• Like
  • Save

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Wayne Weng, GMH Pte Ltd Implementing Business Continuity Management: All You Need to Know for an Effective Process Meet-the-Expert Singapore

  • 1,258 views
Uploaded on

BCM Institute MTE Series: http://www.worldcontinuitycongress.com/wcc08/mte.html …

BCM Institute MTE Series: http://www.worldcontinuitycongress.com/wcc08/mte.html
This is a overview of the business continuity management implementation process provided by GMH Pte Ltd - an Asia Pacific BC/DR Consultancy firm.

More in: Business , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,258
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Implementing Business Continuity Management: All You Need To Know For An Effective Process
    Wayne Weng
    BCCE
    Senior Consultant
  • 2. Agenda
    Singapore Standard for Business Continuity Management (BCM) SS 540: 2008
    BCM Institute Methodology
    BCM Institute Methodology vs. International Standards
    Phases of Implementation
    Certification Audit Program
    BCM Portal
    2
  • 3. Singapore Standard SS540 for BCM
    3
  • 4. SS540 PDCA Cycle
    Managed
    Business
    Continuity
    of the
    Organisation
    Requirements & Expectation
    of BCM by
    Stake-holders and Interested Parties
  • 5. Content of SS 540: 2008
    Clauses
    Introduction to the BCM Framework
    Process Approach
    Scope
    Definition
    Requirements of the BCM System
    Risk Analysis and Review      
    Business Impact Analysis              
    Strategy              
    BC Plan              
    Tests and Exercises              
    Programme Management              
    5
  • 6. BCM Framework for Singapore Standard for BCM (SS:540)
  • 7. BCM Planning Methodology
    7
    Source:
    Goh, Moh Heng (2008): Managing Your Business Continuity Planning Project 2nd Edition ISBN: 978-981-05-9767-2
  • 8. BCM Planning Methodology & SS:540
    8
  • 9. SS 540
    BS 25999
    ANZ 5050
    NFPA 1600
    BCM Institute Methodology and International Standards
    9
  • 10. Project Management
    Objectives
    Formulate a workable project proposal.
    Seek endorsement and commitment on the project from management committee:
    Objective;
    Scope;
    Approach;
    Schedule; and
    Manpower.
    Establish project management structure and control.
    Tasks
    BCM Steering Committee & BCP Project Team
    Review and understand organisation environment.
    Agree and formalise project management structure and resource allocation.
    Establish project administration reporting and control mechanism.
    Deliverables
    Project plan proposal includes:
    Definition;
    Scope ;
    Objective;
    Roles & Responsibilities.
    Project workplan.
    Project reporting mechanism.
    10
  • 11. Risk Analysis and Review
    Objectives
    identify vulnerabilities
    Establish reliable recommendations for:
    Minimizing impact of identified threats
    Immediate and effective response to potential causes of disaster
    Tasks
    Identify exposure to internal & external threats and the likelihood of these threats occurring
    Recommend preventive responses and escalation procedures in conjunction with crisis management implementation
    Evaluate findings and prepare a status report & recommendation.
    Deliverables
    Comprehensive risk and threat profile to the organization, with key disaster scenario
    Recommendation for:
    Countermeasures
    Immediate Response Procedures
    Security Risk Review
    to be implemented to minimize the risks
    Summary report of recommendations agreed with senior management
  • 12. 12
    Risk Analysis and Review
  • 13. Business Impact Analysis
    Objectives
    Determine impact of unavailability/failure/ disaster on business functions.
    Determine critical business needs and tolerable limits.
    Establish business criticality/ impact criteria using Business Impact Analysis Questionnaires (BIAQ).
    Prioritise the importance of each business unit vis-à-vis established criteria.
    Consolidate findings and rankings.
    Present results to management committee to confirm critical classifications and priority listings.
    Detailed report on findings (approved by management) containing:
    - tolerable limits;
    classification of criticality;
    prioritised critical business functions;
    minimum resources;
    Critical applications and systems; and
    - restoration priority.
    Impact analysis of unavailability of business functions (quantitative and qualitative).
  • 14. 14
    Business Impact Analysis
  • 15. 15
    Business Impact Analysis
  • 16. 16
    Business Impact Analysis
  • 17. Recovery Strategy
    Objectives
    Establish business functions & job priorities vis-à-vis business needs.
    Determine processing requirements for priority business functions.
    Identify and formalise backup for everything needed to survive a disaster.
    Ensure that alternative processing procedure is available for continuity of critical business needs whilst recovery is in progress.
    Tasks
    Analyse all division functions to prioritise them based on business needs.
    Analyse hardware and software requirements to run high priority critical functions so that sufficient backup can be arranged.
    Review and establish backup arrangements, if necessary.
    Identify necessary interim processing procedures for critical functions.
    Seek management’s review and endorsement of findings and recommendations.
    Deliverables
    List of strategic plans for recovering prioritised critical functions.
    List of critical functions requiring interim manual processing procedures.
    Recommend alternate interim processing procedures.
  • 18. 18
    Recovery Strategy
  • 19. Plan Development
    Objectives
    Train and equip users with skill to complete the Microsoft Word plan template.
    Establish recovery procedures to fully restore normal business operations after a disaster, based on selected strategies.
    Ensure consistency and comprehensiveness of coverage.
    Tasks
    Determine recovery teams set-up and functional responsibilities.
    Identify members of each recovery team.
    Develop specific procedures for each recovery team.
    Review and edit (based on agreed structure) the plan component to ensure consistency and comprehensiveness of documentation.
    Deliverables
    Propose:
    Recovery team structure;
    Staffing of the recovery teams with names of specific staff members; and
    List of action steps to be taken by each member of respective recovery team.
    Completed Business Continuity Plan.
  • 20. 20
    Plan Development
  • 21. 21
    Plan Development
  • 22. Testing and Exercising
    Objectives
    Formulate an objective mechanism to validate the "workability" of the complete Business Continuity Plan.
    Tasks
    Design an overall program for testing of plan.
    Develop plans and schedules for specific tests.
    Develop an evaluation mechanism.
    Deliverables
    List of tests to be conducted.
    List of responsibilities of parties involved:
    Objectives, policies, guidelines, responsibilities and test specifications.
    Specific test plan:
    Description, scenarios, procedures and criteria.
    Evaluation forms/checklists for recovery plan tests.
  • 23. Certification AuditProgram
  • 24. Certification AuditProgram
  • 25. 25
    BCM Portal
  • 26. 26
    BCM Portal
  • 27. Business Continuity Reports – BC Plan
    Competency Built-in Implementation
    Policy and Framework
    Risk Assessment Report
    Business Impact Report
    Recovery Strategy Report
    Business Continuity Plans
    Test Plan
    Fundamentals of BCM
    Risk Analysis & Review
    Testing & Exercising
    Business Impact Analysis
    Recovery Strategy
    Plan Develop-ment
    Program
    Management
    Session 1
    Session 2
    Session 5
    Session 3
    Session 4
    Session 6
    Each Session-Day is a minimum of 2 weeks apart
  • 28. Thank You