Business continuity


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Business continuity

  1. 1. BUSINESS CONTINUITY Anil.C.V Meenu.S.Babu Rajesh Kumar Sunil.G.K
  2. 2. What is Business Continuity ? Business contingency is the practice of formally preparing for variations in the business environment. These variations can be of any kind, but the primary aim of business contingency planning is to ensure the survival of an organization by preparing for, reacting to, and adjusting to those variations. Business continuity(BC) refers to the ability of a business to maintain continuous operations in the face of disaster
  3. 3. Continuous availability of IT continuous availability to be ensured since organisations have become dependent on technology and if information technology (IT) resources suddenly become unavailable, all supporting business processes of that organization generally cannot continue, and this threatens the survival of an organization
  4. 4. What can disrupt your business ? Fire Flood Terrorism Hackers Power Network Troubles
  5. 5. Success, recovery or failure? Fully tested effective BCM A B Level of business No BCM – lucky escape C No BCM – usual outcome Critical recovery point Time
  6. 6. THE BUSINESS CONTINUITY MANAGEMENT CYCLE Understanding Your Business 1 Exercising, Business Maintenance 5 BCM 2 Continuity and Audit Strategies Managem P Programme Management 4 3 Develop and Building & Implement BCM Embedding a Plans & Solution(s) BCM Culture
  7. 7. Building Business Continuity Plan form a core team from all segments of the business or organization review all of the existing BC plans (if available). understand the benefits of developing a BCP policy statement Establish Project Objectives and Deliverables
  8. 8. Step 1. Project Initiation Identify customer and business requirements Identify external dependencies (i.e., government, industry, and legal) Perform a business risk assessment Obtain management support Implement project planning and control process
  9. 9. Step 2. Business Impact Analysis Define criticality criteria Identify vital business processes, applications, data, equipment, etc. Determine impact on business processes Identify interdependencies Define recovery time objectives
  10. 10. Step 3. Recovery Strategies Identify process and processing alternatives and offsite data backup alternatives Identify communications backup alternatives Identify recovery strategy alternatives (replace, outsource, manual, etc.) Formulate strategy based on optimum cost-benefit and risk Review strategy with recovery teams, management, and customers
  11. 11. Step 4. Plan Development Define disaster recovery teams, authority, roles, and responsibilities Develop notification and plan activation procedures Create emergency response procedures Create detailed recovery procedures Develop plan distribution and control procedures
  12. 12. Step 5. Plan Validation/Testing Develop test plans and objectives Conduct simulations Perform tests Evaluate test results Perform plan process improvements based on test results
  13. 13. Step 6. Maintenance and Training Develop BCP maintenance process Consolidate revision information Develop revised BCP, as required Create corporate awareness program Develop BCP-specific training program
  14. 14. Systems Development Life Cycle (SDLC)
  15. 15. Needs Analysis and Initiation Phase Match system requirements to their related operational processes Identify Very high system availability requirements – redundant, real-time mirroring at an alternate site and fail-over capabilities to be built into the design Evaluate IT system to determine recovery priority
  16. 16. Development/Acquisition Phase Incorporate redundancy and robustness directly into the system architecture to optimize reliability, maintainability, and availability during the Operation/Maintenance Phase Set priorities of recovery if multiple applications are set as contingent measures. • Consider redundant communications paths; • lack of single points of failure; • enhanced fault tolerance of network components and interfaces; • power management systems with appropriately sized backup power sources; load balancing; and data mirroring and replication to ensure a uniformly robust system. Address requirements for the alternate site
  17. 17. Implementation Phase Develop a test plan Test accuracy and effectiveness of technical features and recovery procedures of contingency strategies Clearly document the contingency measures in the contingency plan
  18. 18. Operation and Maintenance Phase Conduct training and awareness programme on contingency plan procedures to users, administrators, and managers Ensure Exercises and tests and make it continue to be effective Regular backups should be conducted and stored offsite Update plans to reflect changes to procedures based on lessons learned
  19. 19. Disposal Phase Current system (Legacy) is replaced with a new system Do not neglect contingency considerations until the new system is operational & fully tested The legacy system itself can become a backup system. The legacy system can be used as a test system for the new system to identify its potentially disruptive system flaws.