BUSINESS

CONTINUITY &
DISASTER
RECOVERY
PLANNING

30 NOV - 02 DEC 2015

GRAND MILLENNIUM
KUALA LUMPUR
MALAYSIA

IT
SERIES

COURSE OVERVIEW
Disasters could cripple your organization, suspending mission-critical processes and
disrupting service to your customers. These disasters could be man-made or natural
in nature.
The Business Continuity Plan addresses an organizations ability to continue
functioning when normal operations are disrupted.
A Disaster Recovery Plan is used to define the resources, action, tasks, and data
required to manage the business recovery process in the event of a disaster. In this
workshop you learn to identify vulnerabilities and implement appropriate
countermeasures to prevent and mitigate threats to your mission-critical processes.
You will learn techniques for creating a business continuity plan (BCP) and the
methodology for building an infrastructure that supports its effective
implementation.

BENEFITS OF ATTENDING
Using a carefully selected case study, course participants will:

Create, document and test continuity arrangements for an organization

Perform a risk assessment and Business Impact Assessment (BIA) to identify
vulnerabilities

Select and deploy an alternate site for continuity of mission-critical activities

Identify appropriate strategies to recover the infrastructure and processes
Organize and manage recovery teams
Test and maintain an effective recovery plan in a rapidly changing technology
environment

Sample Case Studies:

A major Middle Eastern bank has been experiencing tremendous growth and management feels that
their current BCP and DRP plans outdated. In this case study the delegates with perform a business
impact analysis, based on interviews with key company stakeholders and subject matter experts, and
outline which business areas are the most critical and in need of improved continuity and recovery
plans.

A manufacturing company is considering implementing a disaster recovery plan but does not know
which disaster recovery approach they should implement. In this case study the delegates with study
the business enterprise, perform a risk analysis, and determine if a hot site, cold site, warm site, or
another disaster recovery method is the best approach.

EXCLUSIVE::

TEMPLATES & TAKEAWAYS

1. Bring
B
Bri
ring
ng your
yyou
ourr Business
Busi
Bu
sine
nesss
s Continuity
C
Con
onti
tinu
nuit
ityy Pl
Plan
Plan/Disaster
an/D
/Dis
isas
aste
terr Re
Reco
Recovery
cov
very Plan (BCP/DRP) for
private consultation
on review
review
2. BCP/DRP Step-by-step Guide
3. BCP/DRP templates and worksheets to aid you in applying and putting into
practice what you have learned from this workshop
4. FREE copy of the course material, case studies, and other related items of the
training workshop

Y
TAKEAWA-S
-2015
EXCLUSIVinEgs
before 30 EP

5)
book
p (worth 7
For early bird
embershity
Institute
Affiliate mCo
ar
ui
in
Ye
1
nt
EE
FR
ness
ils)
with the Butosipage 3 for further deta
(** refer

YOUR INTERNATIONAL
COURSE FACILITATOR
Dr Mark T. Edmead
CISSP, CISA, COBIT, Lean IT, DevOpsB

IT Transformational
Consultant
MTE Advisors
Mark T. Edmead is a successful technology entrepreneur
with over 28 years of practical experience in computer
systems architecture, information security, and project
management.
Mark excels in managing the tight-deadlines and ever
changing tasks related to mission-critical project
schedules. He has extensive knowledge in IT security, IT
and application audits, Internal Audit, IT governance,
including Sarbanes-Oxley, FDIC/FFIEC, and GLBA
compliance auditing.
Dr. Edmead understands all aspects of information
security and protection including access controls,
cryptography, security management practices, network
and Internet security, computer security law and
investigations, and physical security.
He has trained Fortune 500 and Fortune 1000 companies
in the areas of information, system, and Internet security.
He has worked with many international firms, and has the
unique ability to explain very technical concepts in
simple-to-understand terms. Mr. Edmead is a sought after
author and lecturer for information security and
information technology topics.
Mark works as an information security and regulatory
compliance consultant. He has:

Conducted internal IT audits in the areas of critical

infrastructure/ systems and applications,
Assessed and tested internal controls of critical
infrastructure platform systems (Windows, UNIX, IIS, SQL,
Oracle)
Assessed and tested internal controls of various critical
financial applications.
Prepared risk assessments and determined risks to
critical
c
financial data systems and infrastructure
components.
c
Created test plans & processes and executed test plans.
Conducted reviews of existing systems and
applications,
a
ensuring appropriate security, management
and
a data integrity via control processes.

Prepared written reports to all levels of management

Participated in audit review panel sessions to address
results,
r
conclusions and follow-up actions required.

Tel: +6016 3326360

Fax: +603 9205 7788

kris@360bsigroup
kris@360bsigroup.com
com

COURSE
CONTENT
DAY1 BCP/DRP - CONCEPTS & PRINCIPLES
Introduction to Business Continuity and Disaster Recovery Planning
- The difference between business continuity and disaster recovery
- Why a recovery plan is an integral part of an organizations operational
strategy
Understanding where the threats come from
- Understanding codes of practice and legal/regulatory compliance
requirements
- The step-by-step process for BCP/DRP
Protecting our assets
- What are we protecting?
- What are our mission-critical processes?
- How to prioritize what is important to protect

WHY THIS EVENT

The aim of this interactive workshop is to provide
you with the skills critical to business continuity,
disaster recovery & risk management.
After attending this workshop, you will leave
fully armed with the knowledge needed to
create a business continuity plan (BCP) and the
methodology for building an infrastructure that
supports its effective implementation.
The combination of interactive presentations,
hands-on exercises and open discussion groups
along with real case studies, ensures you will
obtain maximum value from attending.

What is risk and how do we deal with it?

- Understanding risk assessment methodologies
- Matching the response to the threat based on the risk
- Enterprise vs. local risk management
- Top business continuity planning mistakes
The need for business continuation a case study
- Introduction of fictitious business case
- Understand business continuity/disaster recovery needs
- Documenting the continuity requirements

DAY2 RISK ASSESSMENT & RECOVERY

The Business Impact Assessment (BIA)
- What is a Business Impact Assessment?
- Assessing the risk to the enterprise
- How to identify business critical activities
- Impact versus likelihood of occurrence
Establishing the Recovery Options
- Choosing a recovery site
- Specifying equipment
- Choosing suppliers
- How to select backup and restore strategies
Where is the data?
- Why you need to classify levels of information
- Managing data at rest and in transit
- Understanding data access controls
- The value of knowing where your data resides
Maintaining user connectivity
- How to communicate the disaster and recovery efforts to users
- How to identify and eliminate single points of failure
- Communicating with the media

WHO SHOULD ATTEND

Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Information Security Officers
Chief Technology Officers
Business Continuity Officers
Heads of Departments in Information Security
Management Information Systems, IT
Infrastructure, IT Architecture, Network
Operations, IT Operations, IT Data Center,
DataBase Management, IT Deployment
IT Business Enterprise, IT Risk Management,
IT Quality Assurance, IT Audit, Risk Management,
Internal Audit, Disaster Recovery

COURSE
CONTENT
DAY3 PROJECT MANAGEMENT & REVIEW
BCP/DRP Project Management
- Identifying stakeholders
- Analyzing stakeholder needs
- Obtaining commitment from upper management
Review of the BCP/DRP Process
- Project initiation
- Risk analysis
- Business Impact analysis
- Develop/choose strategies
- Test and validate the plan
- Modify/update the plan
- Approve and implement the plan

Latest TESTIMONIALS
1

Session well organized

organized. The trainer is ver
very
conversant with the subject matter. Well delivered
and would definitely recommend to anyone else.
- Habil Mutende, Manager Information Security & Change
Management, Central Bank of Kenya

Excellent presentation, excellent attitude to

answer our questions & to share his experience.
- Senior Manager, IT Department, Deloitte

I have used Mark in key roles with high visibility

clients. Without hesitation I would highly
recommend Mark for any and all IT audit
engagements. His professionalism, deep
knowledge, and results oriented work style are
deeply valued by not only myself, but more
importantly by the all those who are lucky enough
to use his services. - Russ Aebig, Director at Artesient

We have used Mark Edmead on several projects in

the past few years including SOX readiness for
publicly traded companies and IT vulnerability
assessments for major financial institutions. He
always delivers professional and detail-oriented
workpapers on-time and within budget. Mark is
highly recommended and we will continue to use
him on other projects. - Brenda Piazza, Director at CBIZ MHM

Analysis of fictitious business case

Applying lessons learned

**Affiliate membership to Business Continuity Institute

Affiliat
Affiliate
Affili
atee me
memb
members
mber
erss to B
Bus
Business
usin
ines
esss Co
Cont
Continuity
ntin
inui
uity
ty IIns
Institute
nsti
titu
tute
te g
get
et aacc
access
cces
esss to tthe
he ffol
following
ollo
lowi
wing
ng m
mem
membership
embe
bers
rshi
hip
p
benefits:
- Continuity magazine 4 per year (digital version)
- Monthly BCI ENewsletter
- Access to member only section of BCI website
- Access to copies of BCI Workshop Reports
- Member rates on BCI products and services
- Networking opportunities at BCI organised events
- Access to BCI mentoring programme
- Access to discounted events

COURSE SCHEDULE
8.00
8.30
10.10 - 10.30
12.00 - 13.00
14.40 - 15.00
16.00

Registration & Coffee/Tea

Workshop commences
Morning coffee/tea
Lunch
Afternoon coffee/tea
End of day

BUSINESS
CONTINUITY &
DISASTER
RECOVERY
PLANNING

REGISTRATION FORM
Fax: +603 9205 7788
Tel: +603 9205 7772
Mobile: +6016 3326 360

30 NOV - 02 DEC 2015

GRAND MILLENNIUM
KUALA LUMPUR
MALAYSIA

Email: kris@360bsigroup.com

DELEGATES
1

Name

IN-HOUSE TRAINING

360 BSI is passionate about providing strategic IT programs

and high potential training solutions across the region to build
personal competencies and organizational capability.

Name on tag :
Job Title :

Email

Mobile

Name

You will receive practical training from a professionally

qualified educator with over twenty years of teaching and
training experience.
Please feel free to mix-and-match topics from the areas listed
below to get the right training content for your staff. Other
topics may be available upon request.

Name on tag :

OTHER RELATED PUBLIC COURSES

Job Title :

Email

Mobile

Name

Service Oriented Architecture (SOA)

Information Security Management Principles
IT Risk Management & Leadership
Document Management & Data Retention
Fraud Control & the COSO 2013 Framework
IT Governance
Project Management for IT Professionals

Name on tag :
Job Title :
Email

Mobile

Hotel Contact Details:

For Room Reservation, please contact Reservation Desk.
Tel: +60 3 2117 4899 Fax: +60 3 2142 1441
Grand Millennium Kuala Lumpur
160, Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia.

AUTHORIZATION

(This form is invalid without a signature)

Name

Job Title

Email

Tel :

General Information:
1
2
3
4
5

Cancellations/Substitutions

Organization :

Substitutions are welcome at any time. Please notify us at

least 2 working days prior to the event. All cancellations will
carry a 10% cancellation fee, once a registration form is
received. All cancellations must be in writing by fax or email
at least 2 weeks before the event date. Cancellations with
less than 2 weeks prior to the event date carry a 100% liability.
However, course materials will still be couriered to you.

Address :

Signature :

Registrations close ONE (1) week before the training dates.

The fees cover lunch, tea breaks, materials and certificate.
Official confirmation will be sent, once registration has been
received.
Participants will need to arrange their own accommodation.
Attire: Smart Casual

Date:

FEES

USD 2,995 per delegate

15% discount - Special for Group of 3
The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable
the client has to ensure that the taxes are paid on top of the investment fee paid for the course.
Compliance with the local tax laws is the responsibility of the client.

* Save up to 50% for In-house Training program

Thank you for your registration!

PAYMENT DETAILS
Payment is required within 5 days upon receipt of
the invoice.
Bank transfer:
360 BSI MIDDLE EAST LIMITED
Abu Dhabi Commercial Bank
Dubai Mall Branch, P.O.Box 49124 Dubai, U.A.E
Account No: 10065721319001
Swift No: ADCBAEAAXXX
IBAN No: AE780030010065721319001

All payments must be received prior to the event date

360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia.

www.360bsi.com/IT