SlideShare a Scribd company logo

5th ME Business & IT Resilience Summit 2016 - Business Resiliency Pitfalls

S
Sohan Masih

Title : Business Resiliency Pitfalls Speaker: Maha AbuRumman Company: RSA

Leadership & Management
1 of 15
Download to read offline
1 © Copyright 2016 EMC Corporation. All rights reserved. Please write to us if you would like to get in touch with the speaker
BUSINESS RESILIENCY PITFALLS M A H A A B U R U M M A N
3 © Copyright 2016 EMC Corporation. All rights reserved. Growing number of disasters Multiplying regulatory requirements Highly complex supply chains 24/7 delivery requirements Cyber Breaches Business Resiliency Drivers
TICKING THE COMPLIANCE BOX
5 © Copyright 2016 EMC Corporation. All rights reserved. 5 Standards and Regulations Regulation Summary Sarbanes-Oxley Auditors are increasing scrutiny of all areas of internal control, including security and business continuity controls. ISO 22301:2014 – Societal Security – Business Continuity Management Systems – Requirements Requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. ITIL v.3 (international) – IT Infrastructure Library Global standard in the area of service management. ITIL® (IT Infrastructure Library®) is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally. Business Continuity Standard and Guide AE/HSE/NCEMA 7000:2012 Developed to help entities systematically build their business continuity capability during and after an emergency, disaster or crisis. Initiatives are aimed at ensuring ongoing performance of essential functions and services in both the public and private sectors, for the purpose of enhancing the UAE’s national stability. Source: BCM Legislation and regulations, Jan 2016. BCI
PARALYSIS BY ANALYSIS
7 © Copyright 2016 EMC Corporation. All rights reserved. Expansive approach to BIA Undefined and unlimited scope Excessive analysis of results What is a BIA? “A business impact analysis (BIA) is a process that identifies and evaluates the potential effects (financial, life/safety, regulatory, legal/contractual, reputation and so forth) of natural and man-made events on business operations.” Gartner IT Glossary
8 © Copyright 2016 EMC Corporation. All rights reserved. Criticality Assessment Prioritization The Goals of a BIA
SILOED FUNCTIONS
10 © Copyright 2016 EMC Corporation. All rights reserved. 10 Challenges The organization does not fully understand the criticality of business processes, risks or impacts of crises on the organization The organization does not focus on building resiliency into processes, operations, IT, etc. Executives do not have an understanding of the residual risk of being or not being prepared Are we prepared for the next big disaster? - CxO “ ” Business continuity, IT disaster recovery and crisis management are driven by separate, unconnected groups Visibility Collaboration AccountabilityAutomationEfficiency Plan smarter by integrating BCM, IT DR and Crisis Management Leverage technologies to their full potential with workflow and controls Establish governance and ownership across the BCM spectrum Get IT, Crisis Management and the business on the same page Understand recovery priorities and make better planning decisions
11 © Copyright 2016 EMC Corporation. All rights reserved. 11 Gaps and Overlaps Many functions in the organization are repetitive and inefficient. Information is not being shared across functions resulting in duplicate efforts and fractured visibility. CIO Risk Ownership Reporting Business Assets Issue and Remediation Ownership BCM COO Risk Identification Risk Assessment ERM Metrics & Reporting Issue Generation Risk Assessment Evaluate Controls Reporting Issue Generation Control Testing Compliance Checklist Reporting Issue Generation CCO CRO IT Assets Security Risk IT Controls Issue Generation
EXPAND CONTINUITY TO RESILIENCY
13 © Copyright 2016 EMC Corporation. All rights reserved. Common business context Capture and resolve incidents Prepare for and exercise business recovery strategies Prepare for and recover from IT system outages Manage crisis events and communications Evaluate 3rd party readiness What Is Business Resiliency? Incident Management Business Continuity IT Disaster Recovery Business Operations Crisis Management 3rd Party Governance “A holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause.” ISO 22301
14 © Copyright 2016 EMC Corporation. All rights reserved. Questions Comments The End
EMC, RSA, the EMC logo and the RSA logo are registered trademarks of EMC Corporation in the U.S. and other countries.

Recommended

8 Reasons Why You Need A Strategy Management Software
8 Reasons Why You Need A Strategy Management Software8 Reasons Why You Need A Strategy Management Software
8 Reasons Why You Need A Strategy Management SoftwareCorporater
 
Tma Insurance Info Paper2012
Tma Insurance Info Paper2012Tma Insurance Info Paper2012
Tma Insurance Info Paper2012Threat Mitigation Associates, LLC
 
The C-suite, the Board and Cyber-defense
The C-suite, the Board and Cyber-defenseThe C-suite, the Board and Cyber-defense
The C-suite, the Board and Cyber-defenseThe Economist Media Businesses
 
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...10 Observations on Using Technology for SMCR - Senior Managers and Certificat...
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...Corporater
 
Infographic - The State of Insurance Underwriting Automation (SMA Report)
Infographic - The State of Insurance Underwriting Automation (SMA Report)Infographic - The State of Insurance Underwriting Automation (SMA Report)
Infographic - The State of Insurance Underwriting Automation (SMA Report)Guidewire Software (formerly FirstBest Systems, Inc.)
 
BCM Training Part 1 - Introduction To BCM - Business Risk & Management
BCM Training Part 1 - Introduction To BCM - Business Risk & ManagementBCM Training Part 1 - Introduction To BCM - Business Risk & Management
BCM Training Part 1 - Introduction To BCM - Business Risk & ManagementAndrew Styles
 
Forrester Infographic
Forrester Infographic Forrester Infographic
Forrester Infographic Thang Cao (He/Him)
 
Broadening Your Cybersecurity Mindset
Broadening Your Cybersecurity MindsetBroadening Your Cybersecurity Mindset
Broadening Your Cybersecurity MindsetCSI Solutions
 

Recommended

8 Reasons Why You Need A Strategy Management Software
8 Reasons Why You Need A Strategy Management Software8 Reasons Why You Need A Strategy Management Software
8 Reasons Why You Need A Strategy Management SoftwareCorporater
 
Tma Insurance Info Paper2012
Tma Insurance Info Paper2012Tma Insurance Info Paper2012
Tma Insurance Info Paper2012Threat Mitigation Associates, LLC
 
The C-suite, the Board and Cyber-defense
The C-suite, the Board and Cyber-defenseThe C-suite, the Board and Cyber-defense
The C-suite, the Board and Cyber-defenseThe Economist Media Businesses
 
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...10 Observations on Using Technology for SMCR - Senior Managers and Certificat...
10 Observations on Using Technology for SMCR - Senior Managers and Certificat...Corporater
 
Infographic - The State of Insurance Underwriting Automation (SMA Report)
Infographic - The State of Insurance Underwriting Automation (SMA Report)Infographic - The State of Insurance Underwriting Automation (SMA Report)
Infographic - The State of Insurance Underwriting Automation (SMA Report)Guidewire Software (formerly FirstBest Systems, Inc.)
 
BCM Training Part 1 - Introduction To BCM - Business Risk & Management
BCM Training Part 1 - Introduction To BCM - Business Risk & ManagementBCM Training Part 1 - Introduction To BCM - Business Risk & Management
BCM Training Part 1 - Introduction To BCM - Business Risk & ManagementAndrew Styles
 
Forrester Infographic
Forrester Infographic Forrester Infographic
Forrester Infographic Thang Cao (He/Him)
 
Broadening Your Cybersecurity Mindset
Broadening Your Cybersecurity MindsetBroadening Your Cybersecurity Mindset
Broadening Your Cybersecurity MindsetCSI Solutions
 
Asset Integrity Management
Asset Integrity Management Asset Integrity Management
Asset Integrity Management Advisian
 
Introduction to cobit 5.0
Introduction to cobit 5.0Introduction to cobit 5.0
Introduction to cobit 5.0Sreechith Radhakrishnan
 
SOX- IT Perspective
SOX- IT PerspectiveSOX- IT Perspective
SOX- IT PerspectiveNeelabh Srivastava
 
Sox compliance
Sox complianceSox compliance
Sox complianceG Madhusudhan
 
Intro to COBIT 5.0
Intro to COBIT 5.0Intro to COBIT 5.0
Intro to COBIT 5.0Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we workPuneet Chopra
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...tmcscs
 
Insurance Top TIps
Insurance Top TIpsInsurance Top TIps
Insurance Top TIpsBen Atha
 
Preventing CRM failures
Preventing CRM failuresPreventing CRM failures
Preventing CRM failuresMichael Krigsman
 
Information Systems Security Review 2004
Information Systems Security Review 2004Information Systems Security Review 2004
Information Systems Security Review 2004Donald E. Hester
 
JoTechies - Azure Backup
JoTechies - Azure BackupJoTechies - Azure Backup
JoTechies - Azure BackupJoTechies
 
Is your company risking Non-Compliance
Is your company risking Non-ComplianceIs your company risking Non-Compliance
Is your company risking Non-ComplianceSiddharth Joshi
 
IT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of SurvivalIT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of SurvivalMichael Krigsman
 
The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]jdimaria
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and StandardsDirectorate of Information Security | Ditjen Aptika
 
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...Compliance LLC
 
IEC61508
IEC61508IEC61508
IEC61508srini_hari
 
Asset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic InsightsAsset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic InsightsArrelic
 
Reliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proofReliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proofDonald Dunn
 
Five hip holidays abroad for 2016
Five hip holidays abroad for 2016Five hip holidays abroad for 2016
Five hip holidays abroad for 2016TraveleZe
 
A Revolução Soviética
A Revolução SoviéticaA Revolução Soviética
A Revolução SoviéticaPaulo Martins
 

More Related Content

What's hot

Asset Integrity Management
Asset Integrity Management Asset Integrity Management
Asset Integrity Management Advisian
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we workPuneet Chopra
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...tmcscs
 
Insurance Top TIps
Insurance Top TIpsInsurance Top TIps
Insurance Top TIpsBen Atha
 
Information Systems Security Review 2004
Information Systems Security Review 2004Information Systems Security Review 2004
Information Systems Security Review 2004Donald E. Hester
 
JoTechies - Azure Backup
JoTechies - Azure BackupJoTechies - Azure Backup
JoTechies - Azure BackupJoTechies
 
Is your company risking Non-Compliance
Is your company risking Non-ComplianceIs your company risking Non-Compliance
Is your company risking Non-ComplianceSiddharth Joshi
 
IT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of SurvivalIT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of SurvivalMichael Krigsman
 
The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]jdimaria
 
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...Compliance LLC
 
Asset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic InsightsAsset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic InsightsArrelic
 
Reliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proofReliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proofDonald Dunn
 

What's hot (20)

Asset Integrity Management
Asset Integrity Management Asset Integrity Management
Asset Integrity Management
 
Introduction to cobit 5.0
Introduction to cobit 5.0Introduction to cobit 5.0
Introduction to cobit 5.0
 
SOX- IT Perspective
SOX- IT PerspectiveSOX- IT Perspective
SOX- IT Perspective
 
Sox compliance
Sox complianceSox compliance
Sox compliance
 
Intro to COBIT 5.0
Intro to COBIT 5.0Intro to COBIT 5.0
Intro to COBIT 5.0
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we work
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...Data security risks and the cost of business continuity (slideshare) tmcs q...
Data security risks and the cost of business continuity (slideshare) tmcs q...
 
Insurance Top TIps
Insurance Top TIpsInsurance Top TIps
Insurance Top TIps
 
Preventing CRM failures
Preventing CRM failuresPreventing CRM failures
Preventing CRM failures
 
Information Systems Security Review 2004
Information Systems Security Review 2004Information Systems Security Review 2004
Information Systems Security Review 2004
 
JoTechies - Azure Backup
JoTechies - Azure BackupJoTechies - Azure Backup
JoTechies - Azure Backup
 
Is your company risking Non-Compliance
Is your company risking Non-ComplianceIs your company risking Non-Compliance
Is your company risking Non-Compliance
 
IT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of SurvivalIT Failures Town Hall: Risks of Survival
IT Failures Town Hall: Risks of Survival
 
The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]The Value Of HISP Certification [Compatibility Mode]
The Value Of HISP Certification [Compatibility Mode]
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
Discover 100 Job Descriptions in Risk and Compliance Management and what it t...
 
IEC61508
IEC61508IEC61508
IEC61508
 
Asset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic InsightsAsset Integrity Management | Arrelic Insights
Asset Integrity Management | Arrelic Insights
 
Reliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proofReliability - the missing leg of the stool final proof
Reliability - the missing leg of the stool final proof
 

Viewers also liked

Five hip holidays abroad for 2016
Five hip holidays abroad for 2016Five hip holidays abroad for 2016
Five hip holidays abroad for 2016TraveleZe
 
A Revolução Soviética
A Revolução SoviéticaA Revolução Soviética
A Revolução SoviéticaPaulo Martins
 
NCompass Live: Meeting the Unique Needs of Teens
NCompass Live: Meeting the Unique Needs of TeensNCompass Live: Meeting the Unique Needs of Teens
NCompass Live: Meeting the Unique Needs of TeensNebraska Library Commission
 
Présentation Sébastien LAGNIER
Présentation Sébastien LAGNIERPrésentation Sébastien LAGNIER
Présentation Sébastien LAGNIERSébastien Lagnier
 
Assessing user experience of e-books in academic libraries
Assessing user experience of e-books in academic librariesAssessing user experience of e-books in academic libraries
Assessing user experience of e-books in academic librariesTao Zhang
 
Big Talk From Small Libraries 2016 - Dig Into Your History
Big Talk From Small Libraries 2016 - Dig Into Your HistoryBig Talk From Small Libraries 2016 - Dig Into Your History
Big Talk From Small Libraries 2016 - Dig Into Your HistoryNebraska Library Commission
 
Resume(Nino Compasivo)manila
Resume(Nino Compasivo)manilaResume(Nino Compasivo)manila
Resume(Nino Compasivo)manilaNino Compasivo
 
I Conferencia Municipal LGBT Limeira
I Conferencia Municipal LGBT LimeiraI Conferencia Municipal LGBT Limeira
I Conferencia Municipal LGBT LimeiraDiversidadeSexualSP
 

Viewers also liked (11)

Five hip holidays abroad for 2016
Five hip holidays abroad for 2016Five hip holidays abroad for 2016
Five hip holidays abroad for 2016
 
A Revolução Soviética
A Revolução SoviéticaA Revolução Soviética
A Revolução Soviética
 
References
ReferencesReferences
References
 
NCompass Live: Meeting the Unique Needs of Teens
NCompass Live: Meeting the Unique Needs of TeensNCompass Live: Meeting the Unique Needs of Teens
NCompass Live: Meeting the Unique Needs of Teens
 
Présentation Sébastien LAGNIER
Présentation Sébastien LAGNIERPrésentation Sébastien LAGNIER
Présentation Sébastien LAGNIER
 
Assessing user experience of e-books in academic libraries
Assessing user experience of e-books in academic librariesAssessing user experience of e-books in academic libraries
Assessing user experience of e-books in academic libraries
 
Big Talk From Small Libraries 2016 - Dig Into Your History
Big Talk From Small Libraries 2016 - Dig Into Your HistoryBig Talk From Small Libraries 2016 - Dig Into Your History
Big Talk From Small Libraries 2016 - Dig Into Your History
 
Resume(Nino Compasivo)manila
Resume(Nino Compasivo)manilaResume(Nino Compasivo)manila
Resume(Nino Compasivo)manila
 
Monólogos de Nadal
Monólogos de NadalMonólogos de Nadal
Monólogos de Nadal
 
I Conferencia Municipal LGBT Limeira
I Conferencia Municipal LGBT LimeiraI Conferencia Municipal LGBT Limeira
I Conferencia Municipal LGBT Limeira
 
Gambol
Gambol Gambol
Gambol
 

Similar to 5th ME Business & IT Resilience Summit 2016 - Business Resiliency Pitfalls

The Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster RecoveryThe Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster Recoverycadavis22
 
The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfaNumak & Company
 
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docx
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docxCOMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docx
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docxmccormicknadine86
 
An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777Yasmine Anino
 
Business Continuity Getting Started
Business Continuity Getting StartedBusiness Continuity Getting Started
Business Continuity Getting Startedmxp5714
 
Business Resiliency
Business ResiliencyBusiness Resiliency
Business ResiliencyRackspace
 
Business Risk: Effective Technology Protecting Your Business
Business Risk: Effective Technology Protecting Your BusinessBusiness Risk: Effective Technology Protecting Your Business
Business Risk: Effective Technology Protecting Your Businessat MicroFocus Italy ❖✔
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13subramanian K
 
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...poore120
 
Risk & Compliance Outlook 2011
Risk & Compliance Outlook 2011Risk & Compliance Outlook 2011
Risk & Compliance Outlook 2011Hiten Sethi
 
RSM India publication - How Robust is your IT System
RSM India publication - How Robust is your IT SystemRSM India publication - How Robust is your IT System
RSM India publication - How Robust is your IT SystemRSM India
 
Introducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceIntroducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceDane Roberts
 
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft CorporationOffice 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft CorporationMary Marks
 
IBM XIV® Storage System: Engineered for Business Continuity
IBM XIV® Storage System: Engineered for Business ContinuityIBM XIV® Storage System: Engineered for Business Continuity
IBM XIV® Storage System: Engineered for Business ContinuityIBM India Smarter Computing
 
Beyond Predictive and Preventive Maintenance
Beyond Predictive and Preventive MaintenanceBeyond Predictive and Preventive Maintenance
Beyond Predictive and Preventive MaintenanceHarshad Shah
 

Similar to 5th ME Business & IT Resilience Summit 2016 - Business Resiliency Pitfalls (20)

Dit yvol5iss37
Dit yvol5iss37Dit yvol5iss37
Dit yvol5iss37
 
The Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster RecoveryThe Revere Group - Making A Case For Disaster Recovery
The Revere Group - Making A Case For Disaster Recovery
 
The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdf
 
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docx
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docxCOMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docx
COMMONALITY AND DIVERSITY OF OPERATING SYSTEMS .docx
 
Information Governance
Information GovernanceInformation Governance
Information Governance
 
An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777
 
Cobit5 and-grc
Cobit5 and-grcCobit5 and-grc
Cobit5 and-grc
 
Systems Resilience
Systems ResilienceSystems Resilience
Systems Resilience
 
Business Continuity Getting Started
Business Continuity Getting StartedBusiness Continuity Getting Started
Business Continuity Getting Started
 
Business Resiliency
Business ResiliencyBusiness Resiliency
Business Resiliency
 
Business Risk: Effective Technology Protecting Your Business
Business Risk: Effective Technology Protecting Your BusinessBusiness Risk: Effective Technology Protecting Your Business
Business Risk: Effective Technology Protecting Your Business
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13
 
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...
SecureTech 2014: Risk, Business Continuity and Cybersecurity - A Resiliency ...
 
Dit yvol3iss20
Dit yvol3iss20Dit yvol3iss20
Dit yvol3iss20
 
Risk & Compliance Outlook 2011
Risk & Compliance Outlook 2011Risk & Compliance Outlook 2011
Risk & Compliance Outlook 2011
 
RSM India publication - How Robust is your IT System
RSM India publication - How Robust is your IT SystemRSM India publication - How Robust is your IT System
RSM India publication - How Robust is your IT System
 
Introducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceIntroducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud Service
 
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft CorporationOffice 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
 
IBM XIV® Storage System: Engineered for Business Continuity
IBM XIV® Storage System: Engineered for Business ContinuityIBM XIV® Storage System: Engineered for Business Continuity
IBM XIV® Storage System: Engineered for Business Continuity
 
Beyond Predictive and Preventive Maintenance
Beyond Predictive and Preventive MaintenanceBeyond Predictive and Preventive Maintenance
Beyond Predictive and Preventive Maintenance
 

Recently uploaded

VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Roomdivyansh0kumar0
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentationcraig524401
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineeringthomas851723
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Reviewthomas851723
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Nehwal
 
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607dollysharma2066
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyHafizMuhammadAbdulla5
 
Risk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxRisk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxSaujanya Jung Pandey
 
LPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System PresentationLPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System Presentationthomas851723
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, MumbaiPooja Nehwal
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentationmintusiprd
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceanilsa9823
 
Training Methods and Training Objectives
Training Methods and Training ObjectivesTraining Methods and Training Objectives
Training Methods and Training Objectivesmintusiprd
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampPLCLeadershipDevelop
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girladitipandeya
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sectorthomas851723
 

Recently uploaded (20)

VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentation
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineering
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Review
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
 
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biography
 
Risk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxRisk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptx
 
LPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System PresentationLPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System Presentation
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentation
 
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Servicesauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
 
Training Methods and Training Objectives
Training Methods and Training ObjectivesTraining Methods and Training Objectives
Training Methods and Training Objectives
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC Bootcamp
 
Becoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette ThompsonBecoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette Thompson
 
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sector
 

5th ME Business & IT Resilience Summit 2016 - Business Resiliency Pitfalls

  • 1. 1 © Copyright 2016 EMC Corporation. All rights reserved. Please write to us if you would like to get in touch with the speaker
  • 2. BUSINESS RESILIENCY PITFALLS M A H A A B U R U M M A N
  • 3. 3 © Copyright 2016 EMC Corporation. All rights reserved. Growing number of disasters Multiplying regulatory requirements Highly complex supply chains 24/7 delivery requirements Cyber Breaches Business Resiliency Drivers
  • 5. 5 © Copyright 2016 EMC Corporation. All rights reserved. 5 Standards and Regulations Regulation Summary Sarbanes-Oxley Auditors are increasing scrutiny of all areas of internal control, including security and business continuity controls. ISO 22301:2014 – Societal Security – Business Continuity Management Systems – Requirements Requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. ITIL v.3 (international) – IT Infrastructure Library Global standard in the area of service management. ITIL® (IT Infrastructure Library®) is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally. Business Continuity Standard and Guide AE/HSE/NCEMA 7000:2012 Developed to help entities systematically build their business continuity capability during and after an emergency, disaster or crisis. Initiatives are aimed at ensuring ongoing performance of essential functions and services in both the public and private sectors, for the purpose of enhancing the UAE’s national stability. Source: BCM Legislation and regulations, Jan 2016. BCI
  • 7. 7 © Copyright 2016 EMC Corporation. All rights reserved. Expansive approach to BIA Undefined and unlimited scope Excessive analysis of results What is a BIA? “A business impact analysis (BIA) is a process that identifies and evaluates the potential effects (financial, life/safety, regulatory, legal/contractual, reputation and so forth) of natural and man-made events on business operations.” Gartner IT Glossary
  • 8. 8 © Copyright 2016 EMC Corporation. All rights reserved. Criticality Assessment Prioritization The Goals of a BIA
  • 10. 10 © Copyright 2016 EMC Corporation. All rights reserved. 10 Challenges The organization does not fully understand the criticality of business processes, risks or impacts of crises on the organization The organization does not focus on building resiliency into processes, operations, IT, etc. Executives do not have an understanding of the residual risk of being or not being prepared Are we prepared for the next big disaster? - CxO “ ” Business continuity, IT disaster recovery and crisis management are driven by separate, unconnected groups Visibility Collaboration AccountabilityAutomationEfficiency Plan smarter by integrating BCM, IT DR and Crisis Management Leverage technologies to their full potential with workflow and controls Establish governance and ownership across the BCM spectrum Get IT, Crisis Management and the business on the same page Understand recovery priorities and make better planning decisions
  • 11. 11 © Copyright 2016 EMC Corporation. All rights reserved. 11 Gaps and Overlaps Many functions in the organization are repetitive and inefficient. Information is not being shared across functions resulting in duplicate efforts and fractured visibility. CIO Risk Ownership Reporting Business Assets Issue and Remediation Ownership BCM COO Risk Identification Risk Assessment ERM Metrics & Reporting Issue Generation Risk Assessment Evaluate Controls Reporting Issue Generation Control Testing Compliance Checklist Reporting Issue Generation CCO CRO IT Assets Security Risk IT Controls Issue Generation
  • 13. 13 © Copyright 2016 EMC Corporation. All rights reserved. Common business context Capture and resolve incidents Prepare for and exercise business recovery strategies Prepare for and recover from IT system outages Manage crisis events and communications Evaluate 3rd party readiness What Is Business Resiliency? Incident Management Business Continuity IT Disaster Recovery Business Operations Crisis Management 3rd Party Governance “A holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause.” ISO 22301
  • 14. 14 © Copyright 2016 EMC Corporation. All rights reserved. Questions Comments The End
  • 15. EMC, RSA, the EMC logo and the RSA logo are registered trademarks of EMC Corporation in the U.S. and other countries.