Your SlideShare is downloading. ×
A Business Case for Establishing BCP
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

A Business Case for Establishing BCP

267
views

Published on

Published in: Business, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
267
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. www.businessbeam.comA business case for establishingBusiness Continuity Plan (BCP)Business Beam (Pvt.) Limited
  • 2. Contents2What is Business Continuity?1Business Benefits2Implementation Roadmap3Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 3. What is Business Continuity?A business case for establishing a Business Continuity Plan
  • 4. 9/11 for Pakistan4 Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 5. Happened in Karachi (June 26, 09)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.5
  • 6. Suicide Attack in Lahore (May 27, 09)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.6
  • 7. Thanks to KESCCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.7
  • 8. Berger PaintsCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.8
  • 9. Fire at Shahra-e-Faisal BuildingCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.9
  • 10. The Reality of Business ContinuityCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.10 43% of US companies never reopen after a disaster and 29%more close within 3 years. 20% of small to medium size businesses suffer a majordisaster every 5 years. 78% of organizations which lacked contingency plans butsuffered catastrophic loss were gone within 2 years…mosthad insurance, and many had business interruptioncoverage!(Sources: U.S. National Fire Protection Agency, U.S. Bureau of Labor, Richmond House Groupand B2BContinuity.com)
  • 11. 11IsThis An Effective Management Strategy In the Face of theKNOWN Risks!YES!NO!Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 12. Effects of Effective BusinessContinuityCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.12The impact on shareholder valueSource: “The Impact of Catastrophes on Shareholder Value,” Rory F. Knight & Deborah J. Pretty, Templeton College,University of Oxford, p. 3.Trading days after the event25 50 75 100 125 150 175 200 225Effective crisis responseIneffective crisis responses
  • 13. What is Business ContinuityManagement?13 Business Continuity Management (BCM) is a holisticmanagement process that: Identifies potential impacts that threaten an organization, Provides a framework for building resilience and the capabilityfor an effective response, Safeguards the interests of key stakeholders, reputation, brandand value creating activities.Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 14. Success or Failure?Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.14C No BCM –usual outcomeBNo BCM – luckyescapeTimeLevelofbusinessCritical recoverypointAFully testedeffective BCM
  • 15. Business BenefitsA business case for establishing a Business Continuity Plan
  • 16. Key Benefits (1)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.16 To Business Gain reputation as “Safe and Secure Organization” First mover advantage Cost effectiveness = Higher profitability Better compliance with laws and regulations Better continuity in case of any disaster To Operations Better risk management & risk reduction Better cost control Defined SOPs To IT Identification and control of information assets Better risk management Defined SOPs IT Disaster management
  • 17. Key Benefits (2)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.17 Better policies, procedures and working templates Business continuity Information security Related roles and responsibilities Organization wide awareness SAP related and general IT infrastructure Use of network services Mobile computing
  • 18. Key Benefits (3)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.18 Identification of Business Critical processes Process identification Process ranking according to business criticality Continuity strategies for critical processes Business Continuity planning Business Impact Analysis (BIA) BCP for all areas under scope BCP awareness, testing and exercises
  • 19. Key Benefits (4)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.19 Information Asset Management Information Classification Information Asset Identification & Classification Employee Skill Management Risk Management Identification and Analysis of Risks Treatment of Risks Development of Risk Management Approach & Criteria
  • 20. Key Benefits (5) Better Description of Roles & Responsibilities Job description related to information security Pre-hiring controls During employment personnel development Post-employment controls Physical Security Identification of Secure Areas Equipment SecurityCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.20
  • 21. Key Benefits (6)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.21 Communications & Operations Management Documented SOPs Segregation of duties Third party service delivery management System planning & acceptance Data backup and recovery Network security Media handling e-Commerce Access Control Access control policy and procedures User, network and OS access control Application and mobile access control
  • 22. Key Benefits (7)Copyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.22 Regulatory compliance All applicable laws Intellectual property rights Framework for Continual Improvement Regular Internal Audits Corrective & preventive actions
  • 23. Implementation RoadmapA business case for establishing a Business Continuity Plan23
  • 24. Implementation Roadmap24Phase 1:Scoping & PlanningPhase 2:Understanding the OrganizationPhase 3:Risk Assessment and ControlPhase 4:Implementation of Mitigation StrategiesPhase 5Training for Audit and Internal AuditCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 25. Phase 1: Scoping & Planning25AwarenessAwarenessSessionsImplementerTrainingsTeamFormationEstablishingManagementSteering GroupEstablishingworking groupsProjectScopingIdentification ofgeographicalscopeIdentification offunctional scopeDocumentingand agreeing thescope of theassignmentCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 26. Phase 2: Understanding theOrganization26ProcessIdentificationIdentification offunctions underscopeIdentification ofprocesses underscopeBIAIdentification ofbusiness impact ifprocess does notworkPrioritizingprocesses basedon time criticalityPresenting reportto themanagementAssetRegistrationIdentification &classification ofinformation assetsin theorganizationAsset valueassessmentAsset ownershipidentificationCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 27. Phase 3: Risk Assessment andControl27RiskAssessmentIdentification ofapplicationthreats, and risksAnalyzingprobability andimpact of risksRiskThresholdCalculating riskthresholdDefining riskacceptancecriteriaDevelopmentofSOASelection of rightcontrols to handlethe identified risksImplementing riskthreshold andacceptancecriteriaDeveloping andpresenting SOACopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.
  • 28. Phase 4: Implementation of MitigationStrategiesCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.28SecurityControlsDevelopingprocesses andprocedures forinformationsecuritycontrolsMitigationPlanningIdentifying rightmitigationstrategiesPlanning forimplementationBusinessContinuityPlanDevelopment ofBusinessContinuity PlanDesktopexercise of BCP
  • 29. Phase 5: Training for Internal Auditand Internal AuditCopyrights (C) 2004-2013 Business Beam (Pvt.) Limited. All rights reserved.29InternalAuditTrainingHands-oninternal audittrainings forselectedindividualsInternal audittrainings onboth standardsInternalAuditConducting firstinternal auditDevelopingInternal AuditreportAuditFindingsDetailedassistance inclosure of auditfindingsIdentification ofcorrective andpreventiveactions
  • 30. www.businessbeam.comThank You!contact@businessbeam.com