• Save
Business continuity management fundamentals update
Upcoming SlideShare
Loading in...5
×
 

Business continuity management fundamentals update

on

  • 386 views

BCM is a holistic management process ...

BCM is a holistic management process
that identifies potential impacts that threaten an organisation
and provides a framework for building resilience with the capability for an effective response
that safeguards the interests of its key stakeholders, reputation, brand and value creating activities.
BIA is a process designed to prioritize business functions by assessing the potential quantitative (financial) and qualitative (non-financial) impact that may result if an organization was to experience a disruption from a disaster event.

A simpler definition, BIA is a survey that shows how soon you need to have something and do something in order to not ruin your reputation, not lose a lot of money, and not go out of business.

Statistics

Views

Total Views
386
Views on SlideShare
385
Embed Views
1

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 1

http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Business continuity management fundamentals update Business continuity management fundamentals update Presentation Transcript

  • CXO Advisor Advise – Innovate – ChangeBusiness Continuity Management Fundamentals
  • We do 3 things : - Advise  Deeply experienced team  Backed by Ovum in Africa – IT Finance strength  Business – IT Transformation Model Innovate  Return on Business Agility  Rapid Innovation with Outsystems  Business Model Innovation – Saas-it.net Change  Liberate legacy - Adaptivity  Business Process as a Service – Procurement, IT Finance, Portfolio  Governance as a Service
  • What is Buiness Continuity? A holistic management process that identifies potential impacts that threaten an organisation and provides a framework for building resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities. It’s a business problem, technology just makes it easier… Source: The BCI Org
  • Risk Management life-cycle • Business Impact Analysis • Risk Assessment and Control • Discovery, intelligence gathering• Improve continuity of operations • Risk mapping & indicators Identification• Improve green operations • Organisation• Triple bottom line accounting • Process• Business resilience Continuous Business • Resource• Root cause analysis Improvement continuity • Security• Loss management & sustainability strategies • policy & workflow• Recovery management Assess (audit) • Planning function and monitor • Plans, scenarios • limits & processes • early warning • External bodies Develop and • Incident & crisis Exercise and implement a Management maintain BCM BCM response • Sourcing & supply • Exercise plans • Emergency response • Rehearse staff & teams Building & & operations • Test technology & business systems embedding a • Communications, PR • Maintain business systems BCM culture & media • Remedies, preventative & • Ongoing Education contingent actions • Awareness • Training CXO Advisor © Client distribution only Adapted from The BCI Org
  • Governance & Risk Support To Board & CIO How Deliverable • Business Continuity Management • Integrate DRP with BCM • Compliance with governance • Business continuity plan and readiness • Risk management • Risk assessment • Risk mitigation plans • Risk monitoring • Governance review • IT governance plans and procedures aligned with organisational governance It must have executive participation and buy-in…
  • A holistic management processBusiness Continuity life cycle that identifies potential impacts that threaten an organisation and provides a framework for building resilience with the capability for an effective response that safeguards the interests of its key Understanding your stakeholders, reputation, brand and value business creating activities. - BIA - Risk Assess & controls Determining Continuity Embed BCM Culture Strategies- Training & Awareness - Resources- Monitoring - Posture- Change Management Programme Management - Options Develop / Implement Response Exercise / Maintain / Review - Incident & Continuity Response Plans - Test - Business Unit Plan - Improve - resumption It’s a business programme, not an IT project…
  • Business Continuity Scope BCM Programme: Unified Management of Business Risk • Board commitment & proactive participation • Organisation Points of presence / facilities • BCM Strategy Knowledge Management Crisis communications • BCM policy & Market & competitor risk Emergency Management frameworkOperational Risk Public Relations Health & Safety • Financial Risk Brand Risk Supply Risk Security Quality Roles, Accountability, res ponsibility & Authority • Finance & Resources • Assurance & Insurance • Audit • MIS • Compliance • Change Management Continuity of operations BCP Disaster Recovery DRP CXO Advisor © Client distribution only Adapted from The BCI Org
  • Co-development model Communication Message Level of Ownership Approach Tell You will! Very Low Sell This will be really good! Low Look what you’ll get out of Buy Average this Consult What do you really need? High What should we build Co-Development Very High together?It needs participation and buy-in at all levels with a proper budget…
  • Business Continuity Roles Organisation wide touch points and dependencies Demand Supply Facilitation Facilitate activities Accept / call for facilitation Integration Provide the framework with which Integrate with the framework provided others will integrate Standards Set standards Conform to standards Decide Require others to perform according to Operate autonomously specific criteria• Individual RASCI • Responsible: that is the person who is owner of the problem/project • Accountable: that is the person to whom "R" is Accountable and is the authority who approves to sign off on work before it is effective • Supportive: that is a person who provides resources or plays a supporting role in implementation • Consulted: that is a person who provides information and/or expertise necessary to complete the project • Informed: that is a person who needs to be notified of results but need not necessarily be consulted MarketWorks Advisory © Client distribution only
  • What is business impact analysis (BIA)? BIA is a process designed to prioritize business functions by assessing the potential quantitative (financial) and qualitative (non-financial) impact that may result if an organization was to experience a disruption from a disaster event. A simpler definition, BIA is a survey that shows how soon you need to have something and do something in order to not ruin your reputation, not lose a lot of money, and not go out of business.
  • Business Impact Analysis templateID Business Process Dependency Failure Mode Impact Timeframe Comments Primary Sub Enabling Enablers Hard- System Critical Location Financia Customer MAO Critical Recovery Function Business Function (Applica- ware Unavail- Personnel Unavail- l Impact Services Min/hrs time Time Process (depende tions) able Unavailable able R (Reputation frames Objective Functions ncy) million ) (dates) (RTO) 1-5Key:MAO = Maximum Acceptable Outageimpact:1 = lowest impact; 2 = lower impact;3 = low impact; 4 = high impact5 = highest impact
  • BIA considerations for your organisation / business unit Understand your key risks per function…
  • Recoverability & StrategyID A. Existing Plans ID B. Manual Workarounds ID C. Backups ID D: Off site StorageA1 Existing current plan – B1 Manual workaround – C1 Full backups – every D1 Backup tapes and off-site solution already documented day, fully tested hardcopies removed everyday off siteA2 Existing outdated plan – B2 Manual workaround – not C2 Full backups – D2 Backup tapes and off site solution documented rotational – tested on hardcopies removed off rotation site on a weekly basisA3 Existing current plan – B3 Possible manual C3 Incremental backups D3 Backup tape removed of on campus solution workaround – not yet only – fully tested site, no hardcopies identified removedA4 Existing outdated plan – B4 No possible manual C4 Incremental backups D4 No backups nor on campus solution workaround with rotation – tested hardcopies removed off on rotation site ID Type ID Type ID Type ID Type ID Type ID TypeBCP1 Full BCP’s: BCP2 Full BCP’s BCP3 Contact List BCP4 Use BCP5 Manual BCP6 No Plan Off site on Campus only Existing work- (3rd Party) Off-site arounds Facility
  • How dependent is each function on continuity of operations?
  • What contingent & preventative actions will ensure continuity ofoperartions?
  • QUESTIONScraigt@cxo-advisor.co.za