Webinar - Disaster in Japan: A Lesson in BCM


Published on

Business continuity events will continue to occur and threaten businesses around the globe. Being prepared and knowing how to respond makes the difference between corporate survival and corporate failure. The planning and preparatory work, as well as the associated costs, can seem overwhelming when using conventional tools.

Positive lessons can be learned from Japanese businesses, organizations and communities with solid plans in place that prevented further loss of life and damage. Join us to discuss some of the issues facing the Business Continuity community today:

• Continuity Statistics – What do they show? What do they hide?
• Can we learn lessons from Japan?
• Emerging BCM methodologies – Where is the industry heading?

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Webinar - Disaster in Japan: A Lesson in BCM

  1. 1. Business Continuity Management
  2. 2. PresenterJeremy Kaye, VP GRC Strategy+44 20 7903 5139jeremy.kaye@easy2comply.com Confidential
  3. 3. Housekeeping• The slides for this event will be distributed afterwards• The webinar recording will be archived on easy2comply website• Answer all the polls• Q & A at the end Confidential
  4. 4. DedicationWe dedicate this webinarto all those that lost their life in the Japan earthquake, those thatwere injured, and to those that survivedOur thoughts and wishes are with the Japanese people Confidential
  5. 5. What is easy2comply? easy2comply is a functionally-rich softwaresolution, that enable companies to effectively manage multiple GRC processes on a single platform Confidential
  6. 6. Webinar Focus• Continuity Statistics• Learning From Japan• Methodologies• Easy2comply New Techniques Confidential
  7. 7. Statistics….• 43% of companies experiencing disasters never re-open, and 29% close within two years (McGladrey and Pullen)• A company that experiences a computer outage lasting more than 10 days will never fully recover financially (DRP – Jon Toigo)• 88% of e-commerce is not covered by a DR / BC plan (HP)• 42% of managers do not believe their plans would be effective (HP) Confidential
  8. 8. ….and more statistics • 50% of UK businesses do not have a BC plan • 79% of those that had plans and were forced to use them found a significant reduction in the impact • Fewer than half that had plans actually tested them • Only a quarter of BC managers had a dedicated budget Confidential
  9. 9. Hourly Cost of Downtime Event Per HourBrokerage House / Large e-commerce site $6,400,000Credit Card Sales & Authorization $2,600,000Catalog Sales $90,000Package Shipping & Transportation $28,000UNIX Networks $75,000PC LAN $18,000 Source: Quantum Corporation Confidential
  10. 10. Some questions about TIME…• Consider how each of your critical services could continue during a prolonged power loss. …now think about a loss of power lasting for 24 hours…• Which of your critical services would be jeopardised if your building was evacuated for a week with all access denied?• Which services would be affected if access were denied for a whole month? Confidential
  11. 11. Some questions about DEPENDENCIES… How many staff would be Do you have an alternative needed to continue to cover building or premises in which tocritical tasks and how would you work effectively? Is this sufficient? accommodate them? Can staff work from home? Do you need access to any Do you have sufficient back-services not currently available up for your data, both at your temporary site? electronic and paper? Confidential
  12. 12. Webinar Focus• Continuity Statistics• Learning From Japan• Methodologies• Easy2comply New Techniques Confidential
  13. 13. Japan Aftermath• Multinationals to assume business will be severely disrupted• Supply chain disruption linked to infrastructure, energy, utilities and transportation• Despite history, many companies manage supply chain risk ineffectively• Need understanding of markets they sell to, suppliers they rely on, and critical dependencies• Effective planning can sometimes make all the difference whether a company survives or not Confidential
  14. 14. Disaster Recovery Failures Confidential
  15. 15. Top BCM Challenges• Lack of resources• Difficult to gain senior management support• Obtaining wider buy-in from across company Confidential
  16. 16. Webinar Focus• Continuity Statistics• Learning From Japan• Methodologies• Easy2comply New Techniques Confidential
  17. 17. What is BCM?“Business Continuity Management is a business owned and driven activity that can provide thestrategic and operational framework to review the way your organisation provides its products and services and increase its resilience to disruption, interruption or loss.” Business Continuity Institute Confidential
  18. 18. What is BCM?• Business Continuity Management is a management process…• … that identifies potential impacts that threaten an organisation…• … and provides a framework for building resilience…• … and the capability for an effective response …• … which safeguards the interests of its …• … key stakeholders, reputation, brand and value creating activities. Confidential
  19. 19. Who is BCM relevant to? • Any organisation, large or small, from any sector • High risk environments: finance / telcos / transport / public sector • Where need to continue operating is essential, for organisation, customers and stakeholders Confidential
  20. 20. Why is BCM important?• Business will increase its recovery capabilities dramatically• Make the right decisions quickly, cut downtime and minimise financial losses• Being prepared is key as it gives confidence• Demonstrates duty of care to customers and suppliers• Helps safeguard company reputation Confidential
  21. 21. Business Continuity Levels• RTO Recovery Time Objective• MTPoD Maximum Tolerable Period of Disruption MTPoD > RTO Confidential
  22. 22. Definitions• RTO: Maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other resources or functions• MTPoD: Total amount of time managers are willing to accept for a mission/business process outage or disruption Confidential
  23. 23. BC Levels (Example)BC Level RTO MTPoD 1 48 hours 5 Days 2 24 hours 4 Days 3 8 hours 3 Days 4 4 hours 2 Days 5 2 hours 1 Day Confidential
  24. 24. Working as Total Recovered Recovered Normal Failure Minimum Level Normal Level 100 Desired Process Level 90 80Process Level (%) 70 Desired time 60 target to Maximum acceptable time achieve 50 below minimum minimum level process level Acceptable 40 Minimum Process 30 MTPoD Level 20 RTO 10 0 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 Time Horizon (hrs) Confidential
  25. 25. Webinar Focus• Continuity Statistics• Learning From Japan• Methodologies• Easy2comply New Techniques Confidential
  26. 26. Business Continuity MethodologyBusiness Structure and Location Required Resource Analysis Mapping Process Mapping Scenario Identification Scenario Impact on Resources People Resource Dependency and Locations IT Resource Dependency Building the BCP Plan (Gantt)Business Impact Analysis (BIA) Scenario Testing on ProcessDefine BC Level (RTO / MTPoD) Testing vs. BCP Comparison Confidential
  27. 27. Screenshots Confidential
  28. 28. Screenshots Confidential
  29. 29. Conclusions• Don’t ignore BCP – things happen that are out of our control• Studies show that preparation does help to reduce negative outcomes• Secure management support – you’ll be lost without it• Ensure BC plans are clear and concise• Test, test and test again! Confidential
  30. 30. Q&AJeremy Kaye, VP GRC Strategy+44 20 7903 5139jeremy.kaye@easy2comply.com Confidential
  31. 31. Thank You Visit our website: www.easy2comply.com