TEL382 Wallace Chapter 2. 11/3/09 2 Outline Introduction Building a Risk Analysis Scope of Risk The Five Layers of Risk Layer 1: External Risks Layer.

Slides:



Advertisements
Similar presentations
Museum Presentation Intermuseum Conservation Association.
Advertisements

Practical Preparations Planning for Safety and Emergencies.
Why Plan Ahead? Limit Susceptibility Limit Risk Contain Material Loss Contain Human Impact Limit Down-Time Ensure Longevity FEMA Fact: 80% of businesses.
Information Technology Disaster Recovery Awareness Program.
Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,
DENR Disaster Response Center Purpose Purpose Activation Activation Operation and Responsibilities Operation and Responsibilities Phases of Response Phases.
OVERCOMING CHALLENGES IN EMERGENCY MANAGEMENT NAWIC May 2013.
Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,
Join the conference call by dialing the conference number in your Invitation or Reminder s. Please put your phone on mute. Please stand by! The webinar.
Revision from last week  Assumptions are potential failure points in a project. They need to be monitored and managed. At the start of the project they.
DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.
Introduction to Business Continuity Planning An Introduction to the Business Continuity Planning Process Including Developing your Process and the Plans.
1 Continuity Planning for transportation agencies.
MIDWEST WATER ANALYSTS ASSOCIATION JANUARY 30, 2015 EMERGENCY ACTION PLANS 1.
Session 131 Hazard Mapping and Modeling Supporting Emergency Response Operations using GIS and Modeling.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Network security policy: best practices
Chapter 8: Disaster Management
Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Business Continuation Plan / Program Overview State CIO Council Meeting June 24, 2008.
Business Crisis and Continuity Management (BCCM) Class Session
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
2008© COPYRIGHT 1 1 ATHN DATA SUMMIT DISASTER PREPAREDNESS JULY 31, 2008 PANEL MEMBER - JOY MAHURIN COMPREHENSIVE BLEEDING DISORDERS CENTER CONTINUITY.
Discovery Planning steps (1)
RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
A Major Business Disruption A Strategy for Minimising the Downtime Anthony Hegarty Mitigating Risks.
EPMA. Overview of Servpro Large loss capability Emergency Ready Profile.
Preparing to Survive International Facility Management Association New Mexico Chapter, September 14, 2010 Valli Wasp, IAEM CEM Preparedness Unit Manager.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
Developing a Disaster Recovery Plan Bb World ’06 San Diego, Calif. Poster Session Presented by Crystal Nielsen, M.A. Instructional Technologist Northwest.
David N. Wozei Systems Administrator, IT Auditor.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Visual 1.1 An Overview Multi-Hazard Emergency Planning For Schools Unit 2.
Unit Objectives  Describe the types of hazards to which your community is vulnerable.  Describe the functions of CERTs.  Identify preparedness steps.
Important points and activities.  The objective is to secure life, property, information in the event of a disaster and to facilitate business continuity.
Preparing for Disasters General Liability. Introduction  The one coverage that provides you and your business the most protection is General Liability.
Developing Plans and Procedures
Business Continuity & Disaster Recovery Larry Corrigan-Tractor Supply Co Sarah Gunterman-Gunterman Consulting.
Service Level Agreements Service Level Statements NO YES The process of negotiating and defining the levels of user service (service levels) required.
National Archives and Records Administration, Preparing for the Unexpected ESSENTIAL ELEMENTS: ANALYSIS.
Office of Emergency Management University of Houston-Clear Lake Business Continuity Planning.
Crisis Management Crisis: any situation that has the potential to affect long-term confidence in an organisation or product and may interfere with its.
Disaster Recovery: Can Your Business Survive Data Loss? DR Strategies for Today and Tomorrow.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
 How well is your organisation prepared for internal or external emergency situations? ◦ Do you consult with relevant emergency agencies? ◦ Do you.
MODULE 2 READNESS. OBJECTIVES Prioritize personal values and describe their relationship to incident management and firefighter safety Company Officer’s.
Disaster Recovery 2015 Indiana Statewide Payroll Conference Michael Ievoli-Client Support Specialist IV, Major Accounts September 16, 2015 Copyright ©
Principles of Incident Response and Disaster Recovery Chapter 8 Disaster Recovery: Operation and Maintenance.
Business Continuity Disaster Planning
Disaster Preparedness Are you prepared?. Effective Disaster Plans  Your plan should outline the basic preparedness steps needed to handle the anticipated.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
EXPECT THE UNEXPECTED Prepare Your Business for Disaster.
AUDITING BUSINESS CONTINUITY PROGRAMS AND PLANS What to Look For Presented by: Tommye White, CBCP, DRP Chuck Walts, CBCP, CRP.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
1 Determining a client’s peripheral requirements  Determine current business practices  Determine peripheral requirements  Analyse and document existing.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Business Continuity Plan Training
Audit Planning Presentation - Disaster Recovery Plan
Business Impact Analysis
Disaster Recovery at UNC
BUSINESS CONTINUITY PLAN
COMPANY NAME Business Continuity Plan Date Presented by.
The Survival Plan.
BUSINESS CONTINUITY PROGRAM
BUSINESS CONTINUITY PLAN
Presentation transcript:

TEL382 Wallace Chapter 2

11/3/09 2 Outline Introduction Building a Risk Analysis Scope of Risk The Five Layers of Risk Layer 1: External Risks Layer 2: Facility-Wide Risk Layer 3: Data Systems Risk Layer 4: Departmental Risks Layer 5: Your Desk’s Risk Severity of a Risk Who Can You Call for Risk Assessment Information? Making the Assessment

11/3/09 3 Introduction Heart of BCP is thorough analysis of events from which you may need to recover Risk: potential of a disaster occurring Disaster: any event that disrupts a critical business function Business Interruption: something that disrupts the normal flow of business operations

11/3/09 4 Building a Risk Analysis Risk Analysis: process of identifying probable threats to a business Risk Assessment (Business Impact Analysis): compares risk analysis to controls in place today Recommended Approach –Assemble BCP Team and Perform Layers 1, 2, and 3 Together Statement of “Essential” Business Functions –Manufacturing, Sales, Payroll, etc. –Examples: Factory, Call Center, Public Utility

11/3/09 5 Scope of Risk Determined by Potential Damage, Cost of Downtime, Cost of Lost Opportunity Cost of Downtime Includes: –Tangible: Lost Productivity, Lost Revenue, Legal Costs, Late Fees/Penalties, etc. –Intangible: Damaged Reputation, Lost Opportunities, Employee Turnover, etc.

11/3/09 6 The Five Layers of Risk Layer 1: External Risks Layer 2: Facility-Wide Risk Layer 3: Data Systems Risk Layer 4: Departmental Risks Layer 5: Your Desk’s Risk

11/3/09 7 Layer 1: External Risks Over a Wide-Area, Affecting Facility and Surrounding Area Four Risk Categories: –Natural Disasters: Tornadoes, Earthquakes, Thunderstorms, Snow, Extreme Temps, Hurricanes, Floods, Fires, Landslides, etc. –Man-Made: Toxic Spills, Road/Bridge Outages, Railroads, Pipelines, Aviation, Harbors, Chemical Users, Dams, etc. –Civil: Riots, Labor Disputes, etc. –Suppliers: What are their risks?

11/3/09 8 Layer 2: Facility-Wide Risk Impacting Local Facility Five Basic Office Utilities: –Electricity –Telephones –Water –Climate Control –Data Network

11/3/09 9 Layer 3: Data Systems Risk Shared Resource Affecting Many Departments Identify Critical Processes Locate Single Points of Failure Beware “Grandfathered” Systems Running on Old HW/SW Data Systems Data Communications Network Telecommunications System Shared Computers and LANs

11/3/09 10 Layer 4: Departmental Risks Disasters Occurring Within a Department on a Daily Basis –Employee Absence, Lost Files, etc. Unusual Occurrences –Small Fire, Water, Hardware Failure, etc. Identify Key Operating Equipment Establish Inventory of Vital Records

11/3/09 11 Layer 5: Your Desk’s Risk Examine Every Process, Tool, Piece of Information, Required Output Most Items Already Covered In Another Layer

11/3/09 12 Severity of a Risk Time of Day Day of the Week Location of Risk

11/3/09 13 Who Can You Call for Risk Assessment Information? NOAA USGS FEMA Local Government Agencies Local Fire & Police Departments

11/3/09 14 Making the Assessment Use Risk Analysis Format Similar to What Done for IS Security Risk Analysis Sort to Identify Highest Value Disaster Risks

TEL382 Wallace Chapter 3

11/3/09 16 Outline Introduction Access To People Access to the Facility Service Contracts Vendor List Walk-Around Asset Inventory Software Asset List Critical Business Functions Restoration Priorities Toxic Material Storage Emergency Equipment List Trained First Responders

11/3/09 17 Introduction Access To People Access to the Facility Service Contracts Vendor List Walk-Around Asset Inventory Software Asset List Critical Business Functions Restoration Priorities Toxic Material Storage Emergency Equipment List Trained First Responders Until Primary Disaster Plan Comes Together Do 11 Steps Below to Provide Some Initial Protection Put This Material Together in Books and Distribute

11/3/09 18 Access To People Organizational Charts With Responsibilities and Contact Information

11/3/09 19 Access to the Facility Keys to All Doors, Cabinets, Closets, etc. –Lists, Logs –Electronic Locks Passwords for Admin Accounts on Critical Systems –Protected in Sealed Envelope

11/3/09 20 Service Contracts Serial Numbers of Equipment Contact Information For Service Providers Contract Number and Expiration Date Service Contract Types –24/7 –8 to 5 –Time and Materials –Exchange Place Info Cards With Equipment

11/3/09 21 Vendor List List of Regular Vendors Contact Info Description of What We Usually Obtain From Them This Includes Public Utilities and Public Safety

11/3/09 22 Walk-Around Asset Inventory Critical Assets That May Be Needed In Contingency Operations –Manufacturer’s Name, Model Number, Serial Number, Warranty Expiration Date, Location, Service Stickers, Maintenance, Calibration Information, Connected To, Feeds Into, etc. Note if any Spares Available Also Note Location of Manuals, Procedures, Supplies, etc.

11/3/09 23 Software Asset List List of Software on Critical Devices –Normal Applications, Operating Systems and Settings, Custom Applications, Nonstandard Drivers, Version Numbers, Original Media Location, Backup Information

11/3/09 24 Critical Business Functions Identify Critical Functions and Why Try to Keep List to 10 or Less

11/3/09 25 Restoration Priorities Prioritized List of Functions/Capabilities/Equipment to be Restored if There are Limited Resources

11/3/09 26 Toxic Material Storage Identity, Quantity and Location of ANY Toxic Materials on Premises Guidelines for What to Do If Encountered

11/3/09 27 Emergency Equipment List Locations For Shutoffs, Special Cleanup Equipment and Materials Instructions for Operation, Use

11/3/09 28 Trained First Responders Create Contact List –Firefighters, EMTs, Critical Skills, Other Training Check Legalities with HR Department

TEL382 Wallace Chapter 4

11/3/09 30 Outline Introduction What is a Disaster Recovery Emergency Operations Center? Emergency Operations Center Primary Functions Preparing an Emergency Operations Center Staff Responsibilities When a Disaster Strikes

11/3/09 31 Introduction Emergency Operations Center’s Goal is to Return To Service from Whatever the Business Emergency Was Allows Company Management to Reestablish Organizational Leadership, Allocate Resources, and Focus on Emergency Containment and Recovery. Must be Preestablished, Presupplied, and Its Location Well-Known Before It is Needed Before a Disaster – 3: –Normal Emergency Center for Small or Short Disasters –Longer Duration for More Widespread Disasters –Backup Facility When Primary is Not Usable

11/3/09 32 What is a Disaster Recovery Emergency Operations Center? Physical Place Where All Communications for the Recovery Effort are Focused – Should be Located As Close to Problem Site as is Safe Outward Communications: –Company Executives, General Public, Suppliers, Customers Administrative Support: –Purchasing, Public Relations, Safety, Site Security 3 Essential Functions: –Command & Control –Operational Control –Recovery Planning

11/3/09 33 Emergency Operations Center Primary Functions 2 Parallel Teams: –Containment – Stop Spread of Damage –Recovery – Restore Basic Level of Business Service 3 Essential Functions –Command –Control –Communications

11/3/09 34 Preparing an Emergency Operations Center Electricity Emergency Lighting Sanitary Facilities Medical Kits Office Furniture and Supplies PCs, Printers, Data Network Telephones Copies of BCP Maps, Floor Plans

11/3/09 35 Staff Responsibilities Disaster Containment Manager –Declare That Disaster Exists –Coordinate with Emergency Services –Make Initial Damage Assessment –Select Emergency Operations Center –Activate Disaster Recovery Teams –Coordinates Supplies and Resources Facility Engineering Manager –Owns Floor Plans –Arranges for Skilled Labor for Repairs –Reestablishes Safety Alarms, Emergency Lights and Utilities Others: –Purchasing, PR, HR, Security, Safety, Sales, Facilities, etc.

11/3/09 36 When a Disaster Strikes 3 Initial Actions: –Protect Life –Contain Damage –Communicate

TEL382 Wallace Chapter 5

11/3/09 38 Outline Introduction Lay The Groundwork Departmental Plans Recovery Planning Considerations

11/3/09 39 Introduction Writing Steps: –Lay The Groundwork –Departmental Plans –Recovery Planning Considerations

11/3/09 40 Lay The Groundwork Use Consistent Format What Processes Need a Plan –Every Critical Business Function Who Will Execute How Obvious Is Problem How Much Warning How Long to Continue Until Help Arrives How Soon Must Processes be Restored Are There Any Manual Workarounds

11/3/09 41 Departmental Plans 3 Major Components: –Immediate Actions –Detailed Containment Actions –Recovery Actions Inputs: –Asset List –Critical Process Impact Matrix –Risk Assessment –Process Restoration Priority List

11/3/09 42 Recovery Planning Considerations Planning Continuity of Leadership Insurance Recovery Operations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.