Nick Simms Director, Cornwood Risk Management

Slides:



Advertisements
Similar presentations
Disaster Recovery The People Dimension. Today’s Agenda Why bother with any Disaster Recovery/Business Continuity Planning? Importance of the People Factor.
Advertisements

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Buying Better Outcomes Workshop 4 Equalities and Contract Management If you do not take it seriously, why should the supplier?
Flexible Solicitation Formats in Public Competitive Procurement.
Grow Your Business through Contact Centre Outsourcing Fanny Vaz Director, Personal Market Unit, CTM.
Systems Development Audit. Principles  To check that they system is producing the expected results  Ensure that the appropriate controls are operating.
Chapter 4 Internal Control Bus 319 Accounting Information Systems.
Not everything in life is black or white Managing Consultant David J. Window AMBCI/CIPS Continuity Ltd Company Registered Number:
Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA The policy advocacy and regulatory work of the GSMA Mobile Money team.
Computer Security: Principles and Practice
Copyright © 2014 Lender Performance Group, LLC. All rights reserved. Managing risks associated with third-party relationships, in other words Vendor Management.
Session 3 – Information Security Policies
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Chapter 4 Internal Controls McGraw-Hill/Irwin
© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.
School Technology Solutions, LLC Technology Audits What's in it for you? 4 th Annual SW/WC Technology Conference March 11, 2010 Presenter: Lee Whitcraft.
Good Governance in Superannuation Funds
Overview of Systems Audit
How To Make Shared Services a Success Carol Mills Director of HR University of Liverpool.
Incident Management By Marc-André Léger DESS, MASc, PHD(candidate) Winter 2008.
Disaster Recovery Strategies & criteria for evaluation of information management strategies.
DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying.
Paul M Kane Director, Issues to think about! APTLD Members’ Meeting in Kuala Lumpur 1 – 2 March 2010 Contingency Planning.
ISA 562 Internet Security Theory & Practice
Service Management Processes
Presentation Content Our service catalog Remote DBA Service Proactive DBA Service Why use Citagus’ Managed Solutions Benefits Our Value Proposition.
© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC Standard for Information Security Management Systems.
Business Continuity and Disaster Recovery Planning.
Cyber Security & Fraud – The impact on small businesses.
NPL and Risk Management Advisory IFC – ASROS Cooperative Project Russian Federation.
How to audit the role of the vendor in the conduct of outsourced studies Kristel Van de Voorde Director Global Quality Regulatory Compliance Bristol-Myers.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
College Reviews An Overview Presented by Howard Lutwak, CIA Director of Internal Audit January 2004.
SECURITY CONSULTING /DISASTER RECOVERY SERVICE The “Must Have Plans” for a Business in the World of Tomorrow.
Business Continuity ALARM 04 CONFERENCE How to start a Business Continuity Plan by Bill Sulman and Jon Chesher Heath Lambert Group.
ISACA Malta – MFSA MFSA The Banking Unit’s On-Site Inspection Function.
1 Supply Chain Risk Management Vinod R. Singhal Scheller College of Business Georgia Institute of Technology Atlanta, GA, 30332
Sub-Custodian Risk John M. Cotter Vice President & Global Network Manager March 31, 2010  Please consider the impact on the environment before printing.
1 Instructions to bidders  Eligibility  Procedure for clarifications  Bid preparation - form  Number of copies, addressee  Language  Pricing and.
Chapter 12 Implementation and Maintenance
ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd.
November 13, 2008www.infosecurity.ca.gov1 What’s New! Presented by Colleen Pedroza.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
1 Please contact Karl Cook at:- or on RED Consulting DIRECTORY OF SERVICES n THE BUSINESS HEALTH CHECK  Examines.
The Importance of Proper Controls. 5 Network Controls Developing a secure network means developing mechanisms that reduce or eliminate the threats.
GDJ Consultancy Ltd Gareth Jones –Director Telephone: Jan Hoskins- Procurement Manager Telephone:
Principles of I-4 Risk Management. 2 Prevention of Serious Incidents is The Highest Priority.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
 How well is your organisation prepared for internal or external emergency situations? ◦ Do you consult with relevant emergency agencies? ◦ Do you.
CERN - IT Department CH-1211 Genève 23 Switzerland t A Quick Overview of ITIL John Shade CERN WLCG Collaboration Workshop April 2008.
2.8 Crisis Management and Contigency Planning Chapter 17.
Value for Money an outcome focussed approach John Bolton Director of Community Services Coventry City Council.
SueDon Ltd - Business Continuity Management BCM Overview ©1999 SueDon Ltd Business Continuity Management.
Quality & Regulatory Expectations of Outsourcing Oversight Nicky Dodsworth, VP Global Quality Assurance.
Contingency Planning. Planning now, about how to deal with a crisis in the future, is called Contingency Planning. A crisis is usually an unforeseen event.
Managing Information Security Personnel By Christopher Boehm.
References: Supply Chain Saves the World. Boston, MA: AMR Research (2006); Designing and Managing the Supply Chain – Concepts, Strategies and Case Studies;
Managed IT Services JND Consulting Group LLC
Business Continuity Planning 101
Welcome to the ICT Department Unit 3_5 Security Policies.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Washington State Auditor’s Office Third Party Receipting Presented to Washington Public Ports Association June 2016 Peg Bodin, CISA.
DCT Facilities Management Ltd has an enviable track record of helping organisations of all sizes turn their FM operations around. We work with in-house.
A Quick Overview of ITIL
Outsourcing Policy & Procedures
Design for Security Pepper.
Operational procedures for preventing misuse
IT OPERATIONS Session 7.
Presentation transcript:

Nick Simms Director, Cornwood Risk Management What Contingency Planning should you demand as part of Outsourcing Contracts? Nick Simms Director, Cornwood Risk Management

3 TYPES OF DISRUPTION Supply Supplier Our own 3

4 TYPES OF CONTINGENCY Prevention Detection Escalation Correction

SUPPLY DISRUPTION - CAUSES Disaster System failure Security breach Data corruption Transmission failure People 3rd party failure 3

CONTINGENCY Remove Force majeure clauses Agree Service Levels and responsibilities Require supplier to assess and manage risk Audit its own suppliers Succession planning Tested back-ups Tested recovery plans Agree Triage plan Understand where you fit in their priorities Document and test internal workarounds Data reformatting Agree escalation plan 3

SUPPLIER DISRUPTION - CAUSES Bankruptcy Closed by courts Withdrawal from market 3

CONTINGENCY Conduct credit checking Take up references Review supplier news regularly Ensure constant dialogue Develop plans for bringing service in-house Identify alternative supplier (s) 3

OUR DISRUPTION - CAUSES Disaster System failure Security breach Receipt failure 3

CONTINGENCY Ensure supplier can redirect service Test supplier’s ability to provide additional services Include on-site supplier staff in evacuation plan Agree Communication plan Outsourcer’s management Outsourcing staff working on-site 3

SUMMARY Outsourcers are an integral part of your business Ensure you are managing your risk and ensure that your suppliers are managing it too.

CORNWOOD CONSULTING Provides Business Continuity and Operational Risk consultancy and training services primarily to Investment Banks and their support community

CONTACT DETAILS Nick Simms Cornwood Risk Management Ltd 14 Greenhalgh Walk London N2 0DJ Tel: 020 8731 6510 Fax: 020 8731 6511 E-mail: nicksimms@cornwood.co.uk Internet: www.cornwood.co.uk