REGIONAL QUALITY MANAGEMENT POTENTIALS IN WBC” TEMPUS

A LOOK AT AMENDMENTS TO ISO/IEC (1999) Presented at NCSLI Conference Washington DC August 11, 2005 by Roxanne Robinson.

Software Quality Control and Quality Assurance: Introduction

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

Understanding the Principles and Their Effect on the Audit

INPUT OUTPUT ASSURANCE

Internal Audit’s Role in Preventing Fraud and Corruption

CEng progression through the IOM3

Presentation transcript:

Exercising, Maintaining and Reviewing BCM Arrangements ERMAN TASKIN

Exercising, Maintaining and Reviewing BCM Arrangements 1. Introduction 2. Exercise programme 3. Exercising BCM arrangements 4. Maintaining BCM arrangements 5. Reviewing BCM arrangements

1. Introduction An organization's business continuity and incident management arrangements cannot be considered reliable until exercised and unless their currency is maintained. Exercising is essential to developing teamwork, competence, confidence and knowledge which is vital at the time of an incident. Arrangements should be verified through exercising, audit and self-assessment processes to ensure that they are flt-for- purpose.

2. Exercise Program Exercises may: Anticipate a predetermined outcome, e.g. are planned and scoped in advance; or Allow the organization to develop innovative solutions An exercise programme should be devised that, over a period of time, leads to objective assurance that the BCP will work as anticipated when required.

2. Exercise Program The program should: exercise the technical, logistical, administrative, procedural and other operational systems of the BCP; exercise the BCM arrangements and infrastructure including roles, responsibilities, any incident management locations and work areas validate the technology and telecommunications recovery, including the availability and relocation of staff.

2. Exercise Program In addition, it might lead to the improvement of BCM capability by: Practising the organization's ability to recover from an incident; Verifying that the BCP incorporates all organizational critical activities and their dependencies and priorities; Highlighting assumptions which need to be questioned; Instilling confidence amongst exercise participants;

2. Exercise Program Raising awareness of business continuity throughout the organization by publicizing the exercise; Validating the effectiveness and timeliness of restoration of critical activities; Demonstrating competence of the primary response teams and their alternatives

3. Exercising BCM arrangements Exercises should be ; realistic, carefully planned, agreed with stakeholders, Every exercise should have clearly defined aims and objectives. Exercises should be appropriate to the organization's recovery objectives. Exercises have to ensure that they can be executed correctly, and contain appropriate detail and instructions.

3. Exercising BCM arrangements The exercise program should consider the roles of all parties; third party providers, outsource partners, others who would be expected to participate in recovery activities

4. Maintaining BCM arrangements BCM maintenance program, the organization should: Review and challenge any assumptions made in any components of BCM throughout the organization, Distribute updated, amended or changed BCM policy, strategies, solutions, processes and plans to key personnel under a formal change control process.

5. Reviewing BCM arrangements The organization's top management should; review the organization's BCM capability to ensure its; continuing suitability, continuing suitability, adequacy adequacy effectiveness. effectiveness. The review should verify that compliance with the organization's BCM policy The review can take the form of internal or external audits, or self-assessments.

5. Reviewing BCM arrangements Audit The organization should provide for the independent audit of its BCM competence and capability to identify actual and potential shortcomings. It should establish, implement and maintain procedures for dealing with these. Independent audits should be conducted by competent persons, whether internal or external.

5. Reviewing BCM arrangements Self-assessment A BCM self-assessment process plays a role in ensuring that an organization has a robust,effective fit-for-purpose BCM competence and capability Self-assessment should be conducted against the organization's objectives. It should also take into account relevant industry standards and good practice.