Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?

Slides:



Advertisements
Similar presentations
Disaster Recovery The People Dimension. Today’s Agenda Why bother with any Disaster Recovery/Business Continuity Planning? Importance of the People Factor.
Advertisements

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
Business Continuity and Disaster Recovery Planning.
Service Design – Section 4.5 Service Continuity Management.
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.
McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. 8-1 BUSINESS DRIVEN TECHNOLOGY Chapter Eight: Viewing and Protecting Organizational.
Security Controls – What Works
Crisis & Risk Management Introduction. Crisis happens more than we imagine. They are not always easy to see unless they affect our own lives.
SYSchange for z/OS By Pristine Software April 2009 Thomas Phillips April 2009 SYSchange Pristine Software.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
Business Services Emergency Preparedness. Agenda Emergencies Emergencies Business Continuation Business Continuation University Plan University Plan Building.
SOX & ISO Protect your data and be ready to be audited!!!
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Services Tailored Around You® Business Contingency Planning Overview July 2013.
BUSINESS CONTINUITY PLANNING FOR SMALL TO MEDIUM ENTERPRISES Presented and written by Jamie Whitford-Robson Corporate Business Continuity Lead.
November 2009 Network Disaster Recovery October 2014.
© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.
Nick Wildgoose 8 March 2012 BCI Workshop DELETE THIS TEXT AND PUT COMPANY LOGO IN THIS WHITE SPACE Understanding Risk within your Supply Chain SC1(V1)Jul/05/10GC/ZCA.
Needs Identification NCSC Product Certification Payroll Anytime, Anywhere!
RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.
Auditing Internal Control over Financial Reporting
Evolving IT Framework Standards (Compliance and IT)
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Business Crisis and Continuity Management (BCCM) Class Session
Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :
IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253
HBCU National Workshop June 24, 2011 Disaster Recovery Reggie Brinson Assoc. VP/Chief Information Officer Clark Atlanta University.
ISA 562 Internet Security Theory & Practice
What to do “After” your IT guy gets hit by a truck! April 1, 2005.
2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery Risky Business Week.
David N. Wozei Systems Administrator, IT Auditor.
Expecting the Unexpected By Shaun Lindfield. Nearly 1 in 5 businesses suffer a major disruption every year. Yours could be next. With no recovery plan,
1 Availability Policy (slides from Clement Chen and Craig Lewis)
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
SECURITY CONSULTING /DISASTER RECOVERY SERVICE The “Must Have Plans” for a Business in the World of Tomorrow.
Service Level Management SLM Concepts Explained Copyright 2002 Easytec Solutions.
Key Terms Business Continuity Plan (BCP) – A comprehensive written plan to maintain or resume business in the event of a disruption Critical Process –
 How well is your organisation prepared for internal or external emergency situations? ◦ Do you consult with relevant emergency agencies? ◦ Do you.
DRP Disaster Recovery Planning. Social Networking... It's the way the 21st century communicates today.
INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.
Business Continuity Disaster Planning
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
SueDon Ltd - Business Continuity Management BCM Overview ©1999 SueDon Ltd Business Continuity Management.
Business Continuity Management 101. KeepItSafe Professional Services The portfolio of business continuity management is to ensure we assist our clients.
Incident Response Christian Seifert IMT st October 2007.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Business Continuity Planning 101
Strategic Communications Training Crisis Communications X State MDA 1.
THINK DIFFERENT. THINK SUCCESS.
Business Continuity / Recovery
Peggy M. Jackson, DPA, CPCU Peg Jackson & Associates
Personal Introduction
Business Contingency Planning
Business Continuity Basics
Neopay Practical Guides #2 PSD2 (Should I be worried?)
GRC - A Strategic Approach
Awareness and Auditor training kit
Presentation transcript:

Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?

Which Project to Work On? 1.Define and assemble a Steering Committee to determine how to give each employee a 50% salary increase. 2.Create and implement a company-wide Business Continuity and Disaster Recovery plan. +

Wendi Finn, CPA Randy Mueller

Goals for Today Group Discussion Leave with New Ideas Share Your Stories Use What Fits for You, Discard the Rest

Agenda Definitions Statistics and Examples Relationship with Risk Management Motivations for Managing Continuity Model a basic Framework Starting with an “Interim” plan Questions, Ideas, Bucks vs. Ducks Predictions

Business Continuity Management (BCM) A series of management process and integrated plans that maintain the critical processes of an organization, should a disruption take place which impacts the ability to continue to provide key services. Business Continuity (BC) is defined as the capability of the organization to continue delivery of products or services at acceptable predefined levels following a disruptive incident.

Disaster Recovery Disaster Recovery (DR) is the area of security planning that deals with protecting an organization from the effects of significant negative events. Planning concerned with preparation for, and response when disaster hits. The objective is the survival of an organization.

Risk Management Risk is defined as the potential for something to occur. The identification, analysis, assessment, control, and avoidance, minimization, or elimination of unacceptable risks. Through an organization’s Risk Management process it is likely that continuity risks will be identified.

Risk/Continuity/Recovery The potential of a disaster occurring is know as its risk, often measured by how likely this is to happen and how badly it will hurt. A business interruption is something that disrupts the normal flow of business operations. A disaster is any event that disrupts a critical business function. This can be just about anything. Whether an event is a business interruption or a disaster sometimes depends on your point of view. (ex. Sony Data Breach)

What is the Relationship? Business Continuity Management (BCM) is concerned with managing risks to ensure that at all times an organization can continue operating at least to a pre-determined minimum level. The BCM process involves reducing the risk to an acceptable level and planning for the recovery of business processes should a risk materialize and a disruption to the business occur. Disaster Recovery Planning is concerned with the actual technical recovery of the IT components and details the procedures to be used to restore the IT components following a failure.

Relationship of the Disciplines

Why Bother with BCM?

Every week 140,000 hard drives crash in the United States. 31% of PC users have lost all of their files due to events beyond their control. 34% of companies fail to test their tape backups, and of those that do, 77% have found tape backup failures.

The dependence of today’s enterprises on IT is significant. For an organization that uses IT extensively for its operations, not just recording of transactions, the non-availability of its information systems could mean the end of its existence. -ISACA

Other Reasons for BCP… Improved Business Processes Competitive Advantage Requirements – PCI Compliance – SOC Compliance – HIPAA Compliance

…Leads to #1 Reason …”Write something to make the auditors go away!”

Using a Framework ENISA

Define BCM Framework

Deliver Planning

Main Components 1.Define BCM Framework 2.Complete Business Impact Analysis 3.Design BCM Approach/Method 4.Deliver BC Plan 5.Test Plan 6.Maintain Plan

Business Continuity Management Step 4: Deliver Plan 4.1 Incident Response Plan 4.2 Incident Management Plan 4.3 Business Recovery Plan 4.4 Communications Plan 4.5 IT Continuity Plan 4.6 Business Resumption Plan

But We Don’t Have the Resources Time Required for Complete Plan – Small Business (<100) approx. 3 months – Large Business (>1000) approx. 1 – 2 years Most Respond with an “Interim” Plan – Address the current risk – Limited scope – Gets something in writing – Is NOT a substitute for a real plan

Include Framework Placeholders

Questions? Comments? Ideas?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.