SlideShare a Scribd company logo

Bs25999 business continuity implementation

I
iso27001consulting

BS 25999 Implementation general presentation

TechnologyBusinessEconomy & Finance
1 of 11
Download to read offline
INFORMATION PROTECTION AND BUSINESS RESILIENCE Business Continuity Management (BCM) – Bridging the gap
Business Continuity Management Contents • Introduction • Common Issues • How to narrow the “gap” • Key Questions for Leadership • OUR BCM methodology • Roadmap for a BCM implementation • Conclusion © 2010 KPMG Advisory Services B.V., a Netherlands Antilles limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International"), a Swiss entity. All rights reserved. Printed in the Netherlands Antilles. 1
Business Continuity Management Introduction Business continuity management is a business-owned, business-driven process that establishes a fit-for-purpose strategic and operational framework that: • proactively improves an organization's resilience against the disruption of its ability to achieve its key objectives; • provides a rehearsed method of restoring an organization's ability to supply its key products and services to an agreed level within an agreed time after a disruption; and • delivers a proven capability to manage a business disruption and protect the organization's reputation and brand. Source: BS 25999-2 2
Business Continuity Management Common Issues • IT usually operates as a “closed” shop - only administer the systems, applications that support the business activities. • Focus is on recovery of core systems and resources . • Alignment between IT processes and the business processes. IT involvement and understanding of the business is key. • Business Impact Analysis (BIA) - understand exactly what is mission critical. • Some lack of communication between IT and business - don’t speak the same “language”. • “work in progress” – requires board-level involvement - pro-active Risk Management. 4
Business Continuity Management How to narrow the “gap” •An Appropriate Sponsor – Someone who can speak both the language of the business and that of the technician; and can understand the needs and requirements of both. •Best Practice and Standards − BS25999 part 1 - Best practice information (the Code of Practice) − BS25999 part 2 - Specifications of a business continuity management system. − Other standards ….. (e.g. BS25777 – Information & Communications Technology Continuity Management Code of Practice) •Testing and Exercising – Ensure that it is fit for purpose and to highlight any weak areas; – Practice so that everyone understands their role; and – Brings people together. 5
Business Continuity Management Key Questions for Leadership when addressing BCM 1. How critical is information availability to our success? 2. Are capabilities for managing business continuity aligned with organizational strategy? 3. Who are our stakeholders and what is their tolerance for unplanned downtime? 4. Does the risk management program address people, processes, and technology as well as the extended enterprise? 5. Does the business continuity strategy eliminate single points of failure? 6. Should our business continuity strategy be event-driven, or risk-driven and stakeholder-focused? 6
Business Continuity Management BCM Methodology BCM Methodology is based on a continuous improvement cycle used by companies to maturate their Business Continuity Management Program through successive iterations and harmonized with a change management strategy. 7
Business Continuity Management Roadmap for a BCM implementation Phase 1 Phase 2 Phase 3 Phase 4 ASSESS AND GENERAL DESIGN OF BCM MODEL IMPLEMENTATION OF BCM MEASURE AND TESTS BUSINESS UNDESTANDING MODEL Services and processes identification Scope definition (using business criteria) Business Impact Analysis Information gathering and business understanding Scenarios simulation (BS 25999-1:2006 / BCM Measurement BS 25999-2:2007) Risk assessment Gap Analysis Action Plan Desk tests Roll-Out BCM strategies definition Incident management plans Recovery plans Plans for testing BCM general procedures Scorecard / Dashboard COMMUNICATION, AWARENESS AND INSTRUCTION PROJECT MANAGEMENT 8
Business Continuity Management Conclusion • Take a holistic approach – for business continuity management program to be effective. • Avoid to delegate business continuity to the IT department based on the fact that IT has such a central part of many business continuity plans. • Business continuity must be led by the business - the business needs to be able to communicate with the IT department and understand its technical language. “Business continuity is not the responsibility of the IT department It is a company wide effort” 9
“It’s not the strongest of the species that survive, nor the most intelligent, but the ones most responsive to change” Charles Darwin © 2010 KPMG Advisory Services B.V., a Netherlands Antilles limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International"), a Swiss entity. All rights reserved. Printed in the Netherlands Antilles. 10
Contact information For consultancy and implementation of BS 25999 please contact us at: Tel: (+40) 744-917-771 office@iso27001consulting.ro http://www.iso27001consulting.ro 11

Recommended

Business continuity
Business continuityBusiness continuity
Business continuity
Meenu S
 
CBS IM56 March 2011
CBS IM56 March 2011CBS IM56 March 2011
CBS IM56 March 2011
mcschlichter
 
D2 1 200710 Poznan Need2 Know Color 2up
D2 1 200710 Poznan Need2 Know Color 2upD2 1 200710 Poznan Need2 Know Color 2up
D2 1 200710 Poznan Need2 Know Color 2up
brutkowski
 
5.a systematic
5.a systematic5.a systematic
5.a systematic
libfsb
 
Traffic-Light-Tool presentation 2010
Traffic-Light-Tool presentation 2010Traffic-Light-Tool presentation 2010
Traffic-Light-Tool presentation 2010
michir
 
Tqm4ppt Total QualityManagement
Tqm4ppt Total QualityManagementTqm4ppt Total QualityManagement
Tqm4ppt Total QualityManagement
Coomarasamy Chidambaram
 
Benefits tracking gsw
Benefits tracking gswBenefits tracking gsw
Benefits tracking gsw
woznite65
 
Fmea lean 007 0520
Fmea lean 007 0520Fmea lean 007 0520
Fmea lean 007 0520
Ngoc Dep
 

Recommended

Business continuity
Business continuityBusiness continuity
Business continuity
Meenu S
 
CBS IM56 March 2011
CBS IM56 March 2011CBS IM56 March 2011
CBS IM56 March 2011
mcschlichter
 
D2 1 200710 Poznan Need2 Know Color 2up
D2 1 200710 Poznan Need2 Know Color 2upD2 1 200710 Poznan Need2 Know Color 2up
D2 1 200710 Poznan Need2 Know Color 2up
brutkowski
 
5.a systematic
5.a systematic5.a systematic
5.a systematic
libfsb
 
Traffic-Light-Tool presentation 2010
Traffic-Light-Tool presentation 2010Traffic-Light-Tool presentation 2010
Traffic-Light-Tool presentation 2010
michir
 
Tqm4ppt Total QualityManagement
Tqm4ppt Total QualityManagementTqm4ppt Total QualityManagement
Tqm4ppt Total QualityManagement
Coomarasamy Chidambaram
 
Benefits tracking gsw
Benefits tracking gswBenefits tracking gsw
Benefits tracking gsw
woznite65
 
Fmea lean 007 0520
Fmea lean 007 0520Fmea lean 007 0520
Fmea lean 007 0520
Ngoc Dep
 
Scmeu2012 villa productionoptimization
Scmeu2012 villa productionoptimizationScmeu2012 villa productionoptimization
Scmeu2012 villa productionoptimization
Pino Villa
 
Be Solid & Trusted New Change Management (Ncm) En Linked In
Be Solid & Trusted New Change Management (Ncm) En Linked InBe Solid & Trusted New Change Management (Ncm) En Linked In
Be Solid & Trusted New Change Management (Ncm) En Linked In
fsw13169
 
Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007
kesavneupane
 
RBC Portfolio Slides English
RBC Portfolio Slides EnglishRBC Portfolio Slides English
RBC Portfolio Slides English
Rudolf Bartels
 
Case Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeCase Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise Change
Vincent Kwon
 
Alchemus pcms ver1
Alchemus pcms ver1Alchemus pcms ver1
Alchemus pcms ver1
alchemussales
 
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
QAI
 
Order Fallout Management Telecom Framework
Order Fallout Management Telecom FrameworkOrder Fallout Management Telecom Framework
Order Fallout Management Telecom Framework
Infosys
 
Understanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good PracticesUnderstanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good Practices
Enterprise Security Risk Management
 
B sc dari kun m
B sc dari kun mB sc dari kun m
B sc dari kun m
Muhammad Gunawan
 
Sumtotal Performance Management Software
Sumtotal Performance Management SoftwareSumtotal Performance Management Software
Sumtotal Performance Management Software
SumTotal
 
general project management
general project management general project management
general project management
yasmine19
 
Veracitiz
VeracitizVeracitiz
Veracitiz
Mahesh1585
 
7 sw-project and-process_measurement_0907_ebert
7 sw-project and-process_measurement_0907_ebert7 sw-project and-process_measurement_0907_ebert
7 sw-project and-process_measurement_0907_ebert
giaptruta
 
A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...
CONFENIS 2012
 
Bearing Poin Retail Staff Optimization
Bearing Poin Retail Staff OptimizationBearing Poin Retail Staff Optimization
Bearing Poin Retail Staff Optimization
Jari Laine
 
Savi chapter10
Savi chapter10Savi chapter10
Savi chapter10
Mohamed Abada
 
Poster eatis final eng
Poster eatis final engPoster eatis final eng
Poster eatis final eng
luke9999
 
2 effra roadmap-decubber
2 effra roadmap-decubber2 effra roadmap-decubber
2 effra roadmap-decubber
Digital Business Innovation Community
 
How To Get Results From Maintenance Systems
How To Get Results From Maintenance SystemsHow To Get Results From Maintenance Systems
How To Get Results From Maintenance Systems
Bjarni Ellert Ísleifsson
 
Technical Briefing: Business Impact Analysis: understanding what is required ...
Technical Briefing: Business Impact Analysis: understanding what is required ...Technical Briefing: Business Impact Analysis: understanding what is required ...
Technical Briefing: Business Impact Analysis: understanding what is required ...
BSI British Standards Institution
 
Business Continuity.Bs25999
Business Continuity.Bs25999Business Continuity.Bs25999
Business Continuity.Bs25999
Enterprise Security Risk Management
 

More Related Content

What's hot

Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007
kesavneupane
 
RBC Portfolio Slides English
RBC Portfolio Slides EnglishRBC Portfolio Slides English
RBC Portfolio Slides English
Rudolf Bartels
 
Understanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good PracticesUnderstanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good Practices
Enterprise Security Risk Management
 
general project management
general project management general project management
general project management
yasmine19
 

What's hot (20)

Scmeu2012 villa productionoptimization
Scmeu2012 villa productionoptimizationScmeu2012 villa productionoptimization
Scmeu2012 villa productionoptimization
 
Be Solid & Trusted New Change Management (Ncm) En Linked In
Be Solid & Trusted New Change Management (Ncm) En Linked InBe Solid & Trusted New Change Management (Ncm) En Linked In
Be Solid & Trusted New Change Management (Ncm) En Linked In
 
Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007Performance%20 management %20london%20met%202007
Performance%20 management %20london%20met%202007
 
RBC Portfolio Slides English
RBC Portfolio Slides EnglishRBC Portfolio Slides English
RBC Portfolio Slides English
 
Case Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeCase Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise Change
 
Alchemus pcms ver1
Alchemus pcms ver1Alchemus pcms ver1
Alchemus pcms ver1
 
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
 
Order Fallout Management Telecom Framework
Order Fallout Management Telecom FrameworkOrder Fallout Management Telecom Framework
Order Fallout Management Telecom Framework
 
Understanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good PracticesUnderstanding The Business Continuity Management Expectations And Good Practices
Understanding The Business Continuity Management Expectations And Good Practices
 
B sc dari kun m
B sc dari kun mB sc dari kun m
B sc dari kun m
 
Sumtotal Performance Management Software
Sumtotal Performance Management SoftwareSumtotal Performance Management Software
Sumtotal Performance Management Software
 
general project management
general project management general project management
general project management
 
Veracitiz
VeracitizVeracitiz
Veracitiz
 
7 sw-project and-process_measurement_0907_ebert
7 sw-project and-process_measurement_0907_ebert7 sw-project and-process_measurement_0907_ebert
7 sw-project and-process_measurement_0907_ebert
 
A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...
 
Bearing Poin Retail Staff Optimization
Bearing Poin Retail Staff OptimizationBearing Poin Retail Staff Optimization
Bearing Poin Retail Staff Optimization
 
Savi chapter10
Savi chapter10Savi chapter10
Savi chapter10
 
Poster eatis final eng
Poster eatis final engPoster eatis final eng
Poster eatis final eng
 
2 effra roadmap-decubber
2 effra roadmap-decubber2 effra roadmap-decubber
2 effra roadmap-decubber
 
How To Get Results From Maintenance Systems
How To Get Results From Maintenance SystemsHow To Get Results From Maintenance Systems
How To Get Results From Maintenance Systems
 

Viewers also liked

Viewers also liked (7)

Technical Briefing: Business Impact Analysis: understanding what is required ...
Technical Briefing: Business Impact Analysis: understanding what is required ...Technical Briefing: Business Impact Analysis: understanding what is required ...
Technical Briefing: Business Impact Analysis: understanding what is required ...
 
Business Continuity.Bs25999
Business Continuity.Bs25999Business Continuity.Bs25999
Business Continuity.Bs25999
 
Partners in Technology (PiT) - SME Perspective - Bay Technologies - 21 July 2015
Partners in Technology (PiT) - SME Perspective - Bay Technologies - 21 July 2015Partners in Technology (PiT) - SME Perspective - Bay Technologies - 21 July 2015
Partners in Technology (PiT) - SME Perspective - Bay Technologies - 21 July 2015
 
Partners in Technology (PiT) - Innovations in Council Service Delivery - 27 M...
Partners in Technology (PiT) - Innovations in Council Service Delivery - 27 M...Partners in Technology (PiT) - Innovations in Council Service Delivery - 27 M...
Partners in Technology (PiT) - Innovations in Council Service Delivery - 27 M...
 
Partners in Technology (PiT) - A Qeensland SME perspective - Solute Consultin...
Partners in Technology (PiT) - A Qeensland SME perspective - Solute Consultin...Partners in Technology (PiT) - A Qeensland SME perspective - Solute Consultin...
Partners in Technology (PiT) - A Qeensland SME perspective - Solute Consultin...
 
Business Impact Analysis - Clause 4 Of BS25999 In Practice
Business Impact Analysis - Clause 4 Of BS25999 In PracticeBusiness Impact Analysis - Clause 4 Of BS25999 In Practice
Business Impact Analysis - Clause 4 Of BS25999 In Practice
 
Building a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprintBuilding a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprint
 

Similar to Bs25999 business continuity implementation

Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula GomesBalanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
Paula Gomes
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setup
gainline
 
27ian2011 silensec
27ian2011 silensec27ian2011 silensec
27ian2011 silensec
Agora Group
 
Business Driven Architecture for Strategic Transformation
Business Driven Architecture for Strategic TransformationBusiness Driven Architecture for Strategic Transformation
Business Driven Architecture for Strategic Transformation
David Baker
 
Six sigma as foundation to cmmi
Six sigma as foundation to cmmiSix sigma as foundation to cmmi
Six sigma as foundation to cmmi
Kobi Vider
 

Similar to Bs25999 business continuity implementation (20)

Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula GomesBalanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
Balanced Scorecard for CMMI Implementations - Eduardo Espinheira e Paula Gomes
 
QFH Consulting Capabilities
QFH Consulting CapabilitiesQFH Consulting Capabilities
QFH Consulting Capabilities
 
Killing the Myth: Agile & CMMI
Killing the Myth: Agile & CMMIKilling the Myth: Agile & CMMI
Killing the Myth: Agile & CMMI
 
Removing silos
Removing silosRemoving silos
Removing silos
 
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setup
 
27ian2011 silensec
27ian2011 silensec27ian2011 silensec
27ian2011 silensec
 
Scopi qpr presentation-e-v8 7
Scopi qpr presentation-e-v8 7Scopi qpr presentation-e-v8 7
Scopi qpr presentation-e-v8 7
 
2 nunoseixas-2confcmmiportual
2 nunoseixas-2confcmmiportual2 nunoseixas-2confcmmiportual
2 nunoseixas-2confcmmiportual
 
2012 05 16 Marketing Efficiency Presentation Uk
2012 05 16 Marketing Efficiency Presentation Uk2012 05 16 Marketing Efficiency Presentation Uk
2012 05 16 Marketing Efficiency Presentation Uk
 
Business Driven Architecture for Strategic Transformation
Business Driven Architecture for Strategic TransformationBusiness Driven Architecture for Strategic Transformation
Business Driven Architecture for Strategic Transformation
 
Six sigma as foundation to cmmi
Six sigma as foundation to cmmiSix sigma as foundation to cmmi
Six sigma as foundation to cmmi
 
Business Process Management Training 1
Business Process Management Training 1Business Process Management Training 1
Business Process Management Training 1
 
CMI Conference - Change or Die
CMI Conference - Change or DieCMI Conference - Change or Die
CMI Conference - Change or Die
 
Managing and Implementing a National BCM Programme: A World's First
Managing and Implementing a National BCM Programme: A World's FirstManaging and Implementing a National BCM Programme: A World's First
Managing and Implementing a National BCM Programme: A World's First
 
News iso
News isoNews iso
News iso
 
Sales & marketing efficiency
Sales & marketing efficiencySales & marketing efficiency
Sales & marketing efficiency
 
Process Documentation
Process DocumentationProcess Documentation
Process Documentation
 
Balanced Scorecard and its relationship to UMM
Balanced Scorecard and its relationship to UMMBalanced Scorecard and its relationship to UMM
Balanced Scorecard and its relationship to UMM
 
IBM Rational Software Conference 2009 Day 1 Keynote: Jamie Thomas
IBM Rational Software Conference 2009 Day 1 Keynote: Jamie ThomasIBM Rational Software Conference 2009 Day 1 Keynote: Jamie Thomas
IBM Rational Software Conference 2009 Day 1 Keynote: Jamie Thomas
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Bs25999 business continuity implementation

  • 1. INFORMATION PROTECTION AND BUSINESS RESILIENCE Business Continuity Management (BCM) – Bridging the gap
  • 2. Business Continuity Management Contents • Introduction • Common Issues • How to narrow the “gap” • Key Questions for Leadership • OUR BCM methodology • Roadmap for a BCM implementation • Conclusion © 2010 KPMG Advisory Services B.V., a Netherlands Antilles limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International"), a Swiss entity. All rights reserved. Printed in the Netherlands Antilles. 1
  • 3. Business Continuity Management Introduction Business continuity management is a business-owned, business-driven process that establishes a fit-for-purpose strategic and operational framework that: • proactively improves an organization's resilience against the disruption of its ability to achieve its key objectives; • provides a rehearsed method of restoring an organization's ability to supply its key products and services to an agreed level within an agreed time after a disruption; and • delivers a proven capability to manage a business disruption and protect the organization's reputation and brand. Source: BS 25999-2 2
  • 4. Business Continuity Management Common Issues • IT usually operates as a “closed” shop - only administer the systems, applications that support the business activities. • Focus is on recovery of core systems and resources . • Alignment between IT processes and the business processes. IT involvement and understanding of the business is key. • Business Impact Analysis (BIA) - understand exactly what is mission critical. • Some lack of communication between IT and business - don’t speak the same “language”. • “work in progress” – requires board-level involvement - pro-active Risk Management. 4
  • 5. Business Continuity Management How to narrow the “gap” •An Appropriate Sponsor – Someone who can speak both the language of the business and that of the technician; and can understand the needs and requirements of both. •Best Practice and Standards − BS25999 part 1 - Best practice information (the Code of Practice) − BS25999 part 2 - Specifications of a business continuity management system. − Other standards ….. (e.g. BS25777 – Information & Communications Technology Continuity Management Code of Practice) •Testing and Exercising – Ensure that it is fit for purpose and to highlight any weak areas; – Practice so that everyone understands their role; and – Brings people together. 5
  • 6. Business Continuity Management Key Questions for Leadership when addressing BCM 1. How critical is information availability to our success? 2. Are capabilities for managing business continuity aligned with organizational strategy? 3. Who are our stakeholders and what is their tolerance for unplanned downtime? 4. Does the risk management program address people, processes, and technology as well as the extended enterprise? 5. Does the business continuity strategy eliminate single points of failure? 6. Should our business continuity strategy be event-driven, or risk-driven and stakeholder-focused? 6
  • 7. Business Continuity Management BCM Methodology BCM Methodology is based on a continuous improvement cycle used by companies to maturate their Business Continuity Management Program through successive iterations and harmonized with a change management strategy. 7
  • 8. Business Continuity Management Roadmap for a BCM implementation Phase 1 Phase 2 Phase 3 Phase 4 ASSESS AND GENERAL DESIGN OF BCM MODEL IMPLEMENTATION OF BCM MEASURE AND TESTS BUSINESS UNDESTANDING MODEL Services and processes identification Scope definition (using business criteria) Business Impact Analysis Information gathering and business understanding Scenarios simulation (BS 25999-1:2006 / BCM Measurement BS 25999-2:2007) Risk assessment Gap Analysis Action Plan Desk tests Roll-Out BCM strategies definition Incident management plans Recovery plans Plans for testing BCM general procedures Scorecard / Dashboard COMMUNICATION, AWARENESS AND INSTRUCTION PROJECT MANAGEMENT 8
  • 9. Business Continuity Management Conclusion • Take a holistic approach – for business continuity management program to be effective. • Avoid to delegate business continuity to the IT department based on the fact that IT has such a central part of many business continuity plans. • Business continuity must be led by the business - the business needs to be able to communicate with the IT department and understand its technical language. “Business continuity is not the responsibility of the IT department It is a company wide effort” 9
  • 10. “It’s not the strongest of the species that survive, nor the most intelligent, but the ones most responsive to change” Charles Darwin © 2010 KPMG Advisory Services B.V., a Netherlands Antilles limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International"), a Swiss entity. All rights reserved. Printed in the Netherlands Antilles. 10
  • 11. Contact information For consultancy and implementation of BS 25999 please contact us at: Tel: (+40) 744-917-771 office@iso27001consulting.ro http://www.iso27001consulting.ro 11