Your SlideShare is downloading. ×
0
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Enterprise Business Continuity Management
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Enterprise Business Continuity Management

676

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
676
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
52
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • The benefits are . . .
  • Transcript

    • 1. Enterprise Business Continuity Management Utilizing “Collaboration” in The state of Washington Business Continuity Program Small Agency Presentation August 21, 2006 Judy Sweet, CBCP Washington State Enterprise Business Continuity Program Manager
    • 2. Business Continuity Program Purpose
      • The State of Washington must maintain confidence of its constituents, and ensure continued operation of vital government services when an incident has caused, or has the potential to cause, significant consequences.
      • The Business Continuity Program will provide the framework to develop an enterprise approach and coordinate agency efforts to minimize business interruptions, and create a state of readiness, so that agencies can respond to and recover from events, resuming vital services as quickly as possible.
    • 3. Business Continuity Milestones
      • Enterprise Executive Symposium 6/2005
      • Enterprise BC Software Tool Installed 7/2005
      • Business Continuity Initiative Project Kickoff 8/2005
      • Statewide BC Work-sessions Begin 9/2005
      • Regular BC Work-sessions Concluded 6/2006
      • Statewide BC Program & Sustaining BC Model
        • Statewide BIA
        • Statewide COOP Development
        • Enterprise Solution Development
    • 4.
      • Minimize service interruptions, to acceptable levels
        • Understand your agency services
        • Collaborate with other agencies
        • Incorporate Best Practices
        • Utilize common planning framework
      • Identify high impact areas
        • Based on risk intelligence
      • Execute an Enterprise strategy to prioritize and mitigate risk.
        • Account for dependencies across agencies
        • Capitalize on economies of scale
      Business Continuity Planning Objectives ~80% Business and 20% Technology
    • 5. Business Continuity Management (BCM) Answers . . .
      • What is an incident / disruption / disaster?
      • What are the impacts over time?
      • How much loss can be tolerated?
        • Risk Threshold, Tolerance
      • What can be mitigated?
        • Work-around, Enterprise solutions
      • How to reestablish business services?
        • Activate response plans
      • What is required?
        • Resources, time, people/skill sets, procedures, dollars
      • How much is enough?
        • Balance options “Proactive verses Reactive”
    • 6. Bottom Line: BCM Program Umbrella
      • Sustain & Protect
        • People
        • Property
        • Information
        • Operations
        • Gov. Services
      BCM provides a balance between acceptable potential losses and acceptable onetime and annual costs.
    • 7. Business Continuity
      • Investments in business continuity should be prioritized based on analysis of risks and impacts over time.
      • Create Value in Operability.
      • Be Positioned to be successful.
    • 8. BIA Snapshot of Business Drivers
    • 9.
      • A “typical” graph showing impact vs. recovery time, which visually assists with risk mitigation prioritization.
      Sample B usiness I mpact A nalysis Deliverable Time 5 days 3 days 2 days 24 hrs 12 hrs or < Impact WSP Computer Dispatch State Warrants Prison Control System Drinking Water Safety HAZMAT State Payroll Dam Inspection Services Military’s Dispatched Resources Firearms Licensing
    • 10. Notional: Business Continuity Event Life Cycle Normal Operations Time Capability
    • 11. Notional: Business Continuity Event Life Cycle Service Disruption Occurs Normal Operations Time Capability Modified U.S. DoD graphic Proactive BC Activities Reactive BC Activities P roblem M gmt & R esponse R ecovery Risk Mitigation Contingency Planning Minimal Acceptable Level of Capability R estoration Return to Normal Operations Recovery Time
    • 12. Business Continuity Planning (Will incorporate NIMS requirements) NIMS Impact NIMS Impact NIMS Impact NIMS Impact NIMS Impact NIMS Impact NIMS Impact NIMS Impact
    • 13. Types of Plans?
      • Continuity of Operations (COOP) Plan
      • Incident Management Plan
      • Business Continuity Plan
      • Vital Service Response Plans
      • Let’s put this into perspective!
      COOP Plan Incident Mgmt Plan Business Continuity Plan Vital Service Response Plan
    • 14. Business Continuity Plan Types & Relationships Vital Service Response Plan for ‘A’ Vital Service Response Plan for ‘B’ Vital Service Response Plan for . . . ‘ n ’ Business Continuity Plan Incident Management Plan (Sometimes referred to as “Problem or Crisis Management” Plan)
      • Specific Action Plan
      • An Agency-wide Perspective
      • Global Risk Mitigations, Contingencies and Responses for Business Operations
      • An Agency-wide Perspective
      • Repeatable Process & Practices
      • Incident Alerting, Reporting, Tracking & Status
      • ID of Essential Functions
      • Delegations of Authority
      • Orders of Succession
      • Interoperable Communications
      The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.
      • Alternative Facilities
      • Vital Records and Databases
      • Human Capital
      • Tests, Training, & Exercises
      Continuity of Operations (COOP) Plan
      • Address Full Spectrum of Threats & Hazards
      • Involves Investigation, Diagnoses
      • Assembly of Incident Command System (ICS)
      • ICS Draws on Response Plan(s)) for Resolution
      • Specific Action Plan
      • Specific Action Plan
      to From More General Specific
    • 15. Business Continuity Plan Types & Relationships Vital Service Response Plan for ‘A’ Vital Service Response Plan for ‘B’ Vital Service Response Plan for . . . ‘ n ’ Business Continuity Plan Incident Management Plan (Sometimes referred to as “Problem or Crisis Management” Plan)
      • Specific Action Plan
      • An Agency-wide Perspective
      • Global Risk Mitigations, Contingencies and Responses for Business Operations
      • An Agency-wide Perspective
      • Repeatable Process & Practices
      • Incident Alerting, Reporting, Tracking & Status
      • ID of Essential Functions
      • Delegations of Authority
      • Orders of Succession
      • Interoperable Communications
      The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.
      • Alternative Facilities
      • Vital Records and Databases
      • Human Capital
      • Tests, Training, & Exercises
      Continuity of Operations (COOP) Plan
      • Address Full Spectrum of Threats & Hazards
      • Involves Investigation, Diagnoses
      • Assembly of Incident Command System (ICS)
      • ICS Draws on Response Plan(s) for Resolution
      • Specific Action Plan
      • Specific Action Plan
      to From More General Specific
    • 16. Business Continuity Plan Types & Relationships Vital Service Response Plan for ‘A’ Vital Service Response Plan for ‘B’ Vital Service Response Plan for . . . ‘ n ’ Business Continuity Plan Incident Management Plan (Sometimes referred to as “Problem or Crisis Management” Plan)
      • Specific Action Plan
      • An Agency-wide Perspective
      • Global Risk Mitigations, Contingencies and Responses for Business Operations
      • An Agency-wide Perspective
      • Repeatable Process & Practices
      • Incident Alerting, Reporting, Tracking & Status
      • ID of Essential Functions
      • Delegations of Authority
      • Orders of Succession
      • Interoperable Communications
      The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.
      • Alternative Facilities
      • Vital Records and Databases
      • Human Capital
      • Tests, Training, & Exercises
      Continuity of Operations (COOP) Plan
      • Address Full Spectrum of Threats & Hazards
      • Involves Investigation, Diagnoses
      • Assembly of Incident Command System (ICS)
      • ICS Draws on Response Plan(s) for Resolution
      • Specific Action Plan
      • Specific Action Plan
      to From More General Specific
    • 17. Business Continuity Plan Types & Relationships Vital Service Response Plan for ‘A’ Vital Service Response Plan for ‘B’ Vital Service Response Plan for . . . ‘ n ’ Business Continuity Plan Incident Management Plan (Sometimes referred to as “Problem or Crisis Management” Plan)
      • Specific Action Plan
      • An Agency-wide Perspective
      • Global Risk Mitigations, Contingencies and Responses for Business Operations
      • An Agency-wide Perspective
      • Repeatable Process & Practices
      • Incident Alerting, Reporting, Tracking & Status
      • ID of Essential Functions
      • Delegations of Authority
      • Orders of Succession
      • Interoperable Communications
      The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.
      • Alternative Facilities
      • Vital Records and Databases
      • Human Capital
      • Tests, Training, & Exercises
      Continuity of Operations (COOP) Plan
      • Address Full Spectrum of Threats & Hazards
      • Involves Investigation, Diagnoses
      • Assembly of Incident Command System (ICS)
      • ICS Draws on Response Plan(s) for Resolution
      • Specific Action Plan
      • Specific Action Plan
      to From More General Specific
    • 18. Business Continuity Plan Types & Relationships Vital Service Response Plan for ‘A’ Vital Service Response Plan for ‘B’ Vital Service Response Plan for . . . ‘ n ’ Business Continuity Plan Incident Management Plan (Sometimes referred to as “Problem or Crisis Management” Plan)
      • Specific Action Plan
      • An Agency-wide Perspective
      • Global Risk Mitigations, Contingencies and Responses for Business Operations
      • An Agency-wide Perspective
      • Repeatable Process & Practices
      • Incident Alerting, Reporting, Tracking & Status
      • ID of Essential Functions
      • Delegations of Authority
      • Orders of Succession
      • Interoperable Communications
      The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.
      • Alternative Facilities
      • Vital Records and Databases
      • Human Capital
      • Tests, Training, & Exercises
      Continuity of Operations (COOP) Plan
      • Address Full Spectrum of Threats & Hazards
      • Involves Investigation, Diagnoses
      • Assembly of Incident Command System (ICS)
      • ICS Draws on Response Plan(s) for Resolution
      • Specific Action Plan
      • Specific Action Plan
      to From More General Specific
    • 19.  
    • 20. Collaborative Roles in Enterprise Business Continuity Planning
      • Vital Service C
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
      • Vital Service F
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
      Enterprise BC Program Office – State of WA Enterprise Risk & Vulnerabilities Status
      • Governance
      • Policies
      • Practices
      • Planning Priorities
      • Decision Packages
      • Subject Matter Expertise
      • Standards & Practices
      • Tools and Templates
      • Planning Assistance
      • Reporting
      • Meeting Compliances
      @Agency ‘A’ Level
      • BC Developed Capabilities
      • Planning For Worst-Case Scenarios @ Agency Perspective
      • CONOPS / COOP = NIMS Rqmts
      • Risk Mitigations, Contingencies, Responses, Recoveries
      Agency ‘B’ Estimated 200-500 Vital Services 150+ Agencies, Boards and Commissions 1 Enterprise BC Program Office <-----------------------------------------------------------------------------------------------------------------------------------------------------------> Enterprise Level Planning Agency Level Planning Vital Service Level Planning eBRP BC Tool & Repository eBRP BC Tool & Repository eBRP BC Tool
      • BC Instilled across Agency in all Business Practices
      • BC Exercises & Updates (=NIMS Rqmts)
      • On-going Training
      • BC Developed Capabilities
      • Planning For Worst-Case Scenarios @ Agency Perspective
      • CONOPS / COOP = NIMS Rqmts
      • Risk Mitigations, Contingencies, Responses, Recoveries
      • BC Instilled across Agency in all Business Practices
      • BC Exercises & Updates (=NIMS Rqmts)
      • On-going Training
      Component Plans Planning for Worst-Case Scenarios @ Enterprise (Shared Command) Level
      • Risk Mitigations, Contingencies, Responses, Recoveries
      1 Enterprise BC Software Administrator
      • Vital Service A
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
      • Vital Service B
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
      • Vital Service D
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
      • Vital Service E
      • Risk Mitigations
      • Contingencies
      • Responses
      • Recoveries
    • 21. Inherent Benefits of an Enterprise Business Continuity Program
      • Maintain Commonality
      • Develop a Repeatable Process
      • Achieve Agency and State Business Objectives
      • Share Best Practices
      • Rank Priorities
      • Mitigate Risk
      • Identify Dependencies
      • Develop Incident Response/Recovery Plans
      • Form Partnerships
      • Identify Enterprise Solutions
      • Implement Cost/Benefit Contingencies
    • 22. Evolution of Business Continuity Management In Washington State Time Effort Academy Initiative BCM Program
      • Foster a Repeatable Approach
      • ID Agency’s & Enterprise Risk Thresholds
      • Collaborate & Prioritizing Needs
      • Implement Enterprise Solutions
      • Incorporate Incident Management
      • Begin Agency BC Planning
      • Refine Framework Templates / Tools
      • ID Agency Risks & Thresholds
      • ID Service Needs
      • ID & Resolve Issues
    • 23. What’s Next?
      • Continue development of the BC Framework (templates, tools, best practices) Within the BC Program
      • Apply the BIA across all agencies to:
        • Identify where the State could best invest & reduce risk
        • Ties to “Continuity of Operations” COOP (HLS & NIMS Rqmt)
      • Transition to a new Business Continuity Culture
        • Setup a Business Continuity Management (BCM) Program
        • Establish governance along with Roles and Responsibilities
        • Address Continuity of Operations (COOP) with agencies
        • Join with EMD efforts providing info on NIMS & Emergency Response
        • Promote Agency/Enterprise collaboration to best achieve objectives
    • 24. Participating Agencies
      • Department of Personnel
      • Department of Corrections
      • Department of Health
      • Department of Licensing
      • Department of Information Services
      • Department of Transportation
      • Retirement Systems
      • Social and Health Services
      • Department of Ecology
      • Health Care Quality Authority
      • Liquor Control Board
      • Labor and Industries
      • Military Department
      • Office of Financial Management
      • State Treasurer
      • Public Disclosure Commission
      • Washington State Patrol
      • Clark County
      • King County
      • City of Seattle
    • 25. Questions?
    • 26. Contact Information
      • Judy Sweet, CBCP
      • Enterprise Business Continuity Management (BCM) Program Manager
      • D epartment of I nformation S ervices
      • e-mail: [email_address] | (360) 902-3560

    ×