business continuity planning
play

Business Continuity Planning Marcus Bendtsen Institutionen fr - PowerPoint PPT Presentation

Oct 06, 2023 •192 likes •801 views

Business Continuity Planning Marcus Bendtsen Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Business Continuity Planning (BCP) Disasters eventually strike every organisation: Natural

  1. Business Continuity Planning Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

  2. Business Continuity Planning (BCP) • Disasters eventually strike every organisation: • Natural disasters: Hurricanes, earthquakes, epidemics, etc. Man-made: Building fire, burst water • pipes, sabotage, piracy, etc. • Disasters can threaten the operations of an organisation or even their very existence . 2

  3. Business Continuity Planning (BCP) • Business continuity seems intuitive. We should take measures to ensure • that the company is not wiped out. What if Google did not have a • business continuity plan? • What if a rare, but still possible, storm hit Google’s servers and destroyed all of them? 3

  4. Business Continuity Planning (BCP) • Resilient organisations have plans and procedures in place to mitigate the effects of a disaster on their operations and to help speed the return to normal operation. • Business Continuity Planning (BCP): • Assess the risks to organisational processes. 
 • Create policies , plans and procedures to minimise the impact those risks might have on the organisation, if they were to occur. • The goal of BCP planners is to ensure that the impact of disruptive events on the business is as small as possible. 4

  5. Business Continuity Planning (BCP) • 2004 – Department of Homeland Security launched Ready business which encourages small- to mid-sized businesses to create a BCP plan. www.ready.gov/business • • Detailed instructions and 
 documents that help to 
 create, test and maintain 
 continuity plans. 5

  6. Business Continuity Planning (BCP) • BCP focuses on maintaining operations with reduced or restricted capabilities or resources. • As long as the mission-critical tasks of the organisation are maintained , the BCP can be used. If the mission-critical tasks can not be performed, then the • organisation is in disaster mode. 
 • Once in disaster mode, the disaster recovery planning takes over. 6

  7. Business Continuity Planning (BCP) Example • Assume you are in charge of BCP at a company. You need the land-line phones to work in order for the mission- • critical processes of your organisation to run. • You are aware that sometimes the land-lines go down. • Your solution to this is to have mobile phones ready-to-go that cover 80% of the employees. • Event: Land-lines go down. • Your BCP kicks in, employees are given mobile phones, and mission-critical processes can continue – Your BCP is successful, and once land-lines are back, processes go back to normal. 7

  8. Business Continuity Planning (BCP) Example • Assume you are in charge of BCP at a company. You need the land-line phones to work in order for the mission- • critical processes of your organisation to run. • You are aware that sometimes the land-lines go down. • Your solution to this is to have mobile phones ready-to-go that cover 80% of the employees. • Event: Complete power-outage, land-lines and mobile phone base stations are shut down. • Your BCP is of no use now, instead the organisation is in disaster mode and disaster recovery planning should take over. 8

  9. Business Continuity Planning (BCP) Considerations • But it is not only the state of the land-lines that determine if business can run: • Quality of land-lines in other countries (where the customers are). • Not being able to hire people for the call-centre. • Natural disasters preventing employees getting to work. • Strikes. • Servers going down. • etc. 9

  10. Business Continuity Planning (BCP) • Businesses vary greatly in geographical locations, mission-critical tasks, exposure, legal restrictions, etc. The agenda for this lecture is to give you an idea of what BCP is about, • not to give you exact tasks that need to be completed in case of an event. • The actual tasks that need to be done are dependent on the context and business needs. • The next lecture will focus on disaster recovery and physical security, then we will look at more hands-on actions that can be used to protect the company. 10

  11. The BCP process • The BCP process has four steps: 
 Project scope and planning 
 • We deal with this first • Business impact assessment 
 Continuity planning 
 • • Approval and implementation 11

  12. The BCP process Project scope and planning • Team members • The individual(s) responsible for the BPC process ( probably you ). • Representatives from each of the organisation’s departments responsible for core services (e.g. call-centre department, marketing, sales). • Representatives from key support departments (e.g. in-house tech- support, human-resources). • IT representatives that have expertise in areas covered by BCP. • Legal representatives that are familiar with legal, regulatory, and contractual responsibilities. • Representatives from senior management . 
 12

  13. The BCP process Project scope and planning • Team members • Individuals will have biases towards their expertise, e.g. representatives from operational departments will think that their department is most critical. This is not necessarily a bad thing, if the leader is able to navigate and balance these biases then the BCP will cover all the organisations needs. 13

  14. The BCP process Project scope and planning • Team members • Individuals will have biases towards their expertise, e.g. representatives from operational departments will think that their department is most critical. No peacocks, jerks or whiners - Timothy Geithner 14

  15. The BCP process Project scope and planning • Resource requirements • BCP Development 
 • The team you have gathered will require some resources to perform the four steps in the BCP process. 
 • The main cost is the effort of the members. 
 • Some members may not need to take part in every meeting, so scheduling members’ time is important to estimate the cost of BCP. 15

  16. The BCP process Project scope and planning • Resource requirements • BCP Testing, Training and Maintenance 
 • Once the BCP process is complete it is important to test, train and maintain the process. 
 • Will usually require some hardware and software commitments, but the biggest cost will be employees involved in the activities. 
 • A plan that is not tested is more or less useless, so if the test costs are going to be very high then considerations needs to be made. 16

  17. The BCP process Project scope and planning • Resource requirements • BCP Implementation 
 • If the BCP needs to go into action, then a large amount of resources will go into the activities. 
 • This may require significant hardware/software and employee costs. 
 • Estimating these costs are hard, but a figure needs to be decided upon, spending millions of dollars to protect a business worth a fraction of this may not be feasible. 17

  18. The BCP process Project scope and planning • Resource requirements 
 • The BCP team should get preliminary approval of senior management for the resource required. 
 • It helps to have senior management in the BCP team, as they can directly weigh-in on the resource requirements. • Continuing with the BCP process without having a preliminary O.K. that the resources will be available is futile, there is no point making plans if the plans can never be executed. 18

  19. The BCP process Project scope and planning • Legal and Regulatory Requirements • Industries may be bound by laws and regulations that force the BCP to act in certain ways. • Banks may be under laws that force them to be able to cope with certain economical events. Pharmaceutical companies that work in less-than-optimal • circumstances may have to verify that the purity of their products have not changed. 19

  20. The BCP process Project scope and planning • Legal and Regulatory Requirements • Many service companies operate under service-level- agreements (SLA) that can incur monetary penalties if they are breached. Company A promises to deliver a service monthly to company B, if • they miss a deadline then they must pay a fine to B according to a previously decided contract. 20

  21. The BCP process Project scope and planning • Legal and Regulatory Requirements • Clauses in contracts that may mitigate the consequence of a risk. • In contracts between A and B it may state that deadlines are allowed to be missed in case there is a fire in the main office. 21

  22. The BCP process • The BCP process has four steps: 
 Project scope and planning 
 • … moving on… • Business impact assessment 
 Continuity planning 
 • • Approval and implementation 22

  23. The BCP process Business Impact Assessment (BIA) 
 Much like risk analysis, BIA identifies resources that are critical • to an organisation’s mission-critical processes and the threats posed to those resources. Likelihood and impact of the threats are assessed. • • The analysis can be quantitative or qualitative, but usually is a combination of both. 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Business Continuity Business Continuity Planning Planning Diane Engstrom Presented by:

Business Continuity Business Continuity Planning Planning Diane Engstrom Presented by:

In nature the flow of a river can never be stopped. If an impediment is placed in its path its course will change immediately. Observe the same river in a year and the course will be different still. Come back in 10 years and the course of

219 views • 17 slides
Business Continuity Board of Directors August 26, 2013 Agenda Business Continuity

Business Continuity Board of Directors August 26, 2013 Agenda Business Continuity

Business Continuity Board of Directors August 26, 2013 Agenda Business Continuity Business Continuity Plan Example Scenarios 2 2 What is Business Continuity? Business Continuity is ensuring that daily operations

99 views • 7 slides
Business Continuity Planning for Pandemics Agenda Introduction Learning objectives

Business Continuity Planning for Pandemics Agenda Introduction Learning objectives

Business Continuity Planning for Pandemics Agenda Introduction Learning objectives Risk Pandemics Business Continuity 2 In Intr troductio ion An accomplished Information Communications Technology (ICT)

1.25k views • 58 slides
IT DISASTER RECOVERY & BUSINESS CONTINUITY PLANS IT DISASTER RECOVERY (DR) Business

IT DISASTER RECOVERY & BUSINESS CONTINUITY PLANS IT DISASTER RECOVERY (DR) Business

IT DISASTER RECOVERY & BUSINESS CONTINUITY PLANS IT DISASTER RECOVERY (DR) Business Continuity is planning and preparation to ensure an institution can continue to operate in case of serious incidents or disasters and is the ability to

471 views • 11 slides
www.b1-akt.com Building a business continuity plan in a challenging COVID 19 Context C OVID 19

www.b1-akt.com Building a business continuity plan in a challenging COVID 19 Context C OVID 19

B1-AKT / E-LAB LEARN THE FUTURE OF YOUR BUSINESS WITH B1-AKTS E-LAB Covid 19 Responses & Planning considerations for organizations, private business and entrepreneurs www.b1-akt.com Building a business continuity plan in a

455 views • 6 slides
Sidney B y Business C Continuity P y Planning Templ Templat ate e For the Sidney Business

Sidney B y Business C Continuity P y Planning Templ Templat ate e For the Sidney Business

Sidney B y Business C Continuity P y Planning Templ Templat ate e For the Sidney Business Commu mmunity 1 Have A A G Game P Plan B Before T The G Game 80% of BIA membership in BC are small businesses. These business

488 views • 10 slides
Continuity Planning Goals Focus your planning efforts Adjust thinking inward rather than

Continuity Planning Goals Focus your planning efforts Adjust thinking inward rather than

Continuity Planning Goals Focus your planning efforts Adjust thinking inward rather than just externally about continuity Provide clarity to your roles and responsibilities in a continuity incident Build a culture of

583 views • 18 slides
Teaching Continuity Goals Focus your planning efforts Thinking inward rather than just

Teaching Continuity Goals Focus your planning efforts Thinking inward rather than just

Teaching Continuity Goals Focus your planning efforts Thinking inward rather than just externally about continuity Clarity to your roles and responsibilities in a continuity incident Build a culture of continuity Building

410 views • 21 slides
Research Continuity Goals Focus your planning efforts Thinking inward rather than just

Research Continuity Goals Focus your planning efforts Thinking inward rather than just

Research Continuity Goals Focus your planning efforts Thinking inward rather than just externally about continuity Clarity to your roles and responsibilities in a continuity incident Build a culture of continuity Building

401 views • 17 slides
Business Continuity Planning Chris Wilkinson| Crowe Horwath LLP Senior Manager, Technology

Business Continuity Planning Chris Wilkinson| Crowe Horwath LLP Senior Manager, Technology

Business Continuity Planning Chris Wilkinson| Crowe Horwath LLP Senior Manager, Technology Risk Consulting One Mid America Plaza, Suite 700, Oak Brook, IL 60522 Mobile: 219.308.8980 Christopher.Wilkinson@crowehorwath.com Business

389 views • 6 slides
How Does Business Continuity Differ from Emergency Preparedness? Business Continuity Emergency

How Does Business Continuity Differ from Emergency Preparedness? Business Continuity Emergency

Emergency Preparedness and Business Continuity Program Presented by: Brandon Stock and Jeff Wood How Does Business Continuity Differ from Emergency Preparedness? Business Continuity Emergency Preparedness Focuses on the University Focuses

615 views • 26 slides
Business Continuity in Action Business Continuity & Disaster Resilience Forum May 2012

Business Continuity in Action Business Continuity & Disaster Resilience Forum May 2012

Bank of the Philippine Islands Business Continuity in Action Business Continuity & Disaster Resilience Forum May 2012 Property of the Bank of the Philippine Islands OBJECTIVE Share KEY Business Continuity Management Program

216 views • 19 slides
Business Continuity Planning Information Security Prof Hans Georg Schaathun lesund University

Business Continuity Planning Information Security Prof Hans Georg Schaathun lesund University

Business Continuity Planning Information Security Prof Hans Georg Schaathun lesund University College Autumn 2011 Week 13 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 Week 13 1 / 20 The session Outline The

466 views • 23 slides
Business Continuity Management (BCM) March 2013 Bank UOB Indonesia BUSINESS CONTINUITY

Business Continuity Management (BCM) March 2013 Bank UOB Indonesia BUSINESS CONTINUITY

Business Continuity Management (BCM) March 2013 Bank UOB Indonesia BUSINESS CONTINUITY MANAGEMENT (BCM) MODEL PILAR I. GOVERNANCE STRUCTURE UOBI BCM Corporate Governance Structure UOBI BCM Policy, Procedure & Guidelines Business

80 views • 7 slides
What Does the Future Look Like for Business Continuity Professionals? October 26, 2016 Brian

What Does the Future Look Like for Business Continuity Professionals? October 26, 2016 Brian

What Does the Future Look Like for Business Continuity Professionals? October 26, 2016 Brian Zawada, FBCI President, US Chapter of the Business Continuity Institute Agenda and Objectives Change Standards People Threat

631 views • 37 slides
IU READY - DEMO https://us.ready.kuali.org/iub Business Continuity Mary Lou East-Emmons

IU READY - DEMO https://us.ready.kuali.org/iub Business Continuity Mary Lou East-Emmons

IU READY BCP Orientation Training PART 2 7/15/2011 IU READY for Indiana University PART #2 Emergency Management & Continuity IU READY - DEMO https://us.ready.kuali.org/iub Business Continuity Mary Lou East-Emmons Planning

397 views • 17 slides
Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale

Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale

Reliability of Cloud-Scale Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale Systems Reliability of Large-Scale Systems Reliability of Computer Systems (CS 598) Fall 2018 Tianyin Xu 1 Reliability of Cloud-Scale Systems

551 views • 36 slides
WHEN DISASTER STRIKES E M E R G E N C Y P R E PA R E D N E S S F O R S TAT E A N D L O C A

WHEN DISASTER STRIKES E M E R G E N C Y P R E PA R E D N E S S F O R S TAT E A N D L O C A

8/10/2018 WHEN DISASTER STRIKES E M E R G E N C Y P R E PA R E D N E S S F O R S TAT E A N D L O C A L G O V E R N M E N T S TRAINING OBJECTIVES 1. Develop an in-depth understanding of ADA Title II and other disability rights laws as it

454 views • 13 slides
Emergency Fuel Planning for Preparedness November 14, 2018 SUPERCHARGE YOUR SECURITY About

Emergency Fuel Planning for Preparedness November 14, 2018 SUPERCHARGE YOUR SECURITY About

SUPERCHARGE YOUR SECURITY Emergency Fuel Planning for Preparedness November 14, 2018 SUPERCHARGE YOUR SECURITY About WaterISAC What is an ISAC? Nonprofit, est. 2002 Mission : To help water sector utilities reduce risks from

638 views • 37 slides
MG Tom Carden GENERAL MEETING Georgia Adjutant General SP SPONSO SORS RS sCHOLA OLARSH

MG Tom Carden GENERAL MEETING Georgia Adjutant General SP SPONSO SORS RS sCHOLA OLARSH

WELCOME to the Association of the U.S. Army MORNING ZOOM BRIEFING (2 (21 Ju July 2020) Guest Speaker: MG Tom Carden GENERAL MEETING Georgia Adjutant General SP SPONSO SORS RS sCHOLA OLARSH SHIP IP IN MEMORY OF LTC

954 views • 31 slides
between Cyber-Physical Systems (CPS) and Smart Systems and Smart System Integration paradigms,

between Cyber-Physical Systems (CPS) and Smart Systems and Smart System Integration paradigms,

Smart Systems and Cyber Physical Systems paradigms in an IoT and Industry/ie4.0 context Smart Systems and Cyber Physical Systems paradigms in an IoT and Industry/ie4.0 context Smart Systems and Cyber Physical Systems paradigms in an IoT and

234 views • 20 slides
Turning the Tide on Outages 1 What are the true costs of implementing or failing to implement

Turning the Tide on Outages 1 What are the true costs of implementing or failing to implement

Draft 10/8/2010 Turning the Tide on Outages 1 What are the true costs of implementing or failing to implement a stronger, smarter and more robust grid In a month during which the nation observed the 7th anniversary of the August 2003

88 views • 6 slides
1 WAREHO U SI NG | OMNICHANN EL FULFIL L M EN T | TRANSP OR T A T IO N | PACKAGIN G CONFIDEN T

1 WAREHO U SI NG | OMNICHANN EL FULFIL L M EN T | TRANSP OR T A T IO N | PACKAGIN G CONFIDEN T

1 WAREHO U SI NG | OMNICHANN EL FULFIL L M EN T | TRANSP OR T A T IO N | PACKAGIN G CONFIDEN T IA L HURRICANE PREPAIRDNESS Multi-site WAREHO U SI NG | OMNICHANN EL FULFIL L M EN T | TRANSP OR T A T IO N | PACKAGIN G CONFIDEN T IA L Why

435 views • 10 slides
MicroBooNE status Pawel Guzowski The University of Manchester DAQ uptime POT-weighted DAQ

MicroBooNE status Pawel Guzowski The University of Manchester DAQ uptime POT-weighted DAQ

MicroBooNE status Pawel Guzowski The University of Manchester DAQ uptime POT-weighted DAQ uptime Delivered POT 1 2 Uptime fraction 18 Delivered POT x10 1.8 0.95 1.6 1.4 0.9 1.2 1 0.85 0.8 0.6 0.8 0.4 0.2 0.75 0 Sep 22 Sep

209 views • 6 slides

More recommend