Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business Continuity Planning Completing a Business Impact Assessment Pamela Hill Managing Director Hyperion Global Partners Judi Flournoy CIO Loeb & Loeb.

Published byDelilah Carter Modified over 8 years ago

Similar presentations

Presentation on theme: "Business Continuity Planning Completing a Business Impact Assessment Pamela Hill Managing Director Hyperion Global Partners Judi Flournoy CIO Loeb & Loeb."— Presentation transcript:

1 Business Continuity Planning Completing a Business Impact Assessment Pamela Hill Managing Director Hyperion Global Partners Judi Flournoy CIO Loeb & Loeb LLP

2 Business Impact Assessment Purpose – To understand how a disaster or business interruption will impact your business From a business process perspective From a technology perspective Allows you to define recovery time/recovery point objectives (RTO/RPO) – Create a 360 degree view of a process Technology People Process Inputs/outputs Vital records

3 Create a 360 View of Recovery

4 1.Gather information Survey Face to face Hybrid Recommend hybrid Survey first Follow up with interviews 2.Interviews allow you To push back on the “I want it all yesterday” approach many people will take To understand how the process is enabled by the underlying technology Discuss ways to work without technology for short periods of time Ask clarifying questions regarding inputs/outputs so you understand the process/information flow BIA Process

5 Survey questions – Discuss Example FINAL BIA and Home Computing Survey.pdf Process name Who does it Define inputs/outputs What processes, departments and people provide input What processes, departments and people receive information from you/your process Define underlying technology What is it How long can you be without it before it impacts your processes How much data can you lose and reasonably expect to recover – This is an IT consideration - don’t ask the end user this question BIA Process

6 Interview – What to Focus On – Describe your existing process(es) How do you use technology to complete the process – Detail all of the underlying technology – Don’t forget to start at the desktop Local applications or how the applications are accessed Security related items such as IP recognition for efiling, digital certificates, etc. – Understand where data are stored (even if you think you already know) BIA Process

7 Interview – what to focus on – Discuss how to complete the process if the office/app/data is/are unavailable – Discuss how to work remotely with their applications Identify trends for training opportunities Discuss post-disaster security considerations (e.g., won’t require an RSA token following a disaster) Discuss applications that are not on the remote access list (and why) – Be honest in your explanation of current recovery capabilities for applications and data This is an opportunity to educate – use it! BIA Process

8 What to do with the information – Compile it into usable bite-sized documents by audience Executive Team – Critical processes by RTO – Business recovery strategy » Final Sample BC Strategy.pdf Final Sample BC Strategy.pdf Operations/Facilities Team – Workspace requirements IT – RTO/RPO – Hardware/software requirements – Special considerations like digital certs/IP address authentication HR – People related to processes – Work from home capacity BIA Process

9 What to do with the information – Create a list of RTO/RPO – Complete a gap analysis of current recovery capabilities to what users expect – This information tells you Technical priority restore list What to focus BC/DR dollars and resources on What to focus people, workspace, and other resources on during a recovery BIA Process

10 0 – 4 Hours1 Day2 – 3 Days3 – 5 Days Network WAN Security Remote access Email continuity Mobile messaging Phones Documents Contact information Email recovery Records Conflicts/intake Filings Calendar/ docket Lit support Intra/extranets Workspace Accounts receivables Financial systems Cost recovery Practice apps Sample Critical Apps/Services

11 On-going Analysis – Threat Assessment Are there new threats? – HITECH Act – Privacy rules Has your organization’s vulnerability to any threat changed? Would the impact of certain risks be more devastating now than previously? Has the likelihood of any threat occurring increased? – BIA Follow up – see example Any significant change in technology Back end integration End user interface and/or workflow New applications BIA Process – Change Management

12 Free Resources Disaster Recovery Journal http://www.drj.com/ Sample plans http://www.drj.com/index.php?option=com_content&task=view&id=259&Itemid=298 The institute for continuity management https://www.drii.org/ Disaster recovery and business continuity supercast http://searchcio.techtarget.com/generic/0,295582,sid182_gci1267493,00.html The source for business continuity http://www.disaster-resource.com/ CPM focused on convergence of business continuity,and security http://www.contingencyplanning.com/ Business Continuity Links http://www.rothstein.com/links/rothstein_recommended2.html

13 Questions? Thanks for coming! www.hgplive.comwww.hgplive.com (pandemic blog) Pamela Hill phill@hyperiongp.com 217.778.6976 Judi Flournoy jflournoy@loeb.com 310.282.2050

Download ppt "Business Continuity Planning Completing a Business Impact Assessment Pamela Hill Managing Director Hyperion Global Partners Judi Flournoy CIO Loeb & Loeb."

Similar presentations

RETURN TO MAIN 1 Mobile Messaging, Remote Access and DR/BC Planning – What Does Working Remotely Really Mean? Presented by: Doug Caddell Chief Information.

RETURN TO MAIN 1 Mobile Messaging, Remote Access and DR/BC Planning – What Does Working Remotely Really Mean? Presented by: Doug Caddell Chief Information.
Business Continuity Training & Awareness by Sulia Toutai (ANZ)

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
CTS Strategic Roadmap Walkthrough, v1.2 Dan Mercer.

CTS Strategic Roadmap Walkthrough, v1.2 Dan Mercer.
BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.

BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.
1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.

1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.
CIOassist Technologies Your CIO on Demand… Business Continuity Planning Our Offering CIOassist Technologies (www.cioassist.in)www.cioassist.in

CIOassist Technologies Your CIO on Demand… Business Continuity Planning Our Offering CIOassist Technologies (
University of Florida Incident Tracking and Reporting Kathy Bergsma

University of Florida Incident Tracking and Reporting Kathy Bergsma
1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.

1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.

Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.

1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
SSL From Your Smartphone Support for Android Smartphones www.sharetech.com.twwww.sharetech.com.tw / www.higuard.comwww.higuard.com.

SSL From Your Smartphone Support for Android Smartphones /
IT Risk Mitigation Lewan Technology, Agility Recovery, FORTRUST & Woodruff Sawyer.

IT Risk Mitigation Lewan Technology, Agility Recovery, FORTRUST & Woodruff Sawyer.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.

1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
Building a Case for Digital Migration Anna Stratton Director, Information Management Southwest Solutions Group 1 Created in partnership with ARMA International.

Building a Case for Digital Migration Anna Stratton Director, Information Management Southwest Solutions Group 1 Created in partnership with ARMA International.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)

EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
Discovery Planning steps (1)

Discovery Planning steps (1)
RBTC: Business Continuity 101 July 18, 2013. What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.

RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.

Similar presentations

Ads by Google