Introduction to Business continuity Planning 6/9/2016 Business Continuity Planning 1.

Slides:



Advertisements
Similar presentations
Museum Presentation Intermuseum Conservation Association.
Advertisements

Information Technology Disaster Recovery Awareness Program.
Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Business Plug-In B4 MIS Infrastructures.
Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
A Brief Overview of Emergency Management Office of Emergency Management April 2006 Prepared By: The Spartanburg County Office of Emergency Management.
Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
Business Continuity Mark Holloway Former Head of Change Management at Co-operative Food.
JOELLE QUIAPO FOLA OYEDIRAN GREG SWENSON SUKHI BEDI CHENYU GONG Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans What.
1 Continuity Planning for transportation agencies.
© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.
Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
Business Continuity Planning and Disaster Recovery Planning
INTRODUCTION AS (3.3) Apply business knowledge to address a complex problem in a given global business context.
Stephen S. Yau CSE , Fall Contingency and Disaster Recovery Planning.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
Gulf Coast Energy International Business Continuity / Disaster Recovery Planning and Design Proposal Prepared by Andrew Rolf, Felipe Torres, Pranay Jaiswal.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.
Business Crisis and Continuity Management (BCCM) Class Session
Services Tailored Around You® Business Contingency Planning Overview July 2013.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Unit Introduction and Overview
Continuity of Operations Planning COOP Overview for Leadership (Date)
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Continuity of Operations (COOP) Awareness Training.
ISA 562 Internet Security Theory & Practice
Insurance Institute for Business & Home Safety Even if the worst happens, be prepared to stay.
David N. Wozei Systems Administrator, IT Auditor.
Business Continuity & Disaster recovery
C ONNECTING FOR A R ESILIENT A MERICA Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP) Skip Breeden.
1 Availability Policy (slides from Clement Chen and Craig Lewis)
By Srosh Abdali.  Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure.
Business Continuity and Disaster Recovery Planning.
1 Crisis Management / Emergency Management Overview.
Business Continuity Management For Project Managers.
Disaster Recovery and Business Continuity Planning.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
Service Level Agreements Service Level Statements NO YES The process of negotiating and defining the levels of user service (service levels) required.
Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.
Business Continuity. Business continuity... “Drive thy business or it will drive thee.” —Benjamin Franklin ( ), American entrepreneur, statesman,
Office of Emergency Management University of Houston-Clear Lake Business Continuity Planning.
Continuity of Operations (COOP) Planning Guidelines for Dukes County.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Disaster Recovery 2015 Indiana Statewide Payroll Conference Michael Ievoli-Client Support Specialist IV, Major Accounts September 16, 2015 Copyright ©
Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.
A2 LEVEL ICT 13.6 LEGAL ASPECTS DISASTER RECOVERY.
Business Continuity Disaster Planning
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
Disaster Recovery Planning (DRP) DRP: The definition of business processes, their infrastructure supports and tolerances to interruptions, and formulation.
AUDITING BUSINESS CONTINUITY PROGRAMS AND PLANS What to Look For Presented by: Tommye White, CBCP, DRP Chuck Walts, CBCP, CRP.
Information Security Crisis Management Daryl Goodwin.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Business Continuity Planning 101
Business Continuity Steven S. Keleman, CPM. Emergency Management Prevention Response Preparation Mitigation Recovery.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Chapter 8 – Administering Security
Peggy M. Jackson, DPA, CPCU Peg Jackson & Associates
Business Continuity Plan Training
Audit Plan Michelangelo Collura, Folake Stella Alabede, Felice Walden, Matthew Zimmerman.
Business Contingency Planning
Business Continuity Planning
Disaster Recovery at UNC
Continuity of Operations Planning
Business Continuity Program Overview
Developing and testing the Plan
The Survival Plan.
Presentation transcript:

Introduction to Business continuity Planning 6/9/2016 Business Continuity Planning 1

Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources for beginner. 6/9/2016 Business Continuity Planning 2

Do I need Business Continuity? You are part of a successful business. However, in this uncertain world, you need a business that is flexible. Which can change with differing conditions and be strong through any disaster, be it natural or malicious What if a crisis prevented delivery to a key customer? How would a major incident affect the morale of your employees? Would serious damage to your premises or resources affect your ability to carry on the business? 6/9/2016 Business Continuity Planning 3

Small Business If you are part of a small business then you are more likely to suffer from any incident that prevents your business from functioning normally. The slightest delay in supporting your customers can and will be costly 6/9/2016 Business Continuity Planning 4

What is Business Continuity Plan? According to SANS definition 1: Business Continuity refers to the activities required to keep your organization running during a period of displacement or interruption of normal operation. Whereas, Disaster Recovery is the process of rebuilding your operation or infrastructure after the disaster has passed. 6/9/2016 Business Continuity Planning 5

What is Business Continuity Plan? According to Business Continuity Institute’s Glossary2 : “Business continuity plan is A collection of procedures and information which is developed, compiled and maintained in readiness for use in the event of an emergency or disaster.” 6/9/2016 Business Continuity Planning 6

What is Business Continuity Plan? Business Continuity Planning (BCP) takes business protection beyond the disaster recovery plan, which just focuses on the short term re-establishment of your business following an incident. It is a proactive approach, identifying potential threats before they occur and planning an organised response so that the effects of the incident are minimised. 6/9/2016 Business Continuity Planning 7

For example If your business was hit by a fire: A BCP would cover all anticipated effects of such a disaster and detail plans and actions to minimise the damage to your business. Most importantly, it would guide you through the incident and direct your resources and efforts in the right direction to bring normality back to your business as soon as possible. A generic BCP can provide the basis of any response no matter what the nature of the incident is. (specific details can be aimed at particular problems within the plan) 6/9/2016 Business Continuity Planning 8

Concerns? If your premises was hit by a fire, would all the computer systems also be affected? If so, would you lose vital information about suppliers, customers and orders? Would documents and paperwork also be destroyed? 6/9/2016 Business Continuity Planning 9

Why we need Business Continuity Plan? Disaster might occur anytime, so we must be prepared. Depend on the size and nature of the business, we design a plan to minimize the disruption of disaster and keep our business remain competitive. Due to the advancement of Information Technology (IT), business nowadays depends heavily on IT. With the emergence of e-business, many businesses can't even survive without operating 24 hours per day and 7 days a week. A single downtime might means disaster to their business. Therefore the traditional Disaster Recovery Plan (DRP), which focuses on restoring the centralized data center, might not be sufficient. A more comprehensive and rigorous Business Continuity Plan (BCP) is needed to achieve a state of business continuity where critical systems and networks are continuously available. 6/9/2016 Business Continuity Planning 10

When we need Business Continuity Plan? We need Business Continuity Plan when there is a disruption to our business such as disaster. The Business Continuity Plan should cover the occurrence of following events: a) Equipment failure (such as disk crash). b) Disruption of power supply or telecommunication. c) Application failure or corruption of database. d) Human error, sabotage or strike. e) Malicious Software (Viruses, Worms, Trojan horses) attack. f) Hacking or other Internet attacks. g) Social unrest or terrorist attacks. h) Fire i) Natural disasters (Flood, Earthquake, Hurricane) 6/9/2016 Business Continuity Planning 11

Who should participate in Business Continuity Planning? With the shift of IT structure from centralized processing to distributed computing and client/server technology, the company’s data are now located across the enterprise. Therefore it is no longer sufficient to rely on IT department alone in Business Continuity Planning, all executives, managers and employee must participate. Normally Business Continuity Coordinator or Disaster Recovery Coordinator will be responsible for maintaining Business Continuity Plan. However his or her job is not updating the Plan himself or herself alone. His or Her job is to carry out review periodically by distributing relevant parts of the Plan to the owner of the documents and ensure the documents are updated. 6/9/2016 Business Continuity Planning 12

Where to carry out Business Continuity Plan during disaster? Cold Site An empty facility located offsite with necessary infrastructure ready for installation in the event of a disaster. Mutual Backup Two organizations with similar system configuration agreeing to serve as a backup site to each other. Hot Site A site with hardware, software and network installed and compatible to production site. Remote Journaling Online transmission of transaction data to backup system periodically (normally a few hours) to minimize loss of data and reduce recovery time. Mirrored Site A site equips with a system identical to the production system with mirroring facility. Data is mirrored to backup system immediately. Recovery is transparent to users. 6/9/2016 Business Continuity Planning 13

Recovery Alternatives 6/9/2016 Business Continuity Planning 14

Recovery Alternatives From the diagram, we notice that shorter the recovery time, higher the cost. Do it yourself or use the facility of service provider Organization can decide whether to set up the backup center on its own or use the facility provided by of business continuity provider. In making the decision, the organization should consider the following point: Availability of facility (floor space). Ability to maintain redundant equipment. Ability to maintain redundant network capacity. Relationships with vendors to provide immediate replacement or assistance. Adequacy of funding. Availability of skilled personnel. 6/9/2016 Business Continuity Planning 15

How to prepare Business Continuity Plan? ( Business Continuity Plan Phases) Project Initiation Define Business Continuity Objective and Scope of coverage. Establish a Business Continuity Steering Committee. Draw up Business Continuity Policies. Business Analysis (Business Impact Analysis) Perform Risk Analysis and Business Impact Analysis. Consider Alternative Business Continuity Strategies. Carry out Cost-Benefit Analysis and select a Strategy. Develop a Business Continuity Budget. 6/9/2016 Business Continuity Planning 16

How to prepare Business Continuity Plan? ( Business Continuity Plan Phases) Design and Development (Designing the Plan) Set up a Business Recovery Team and assign responsibility to the members. Identify Plan Structure and major components Develop Backup and Recovery Strategies. Develop Scenario to Execute Plan. Develop Escalation, Notification and Plan Activation Criteria. Develop General Plan Administration Policy. Implementation (Creating the Plan) Prepare Emergency Response Procedures. Prepare Command Center Activation Procedures. Prepare Detailed Recovery Procedures. Prepare Vendors Contracts and Purchase of Recovery Resources. Ensure everything necessary is in place. Ensure Recovery Team members know their Duties and Responsibilities 6/9/2016 Business Continuity Planning 17

How to prepare Business Continuity Plan? ( Business Continuity Plan Phases) Testing Exercise Plan based on selected Scenario. Produce Test Report and Evaluate the Result. Provide Training and Awareness to all Personnel. Maintenance (Updating the Plan) Review the Plan periodically. Update the Plan with any Changes or Improvement. Distribute the Plan to Recovery Team members. 6/9/2016 Business Continuity Planning 18

BCP Benefits Business Survival Prepare for the worst. If well practiced, staff and management will be able to respond to an incident appropriately Resources necessary to support the business through an incident will be identified and available Any alternative premises and resources will be ready for use 6/9/2016 Business Continuity Planning 19

BCP Benefits Risk management Identify, manage and mitigate as many risks as possible Reduce the risks where necessary Promotes a safer working environment and improves working conditions Responsibility A company that takes BCP seriously will be a more attractive proposition for Bankers, investors, insurers, customers and employees A business with a BCP will have a responsible management 6/9/2016 Business Continuity Planning 20

BCP Benefits Employee satisfaction A sound working environment Welfare and safety concerns of the employee addressed A BCP shows your employees that they are important to the survival of the company Training exercises and drills are vital to the successful implementation of a BCP 6/9/2016 Business Continuity Planning 21

Additional benefits of Business Continuity Planning Provides opportunity to evaluate & implement major infrastructure upgrades Data centers or network changes, system centralization server, consolidation or storage networking Provides assurances that electronic data protection and accountability compliance regulations can be met Standardizes business Administrative cost saving and/or reduction of business risk Documentation developed can be used as training materials for new employees Planning process often highlights workflow inefficiencies, training inconsistencies and policy and internal control issues 6/9/2016 Business Continuity Planning 22

BCP Process 6/9/2016 Business Continuity Planning 23

Risk Management The purpose of the Risk Management is to determine the events that can adversely affect the company and its facilities, the damage such events can cause and the controls needed to prevent or minimize loss Process: Perform interviews and conduct facility & building walkthroughs to gather data Document organization Al structure and critical processes & systems Document components of the critical infrastructure. Identify single points of failure both with internal and external (vendor/partner) infrastructure and systems 6/9/2016 Business Continuity Planning 24

Risk Management Identify potential threats, vulnerabilities and impacts Determine options and alternatives for controls (mitigations) Present a Decision matrix for implementing controls 6/9/2016 Business Continuity Planning 25

Business Impact Assessment (BIA) The purpose of the BIA is to identify the impacts of an outage on the business and to establish objectives for recovering critical processes, systems and applications Process: Interview business leaders and managers of key departments Identify time-critical business functions and processes Identify technology systems, data and workspace required to support critical functions Determine the impacts of a disruption Prioritize critical functions and processes, and group into levels Establish Recovery Objectives establish levels such as critical, Essential and important group functions by level When will we recover and to what level of service? RTO = Recovery Time Objective (tolerance for downtime) RPO = Recovery Point Objective (tolerance for data loss) 6/9/2016 Business Continuity Planning 26

What is a Disaster? A sudden, unplanned, calamitous event causing great disruption, damage or loss Plan for a range of outage scenarios Loss of critical infrastructure or applications- longer term Loss of access to critical systems – typically short term Office is uninhabitable and/or the building does not have power- indefinite interruption Take into account the scope of the disaster Individual, local, regional or national impact Make the plan modular to allow greatest flexibility in an outage 6/9/2016 Business Continuity Planning 27

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.