Understanding and Mitigating IT Risk - AFPC Calgary

301 views
228 views

Published on

Understanding and Mitigating IT Risk with Disaster Recovery Case. This presentation was given to the Association of Financial Professionals Canada - Calgary on December 11th, 2013 by Jonathan Nituch of Fortress Technology Planners

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
301
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Understanding and Mitigating IT Risk - AFPC Calgary

  1. 1. Understanding and Mitigating IT Risk Disaster Recovery Case Fortress Technology Planners - Jonathan Nituch - Joseph Gillis -
  2. 2. Agenda 1. Five Roots of IT Risk 2. Disaster Recovery
  3. 3. IT Project Results 50% 40% 30% 20% 10% 0% Failed Troubled Succeeded Source: http://emphasysbrokeroffice.com/files/2013/04/Standish-Group-CHAOS-Summary-2009.pdf
  4. 4. is HIGHLY UNCERTAIN
  5. 5. Rate of Change Source: http://download.intel.com/pressroom/images/events/moores_law_40th/Microprocessor_Chart.jpg
  6. 6. Immaturity of IT
  7. 7. Communication IT Professional Business Professional
  8. 8. Economically Tied Source: http://www.nasdaq.com/symbol/ndxt/stockchart?intraday=off&timeframe=7y&splits=off&earnings=off&movingaverage=None&lowerstudy=volume&comparison=off&index=&drilldown=off
  9. 9. Accounting Supply Chain Operations Technology Human Resources Sales Marketing
  10. 10. Accounting Supply Chain Operations Technology Human Resources Sales Marketing
  11. 11. Operations
  12. 12. What YOU is a NEED PLAN
  13. 13. Disaster Recovery Plan (DRP) A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. Source http://en.wikipedia.org/wiki/Disaster_recovery_plan http://en.wikipedia.org/wiki/File:East_Village_Calgary_Flood_2013.jpg
  14. 14. Steps to Create a DRP 1. Identify IT Capabilities/Services 2. Identify Business Impacts of Disasters 3. Determine: – Budget – Recovery Point Objective (RPO) – Recovery Time Objective (RTO) 4. Choose Solutions
  15. 15. Identify IT Capabilities/Services Major Service Detailed Services Email • Desktop client • Webmail • Mobile devices File System • Local access • Remote access Printing • Local access • Remote access Production Applications • Applications involved with delivering your product or service Supporting Applications • • • • Supporting IT Services • Backups • Antivirus • Security Accounting Finance Human Resources Payroll
  16. 16. Identify Business Impacts of Disasters Facility Normal Equipment Inaccessible Equipment Damaged Facility Inaccessible Facility Damaged
  17. 17. Determine Budget/RPO/RTO Recovery Point Objective Recovery Time Objective Budget
  18. 18. Determine Recovery Point Objective (RPO) It is the maximum tolerable period in which data might be lost from an IT service due to a major incident. RPO DISASTER Source http://en.wikipedia.org/wiki/Recovery_point_objective
  19. 19. Determine Recovery Time Objective (RTO) The recovery time objective is the time within which a business process must be restored, after a disaster has occurred. SERVICE RESTORED DISASTER RTO Source http://en.wikipedia.org/wiki/Disaster_recovery_plan
  20. 20. Choosing Solutions Recovery Point Objective Recovery Time Objective Budget
  21. 21. Summary • There are five roots of IT risk: 1. 2. 3. 4. 5. Rate of Change Immaturity of IT Communication Economically Tied Integration • Creating a Disaster Recovery Plan 1. Identify IT Capabilities/Services 2. Identify Business Impacts of Disasters 3. Determine Budget/Recovery Point Objective (RPO)/Recovery Time Objective (RTO) 4. Choose Solutions
  22. 22. Questions???
  23. 23. THANK YOU Free Whitepaper www.ftpinc.ca/AFPC-Calgary

×