Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business Continuity Planning and IT Risk Management

Published byPhilip Knight Modified over 5 years ago

Similar presentations

Presentation on theme: "Business Continuity Planning and IT Risk Management"— Presentation transcript:

1 Business Continuity Planning and IT Risk Management
Nazim Kasumzade Head of IT Department State Treasury Agency

2 WHAT IS IT? BCP (business continuity planning) – is a framework to prevent potential threats and ensure recovery in the event of a disaster.

3 WHY IS IT NEEDE? Serves as a formal set of rules in the event of a disaster Defines the notion of disaster (scope) Appoints disaster managers Identifies disaster management working groups and their chiefs, and reporting lines in the event of a disaster. Appoints those in charge of public relations Identifies resources and procedures required for disaster recovery Identifies key organizations which must be notified (suppliers and budget organizations) Documents procedures for testing and recovery to minimize the likelihood of misunderstanding and miscommunication during recovery Identifies alternative sources of delivery and suppliers Identifies key data storage, security, and recovery principles

4 HOW IS IT DONE? Assessing and classifying risks Measuring the business impact of each risk Designing a business continuity plan Testing - > Updating - > Testing - > …….. - > Finalizing Identifying emergency communication lines and an emergency contact list Holding regular training sessions

5 HOW MUCH WILL IT COST? The cost will depend on a variety of factors – not least on recovery point objective and recovery time objective. The cost will also depend on the level of technical support. The significance of the system (core business applications, non-core software, etc.) will define the level of technical support: 24/7 – response time < 30 minutes for hardware 24/7 – response time < 30 minutes for OS 24/7 – response time < 30 for applications The next banking day – for non-core applications and auxiliary hardware

6 HOW CAN I BE SURE THAT IT WORKS?
KPIs & KRIs may be used to understand how well the BCP system works KPIs are used for: Monitoring and analysis of the current business status Identifying required changes Detailing the list of necessary steps Measuring results Measurable: % of recovered capacity Recovery time % of capacity restored in the organization ……. Non- Measurable: Recovery quality Organization’s satisfaction with recovery time

7 WHERE DID IT ORIGINATE AND WHAT ARE THE GUIDELINES FOR DESIGINING A BCP?
BCP originated in the IТ industry. The original standards were designed by the American National Standard Institute (ANSI), International Standards Organization (ISO), and the National Institute of Standards and Technology (NIST). Modern BCP basics: ISO – BCMS – Requirements ISO – BCMS – Guidelines ISO – BCMS – BIA Guidelines BCMS Template Proprietary data center certification: Staff training:

Download ppt "Business Continuity Planning and IT Risk Management"

Similar presentations

Business Continuity Training & Awareness by Sulia Toutai (ANZ)

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.

Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.

1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.

Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)

EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Disaster Recovery Strategies & criteria for evaluation of information management strategies.

Disaster Recovery Strategies & criteria for evaluation of information management strategies.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)

Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.

E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Business Continuity ALARM 04 CONFERENCE How to start a Business Continuity Plan by Bill Sulman and Jon Chesher Heath Lambert Group.

Business Continuity ALARM 04 CONFERENCE How to start a Business Continuity Plan by Bill Sulman and Jon Chesher Heath Lambert Group.
SecSDLC Chapter 2.

SecSDLC Chapter 2.
2.8 Crisis Management and Contigency Planning Chapter 17.

2.8 Crisis Management and Contigency Planning Chapter 17.
Business Continuity Disaster Planning

Business Continuity Disaster Planning
The NIST Special Publications for Security Management By: Waylon Coulter.

The NIST Special Publications for Security Management By: Waylon Coulter.
A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.

A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.

Similar presentations

Ads by Google