SlideShare a Scribd company logo

Effective Mitigation Strategies for ISO 31000

PECB
PECB

This webinar demonstrates strategies to build effective risk mitigation and how to apply risk mitigation strategies in organizations. Mitigation is the effort to reduce loss of life and property by lessening the impact of disasters. In order for mitigation to be effective, we need to take action now—before the next disaster—to reduce human and financial consequences later by analyzing risk, reducing risk, and insuring against risk. Effective mitigation requires that we all understand local risks, address the hard choices, and invest in long-term community well-being. Main points covered: • Practical Use of ISO 31000 • How to Build Effective Risk Mitigation Strategies • Applying Risk Mitigation Strategies in Your Organization Presenter: This webinar was presented by Henry Ee. He is the Managing Director at BCP ASIA, Regional Director for Asia at BCI, and has more than 20 years of experience in Business Continuity, IT-Disaster Recovery & Crisis Management. Link of the recorded session published on YouTube: https://youtu.be/jIN0Yv4y0ZI

Education
1 of 24
1© Copyright 2016 Business Continuity Planning Asia Pte Ltd© Copyright 2016 Business Continuity Planning Asia Pte Ltd 5 May 2016 For ISO31000 Effective Mitigation Strategies Presented By: Henry Ee, FBCI CBCP
2© Copyright 2016 Business Continuity Planning Asia Pte Ltd Henry Ee Regional Director for Asia at BCI Mr. Henry Ee is Regional Director for Asia at BCI and has more than 20 years of experience in Business Continuity, IT-Disaster Recovery & Crisis Management. (65) 63252080 henry@bcpasia.com www.bcpasia.com https://sg.linkedin.com/in/henryee www.twitter.com/henryee www.facebook.com/henry.ee2
3© Copyright 2016 Business Continuity Planning Asia Pte Ltd Founded in Year 2000 First consulting company to achieve certification in ISO 22301 The market leader in business continuity industry in Asia CONSULTANCY TRAINING INTERNAL AUDIT SOFTWARE
4© Copyright 2016 Business Continuity Planning Asia Pte Ltd Founder, Managing Director & Trainer • Certified:  BCM Professional: FBCI (BCI)  BCM Professional: CBCP (DRII)  Certified Management Consultant (PMC)  ACTA certified Trainer by WDA  Certified ISO 22301 Lead Auditor (BCI/ICOR/ANSI)  ISO22301 Lead Implementer, PECB • 20 years of experience in Business Continuity, IT-Disaster Recovery & Crisis Management. He is appointed President of BCI Asia Chapter and a Board Member of RIMAS (Singapore) • Undertaken over 300 BCM Projects across APAC and has guided and trained over 5000 professionals Henry Ee FBCI, CBCP
5© Copyright 2016 Business Continuity Planning Asia Pte Ltd Philippines Singapore Singapore Thailand China
6© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Practical Use of
7© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Risk Management Emergency Management Business Continuity Management Crisis Management (IT) Disaster Recovery ISO31000 Relating to Other Disciplines
8© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Risk Management Process
9© Copyright 2016 Business Continuity Planning Asia Pte Ltd Know Your Risk Appetite to Establish Context Risk appetite can be defined as the amount and type of risk that an organisation is willing to take in order to meet their strategic objectives.
10© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Classification During Risk Identification When formulating risk mitigation strategies later, it is better to evaluate the risks based on their groups to determine most cost-effective strategies that can be applied to each group. Policies Processes People Infrastructure Others When identify threats, you can group or classify each threat under various Risk Categories depending on the impact they cause.
11© Copyright 2016 Business Continuity Planning Asia Pte Ltd Analyse Your Risk According to Risk Appetite Impact (I) 1 Negligible 2 Low 3 Moderate 4 Significant 5 Catastrophic Probability (P) 1 Unlikely 2 Low Likelihood 3 Likely 4 High Likelihood 5 Inevitable Risk = P X I How do you determine that a threat is “Unlikely” to happen? What contributes to a “Catastrophic” impact?
12© Copyright 2016 Business Continuity Planning Asia Pte Ltd 1 2 3 4 5 1 2 3 4 5 Probability Impact R02 R31 R07 R12 R27 R05 R15 R09 R04 R10 R28 R23 R21 R11 R20 R01 R30 R06 R19 R14 ID High Risk Threats R16 High / Mass Staff Resignation / Turnover / Absenteeism R32 Over Reliance on Single Customer R22 Technology - Software / System Failure R27 Environmental Risk - Fire / Explosions R05 Loss of Samples / Records / Proposals / Contracts / Project Data etc. R14 Shortage of Critical Skill Set or Knowledge R15 Loss of Key Appointment Holders R03 R25 R17 R29 R24 R32 R22 R16 Medium Low HighMedium High Low Risk Matrix to Reflect Your Risk Appetite
13© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Mitigation Strategies Building Effective
14© Copyright 2016 Business Continuity Planning Asia Pte Ltd Evaluate Key Consequences of Your Top Risks Loss of Premises Loss of Staff Loss of Equipment Disruption of Process Possible Consequences This would lead you to the planning of effective strategies to mitigate the top risks of your organization by identifying the various consequences. Evaluating the top risks can also help the organization to prepare any special respond plans required.
15© Copyright 2016 Business Continuity Planning Asia Pte Ltd One of the practical mitigation strategy is to integrate the Implementation of Risk Strategy with ISO22301 – Business Continuity Management System
16© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO22301 Societal security – Business continuity management systems Requirements for audit Published by ISO on 15 May 2012 Accepted worldwide Used for certification
17© Copyright 2016 Business Continuity Planning Asia Pte Ltd BCM Elements as Defined in ISO22301 Operational Planning and Control Business Impact Analysis and Risk Assessment Exercising and Testing Establish and Implement Business Continuity Procedures Business Continuity Strategy
18© Copyright 2016 Business Continuity Planning Asia Pte Ltd Using ISO31000 in ISO22301 Operational Planning and Control Business Impact Analysis and Risk Assessment Exercising and Testing Establish and Implement Business Continuity Procedures Business Continuity Strategy ISO31000 Risk Management Process
19© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Mitigation Strategies Applying In Your Organization
20© Copyright 2016 Business Continuity Planning Asia Pte Ltd What’s Your Preferred Approach? What are the pros and cons of a top-down vs bottom-up approach? Find one that fit your organization culture the best.
21© Copyright 2016 Business Continuity Planning Asia Pte Ltd Are You Already Using an ERM Software Tool? • To collate information quickly from different sites or locations • To centrally track the mitigation strategies
22© Copyright 2016 Business Continuity Planning Asia Pte Ltd Visit www.bcpasia.com
23© Copyright 2016 Business Continuity Planning Asia Pte Ltd ? QUESTIONS THANK YOU (65) 63252080 henry@bcpasia.com www.bcpasia.com https://sg.linkedin.com/in/henryee www.twitter.com/henryee www.facebook.com/henry.ee2
24© Copyright 2016 Business Continuity Planning Asia Pte Ltd Scan Me! BUSINESS CONTINUITY PLANNING ASIA PTE LTD 1 Commonwealth Lane #08-27 One Commonwealth Singapore 149544  Mainline: (65) 63252080 Help Desk: (65) 66594480 * enquiry@bcpasia.com 8 www.bcpasia.com

Recommended

Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Dipankar Ghosh
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop Final
Bill Lisse
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity Capability
Rod Davis
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)
Goutama Bachtiar
 
ISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and ImplementationISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and Implementation
Alvin Integrated Services [AIS]
 
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
PECB
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
alanlund
 

Recommended

Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Dipankar Ghosh
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop Final
Bill Lisse
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity Capability
Rod Davis
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)
Goutama Bachtiar
 
ISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and ImplementationISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and Implementation
Alvin Integrated Services [AIS]
 
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
PECB
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
alanlund
 
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
Instansi
 
business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929
Andy Willams
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
PECB
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
Aronson LLC
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best Practice
MissionMode
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...
Mart Rovers
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
Danang suryo Wardhono
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
HR Globe Consulting
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler, MBA CPA
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
humanus2
 
Business Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBusiness Continuity Planning Presentation Overview
Business Continuity Planning Presentation Overview
Bob Winkler
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
JIGNESH PADIA
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Business Continuity - Business Risk & Management
Business Continuity - Business Risk & ManagementBusiness Continuity - Business Risk & Management
Business Continuity - Business Risk & Management
Andrew Styles
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity Management
ECC International
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation Slides
SlideTeam
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoV
Frederic Girardeau-Montaut
 
Compiling an internal audit universe
Compiling an internal audit universeCompiling an internal audit universe
Compiling an internal audit universe
David Griffiths
 
Bow Tie methodology for Operational Safety & Risk Management
Bow Tie methodology for Operational Safety & Risk ManagementBow Tie methodology for Operational Safety & Risk Management
Bow Tie methodology for Operational Safety & Risk Management
ArthurGroot
 
Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
Seven Tips to Raise the Awareness of ISO 22301 in Your Organization Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
PECB
 
Key success factors for your BCM programme
Key success factors for your BCM programme Key success factors for your BCM programme
Key success factors for your BCM programme
PECB
 

More Related Content

What's hot

business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929
Andy Willams
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
PECB
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
HR Globe Consulting
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler, MBA CPA
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity Management
ECC International
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation Slides
SlideTeam
 

What's hot (20)

ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
 
business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929
 
PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005PECB Webinar: Risk Treatment according to ISO 27005
PECB Webinar: Risk Treatment according to ISO 27005
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best Practice
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
 
Business Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBusiness Continuity Planning Presentation Overview
Business Continuity Planning Presentation Overview
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
 
Business Continuity - Business Risk & Management
Business Continuity - Business Risk & ManagementBusiness Continuity - Business Risk & Management
Business Continuity - Business Risk & Management
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity Management
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation Slides
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoV
 
Compiling an internal audit universe
Compiling an internal audit universeCompiling an internal audit universe
Compiling an internal audit universe
 
Bow Tie methodology for Operational Safety & Risk Management
Bow Tie methodology for Operational Safety & Risk ManagementBow Tie methodology for Operational Safety & Risk Management
Bow Tie methodology for Operational Safety & Risk Management
 

Similar to Effective Mitigation Strategies for ISO 31000

Enterprise Risk Management 2014
Enterprise Risk Management 2014Enterprise Risk Management 2014
Enterprise Risk Management 2014
Ali Zeeshan
 
Mitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentMitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational Alignment
Paige Pulaski
 
Early Talent Development Whitepaper by Kwantum Leap
Early Talent Development Whitepaper by Kwantum LeapEarly Talent Development Whitepaper by Kwantum Leap
Early Talent Development Whitepaper by Kwantum Leap
Matthew Jurado
 
Five lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & ermFive lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & erm
Dr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA Paradigm
Tim Leech
 
Financial Eye Brochure
Financial Eye BrochureFinancial Eye Brochure
Financial Eye Brochure
Nigel Wilson
 

Similar to Effective Mitigation Strategies for ISO 31000 (20)

Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
Seven Tips to Raise the Awareness of ISO 22301 in Your Organization Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
Seven Tips to Raise the Awareness of ISO 22301 in Your Organization
 
Key success factors for your BCM programme
Key success factors for your BCM programme Key success factors for your BCM programme
Key success factors for your BCM programme
 
Relating risk measurements to strategy management
Relating risk measurements to strategy managementRelating risk measurements to strategy management
Relating risk measurements to strategy management
 
Company Profile SIM1 rev-2.pdf
Company Profile SIM1 rev-2.pdfCompany Profile SIM1 rev-2.pdf
Company Profile SIM1 rev-2.pdf
 
Enterprise Risk Management 2014
Enterprise Risk Management 2014Enterprise Risk Management 2014
Enterprise Risk Management 2014
 
When Things Go Seriously Wrong!
When Things Go Seriously Wrong!When Things Go Seriously Wrong!
When Things Go Seriously Wrong!
 
Mitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentMitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational Alignment
 
Assessing Your Supply Risk Maturity to Enhance Overall Performance
Assessing Your Supply Risk Maturity to Enhance Overall PerformanceAssessing Your Supply Risk Maturity to Enhance Overall Performance
Assessing Your Supply Risk Maturity to Enhance Overall Performance
 
Early Talent Development Whitepaper by Kwantum Leap
Early Talent Development Whitepaper by Kwantum LeapEarly Talent Development Whitepaper by Kwantum Leap
Early Talent Development Whitepaper by Kwantum Leap
 
Business analyst eyeball to eyeball
Business analyst eyeball to eyeballBusiness analyst eyeball to eyeball
Business analyst eyeball to eyeball
 
Are You Selling Safety? Anyone Buying? November 2009
Are You Selling Safety? Anyone Buying? November 2009Are You Selling Safety? Anyone Buying? November 2009
Are You Selling Safety? Anyone Buying? November 2009
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi
 
Final purchasing and materials management ppt
Final purchasing and materials management pptFinal purchasing and materials management ppt
Final purchasing and materials management ppt
 
Change Management Value Proposition
Change Management Value PropositionChange Management Value Proposition
Change Management Value Proposition
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
 
Business Valuation Tips and Traps
Business Valuation Tips and TrapsBusiness Valuation Tips and Traps
Business Valuation Tips and Traps
 
Five lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & ermFive lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & erm
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA Paradigm
 
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENTBUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
 
Financial Eye Brochure
Financial Eye BrochureFinancial Eye Brochure
Financial Eye Brochure
 

More from PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
PECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
PECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
PECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
PECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
PECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
PECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 

More from PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Recently uploaded

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
ssuserdda66b
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 

Recently uploaded (20)

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 

Effective Mitigation Strategies for ISO 31000

  • 1. 1© Copyright 2016 Business Continuity Planning Asia Pte Ltd© Copyright 2016 Business Continuity Planning Asia Pte Ltd 5 May 2016 For ISO31000 Effective Mitigation Strategies Presented By: Henry Ee, FBCI CBCP
  • 2. 2© Copyright 2016 Business Continuity Planning Asia Pte Ltd Henry Ee Regional Director for Asia at BCI Mr. Henry Ee is Regional Director for Asia at BCI and has more than 20 years of experience in Business Continuity, IT-Disaster Recovery & Crisis Management. (65) 63252080 henry@bcpasia.com www.bcpasia.com https://sg.linkedin.com/in/henryee www.twitter.com/henryee www.facebook.com/henry.ee2
  • 3. 3© Copyright 2016 Business Continuity Planning Asia Pte Ltd Founded in Year 2000 First consulting company to achieve certification in ISO 22301 The market leader in business continuity industry in Asia CONSULTANCY TRAINING INTERNAL AUDIT SOFTWARE
  • 4. 4© Copyright 2016 Business Continuity Planning Asia Pte Ltd Founder, Managing Director & Trainer • Certified:  BCM Professional: FBCI (BCI)  BCM Professional: CBCP (DRII)  Certified Management Consultant (PMC)  ACTA certified Trainer by WDA  Certified ISO 22301 Lead Auditor (BCI/ICOR/ANSI)  ISO22301 Lead Implementer, PECB • 20 years of experience in Business Continuity, IT-Disaster Recovery & Crisis Management. He is appointed President of BCI Asia Chapter and a Board Member of RIMAS (Singapore) • Undertaken over 300 BCM Projects across APAC and has guided and trained over 5000 professionals Henry Ee FBCI, CBCP
  • 5. 5© Copyright 2016 Business Continuity Planning Asia Pte Ltd Philippines Singapore Singapore Thailand China
  • 6. 6© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Practical Use of
  • 7. 7© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Risk Management Emergency Management Business Continuity Management Crisis Management (IT) Disaster Recovery ISO31000 Relating to Other Disciplines
  • 8. 8© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO31000 Risk Management Process
  • 9. 9© Copyright 2016 Business Continuity Planning Asia Pte Ltd Know Your Risk Appetite to Establish Context Risk appetite can be defined as the amount and type of risk that an organisation is willing to take in order to meet their strategic objectives.
  • 10. 10© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Classification During Risk Identification When formulating risk mitigation strategies later, it is better to evaluate the risks based on their groups to determine most cost-effective strategies that can be applied to each group. Policies Processes People Infrastructure Others When identify threats, you can group or classify each threat under various Risk Categories depending on the impact they cause.
  • 11. 11© Copyright 2016 Business Continuity Planning Asia Pte Ltd Analyse Your Risk According to Risk Appetite Impact (I) 1 Negligible 2 Low 3 Moderate 4 Significant 5 Catastrophic Probability (P) 1 Unlikely 2 Low Likelihood 3 Likely 4 High Likelihood 5 Inevitable Risk = P X I How do you determine that a threat is “Unlikely” to happen? What contributes to a “Catastrophic” impact?
  • 12. 12© Copyright 2016 Business Continuity Planning Asia Pte Ltd 1 2 3 4 5 1 2 3 4 5 Probability Impact R02 R31 R07 R12 R27 R05 R15 R09 R04 R10 R28 R23 R21 R11 R20 R01 R30 R06 R19 R14 ID High Risk Threats R16 High / Mass Staff Resignation / Turnover / Absenteeism R32 Over Reliance on Single Customer R22 Technology - Software / System Failure R27 Environmental Risk - Fire / Explosions R05 Loss of Samples / Records / Proposals / Contracts / Project Data etc. R14 Shortage of Critical Skill Set or Knowledge R15 Loss of Key Appointment Holders R03 R25 R17 R29 R24 R32 R22 R16 Medium Low HighMedium High Low Risk Matrix to Reflect Your Risk Appetite
  • 13. 13© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Mitigation Strategies Building Effective
  • 14. 14© Copyright 2016 Business Continuity Planning Asia Pte Ltd Evaluate Key Consequences of Your Top Risks Loss of Premises Loss of Staff Loss of Equipment Disruption of Process Possible Consequences This would lead you to the planning of effective strategies to mitigate the top risks of your organization by identifying the various consequences. Evaluating the top risks can also help the organization to prepare any special respond plans required.
  • 15. 15© Copyright 2016 Business Continuity Planning Asia Pte Ltd One of the practical mitigation strategy is to integrate the Implementation of Risk Strategy with ISO22301 – Business Continuity Management System
  • 16. 16© Copyright 2016 Business Continuity Planning Asia Pte Ltd ISO22301 Societal security – Business continuity management systems Requirements for audit Published by ISO on 15 May 2012 Accepted worldwide Used for certification
  • 17. 17© Copyright 2016 Business Continuity Planning Asia Pte Ltd BCM Elements as Defined in ISO22301 Operational Planning and Control Business Impact Analysis and Risk Assessment Exercising and Testing Establish and Implement Business Continuity Procedures Business Continuity Strategy
  • 18. 18© Copyright 2016 Business Continuity Planning Asia Pte Ltd Using ISO31000 in ISO22301 Operational Planning and Control Business Impact Analysis and Risk Assessment Exercising and Testing Establish and Implement Business Continuity Procedures Business Continuity Strategy ISO31000 Risk Management Process
  • 19. 19© Copyright 2016 Business Continuity Planning Asia Pte Ltd Risk Mitigation Strategies Applying In Your Organization
  • 20. 20© Copyright 2016 Business Continuity Planning Asia Pte Ltd What’s Your Preferred Approach? What are the pros and cons of a top-down vs bottom-up approach? Find one that fit your organization culture the best.
  • 21. 21© Copyright 2016 Business Continuity Planning Asia Pte Ltd Are You Already Using an ERM Software Tool? • To collate information quickly from different sites or locations • To centrally track the mitigation strategies
  • 22. 22© Copyright 2016 Business Continuity Planning Asia Pte Ltd Visit www.bcpasia.com
  • 23. 23© Copyright 2016 Business Continuity Planning Asia Pte Ltd ? QUESTIONS THANK YOU (65) 63252080 henry@bcpasia.com www.bcpasia.com https://sg.linkedin.com/in/henryee www.twitter.com/henryee www.facebook.com/henry.ee2
  • 24. 24© Copyright 2016 Business Continuity Planning Asia Pte Ltd Scan Me! BUSINESS CONTINUITY PLANNING ASIA PTE LTD 1 Commonwealth Lane #08-27 One Commonwealth Singapore 149544  Mainline: (65) 63252080 Help Desk: (65) 66594480 * enquiry@bcpasia.com 8 www.bcpasia.com

Editor's Notes

  1. Course Title: Times News Roman 40px Bold Date | Location: Times News Romans 30px Bold
  2. 7
  3. * These are the exact clauses of the ISO22301 * Those that are bolded are the main clauses of the ISO22301 (these are those which details the requirements)
  4. Title: Britannic Bold 40px Content: Arial 22px