9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process.

Slides:

Advertisements

Similar presentations

Information Technology Disaster Recovery Awareness Program.

Advertisements

Making Business Continuity Childs Play Business Continuity Management Presentation to January 2006 Mick

University of York Planning for Process Review. Using our Vision, Strategy and Medium Term Planning to inform our business and process change agenda..

Business Continuity Training & Awareness by Sulia Toutai (ANZ)

BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.

Disaster Preparedness I Lessons Learned Don Hall Thomson Prometric 2006 Annual ConferenceAlexandria, Virginia Council on Licensure, Enforcement and Regulation.

1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.

BUSINESS CONTINUITY MANAGEMENT THROUGH STANDARDS AND BEST PRACTICES Jasmina Trajkovski, CISA, CISM.

Service Design – Section 4.5 Service Continuity Management.

1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.

Business Continuity Planning Jeremy Stacy. Objectives Understand the steps in Business Continuity Planning Understand the terminology used in Business.

1 Business Continuity: The sixth international payment system conference MNB, Budapest 14 November, 2007.

Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.

© Beaworthy Consulting & IDW Ltd 2011 Reporting ‘ROI’ to stakeholders (1) FormatsNotesFrequency Annual Report Important in positioning LIS as a core service.

Implementing BCM Lynda McMullan CBCI Business Continuity Manager.

The Australian/New Zealand Standard on Risk Management

Service Design – Section 4.5 Service Continuity Management.

Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Business Continuity The Basics Emergency Planning and Business Continuity Team.

By Jeff Fetherolf. Business Impact Analysis (BIA) A process of having the business process owners, business subject matter experts, etc. identify the.

Gulf Coast Energy International Business Continuity / Disaster Recovery Planning and Design Proposal Prepared by Andrew Rolf, Felipe Torres, Pranay Jaiswal.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

1 Continuity Planning An Overview…. 2 Continuity Planning Bill Scott CBCP Contingency Planning Coordinator Great Lakes Educational Loan Services, Inc.

Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.

November 2009 Network Disaster Recovery October 2014.

Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.

RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.

Business Continuity and Disaster Recovery Chapter 8 Part 2 Pages 914 to 945.

Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :

ISA 562 Internet Security Theory & Practice

Incident Management By Marc-André Léger DESS, MASc, PHD(candidate) Winter 2008.

David N. Wozei Systems Administrator, IT Auditor.

Business Continuity & Disaster Recovery

Expecting the Unexpected By Shaun Lindfield. Nearly 1 in 5 businesses suffer a major disruption every year. Yours could be next. With no recovery plan,

1. 2 Cost to Recover Time to Recover Last Backup Work Backlog Created Lost Data Recovery Operations Time Cost Disaster Recovery Time Frame Reconstruct.

Inspire Personal Skills Interpersonal & Organisational Awareness Developing People Deliver Creative Thinking & Problem Solving Decision Making, Prioritising,

Perspectives on Business Continuity Management Bill Wheeler, EPO.

Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.

DRP World Class Operations - Impact Workshop Info-Tech Research Group, Inc. Is a global leader in providing IT research and advice. Info-Tech’s products.

Paul Hardiman and Rob Brown SMMT IF Planning and organising an audit.

Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.

STEP 4 Manage Delivery. Role of Project Manager At this stage, you as a project manager should clearly understand why you are doing this project. Also.

Queen’s Management & Leadership Framework

Chapter 16 Presented By: Stephen Lambert Disaster Recovery and Business Continuity.

Project management Topic 1 Project management principles.

Institute Of Hospital Engineering, Australia Infrastructure Business Continuity Planning Practical Problems Encountered Neil Whittington (Arnold Risk Consulting)

Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.

Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.

Business Continuity Disaster Planning

NHS England Emergency Preparedness, Resilience and Response (EPRR) Business Continuity Management NHS Workshop

Business Continuity Management 101. KeepItSafe Professional Services The portfolio of business continuity management is to ensure we assist our clients.

A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.

AUDITING BUSINESS CONTINUITY PROGRAMS AND PLANS What to Look For Presented by: Tommye White, CBCP, DRP Chuck Walts, CBCP, CRP.

Disaster Recovery Management By: Chris Rozic COSC 481.

Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-VI)

Business Continuity Planning 101

Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-I)

The Lead Agency Council Sports Trust (Sport Otago) Cluster of clubs Interested parties / other.

MANAGEMENT of INFORMATION SECURITY, Fifth Edition.

© PreEmpt, Inc. Common Misconceptions 1 In Business Continuity Planning.

THINK DIFFERENT. THINK SUCCESS.

Business Continuity Plan Training

Fundamentals of a Business Impact Analysis

Audit Planning Presentation - Disaster Recovery Plan

Personal Introduction

The "Who, What, When, Where, Why, and How" of a

CAYMAN ISLANDS MONETARY AUTHORITY

Developing and testing the Plan

Presentation transcript:

9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process

Why perform a Business Impact Analysis ? If you don’t know what the impacts are to your business processes and systems, there is no way to focus how you are going to recover as well as to write your Business Continuity Plan

Life Cycle of BCM

Key BIA Objectives To enable business areas to determine their critical business activities To increase BCM awareness and identify impacts that business interruption will cause to the business and customers To establish and prioritise timelines for the recovery of critical business processes, resources, systems and documentation To identify inter-dependencies

Determine Critical Business Activities The key activities during this stage are to: Define the business area and its location of business At a high level, identify key functional responsibilities/processes and associated tasks undertaken by the business area

Positioning the BIA process ? Understanding the Business (who we are, what we do) Understanding the Organisation (who does what) BIA Ownership (what are our priorities) Buy-In (managing expectations)

Impact Assessment The key activities during this stage are to: Determine the impact to the business if the business processes could not be performed, in a worst case scenario Apply a financial, reputational & legal/compliance risk criteria impact against each business process Use at a minimum the following time scales – within 1 day, within 1 week, within 4 weeks, after 1 month Use the severity ratings – High, Medium, Low

Recovery Objective Setting Against each defined business process, identify the Recovery Time Objective (RTO) & the Recovery Point Objective (RPO) RTO – Is the maximum acceptable downtime that the business is prepared to accept before the process will need to be recovered (this measurement is independent of the RPO) RPO – The point to which you require IT to restore your data to the backup systems in order to achieve your recovery objectives

Recovery Profile Analysis The key activities are to identify and prioritise using the defined timescales the following: Applications required to perform the business processes Resources required to perform the business processes Equipment (IT/Other) required to support the business processes Documentation required in the performing of the business processes

People Facilities Information Equipment Systems Data Identify essential items to recover Business Processes

Dependency Analysis Identify key interactions & dependencies between departments, other locations and business partners (internal & external) that are part of the business processes Identify cross-Business Unit business priorities for Strategic Business Units that share technology, facility, or staff support resources that may be constrained in a crisis

BIA Maintenance At a minimum, the BIA must be updated once annually Or sooner if there are changes in the business composition or business processes

Next Steps …….. Findings from a BIA must be used to make decisions concerning Business Continuity Management strategies and solutions Business Criticality vs Costs (what the business is prepared to pay for)