About Your Presenter Debbie Vander Bogart Senior Director, Finance General Manager, Shared Service Center, Levis Strauss & Co. Debbie joined Levi Strauss & Co. as Senior Director and Finance General Manager of the Shared Services Center. She was formerly Director of Payables and Cash Processes, Gap Inc. Debbie began her career at Gap as a finance manager, soon handling merchandise procure- to-payment responsibilities. Prior to joining Levi Strauss & Co., at Gap Inc. she had responsibility for all payables processes including real estate, travel accounting, and trade finance, where she implemented Web-based travel settlement and p-cards. In addition, she had responsibility for the Cash Processes organization, allowing process oversight for revenue through disbursement for all Gap Inc. brands. From the procure-to-pay perspective Debbie has been a driving force for adoption of best practices and scaling technology to grow with the company. Through Gap’s ERP implementation and adoption of additional best practices, Debbie guided Payables and Cash Processes toward eliminating paper documents, using advancing technology solutions to scale with Gap’s continued growth to provide additional competitive advantage for the company.
Business Continuity Planning (Source: Wikipedia) Business continuity planning (BCP) is the creation and validation of a practiced logistical plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption. The logistical plan is called a business continuity plan.logisticalplan organizationcriticaldisaster The intended effect of BCP is to ensure Business continuity, which is an ongoing state or methodology governing how business is conducted.Business continuity
Business Continuity Planning (Cont’d.) In plain language, BCP is working out how to stay in business in the event of disaster. Incidents include local incidents like building fires, regional incidents like earthquakes, or national incidents like pandemic illnesses. BCP may be a part of an organizational learning effort that helps reduce operational risk associated with lax information management controls. This process may be integrated with improving information security and corporate reputation risk management practices.organizational learningoperational riskinformation managementinformation securityrisk management
that’s a lot of words… I thought this session would help me make it simple?!?! It will!! Let’s keep going …
What is Business Continuity Planning REALLY? A Business Continuity Plan should be a blueprint of how to keep your business running in the event of a disruption or disaster.
The BCP Cycle Analysis Design Implementation Testing Maintenance For simplicity … break the process into 5 basic parts
Step ONE: Analysis Perform Business Impact Analysis and Risk Assessment Determine size and scope of plan Use templates to capture critical business functions and resource needs – adapt from TAPNs templates Interview functional leaders/staff to eliminate assumptions and gaps
Toolkit on TAPN: Adapt, Don’t Reinvent!
Sample Template: Adapted
Sample Template (Cont’d.)
Step TWO: Design Keep it simple and easy to use Don’t reinvent the wheel, adapt from others Plan elements should include: ―Scope and Objective ―Crisis team structure, roles & responsibilities ―Emergency contact information ―List of critical business functions, their recovery objectives and required resources ―Recovery work facility arrangements ―Activation plan and process flow ―Defined testing and maintenance procedures Use TAPN’s toolkit!!!
Step THREE: Implementation Train Crisis Team and other critical staff Educate and inform internal and external business partners Ensure critical function plans are in effect ―procedures updated ―vital records stored ―ALL staff trained Launch on-going employee awareness program
Step FOUR: Testing Start small, prioritize tests by risk Various levels & methods of testing; tabletop/checklist, simulation/walkthrough, functional drill, full scale interruption Any gaps discovered during testing should be documented for inclusion in the next testing & maintenance cycle Testing should be performed at least on an annual basis, more is always better Management should review and understand the final results of testing
Step FIVE: Maintenance Plan manager should ensure all documentation is current – recommend quarterly Ensure minimum of 1 test per year, if you break it into parts you can test ‘pieces’ throughout the year, but try to bring it all together at least once per year The sub-documentation that supports the plan, such as desktop procedures or system documentations should be stored in multiple locations off-site from the facility and the servers to ensure access Don’t put it on a shelf and forget it!!!
Wisdom for BCP (a.k.a. Best Practices) Assign a plan manager, its an accountability thing! Define a Crisis Team with structure and roles A BCP is a living document, update it regularly Don’t try for the “perfect BCP,” it’ll be outdated by the time it’s published Testing of critical functions should be done at least annually Plan documents should be easily accessible
Wisdom for BCP (Cont’d.) Don’t use complicated terminology, make it as clear and simple as possible Test scenarios should be meaningful and realistic Involve stakeholders in every step of the process
Helpful Links &Resources TAPN Continuity Central Continuity Insights Business Continuity Institute