Merit Event - Preventing Business Disaster


Published on

The fear caused by global terrorism has made many organisations more closely examine their Disaster Recovery and Business Continuity plans.

Of course factors far more ordinary than terrorism can cause major disruption to an organisations’ ability to operate (e.g. theft, fire, flood, fraud, etc.).

Although many organisations have contingency plans in place, many more have given little consideration to this possibility.

Those that have made some provision may have done so without undertaking a full risk assessment and this could result in their plans being ineffective in the case they need to implement them.

A key function within any business these days is the IT systems and it is important that any continuity plan considers this area of activity.

To assist organisations to better understand what steps they can take to plan for, and mitigate the impact of, issues which may effect their organisation’s IT and eBusiness systems we have invited a number of expert speakers to present at this event.

The seminar will include:

• An introduction to Disaster Recovery and Continuity Planning.
An overview of what is meant by the terminology as it applies to business in general before focusing on IT and eBusiness related issues.
• Identifying the risk and developing a plan
Practical guidance and examples on how you can identify the potential risk to the IT systems within your businesses. This review will also explain what steps you can take to minimise this risk potential impact caused by any failure or disruption to the systems.
• Server Clustering, Consolidation and Mirroring
A brief introduction to this technology which can be implemented as part of a plan to prevent disruption of service.
• Exhibition
To supplement the speakers at this event we have also invited a number of exhibitors who have product offering which could form part of a continuity plan. These include, amongst others: offsite storage & data backup providers, consultancy services, technical solution providers and anti-virus software specialist.

Published in: Business, Economy & Finance
1 Comment
  • Thanks for sharing the valuable information. Recently i added one more slide about adobe photo shop feel free to check this slide.
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Merit Event - Preventing Business Disaster

  1. 1. Business Continuity Management Peter Case-Upton School of Business Information [email_address]
  2. 2. Background to BCM Risk Analysis The BCM Process Business Continuity Management The Plan
  3. 3. Business Continuity Management <ul><li>Business continuity - what is it? </li></ul><ul><li>Planning for potential disasters which could effect the normal operation of the business </li></ul><ul><li>Why Bother? </li></ul><ul><ul><li>Minimising the cost impact </li></ul></ul><ul><ul><li>Reducing regulatory/statutory effects </li></ul></ul><ul><ul><li>Preserving image/credibility </li></ul></ul><ul><ul><li>Demonstrate leadership </li></ul></ul>
  4. 4. The Origins <ul><li>BCM came from an IT systems background </li></ul><ul><li>Typical exponents of BCM were:- </li></ul><ul><ul><li>IBM, DEC, HP, ICL, etc </li></ul></ul><ul><ul><li>Banks, commercial, industrial, etc </li></ul></ul><ul><li>Found to rely on business processes </li></ul><ul><li>Companies have learned the hard way via their own disasters </li></ul>
  5. 5. Types of Risk and Threat <ul><li>Denial of access </li></ul><ul><li>Chemical spillages </li></ul><ul><li>Fire, bombs, terrorist attacks </li></ul><ul><li>Sickness/epidemic </li></ul><ul><li>Natural disasters </li></ul><ul><li>Threats from the skies (Accident/Intentional) </li></ul>
  6. 6. Examples <ul><li>World Trade Centre Sept 11 & 1992 </li></ul><ul><li>Manchester Bomb </li></ul><ul><li>Docklands </li></ul><ul><li>Etc </li></ul>
  7. 7. The Manchester Bomb 1000 kg Lorry bomb 200 people injured
  8. 8. Some Facts - Business Disasters <ul><li>80% of UK businesses have no plan </li></ul><ul><ul><li>The ‘It won’t happen to me syndrome!’ </li></ul></ul><ul><li>68% of businesses who experience a disaster and don’t have a plan - go out of business within 2 years </li></ul><ul><li>One in five organisations will suffer a major IT disaster in five years </li></ul>
  9. 9. Disaster Recovery Supply Chain Management Quality Management Heath and Safety Knowledge Management IT & Security Emergency Management Business Continuity Management A Wide Ranging Subject Area Risk Management Crisis Management and PR Facilities Management
  10. 10. Business Continuity Life Cycle Understand the Business Develop and Implement a BCM Response Develop Business Continuity Strategies Build and Embed a BCM Culture Exercise, Maintenance and Audit Programme Management 1 5 2 3 4 6 BCM
  11. 11. The Major Events in BCM Risk Analysis Review and Business Impact Analysis Disaster Management Fallback Provision Recovery Management Salvage Provision Test the plan
  12. 12. Implementation <ul><li>Involvement - must have corporate commitment at board level </li></ul><ul><li>Use a structured approach </li></ul><ul><li>Set up a steering group </li></ul><ul><li>Arrange working groups </li></ul><ul><li>Provide awareness training for groups </li></ul><ul><li>Include budget for BCM </li></ul><ul><li>Add contingency item to budget (5%?) </li></ul>
  13. 13. Typical Company Structure
  14. 14. Typical Company Structure Steering Group
  15. 15. Typical Company Structure Working Group 2
  16. 16. Risk Assessment <ul><li>Risk Identification </li></ul><ul><ul><li>What is the risk? </li></ul></ul><ul><li>Risk Assessment </li></ul><ul><ul><li>What level of risk exists? </li></ul></ul><ul><li>Risk Management </li></ul><ul><ul><li>What are the priorities of all risks? </li></ul></ul><ul><li>Risk Reduction </li></ul><ul><ul><li>How can the risks be reduced? </li></ul></ul>
  17. 17. Risk The Zaphod Beeblebrox Approach “ Zaphod put on the glasses. They were a double pair of Joo Janta 200 Superchromatic Peril-Sensitive Sunglasses , which had been specifically designed to help people develop a relaxed attitude to danger. At the first hint of trouble they turn totally black and thus prevent you from seeing anything that might harm you” From Adams ‘The Restaurant at the end of the universe’
  18. 18. How Can Risk be Measured <ul><li>Using probability (range of 0.0 to 1.0) </li></ul><ul><li>Once in every x years, e.g. 1 in 20 year storm </li></ul><ul><li>Odds (2/1, 10/1) </li></ul><ul><li>Occurrence (event per ‘000 people) </li></ul><ul><li>Percentage (10%, 50%) </li></ul><ul><li>High/ Medium/Low Risk Rating </li></ul>
  19. 19. High, Medium and Low Risk Items Consequence Likelihood
  20. 20. Risk Control Techniques <ul><li>Risk Avoidance - To eliminate uncertainty </li></ul><ul><li>Transfer - Move ownership </li></ul><ul><li>Reduction - Down grade risk level </li></ul><ul><li>Absorption - Accept responsibility </li></ul>
  21. 21. Business Impact Overview <ul><li>A departmental specific document which defines:- </li></ul><ul><ul><li>The Risk Analysis </li></ul></ul><ul><ul><li>Organisational structures/numbers </li></ul></ul><ul><ul><li>IT requirements </li></ul></ul><ul><ul><li>Business Procedures </li></ul></ul><ul><ul><li>Rationale for criticality </li></ul></ul><ul><ul><li>Effect of disasters </li></ul></ul><ul><li>How could levels of service be maintained </li></ul>
  22. 22. The Disaster Phase - Day One <ul><li>Assess the type and extent of disaster </li></ul><ul><li>Invoke multi-level disaster management teams and initiate plans </li></ul><ul><li>Communicate with - staff, media, other sites </li></ul><ul><li>Mobilise contingency resource </li></ul><ul><li>Inform salvage/insurance people </li></ul><ul><li>Don't change the method of working </li></ul>
  23. 23. The Fallback Phase - Day 1+ <ul><li>Try and use the plans </li></ul><ul><li>Move to alternative locations </li></ul><ul><li>Prioritise high criticality processes first </li></ul><ul><li>Communicate with others </li></ul><ul><li>Use replacement IT systems + data backups </li></ul><ul><li>Alternative communications provision </li></ul><ul><li>Prepare for recovery </li></ul>
  24. 24. Recovery Management <ul><li>Getting back to normal operation </li></ul><ul><li>Phased return to the provision of full service </li></ul><ul><li>Consider environmental aspects </li></ul><ul><li>re-establish communications links </li></ul><ul><li>Communicate with others </li></ul><ul><li>Counselling </li></ul><ul><li>Test the plan - learn from experience </li></ul>
  25. 25. Background to BCM Risk Analysis The BCM Process Business Continuity Management Summary