Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kpmg Business Continuity Planning An experience based approach Tamás Gaidosch Director, Information Risk Management KPMG Central and Eastern Europe +36.

Published byAbbey Lite Modified over 9 years ago

Similar presentations

Presentation on theme: "Kpmg Business Continuity Planning An experience based approach Tamás Gaidosch Director, Information Risk Management KPMG Central and Eastern Europe +36."— Presentation transcript:

1 kpmg Business Continuity Planning An experience based approach Tamás Gaidosch Director, Information Risk Management KPMG Central and Eastern Europe +36 1 270 7139 tamas.gaidosch@kpmg.hu Piaţa Financiară Centre de Continuitate Operaţională şi Recuperare din Dezastre - ediţia II Bucuresti, 11.02.2003

2 kpmg 2 Agenda KPMG in a nutshell Definitions -BCP, DRP, etc…what are we talking about? Goals -what do we want to achieve? The method -a practical way to achieve the goals The experience -what works and what does not? Q & A

3 kpmg 3 KPMG in a nutshell One of the leading professional services firms Offices in more than 160 countries Over 100 000 professional staff worldwide Central and Eastern Europe: 15 countries, over 2 500 professional staff -full breadth of audit and consulting services

4 kpmg 4 Information Risk Management (IRM) Audit and other financial assurance services IT Consulting Information Risk Management (IRM) IRM services E-Advisory E-Assurance

5 kpmg 5 Definitions DRP (Disaster Recovery Plan) -the roots of business continuity planning (‘70s) -focused on IT recovery BCP (Business Continuity Plan) -scope extended to the business processes BCM (Business Continuity Management) -focuses on continuous availability CM (Crisis Management) -deals with big disasters

6 kpmg 6 Goals Recovery of services -as fast as possible -as cost effective as possible What do we want to achieve with a BCP?

7 kpmg 7 Why bother? Image, good reputation Meet client expectations Minimise financial losses Regulatory compliance Manage operational risk Tomorrow: TO SURVIVE

8 kpmg 8 Numbers Average loss caused by one hour of IT disruption IndustryUSD Brokerage 7 840 000 Card authorisation 3 160 000 Pay-per-view 183 000 TV shopping 137 000 Airway reservations 108 000 Parcel services 34 000 ATM fees 18 000 Source: Datamotion

9 kpmg 9 Numbers Causes of IT disruptions Source: Gartner Group

10 kpmg 10 Costs – with plan and without

11 kpmg 11 The method 100% 0% Bus. Processes Event Activate Verify Business Continuity as a process

12 kpmg 12 The method Preparation -Before the event Response -immediately after the event Transient operations -alternative processes -diminished capacity and functionality Recovery -returning to normal operations Phases of the the plan

13 kpmg 13 Running a BCP project Business impact analysis (BIA) Plan development Implementation Testing Training Maintenance

14 kpmg 14 Business Impact Analysis (BIA) Process and risk assessment Impacts of disruption -financial -operational -legal -reputation Results -priorities of business processes -critical processes and systems -maximum allowable downtimes

15 kpmg 15 Business Impact Analysis (BIA) Business Process day 12-3.4-5. week 23-4 Business Unit TreasuryCash supply of branches Cash management Bulk deposits Branch Network Cash transactions Transfers Claims resolution Loans Central Cust. Care Non-stop Call Center Claims resolution LowMediumSevere after disruption Financial impact of disruption

16 kpmg 16 The experience For major financial institutions Typical length: 6-8 months Typical effort: 5-6 manyears Typical outputs -1200+ pages of analysis and plans -customised BCP software solutions -hundreds of staff trained Projects delivered

17 kpmg 17 The experience The business impact analysis is crucial! -deep business understanding and experience -experience in business and risk analysis -objectivity (?) The method is less important Software (database) support No testing = waste of money No maintenance = false sense of safety What is key and what is not?

18 kpmg 18 The experience Employees -their participation is a must External consultants -not absolutely necessary, but:  bring in wide experience and support tools  do not start from ground zero, do not commit basic mistakes, do not get stuck in the process  help the objectivity (external eye) External IT providers -they know the most about their systems Who should do the project?

19 kpmg 19 The experience Thick, cumbersome manual A piece of work done by the IT and for the IT Only known to those who created it Result of a compulsory homework, without support and staff not trusting it Gathering dust on a shelf somewhere... How to tell a bad plan?

20 kpmg 20 The experience Easy to use, well structured Covers all important areas Testable and maintainable Up-to-date (timely inclusion of changes) A living and well-known document How to tell a good plan?

21 kpmg 21 The broader view Business Continuity Planning (BCP) Proactive and preventive (strategic) Fast reaction and recovery (tactical) Enterprise High Availability (EHA) Availability Service Level Management (SLM) Reliability Issue Solution Focus Goal. Achieve and maintain set availability targets Effectively manage and control the IT infrastructure to improve overall operational reliability Minimise downtime of critical processes in the event of a major disruption Recoverability Business Continuity Management Services

22 kpmg 22 Q & A Tamás Gaidosch Director, Information Risk Management KPMG Central and Eastern Europe +36 1 270 7139 tamas.gaidosch@kpmg.hu

Download ppt "Kpmg Business Continuity Planning An experience based approach Tamás Gaidosch Director, Information Risk Management KPMG Central and Eastern Europe +36."

Similar presentations

Creating a Data Disaster Recovery Plan. What is a DR Plan? Is your best solution to: Continuous business services Prompt and smooth recovery Prepare for.

Creating a Data Disaster Recovery Plan. What is a DR Plan? Is your best solution to: Continuous business services Prompt and smooth recovery Prepare for.
Business Continuity Planning DavisLogicDavisLogic & All Hands ConsultingAll Hands Consulting.

Business Continuity Planning DavisLogicDavisLogic & All Hands ConsultingAll Hands Consulting.
Global Congress Global Leadership Vision for Project Management.

Global Congress Global Leadership Vision for Project Management.
Business Continuity Training & Awareness by Sulia Toutai (ANZ)

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.
Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
Business Continuity and Disaster Recovery Planning.

Business Continuity and Disaster Recovery Planning.
Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.

Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.
Introduction to Business Continuity Planning An Introduction to the Business Continuity Planning Process Including Developing your Process and the Plans.

Introduction to Business Continuity Planning An Introduction to the Business Continuity Planning Process Including Developing your Process and the Plans.
Daylight Savings Time Transition Planning. The Daylight Savings Operational Risks Affect on transaction cash flow? Affect on service delivery? Affect.

Daylight Savings Time Transition Planning. The Daylight Savings Operational Risks Affect on transaction cash flow? Affect on service delivery? Affect.
© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.

© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.
Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
1 Business Continuity: The sixth international payment system conference MNB, Budapest 14 November, 2007.

1 Business Continuity: The sixth international payment system conference MNB, Budapest 14 November, 2007.
Page 1 Business Architecture – From Business Strategy to the Alignment of IT Rich Waller An Insurance Industry Case Study April 15, 2009.

Page 1 Business Architecture – From Business Strategy to the Alignment of IT Rich Waller An Insurance Industry Case Study April 15, 2009.
Our Technology Comes with People Disaster Recovery Planning Glenn Lytle, Vice President Sales, Lumos Networks July 28, 2014 1.

Our Technology Comes with People Disaster Recovery Planning Glenn Lytle, Vice President Sales, Lumos Networks July 28,
TEL382 Greene Chapter 11. 10/27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.

TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs
Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.

Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.
PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk.

PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting
Systemise your compliance management Peter Scott Consulting www.peterscottconsult.co.uk.

Systemise your compliance management Peter Scott Consulting

Similar presentations

Ads by Google