Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Manage Risk: Building an Effective Business Continuity and Disaster Recovery Plan

If you ask treasurers what is their top priority, you’ll find risk management near the top of the list, but not necessarily a disaster recovery plan. As leaders of the organization, it’s important for treasury to consider the possibility of a loss of personnel, loss of connectivity, loss of services or loss of location. While the CIO and CFO are aware of the dangers of a security breach, such as phishing, whaling or vishing, there are many more potential reasons a company can experience a loss. This webinar will provide critical insights at the CEO, CFO, CIO level and is relevant to the organization, especially treasury.

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

Manage Risk: Building an Effective Business Continuity and Disaster Recovery Plan

  1. 1. Presented by Tom Hunt, AFP Bob Stark, Kyriba Dr. Mark Zecca, Kyriba Wednesday, April 20th, 2016
  2. 2. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Today’s Presenters Mark Zecca, Ph.D. SVP, Cloud Services and Engineering Kyriba Corporation Bob Stark Vice President, Strategy Kyriba Corporation Tom Hunt, CTP Director, Treasury Services Association of Financial Professionals
  3. 3. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. 3 Today’s Discussion Agenda  What is Business Continuity?  Planning for loss conditions in Treasury  Evaluating Technology to Support Business Continuity  BCP takeaways
  4. 4. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Importance of Business Continuity • Latest Treasury in Practice (TIP) Guide: Business Continuity Plan • Important addition to the TIP series as most Treasurers do not plan well enough to cover all loss conditions • Based on member feedback • New areas to focus on
  5. 5. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity  Disaster Recovery is a component of a Business Continuity Plan (BCP)  Collaborative organization-wide exercise, often led by CIO / CTO / CISO  BCP (for treasury) must take into account unique treasury requirements 1) Treasury must have seat at the planning table 2) Treasury must understand BCP vocabulary
  6. 6. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Emergency condition: a situation which creates a threat to the continued functioning of the company  Weather, fire, equipment failure, terrorist or hazardous conditions  Facilities no longer accessible or inhabitable, or business operations can not proceed as normal  Creates immediate need for action to begin to restore operations back to a normal condition Emergency Condition
  7. 7. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Defined Emergency Response Action Plan (ERAP) 0 - 72 hours Disaster Recovery Plan (DRP) 3 - 30 days Business Continuity Plan  Business Continuity Plans have multiple components, executed over initial days of an emergency condition Business Continuity & Continuance (BCC) 30+ days
  8. 8. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Loss Condition Scenario 1) Loss of personnel Treasury team wins the lottery and tenders resignation from a beach 2) Loss of facilities Company offices unusable 3) Loss of services Company offices lose key services such as power or internet 4) Loss of access Unable to reach company offices if there is a snowstorm
  9. 9. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Loss of Personnel Scenario Treasury team leaves Goal Train new team quickly - minimize disruption to treasury Required Solution Standardized templates, processes, workflows • Speeds up onboarding of new employees • Eliminates reliance on a single employee's expert knowledge or custom spreadsheets • Ensures consistency of information • Single repository for data and documents
  10. 10. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Loss of Facilities Scenario Company offices are disable and can’t be accessed Goal Perform treasury from other company locations Required Solution 1) The Cloud • Datacenters for Cloud TMS reside in different locations than company offices, so treasury system still operates 2) Standardized workflows • Same workflows can be run anywhere in the world by authorized users • Visual workflow maps require less documentation for colleagues taking on new roles, completing new tasks
  11. 11. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Loss of Services Scenario Company offices lose key services e.g. power, internet Goal Perform treasury from alternate locations e.g. Starbucks Required Solution 1) The Cloud • Treasury system continues to run outside your offices 2) Mobile • Treasury system can be accessed via mobile device and/or low speed web connection 3) Security • Additional security can be implemented for access outside of company office
  12. 12. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Loss of Access Scenario Treasury cannot get to the office in a giant snowstorm Goal Perform treasury activities from home Required Solution 1) The Cloud • Treasury system continues to run outside your offices 2) Mobile • Treasury system can be accessed via mobile device, really old desktop and/or low speed web connection 3) Security • Additional security can be implemented for access outside of company office
  13. 13. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Additional Scenarios Fraud & Cybercrime 1) Organization hit by cybercrime 2) Organization discovers internal fraud Business Continuity
  14. 14. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Fraud Organization hit by Cybercrime Scenario Likely loss of services and access to company computers Goal Perform treasury activities from alternate locations Required Solution 1) The Cloud • Treasury system continues to run outside your offices 2) Mobile • Treasury system can be accessed via mobile device, really old desktop and/or low speed web connection 3) Security • Additional security can be implemented for access outside of company office
  15. 15. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Fraud Organization discovers internal fraud Scenario Unauthorized payment was caught by the bank Goal Immediate update of treasury policies, workflows Required Solution 1) Security • Immediate password change to treasury systems • Review audit trails • Disable suspicious users 2) Controls • Add additional approvals • Change segregation of duties
  16. 16. Evaluating Technology to Support BCP
  17. 17. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Treasury system providers plan to avoid service disruptions  Datacenter locations are in low risk areas  One datacenter will backup another, with full replication – “Full replication” = data, bank connections, ERP interfaces, login protocols, etc. Evaluating Technology to Support Business Continuity
  18. 18. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL.  Two key metrics in disaster recovery: – Recovery Time Objective (RTO): how much time is lost – Recovery Point Objective (RPO): how much data is lost Evaluating Technology to Support Business Continuity * Treasury’s RTO/RPO will be very different than rest of organization
  19. 19. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. When evaluating treasury technology, consider:  SLA – especially RTO/RPO/availability metrics  SOC2 Type II report (read it!)  What exactly is replicated – data, interfaces, security, URL?  Locations of primary and backup datacenters  In the cloud - Fully virtualized w/ no additional plug-ins  Security – flexibility based on where software is accessed  Costs to manage internally Evaluating Technology to Support Business Continuity
  20. 20. Business Continuity in practice
  21. 21. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Takeaways Effective planning includes:  Determine Critical Assets  IT Calling Trees - Banks, Vendors, etc.  Who can put it in action  Weakest link (not just brick and mortar anymore)  Think security  Test your Plan!
  22. 22. 22© 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Business Continuity Takeaways Treasury’s primary challenges  Collaborating with teams that don’t understand treasury’s requirements  Planning for all ‘treasury’ loss conditions  When processes are manual, difficult to replicate processes and reporting  Even though cloud technology can help avoid ‘disaster’, not always easy to quantify ROI
  23. 23. © 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Additional Resources AFP Treasury in Practice Guide: Business Continuity Planning: Why Treasury Needs a Plan B Download the Report >>
  24. 24. 24© 2016 Kyriba Corp. All rights reserved. PROPRIETARY & CONFIDENTIAL. Thank You For Attending facebook.com/kyribacorp twitter.com/kyribacorp linkedin.com/company/kyriba-corporation youtube.com/kyribacorp slideshare.com/kyriba kyriba.com/blog

    Be the first to comment

    Login to see the comments

  • ERaviKiran1

    Apr. 26, 2016
  • JonathonGodbout

    Aug. 15, 2016
  • AmaniSBuqammaz

    Mar. 29, 2020
  • TahirJamil28

    Dec. 28, 2020

If you ask treasurers what is their top priority, you’ll find risk management near the top of the list, but not necessarily a disaster recovery plan. As leaders of the organization, it’s important for treasury to consider the possibility of a loss of personnel, loss of connectivity, loss of services or loss of location. While the CIO and CFO are aware of the dangers of a security breach, such as phishing, whaling or vishing, there are many more potential reasons a company can experience a loss. This webinar will provide critical insights at the CEO, CFO, CIO level and is relevant to the organization, especially treasury.

Views

Total views

970

On Slideshare

0

From embeds

0

Number of embeds

335

Actions

Downloads

21

Shares

0

Comments

0

Likes

4

×