Wipro Consulting Vinay N Disley Implementation Challenges in BCM.

Slides:



Advertisements
Similar presentations
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Advertisements

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Auditing Governance Functions
A briefing about your BCM Programme.  Why BCM  Benefits of BCM  Programme Objectives  Methodology  Tasks & Deliverables Programme Overview.
Discovery – The Next Generation!: Business Context of Risk Presentation to the North London Branch British Computer Society 19 March, 2008 Dr. Victoria.
Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.
Introduction to Business Continuity Planning An Introduction to the Business Continuity Planning Process Including Developing your Process and the Plans.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Security Controls – What Works
Viewpoint Consulting – Committed to your success.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Quality evaluation and improvement for Internal Audit
NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.
1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Charting a course PROCESS.
Privileged and Confidential Strategic Approach to Asset Management Presented to October Urban Water Council Regional Seminar.
Internal Auditing and Outsourcing
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.
Evolving IT Framework Standards (Compliance and IT)
Global Risk Management Solutions Risk Management and the Board of Director: Moving Beyond Concepts to Execution Anton VAN WYK Partner, Global Risk Management.
Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :
Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.
Chapter Three IT Risks and Controls.
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Challenges in Infosecurity Practices at IT Organizations
Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.
Chapter 4 of the Executive Guide manual
Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Microsoft Belgium Security Summit Georges Ataya S olvay B usiness S chool, ISACA Belux Detlef Eckert Microsoft EMEA.
IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.
TREASURY REGULATIONS’ CHANGES AND POTENTIAL IMPACT
SecSDLC Chapter 2.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Kathy Corbiere Service Delivery and Performance Commission
Institute Of Hospital Engineering, Australia Infrastructure Business Continuity Planning Practical Problems Encountered Neil Whittington (Arnold Risk Consulting)
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.
Exercising, Maintaining and Reviewing BCM Arrangements ERMAN TASKIN
Dolly Dhamodiwala CEO, Business Beacon Management Consultants
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
Business Continuity Management Business Continuity Management (BCM) is a holistic management process that identifies potential impacts that threaten an.
Business Continuity Planning 101
ISACA Accra, Kumasi Workshop September 2013 Business Continuity Management Compiled and presented by: Eric Magnusen ( BCM Consultant) BCM-Consult, Al Faslu.
Telephone : +234 (0) | Website : Registered company : Telephone : +234.
Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.
Chris Lintern Co-operative Financial Services
San Francisco IIA Fall Seminar
I have many checklists: how do I get started with cyber security?
CAYMAN ISLANDS MONETARY AUTHORITY
INPUT OUTPUT ASSURANCE
Cyber Security in a Risk Management Framework
A Risk Management Approach to Business Continuity
A Risk Management Approach to Business Continuity
Data Governance & Management Skills and Experience
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Role of State Audit Bureau of Kuwait in promoting and audit of IT Security  
Presentation transcript:

Wipro Consulting Vinay N Disley Implementation Challenges in BCM

Index >Presentation Agenda >Components of BCM >Implementation Challenges in BCM >Conclusion separately

Presentation Agenda “To highlight key BCM Implementation Challenges that organizations face while drawing up a BCM framework and its subsequent Roll-out as part of their BCM Journey”

BCM Components Exercising, Maintenance & Audit Understanding your Business Building & Embedding BCM Culture BCM Program Management Develop & Implement BCM Response Business Continuity Strategies Source: Business Continuity Institute

Challenges in BCM Implementation

1# Lack of Understanding Source: Business Continuity Institute Only 42% of the respondents have correctly answered: “ BCM is protecting the core running of the business if an unexpected event occurs.” No references to Reputation Risk or failure of Suppliers Telecom failures & backup of IT Systems also referred as BCM 32% of respondents still perceive Disaster Recovery as BCM

2# Expanding Threat List Source: Chartered Management Institute BCM Research Report, Disruption table reflects, no threat can be ignored or discounted. Sharp rise in incidents due to extreme weather from 9% in 2006 to 28% in 2007 Threats like utility outages and industrial actions which were not identified separately till 2004, occupy 28% share in 2007 In 2007 alone, BCP was invoked for all the identified threats

3# Changing Risk Profile Source: Business Continuity Institute 28% of respondents perceive terrorist threat as the biggest threat to the business in the forthcoming years. Top three threats are external threats, where organizations have little control over the prevention and management High reliance on governmental guidance and support to provide an effective response against these external threats IT Failure is the first internal threat that tops the list Telecom failure are perceived to be a low risk area

4# Mapping of Right BCM Drivers Source: Business Continuity Institute Identifying “PUSH” and “PULL” factors for your organization is critical to the success of BCM Implementation. Regulatory compliance “PUSH” factor is the third most important factor identified by respondents Protecting employees, retaining customers and maximizing productivity are the critical “PULL” factors identified by respondents

5# Stakeholder Identification & participation Source: Chartered Management Institute BCM Research Report, 2006 Only 36% of respondents confirmed involvement of business functions in the creation of the BCP. Human Resources function rose from fourth in 2005 to top of the table in 2006 IT functions still plays greater role on BCP front in most of the organizations External parties like critical vendors and suppliers are still to find a separate place in the creation phase of BCP

6# Having the Right Ownership Source: Business Continuity Institute Business Continuity Management is no longer seen as an extension of IT with only 28% of IT personnel taking responsibility for Business Continuity. Overall, 60% of the organization have BCM ownership with Senior Management and Board Members 27% of the organizations have personnel dedicated to BCM Close to 30% of the organization have BCM ownership assigned to middle-level managers or operational staff

7# Capability Evaluation Source: Chartered Management Institute BCM Research Report, % of respondents refer to some sort of best practice guidelines to align, validate and benchmark their BCM processes. Legislation and Regulations have come out to be strong drivers for BCM Capability evaluation BCM Capability evaluation has been identified as critical activity by most of the respondents

8# BCM Communication Source: Chartered Management Institute BCM Research Report, 2006 Only 1 in 10 organizations are communicating their BCPs to suppliers and just 19 per cent to customers. BCPs continue to be primarily reported to senior management and board teams Little communication to investing community on BCP front 22% of the organization regularly communicate to Regulators on BCP front

9# Budgetary Support Source: Chartered Management Institute BCM Research Report, per cent of respondents who have a BCP indicate that there is no budget to back it up. Managing Directors are most likely to hold budget for BCM Some organizations have also emerged with dedicated BCM Manager with budgetary powers

10# Testing Source: Chartered Management Institute BCM Research Report, % of respondents reported that they do not rehearse their BCPs at all. Thus There is a danger that many of these plans will not work when most needed. % of Managers whose organization rehearse their BCP once or twice a year have not changed considerably in last few years Customers who are the second biggest driver for BCM, have failed to demand strong evidence of BCP rehearsal from their suppliers 80% of those who have rehearsed had come across shortcomings in their BCPs

Other Common Challenges >Changes in Business Environment (New Services/M&A/ People transition/New Operating Geographies etc) >Building BCM Culture (Value Add to my Business/People Element /Additional Roles & Responsibilities/Not part of Core Business/Low probability) >Continuous Review, Validation & Audits (Management effort & Commitment/ Updating Documents/ Communicating new changes/ Full time effort/ Budgetary constraint on dedicated resources) >Changing Regulatory Landscape (New Legislations & Regulatory Requirements [HIPAA/SOX/Basel II/Civil Contingencies Act]/ Dedicated and Skilled team to meet compliance requirements/ Strong and Continuous Audit Support) >Skilled Manpower (Shortage of Domain Experts/Budgetary Constraints)

Conclusion Project Initiation PolicyOrganisationResourcesScope Business Impact Analysis Risk Assessment Recovery Strategy Create Planning Organisation Continuity ProcessRisk ReductionDesign Procedures Testing Change MgtEducationTestingReview Process One Time On Going BCM Framework Management Ownership & Support Corporate Governance Global Best Practices Strong BCM Culture

“An excellent strategy without execution will result in failure. And, perfect execution of a bad strategy will still result in failure.." Thank You

19 Advisory Information Risk Mgmnt BCP/ DRP Policy Framework Application Audits ISO Assurance Implementation Services Awareness & Training Balanced Score Card Information Asset Profiling CISO Services Identity Management Single Sign On/ Directory Solns User Provisioning WSS & PKI Design Evaluate Implement Sustenance, Post Production Technical Risk Assessment Vulnerability Assessment Penetration Testing Forensic Services Application Testing Technology Security Solutions Compliance Basel II AML Sarbanes Oxley SSE-CMM ISO Data Protection/ Privacy Wipro’s Security Governance Offerings (Horizontal) Wipro’s Service Offerings

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.