Business Continuity and Disaster Recovery Planning.

Slides:



Advertisements
Similar presentations
Museum Presentation Intermuseum Conservation Association.
Advertisements

Continuity of Operations (COOP) Awareness Training
Disaster Preparedness I Lessons Learned Don Hall Thomson Prometric 2006 Annual ConferenceAlexandria, Virginia Council on Licensure, Enforcement and Regulation.
CIOassist Technologies Your CIO on Demand… Business Continuity Planning Our Offering CIOassist Technologies (
DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.
@TxSchoolSafety Continuity of Operations Planning Workshop Devolution & Reconstitution.
1 Continuity Planning for transportation agencies.
Alexander Brandl ERHS 561 Emergency Response Environmental and Radiological Health Sciences.
Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
BCP/DRP Consultancy Project- An approach
Business Continuity Planning and Disaster Recovery Planning
Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.
Business Crisis and Continuity Management (BCCM) Class Session
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Planning for Contingencies
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Session 3 – Information Security Policies
Gulf Coast Energy International Business Continuity / Disaster Recovery Planning and Design Proposal Prepared by Andrew Rolf, Felipe Torres, Pranay Jaiswal.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Business Crisis and Continuity Management (BCCM) Class Session
Services Tailored Around You® Business Contingency Planning Overview July 2013.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Business Continuity Planning
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
IS 380.  Provides detailed procedures to keep the business running and minimize loss of life and money  Identifies emergency response procedures  Identifies.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Unit 8:COOP Plan and Procedures  Explain purpose of a COOP plan  Propose an outline for a COOP plan  Identify procedures that can effectively support.
ISA 562 Internet Security Theory & Practice
Insurance Institute for Business & Home Safety Even if the worst happens, be prepared to stay.
David N. Wozei Systems Administrator, IT Auditor.
Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.
Business Continuity & Disaster recovery
C ONNECTING FOR A R ESILIENT A MERICA Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP) Skip Breeden.
CERTIFICATION In the Electronics Recycling Industry © 2007 IAER Web Site - -
Principles of Incident Response and Disaster Recovery
Developing Plans and Procedures
Disaster Recovery and Business Continuity Planning.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
Programme Performance Criteria. Regulatory Authority Objectives To identify criteria against which the status of each element of the regulatory programme.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.
Business Continuity. Business continuity... “Drive thy business or it will drive thee.” —Benjamin Franklin ( ), American entrepreneur, statesman,
Office of Emergency Management University of Houston-Clear Lake Business Continuity Planning.
Key Terms Business Continuity Plan (BCP) – A comprehensive written plan to maintain or resume business in the event of a disruption Critical Process –
Business Continuity and Disaster Recovery Planning
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Principles of Incident Response and Disaster Recovery Chapter 8 Disaster Recovery: Operation and Maintenance.
Business Continuity Disaster Planning
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.
Disaster Recovery Planning (DRP) DRP: The definition of business processes, their infrastructure supports and tolerances to interruptions, and formulation.
AUDITING BUSINESS CONTINUITY PROGRAMS AND PLANS What to Look For Presented by: Tommye White, CBCP, DRP Chuck Walts, CBCP, CRP.
Business Continuity Awareness Steve Lambert Biscon Planning Ltd.
Information Security Crisis Management Daryl Goodwin.
Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.
Business Continuity Planning 101
Business Continuity Steven S. Keleman, CPM. Emergency Management Prevention Response Preparation Mitigation Recovery.
Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.
Business Continuity and Disaster Recovery
THINK DIFFERENT. THINK SUCCESS.
Utilizing Your Business Continuity Plan.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Business Continuity / Recovery
Security on the Move & In the Clouds
Business Contingency Planning
Disaster Recovery at UNC
Presentation transcript:

Business Continuity and Disaster Recovery Planning

2 Domain Objectives Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) prepare for Adverse Events through: Response Programs focused on preserving life and business Recovery Plans to resume interrupted critical business operations Restoration Activities to return to normal operations

3 Information Security TRIAD Availability Confidentiality Integrity Information Security

4 Domain Agenda Project Scope Development and Planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

5 Important Elements in this Step (Agenda) Management’s Commitment to the Project Agree upon resources and produce a project plan Analyze business and link BCP to organization’s mission

6 Business Organization Analysis BC Steering Committee Policy scope and authorization Mandates Current & future organization Inter-operational dependencies External dependencies

7 Resource Requirements Appraise budget Coordinate Personnel Availability Identify Key Personnel and Alternates

8 Resource Requirements Select BC Tools Evaluate Project Management Tools Consider Vendor Resources

9 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

10 Business Impact Analysis Business Impact Analysis (BIA) Develop BIA Format Evaluate Potential Impact if interrupted Prioritize Business Functions

11 Important Elements in this Step (Agenda) Analysis of the Business Identification of Critical Business Processes Topics: Threat Analysis Emergency Assessment Critical Business Functions 3rd party and Networked Relationships

12 Threat Analysis Potential Risk Factors Man-made IT Natural Supply Chain Utility Failures Loss of Key Personnel

13 Emergency Assessment Affected Areas Triage and Escalation Procedures Notification and Alerting Procedures Safety and Security Provisions

14 Critical Business Functions Critical Function Characteristics Time Sensitivity Data Integrity Classification

15 Critical Business Functions Identification of Critical Business Functions Operational Impact Financial Impact Reputation or Public Image Impact Dependencies

16 Third Party and Networked Relationships Downstream Liabilities Identify Potentially Impacted Organizations Establish Compliance Requirements

17 Third Party and Networked Relationships Upstream Impacts Identify 3rd Party Relationships with Impact Potential Enforce Service Level Agreements (SLAs)

18 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

19 Business Unit Priorities Meet identified business unit priorities Critical Processes Infrastructure Communications

20 Business Unit Priorities Recovery Time Objective Recovery Point Objective Cost/Benefit Analysis

21 Recovery Alternatives AlternativeDescriptionReadinessCost Multiple processing / mirrored site Fully redundant identical equipment & data Highest level of availability & readiness Highest Mobile site/Trailer Designed, self- contained IT & communications Variable drive time; load data & test systems High Hot site Fully provisioned IT & office, HVAC, infrastructure, & communications Short time to load data, test systems. May be yours or vendor staff High Warm site Partially IT equipped, some office, data & voice, infrastructure Days or weeks. Need equipment, data, communications Moderate Cold site Minimal infrastructure, HVAC Weeks or more. Need all IT, office equipment, & communications Lowest

22 Processing Agreements AgreementDescriptionConsiderations Reciprocal or Mutual Aid Two or more organizations agree to recover critical operations for each other. Technology upgrades/ obsolescence or business growth. Security and access by partner users. Contingency Alternate arrangements if primary provider is interrupted, i.e., voice or data communications. Providers may share paths or lease from each other. Question them. Service Bureau Agreement with application service provider to process critical business function. Evaluate their loading, geography and ask about backup mode.

23 Backup Strategies Replication Distributed Processing Electronic Vaulting

24 Backup Strategies Remote Journaling Media Archives Storage Area Network

25 Backup Locations and Storage Criteria On-Site Near-Site Off-Site Storage for additional documentation and supplies

26 Resilience Strategies Site resilience IT resilience Organizational Resilience

27 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

28 Emergency Response Procedures Topics Event Reporting Life, Health, Safety Damage Assessment Triage and Escalation Disaster Declaration Alerting, Activation and Notification Reporting, Communication

29 Personnel Notification Executive Succession Planning Executive Crisis Management Role BC Coordinator and Teams Notification Lists Public Relations

30 Backups and Offsite Storage Backup and offsite storage Inventory Facility Accessibility Facility Resilience

31 Communications Emergency Communication Systems Business Communication Systems Networks

32 Alternate Site Considerations Utilities Communications Environmental Protections Space Critical IT and Communications

33 Logistics and Supplies Personnel and Materials Transportation Alternate Site Workspace Personnel Support and Welfare Remote Worker Environment Activation Emergency Funds Access

34 Logistics and Supplies Additional Contingencies Family Responsibilities Fraud and Looting Safety and Legal Issues Escalated Management Authority

35 Documentation Business Continuity Plan Business Continuity Plan BC/DR Plans Activity and Status Reports Issue Identification and Resolution Reports Checklists Recovery Deactivation Plans

36 Business Continuity and Resumption Planning Risk Avoidance and Mitigation Planning Emergency Business Recovery Procedures Contracts for Emergency Vendor Services

37 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

38 Training Audience Key education expectation Example Methods All personnel Awareness of select emergency response Signage, videos or computer based training, drills Operations Backup procedures and transmittal/recall from offsite storage Emergency response procedures Drills, simulations, exercises Recovery Team Recovery procedures Drills, simulations, exercises, parallel tests EOC Teams Training on EOC procedures & criteria Workshops, simulations, exercises, parallel tests

39 Testing Purpose Measure Plan Effectiveness Assess Personnel Readiness and increase their Familiarity

40 Test Plans Explicit test objectives and success criteria Test Details Schedule Post-test Review

41 Types of Tests TypePurposeParticipants Checklist or Desk Check Review contents BC Coordinator, authors and independent parties Structured Walk-through Reviewed more thoroughly with interaction BC Coordinator, authors and team leaders Simulations Check plan integration Personnel have mock event roles and observers Parallel Testing Measure recovery against non- interrupted operations All recovery teams and recovery site staff and observers Full Interruption Most complete metric. Rely on plan All recovery teams and recovery site staff and observers

42 Testing Follow-up Deficiencies Plan Assessment Scheduled Test Program

43 Recovery Procedures Local Recovery Procedures Alternate Site Migration Prioritization Validation Transfer and Recovery Certification and Accreditation

44 Audit Assurance of effective BC and DR capability Measures compliance Ensure audit findings are addressed

45 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

46 Restoration Restoration of Primary Location

47 Procurement Support of Recovery Activities Consolidation of Acquisitions and Disposition Reporting of Restoration Costs

48 Reversal Procedures Business Process Recovery Point Journal and Process Synchronization Data Recovery

49 Relocation to Primary Site Restoration Order and Prioritization End of Disaster Declaration

50 Domain Agenda Project scope development and planning Business Impact Analysis (BIA) and Functional Requirements Business Continuity and Recovery Strategy Plan Design and Development Implementation Restoration Feedback and Plan Management

51 Post-recovery Reporting Identification or Remediation of Plan Gaps Lessons Learned Performance Metric Review

52 Plan Review and Evolution Plan Review and Adjustment Training of Key Personnel

53 Communication Plan Distribution Communication of Plan to Stakeholders

54 Domain Summary A Business Continuity and Disaster Recovery Planning Project is a ongoing, continuous effort to ensure that the business is prepared to handle any type of disaster

55 Domain Summary

“Security TranscendsTechnology”

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.