Download presentation
1
IT Service Continuity Management
Associated with RISK.
2
Goal – Primary Objective
IT Service Continuity Management Goal – Primary Objective To support the overall Business Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales
3
Why Continuity Management
IT Service Continuity Management Why Continuity Management Ensuring business survival by reducing the impact of a disaster or major failure Reducing the vulnerability and risk to the business by effective risk analysis and risk management Preventing the loss of Customer and User confidence Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business Continuity Plan
4
IT Service Continuity Management
Considerations IT Service Continuity options need to be understood and the most appropriate solution chosen in support of BCM requirements Roles and responsibilities need to be identified and supported from a senior level IT recovery plans and Business Continuity plans need to be aligned regularly reviewed, revised and tested
5
The Business Continuity Life-cycle Overview
IT Service Continuity Management The Business Continuity Life-cycle Overview Stage 1 – Initiation Initiate Business Continuity Manager Stage 2 – Requirements and Strategy Stage 3 - Implementation Stage 4 - Operational Management
6
Stage 2 – Requirements and Strategy
IT Service Continuity Management Stage 2 – Requirements and Strategy Business Impact Analysis Identification of Critical Business Processes and Speed of Recovery Risk Assessment and Methodology Threats to Assets CRAMM – CCTA’s Risk Analysis Management Methodology (Central Computer and Telecommunications Agency) Business Continuity Strategy Based on Top Risks
7
IT Service Continuity Management
Risk Analysis (CRAMM) ANALYSIS Assets Threats Vulnerabilities Risks MANAGEMENT Countermeasures
8
IT Service Continuity Management
Risk Analysis Asset Categorise and RANK 1-10 Hardware Software People Buildings etc. Threat List and RANK 1-3 Vulnerability against Assets Matrix RANK 1-3 Risk = Asset * Threats * Vulnerability
9
IT Service Continuity Management
IT Recovery Options Do nothing Manual back-up – revert to pen and paper Reciprocal arrangements with another company Gradual recovery - Cold Standby Intermediate recovery - Warm Standby Immediate recovery - Hot Standby
10
Gradual Recovery – COLD standby
IT Service Continuity Management Gradual Recovery – COLD standby Time to recovery > 72hrs Empty Computer space Remote Portable Nothing in the rooms Requires contracts / procedures in place to set up
11
Intermediate Recovery – WARM standby
IT Service Continuity Management Intermediate Recovery – WARM standby Time to recovery 24hrs to 72hrs Filled Computer space Remote Portable Networked Computers but with NO Data
12
Immediate Recovery – HOT standby
IT Service Continuity Management Immediate Recovery – HOT standby Time to recovery “within the working day” 0hrs to 8hrs Filled Computer Space Remote Portable Networked Computers with Data (but not necessarily up to date)
13
Benefits of Continuity Management
IT Service Continuity Management Benefits of Continuity Management Management of risk and the consequent reduction of the impact of failure Fulfilment of regulatory requirements Potentially lower insurance premiums A more business focussed approach to IT continuity and recovery Reduced business disruption during an incident Increased customer confidence and organisational credibility
14
IT Service Continuity Management
ISCM Exam Tips Know the Disaster Recovery options
15
IT Service Continuity Management
Exam Questions In relation to IT Service Continuity Planning, the severity of a disaster depends upon: A The time of day it occurs B How many people are available to assist in recovery C The type of disaster, whether flood, fire etc D The impact (EFFECT) upon customers’ businesses
16
IT Service Continuity Management
Exam Questions Consider the following statements about IT Service Continuity Planning: The intermediate recovery external option offers a remote installation, fully equipped with all the required hardware, software, communications and environmental control equipment The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be available due to over-subscription A Both B Neither C Only 1 D Only 2
17
IT Service Continuity Management
Exam Questions Your organisation has just entered into a Gradual Recovery (Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is INCORRECT for what you could find at the contingency site? A A building, electricity, telecommunications equipment, office space for technical staff B Stand-by generator, telecommunications equipment, system manuals, support staff, water C A building, telecommunications equipment, a computer, support staff, documentation D A building, electricity, water, support staff, system manuals
18
IT Service Continuity Management
Exam Questions Which of the following would you NOT expect to see in an IT Service Continuity Plan? A Contact lists B The version number C Reference to change control procedures D Full Service Level Agreements (SLM)
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.