User Manual New Edabu - BU

Emergency Management Planning
Business Continuity
IT Partners
March 17, 2005 © Gerald Isaacson 2005
Business Continuity Planning
A few definitions to get started:

… a “disaster”
• The cake I was baking to bring to Xmas dinner
• He lost a laptop with the only copy of his thesis
• She lost her research and papers in the lab fire
• Payroll system failed the day before payday
• Asbestos released in a dorm renovation
• The death of a student
• The Northeast blackout
• The recent tsunami
April 19, 2005 © Gerald Isaacson 2005
… a “disaster”
is an event, often unexpected, that seriously

disrupts your usual operations or processes
and can have long term impact on your
normal way of life or that of your
organization.

… RTO [Recovery Time Objective]
the point in time when you must have at

least the critical aspects of your business
operational again.

…RPO [Recovery Point Objective]
The last copy of your data that is out of harm’s

way – hopefully it is recently current.

… Business Continuity Planning

… it’s not rocket science

… it is:
• a process to minimize the impact of a major
disruption to normal operations
• a process to enable restoration of critical
assets
• a process to restore normalcy to MIT as soon
as possible after a crisis.
… it is not just:
• recovery of information technology resources

… and it is the phase of crisis management

that follows the immediate actions taken to
protect life and property and contain the
event
… it begins when the situation has been
stabilized.

… and it
is now a
national
standard
for both
the
public
and
private
sectors

An ECAR report in March of this year, from

Baylor Medical Center and the University of
Houston, in the aftermath of hurricane
Allison, posed the following list of
questions to ask to determine your
resilience to a disaster.

ECAR Research Bulletin Mar 1 2005

An ECAR report in March of this year, from

Baylor Medical Center and the University of
Houston, in the aftermath of hurricane
Allison, posed the following list of
questions to ask to determine your
resilience to a disaster.
The answers constitute your Business

Continuity Plan

The Risk Matrix

PROBABILITY
LOW HIGH
LOW NORMAL
IGNORE
PROCEDURES
IMPACT
CHANGE
HIGH PLAN
SOMETHING

Network Operations Disruptions
Power
Hardware BOMB
MISC
ENVIRON
DATA
SOFTWARE
CIVIL
TELECOMM
FLOOD
HURR
EARTH
TORNADO
LIGHTNING
HARDWARE
Source: Gartner Group and Comdisco



Mt. St. Helens – May 1980 – new threats arise

It’s different now….

…but we still have the usual concerns
© ECAR Research Bulletin Mar 1 2005

• When is it a Crisis?
Minutes Hours Days Weeks
Continuity Continuum




A crisis timeline --

Alarm Notification to First Responders
Data center fire
Restoration of Critical Processing

Activate the Emergency Operations Center

IT decision to move to a backup facility

Assemble IT recovery team at appropriate sites

Obtain backup tapes from off-premises storage

Acquire and install backup hardware

and network connections

Restore Operating System and Network

Reload database and other data

Restore Critical Applications

Begin Critical Processing -

This is your Recovery Time Objective (RTO)

Recovery Time Objective (RTO)
Do you measure it in hours or weeks?

Recovery Time Objective (RTO)
Do you measure it in hours or weeks?
When do you need to start to reach it on time?

Windows are Closing

Increasing dependencies on electronic

capabilities to do your job have shortened
the recovery timeframe.

Increasing dependencies on electronic

capabilities to do your job have shortened
the recovery timeframe.
This often leads to a disconnect between

user’s expectations and the organization’s
ability to meet them.

High Level Look at a Recovery Effort
Lost Data
Vital Records Resume Move to Return

Restore Technology Capability Business Alternate Home
Notifications Site
Restore Communications
(If necessary)
Restore Business Functions Data Synchronization
Data Recovery Objective
Recovery Time Objective
© Lucent technologies
Continuity Plan Development Phases

• Understand the need


• Define the risk to the DLC and define the
level of criticality

Criticality Levels
• Category I Must be up in hours

• Category II Must be up in days
• Category III Must be up in weeks
• Category IV Can wait till operations are
normal


• Define the risk to the DLC and define the level
of criticality
• Give an individual responsibility and
authority for overall planning


• Define the risk to the DLC and define the level
of criticality
• Give an individual responsibility and authority
for overall planning
• Ensure that organizational units –
accounting, facilities, residential life,
laboratories, etc. understand their
individual responsibility for recovery of
their operations.

• DLC’s develop their FARM (Functional

Area Recovery Management) teams
• The Business Continuity Planning Team –
(BCMT) consists of FARM Team
Coordinators
• The BCMT is represented at the MIT
Emergency Operations Center (EOC)


• Put together the recovery team
• Document the Plan

The Table of
Contents from
the TLO FARM
Team Plan

• Key Plan Components

– Contact list – up to date


– Resources needed – not just computing


– Resources needed – not just computing
– Emergency procedures

• Document the plans for each department,

lab or center
• Use a common template or framework
• Plan review by Business Continuity
Management Team (BCMT) and
Information Systems & Technology


• Test, test, test

Simulation Testing – MIT’s Central Utility Plant

• On an August afternoon, a fuel line rupture in the
Central Utility Plant results in a fire.
• When the sprinkler system operates, the ensuing
flood creates a hazardous waste issue due to the oil
and ACM.
• The sprinkler operation also operates protective
disconnects and the power is shut down.
• There have been 5 injuries of CUP workers because
of this incident.
• After about 4 hours it is determined that the CUP’s
clean up and return to service will take at least 24
hours, and the 80% of the campus that the CUP
serves will remain without power.
• Test, test, test

• Maintain the plans – a very difficult
process but critical to the long term
viability of any plan

What’s next?
• Who should we be talking to in your area?

• Who should we be talking to who is not
here?
• Any overall concerns about the project?
• Any specific concerns that we should be
addressing?

Gerald Isaacson, CISSP William McShea, CFPS
gii@mit.edu wmcshea@mit.edu
617 253-1440 617 253-9491
32-013 32-013
web.mit.edu/bcmt http://web.mit.edu/environ
ment/ehs/

User Manual New Edabu - BU

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

User Manual New Edabu - BU

Uploaded by

Copyright:

Available Formats

Emergency Management Planning

A few definitions to get started:

is an event, often unexpected, that seriously

April 19, 2005 © Gerald Isaacson 2005

A few definitions to get started:

… RTO [Recovery Time Objective]

the point in time when you must have at

April 19, 2005 © Gerald Isaacson 2005

A few definitions to get started:

…RPO [Recovery Point Objective]

The last copy of your data that is out of harm’s

April 19, 2005 © Gerald Isaacson 2005

A few definitions to get started:

… Business Continuity Planning

April 19, 2005 © Gerald Isaacson 2005

… it’s not rocket science

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

… and it is the phase of crisis management

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

An ECAR report in March of this year, from

April 19, 2005 © Gerald Isaacson 2005

ECAR Research Bulletin Mar 1 2005

An ECAR report in March of this year, from

The answers constitute your Business

April 19, 2005 © Gerald Isaacson 2005

The Risk Matrix

April 19, 2005 © Gerald Isaacson 2005

Network Operations Disruptions

Source: Gartner Group and Comdisco

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

Mt. St. Helens – May 1980 – new threats arise

April 19, 2005 © Gerald Isaacson 2005

It’s different now….

April 19, 2005 © Gerald Isaacson 2005

© ECAR Research Bulletin Mar 1 2005

Minutes Hours Days Weeks

April 19, 2005 © Gerald Isaacson 2005

Minutes Hours Days Weeks

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

Minutes Hours Days Weeks

April 19, 2005 © Gerald Isaacson 2005

April 19, 2005 © Gerald Isaacson 2005

Alarm Notification to First Responders

Data center fire

Restoration of Critical Processing

April 19, 2005 © Gerald Isaacson 2005

Activate the Emergency Operations Center

Restoration of Critical Processing

April 19, 2005 © Gerald Isaacson 2005

IT decision to move to a backup facility

Restoration of Critical Processing

April 19, 2005 © Gerald Isaacson 2005

Assemble IT recovery team at appropriate sites

Restoration of Critical Processing

April 19, 2005 © Gerald Isaacson 2005

Obtain backup tapes from off-premises storage

Restoration of Critical Processing

April 19, 2005 © Gerald Isaacson 2005

Acquire and install backup hardware