Business Continuity Planning and IT Risk Management

Slides:



Advertisements
Similar presentations
Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Advertisements

Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.
NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Disaster Recovery Strategies & criteria for evaluation of information management strategies.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Business Continuity ALARM 04 CONFERENCE How to start a Business Continuity Plan by Bill Sulman and Jon Chesher Heath Lambert Group.
SecSDLC Chapter 2.
2.8 Crisis Management and Contigency Planning Chapter 17.
Business Continuity Disaster Planning
The NIST Special Publications for Security Management By: Waylon Coulter.
A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Business Continuity Planning 101
Welcome to the ICT Department Unit 3_5 Security Policies.
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XI)
Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.
CHAPTER 3 Management Systems. Learning Objectives Describe the basic business activities and tools necessary to implement successful industrial hygiene.
Business Continuity and Disaster Recovery
Information ITIL Technology Infrastructure Library ITIL.
Community Health Centers of Arkansas Hazard Vulnerability Assessment Workshop August 11, 2017 Mark Fuller.
An Overview on Risk Management
Business Continuity Management Audit Seminar
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Outsourcing Policy & Procedures
Disaster and Emergency Planning
Risk Management and the Treasury Function
CMS Policy & Procedures
Responding to Intrusions
COMP3357 Managing Cyber Risk
Disaster Recovery Policy & Procedures
Business Continuity Plan Training
IT Professional Perspective IT Strategy, Policy and Governance
GDPR Awareness and Training Workshop
Enterprise Architecture
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
2.8 Crisis Management and Contigency Planning
Alabede, Collura, Walden, Zimmerman
Unit 7 – Organisational Systems Security
Audit Planning Presentation - Disaster Recovery Plan
ITIL: Why Your IT Organization Should Care Service Support
The best operations The Best Contact Center Indonesia 2018.
ITIL: Why Your IT Organization Should Care Service Support
Mary W. Anaya Stephanie R. Gallegos November 19, 2008
Disaster Recovery Plan
Mark Tyler Nigel Crowhurst
Understanding Back-End Systems
1 2 Please stand by! The webinar will begin shortly.
Business Continuity Planning
Our New Integrated Business Management System [“IMS”]
Cybersecurity ATD technical
Business Impact Analysis
ITIL: Why Your IT Organization Should Care Service Support
Key Value Indicators (KVIs)
Continuity of Operations Planning
INPUT OUTPUT ASSURANCE
Neopay Practical Guides #2 PSD2 (Should I be worried?)
DSC Contract Management Committee Meeting
ISSUE MANAGEMENT PROCESS MONTH DAY, YEAR
Awareness and Auditor training kit
Unit 14 Emergency Planning IS 235
Central New York HEALTH EMERGENCY PREPAREDNESS COALITION
Presentation transcript:

Business Continuity Planning and IT Risk Management Nazim Kasumzade Head of IT Department State Treasury Agency

WHAT IS IT? BCP (business continuity planning) – is a framework to prevent potential threats and ensure recovery in the event of a disaster.

WHY IS IT NEEDE? Serves as a formal set of rules in the event of a disaster Defines the notion of disaster (scope) Appoints disaster managers Identifies disaster management working groups and their chiefs, and reporting lines in the event of a disaster. Appoints those in charge of public relations Identifies resources and procedures required for disaster recovery Identifies key organizations which must be notified (suppliers and budget organizations) Documents procedures for testing and recovery to minimize the likelihood of misunderstanding and miscommunication during recovery Identifies alternative sources of delivery and suppliers Identifies key data storage, security, and recovery principles

HOW IS IT DONE? Assessing and classifying risks Measuring the business impact of each risk Designing a business continuity plan Testing - > Updating - > Testing - > …….. - > Finalizing Identifying emergency communication lines and an emergency contact list Holding regular training sessions

HOW MUCH WILL IT COST? The cost will depend on a variety of factors – not least on recovery point objective and recovery time objective. The cost will also depend on the level of technical support. The significance of the system (core business applications, non-core software, etc.) will define the level of technical support: 24/7 – response time < 30 minutes for hardware 24/7 – response time < 30 minutes for OS 24/7 – response time < 30 for applications The next banking day – for non-core applications and auxiliary hardware  

HOW CAN I BE SURE THAT IT WORKS? KPIs & KRIs may be used to understand how well the BCP system works KPIs are used for: Monitoring and analysis of the current business status Identifying required changes Detailing the list of necessary steps Measuring results Measurable: % of recovered capacity Recovery time % of capacity restored in the organization ……. Non- Measurable: Recovery quality Organization’s satisfaction with recovery time

WHERE DID IT ORIGINATE AND WHAT ARE THE GUIDELINES FOR DESIGINING A BCP? BCP originated in the IТ industry. The original standards were designed by the American National Standard Institute (ANSI), International Standards Organization (ISO), and the National Institute of Standards and Technology (NIST). Modern BCP basics: ISO 22301 – BCMS – Requirements ISO 22313 – BCMS – Guidelines ISO 22315 – BCMS – BIA Guidelines BCMS Template https://www.ready.gov/business Proprietary data center certification: https://uptimeinstitute.com/ Staff training: http://www.thebci.org/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.