Professional Documents
Culture Documents
Business Continuity
Planning
• Resources
• Relocation of staff
• Information requirement
• Backup strategies
• Site selection
• Business Continuity Plan
• Test and exercise
• Test review, report and follow-up
• Monitoring and review
BCP
1
6/22/2021
A sudden accident or a
Disaster
natural catastrophe that
causes great damage or
loss of life.
2
6/22/2021
science
3
6/22/2021
4
6/22/2021
BCM operations
… it is not just
5
6/22/2021
Disaster Recovery
6
6/22/2021
Operational Continuity
Business Continuity
7
6/22/2021
• Infrastructure
• Support systems
• Information systems
8
6/22/2021
• Pandemic Concern
Why • New Threats & Risks Since 9/11
• Cost Of Insurance
• Loss Of Revenue
9
6/22/2021
Fully tested
effective BCM
Level of business
No BCM –
‘lucky’ escape
No BCM – likely
outcome
10
6/22/2021
IMPACT
Crisis
event
Lost time/productivity
With
It reduces the crisis management Without Time
crisis management
Negative impact
negative impact
and speeds
recovery from all Damage to
kinds of corporate financial results,
reputation and
crises
key relationships
11
6/22/2021
12
6/22/2021
Measure results through auditing, Identify overall strategic objectives, values and
exercising, maintenance and training. activities; identify stakeholders, business
Support continuous improvement processes, products and services
through constructive feedback.
BCM
programme
management Analyse financial and non-financial
Develop business continuity plans in
business impacts resulting from
line with agreed strategies; embed
disruption of business processes (BIA);
BCM within culture of the
identify business-critical processes;
organisation.
identify gaps in recovery capability;
develop prioritised recovery timeline.
13
6/22/2021
BCP Phases
Project
Mgmt/Initiation
Business Impact
Assessment
Recovery Strategy
Implementation
Maintenance Testing
14
6/22/2021
• Regulatory Requirements
• Organizational Reputation
15
6/22/2021
16
6/22/2021
BIA Steps
17
6/22/2021
18
6/22/2021
Recovery Strategy
19
6/22/2021
RS Key Element
RS Development Steps
20
6/22/2021
Categories of RS
• Business Recovery
• User
Recovery
• Operational
• Data
Business Recovery
21
6/22/2021
User Recovery
22
6/22/2021
Operational Recovery
• Usage parameters
Operational Recovery
Options include:
Recovery • Hot Site, Warm Site, Cold Site, Mobile Site
• Service Bureaus
23
6/22/2021
Operational Recovery
• Electronic vaulting
Recovery • On-line tape vaulting
• Remote journaling
• Database Shadowing
• Standby Services
• Software Escrow
24
6/22/2021
• Restoration Plans
25
6/22/2021
– Vital records
– Technical information
26
6/22/2021
– Utility providers
– Media
27
6/22/2021
Testing, Maintenance,
Awareness, and Training
In this phase, plans for testing and
maintaining the BCP are implemented and
Testing,
also awareness and training procedures are
Maintenance,
Awareness, and
executed.
Training
28
6/22/2021
Plan Testing
• Test Schedules
• Post-test reviews
Plan Testing
strategies are:
Testing,
• Checklist
Maintenance,
Awareness, and • Structured Walk-Through
Training • Simulation
• Parallel
• Full Interruption
29
6/22/2021
Training includes:
30
6/22/2021
Restoration Action
Restoration
Damage Assessment
31
6/22/2021
Damage Assessment
Restoration Actions
32
6/22/2021
Restoration Actions
Recovery time
33
6/22/2021
Restoration Actions
Restoration
IT decision to move to a backup facility
Restoration Actions
34
6/22/2021
Restoration Actions
COST/IMPACT
Restoration
Restoration Actions
Lost Data
Move to
Resume Return
Vital Records Alternate
Business Home
Restore Technology Capability Site
Notifications
Restore Communications
(If necessary)
Restore Business Functions Data Synchronization
Data Recovery Objective
35
6/22/2021
Risk Management
• Guidelines
• Context establishment
• Identification
• Analysis
• Evaluation
• Treatment
• Communication
• Monitoring and control
Risk Management
36
6/22/2021
Risk Management
Risk Management
Risk
Uncertain or chance events that planning can not
overcome or control.
37
6/22/2021
Risk Management
RM
Risk Management
Risk Management
is the name given to a logical and systematic
method of identifying, analyzing, treating and
38
6/22/2021
Risk Management
Risk Management
A proactive attempt to recognize and manage
internal events and external threats that affect the
39
6/22/2021
40
6/22/2021
ERM
Process
41
6/22/2021
ERM
• Identifying opportunities
42
6/22/2021
• Insurance
• Health Care
• Public Institutions
• Governments
43
6/22/2021
44
6/22/2021
Managing Risks
– Risk appetite.
45
6/22/2021
Managing Risks
Managing Risks
• Consequence:
If the event occurs what will the
consequence be:
Critical
High
Medium
Low
Very low
46
6/22/2021
Managing Risks
• Likelihood
What is the likelihood that the event will
occur and result in the consequence
indicated:
Almost certain
Likely
As likely as not
Possible
unlikely
47
6/22/2021
Risk Identification
Risk Identification
48
6/22/2021
Process
Process
49
6/22/2021
50
6/22/2021
User Interface
Red zone (major risk) backlash problems
4
Likelihood 3
Hardware
1 malfunct-
ion
51
6/22/2021
• Easy prioritization
52
6/22/2021
• Subjective Evaluation
• Limited Scope
• Lack of Differentiation
Limitations
53
6/22/2021
54
6/22/2021
55
6/22/2021
Contingency Planning
• Contingency Plan
An alternative plan that will be used if a
possible foreseen risk event actually occurs.
A plan of actions that will reduce or mitigate the
Process negative impact (consequences) of a risk event.
56
6/22/2021
• Technical Risks
Backup strategies if chosen technology fails.
Assessing whether technical uncertainties
can be resolved.
Process
• Schedule Risks
Use of slack increases the risk of a late project
finish.
Imposed duration dates (absolute project finish
date)
Compression of project schedules due to a
shortened project duration date.
• Costs Risks
Time/cost dependency links: costs increase
when problems take longer to solve than
expected.
Deciding to use the schedule to solve cash flow
Process problems should be avoided.
Price protection risks (a rise in input costs)
increase if the duration of a project is increased.
• Funding Risks
Changes in the supply of funds for the project
can dramatically affect the likelihood of
implementation or successful completion.
57
6/22/2021
Opportunity Management
• Exploit
Seeking to eliminate the uncertainty associated with an
opportunity to ensure that it definitely happens.
• Share
Allocating some or all of the ownership of an
Process opportunity to another party who is best able to
capture the opportunity for the benefit of the project.
Tactics • Enhance
Taking action to increase the probability and/or the
positive impact of an opportunity.
• Accept
Being willing to take advantage of an opportunity if it
occurs, but not taking action to pursue it.
Opportunity Management
Process
Tactics
58
6/22/2021
Process
59
6/22/2021
Process
60