Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.

Slides:



Advertisements
Similar presentations
Museum Presentation Intermuseum Conservation Association.
Advertisements

THE ROLE OF CSDs DURING ENVIRONMENTAL CRISIS OR OPERATIONAL DISRUPTION THE ROLE OF CSDs DURING ENVIRONMENTAL CRISIS OR OPERATIONAL DISRUPTION A PRESENTATION.
A Brief Overview of Emergency Management Office of Emergency Management April 2006 Prepared By: The Spartanburg County Office of Emergency Management.
Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,
October In May 2000, Walkerton’s drinking water system became contaminated with deadly bacteria, primarily Escherichia coli O157:H7.1 Seven people.
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
1 Continuity Planning for transportation agencies.
© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.
Business Crisis and Continuity Management (BCCM) Class Session
Business Services Emergency Preparedness. Agenda Emergencies Emergencies Business Continuation Business Continuation University Plan University Plan Building.
Planning for Contingencies
Session 3 – Information Security Policies
1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.
ITIL Process Management An Overview of Service Management Processes Presented by Jerree Catlin, Sue Silkey & Thelma Simons.
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Session No. 3 ICAO Safety Management Standards ICAO SMS Framework
© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Making Business Continuity Child’s Play Solutions Ltd Business Continuity Management Contact details: Contact : Mick O’Regan Mobile :
1 OPHS FOUNDATIONAL STANDARD BOH Section Meeting February 11, 2011.
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
A Major Business Disruption A Strategy for Minimising the Downtime Anthony Hegarty Mitigating Risks.
ISA 562 Internet Security Theory & Practice
Service Management Processes
David N. Wozei Systems Administrator, IT Auditor.
ITIL Process Management An Overview of Service Management Processes Thanks to Jerree Catlin, Sue Silkey & Thelma Simons University of Kansas.
Business Continuity & Disaster recovery
2010 Virginia RIMS and PRIMA Conference October 5, 2010 Business Impact Analysis: The Road Map to Managing Risks.
By Srosh Abdali.  Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure.
Perspectives on Business Continuity Management Bill Wheeler, EPO.
Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.
THE LOW DOWN ON RISK ASSESSMENT HOW SAFE ARE OUR CITIES?
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.
Screen 1 of 20 Vulnerability Vulnerability Assessment LEARNING OBJECTIVES Define the purpose and scope of vulnerability assessment. Understand how vulnerability.
THE COUNTY OF YUBA OFFICE OF EMERGENCY SERVICES The Disaster Mitigation Act of 2000.
TREASURY REGULATIONS’ CHANGES AND POTENTIAL IMPACT
Key Terms Business Continuity Plan (BCP) – A comprehensive written plan to maintain or resume business in the event of a disruption Critical Process –
Key Words in disaster Management Dhammika Mahendre.
9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
 How well is your organisation prepared for internal or external emergency situations? ◦ Do you consult with relevant emergency agencies? ◦ Do you.
Swedish Risk Management System Internal management and control Aiming to Transport Administration with reasonable certainty to.
Chapter 3: Business Continuity Planning. Planning for Business Continuity Assess risks to business processes Minimize impact from disruptions Maintain.
Business Continuity Disaster Planning
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
S3.1 session day 3 1 training delivered by Oxfam GB, RedR India and Humanitarian Benchmark; January 2012, Yangon, Myanmar approved by the Advisory.
Business Continuity Management 101. KeepItSafe Professional Services The portfolio of business continuity management is to ensure we assist our clients.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.
Horizon 2020 Secure Societies Disaster-Resilience Workshop 18 Mar /06/2016.
Business Continuity Management Business Continuity Management (BCM) is a holistic management process that identifies potential impacts that threaten an.
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-VI)
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-I)
MANAGEMENT of INFORMATION SECURITY, Fifth Edition.
THINK DIFFERENT. THINK SUCCESS.
Community Health Centers of Arkansas Hazard Vulnerability Assessment Workshop August 11, 2017 Mark Fuller.
DISASTER VULNERABILITY, RISK AND CAPACITY
Utilizing Your Business Continuity Plan.
Business Impact Analysis
The case for a disaster recovery strategy for component XYZ
THE COUNTY OF YUBA OFFICE OF EMERGENCY SERVICES
BUSINESS CONTINUITY BY HUI ZHENG.
Business Continuity / Recovery
Hazards Planning and Risk Management Risk Analysis and Assessment
Audit Planning Presentation - Disaster Recovery Plan
Personal Introduction
Business Continuity Basics
Cyber Security in a Risk Management Framework
Conducting a Business Impact Analysis (BIA)
Presentation transcript:

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective Role of ICT toward Business Continuity Management Preparing ICT towards Electrical Business Continuity AGENDA:

Reliability of the electrical service Electricity is an indispensable part of modern day life. Our economy, job, healthcare, and livelihood all depend upon constant supply of power. A disaster is a natural or man-made hazard resulting in an event of substantial extent causing significant physical or economic damages, it can also cause loss of lives or drastic changes in environment. Faced with a disaster situation, it is usually tolerated a degradation of electric supply service for a short period of time

Recently majors blackouts The July 2012 India blackout was the largest power outage in history, occurring as two separate events on 30 and 31 July The outage affected over 620 million people, about 9% of the Word population. The outage affected over 620 million people, about 9% of the Word population. An estimated 32 GW of generating capacity was taken offline in the outage. Electrical power was restored in the affected locations between 31 July and 1 August 2012 The 2009 Brazil and Paraguay blackout was a power outage that occurred throughout much of Brazil (affecting 60 million people in Brazil) and, for a short time, the whole Paraguay on November 10, 2009.

Other kind of risk Not all risks to business of a utility are linked to a prolonged outage. In 1993 the upper floors of the headquarters of UTE were burned. Although this caused chiefly the loss of human lives, there were also there the only processing data centre, the PBX, the call centre for customer care, and the leased lines connecting the central office with other administrative or technical offices. There was no blackout, but the commercial system stopped working for a month and support services were seriously affected. The situation returned to normal after a year, taking significant losses.

Reliability of an ICT service Technological issues and vulnerabilities arising from resources concentration, as the example above, have historically pushed to increasing reliability in ICT services. In an electric utility, the ultimate goal is not the ICT service, but the electrical business. Therefore, the reliability of ICT services will be relevant to the extent that they support the business objectives.

Business Continuity Management (BCM) BCM is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. BCM is about prevention, seeks to establish a culture within organizations to generate greater resilience to ensure continuity of service delivery.

Source: Business Continuity Institute Business Continuity Management (BCM)

BCM is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. BCM is about prevention, seeks to establish a culture within organizations to generate greater resilience to ensure continuity of service delivery.

Business Continuity Management (BCM) In a BCM context, the level of risk should be understood specifically regarding to the organization’s critical activities and the risk of a disruption to these. Critical activities are underpinned by resources such as people, processes, technology infrastructure and physical infrastructure The organization must understand the threats to these resources, vulnerabilities of each one, and the impact of a threat if it became an incident and caused a business interruption.

Business Impact Analysis (BIA) The whole concept of business continuity is based on the identification of all business functions within an organization, and the assignment of a level of importance to each business function Is the main tool to collect this information and assigning criticality, is therefore part of the foundation of business continuity.

As a result of a business impact analysis (BIA) and risk assessment, the organization must identify measures to: Reduce the chance of an interruption Shorten the interruption period Limit the impact of a disruption As part of its program of BCM, the organization shall classify their activities according to their priority for recovery. Business Impact Analysis (BIA)

Maximum tolerable downtime (MTD) For each critical process, the organization needs to determine the longest amount of time the process can be unavailable before that unavailability threatens the survival of the business. This figure is known as the maximum tolerable downtime (MTD).

Maximum tolerable downtime (MTD) After the organization has established the MTD for each critical process or activity, it is time to set some specific goals for each process recovery. The two primary recovery objectives established in a BIA are: Recovery Time Objective (RTO) - Target of time set for the resumption of delivering a product, service or activity after an incident Recovery Point Objective (RPO) - previous point in time at which the data should be recovered to resume service

Critical ICT services The organization must define its significant ICT services. Within these ICT services, it must identify those required to achieve RTO and RPO objectives for each critical activity, as prioritized by the BCM program. These services are called critical ICT services. The organization shall document the list of critical ICT services and ICT components that make up the end- to-end service and how they are configured or linked to deliver each critical service

Example for one critical activity

Minimum Business Continuity Objective More comprehensive than MTD is the Minimum Business Continuity Objective (MBCO) MBCO is the minimum level of services and/or products that is acceptable to the organization to achieve its business objectives during an incident, emergency or disaster

Minimum Business Continuity Objective

ICT continuity focuses on the ability of the organization to detect and respond to the occurrences of such incidents. This requires the organizations to control their ICT services to ensure: They are resilient and recoverable at the appropriate level Any unexpected event within a service is detected and investigated in a timely manner Dependencies between ICT services and external factors are known and used in risk assessing and the impact analysis of a change Dependencies on the technical components are known and used in risk assessing ICT continuity processes are also intended to ensure that legal obligations (such as protecting personal and other sensitive data) are not breached The ICT Continuity approach

Key elements for preparing ICT toward BCM Staff Facilities Technologies Data Processes Providers

Role of ICT toward Business Continuity Management ICT has the most expertise and background on this topic, therefore it must: promote awareness within the organization on this subject get from the organization the figures RTO and RPO of each critical activity which depend on ICT services define their own RTO and RPO for these critical ICT service work on the six key elements mentioned above and be prepared to contribute to the major goal.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.