Topic - Business Impact Analysis – How To Derive Maximum Benefit From The Process? Abdulrahman Alonaizan Manager – Business Continuity Division Arab National Bank Saudi Arabia

1. ANB Confidential
Continuity and Resilience (CORE)
ISO 22301 BCM Consulting Firm
Presentations by speakers at the
5th Middle East Business & IT Resilience Summit
20 – 21 April 2016 – Palace Hotel DownTown Dubai
Our Contact Details:
INDIA UAE
Continuity and Resilience
Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019
Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535
Email: neha@continuityandresilience.com
Continuity and Resilience
P. O. Box 127557
Abu Dhabi, United Arab Emirates
Mobile:+971 50 8460530
Tel: +971 2 8152831
Fax: +971 2 8152888
Email: info@continuityandresilience.com
Please write to us if you would like to get in touch with the Speaker

2. ANB Confidential
Business Impact Analysis – How To
Derive Maximum Benefit From The
Process?
Abdulrahman Alonaizan
Manager – Business Continuity Division
Arab National Bank
Saudi Arabia
2

3. ANB Confidential
3
Maintain and
Improve
(Act)
Implement and
Operate
(Do)
Establish
(Plan)
Monitor and
Review
(Check)
The BCM Cycle
I. Plan
a. Determining BCM Strategy
b. Embedding BCM in ANB Culture
II. Do
a. Continuity Level Agreement
(CLA)
b. Understanding the Organization
(BIA/Risk Analysis )
c. Developing & Implementing BCM
Response
d. Business Continuity Plan ( BCP )
e. Exercising , Maintenance and
Review (Scenarios)
III. Check
a. Management review
b. Auditing (External/Internal)
c) Act
Corrective Actions and
Preventions

4. ANB Confidential
The Business Impact Analysis (BIA) process
 Information Collection
 Impact Analysis
 Measuring of disruptions
 Deriving BC Strategies
 Developing BC Plans
4

5. ANB Confidential
Information Collection
Sample BIA Survey Page
5
Service Code RGCAC01 RGCAC02 RGCAC03
Service Name Credit Document
Custody
Credit Limits
Maintenance
Credit Admin
Description Keep the Original copies
of documents from
Clients
Enter clients credit limit,
check loans against
limits.
- Update Credit
Information.
- Credit Reporting.
- Credit checking with
ANB and Others Banks.
- Enter treasury related
limits.
Is this service critical? Yes Yes Yes
Is there a workaround for the service /
process? If yes, please describe briefly
Yes, Manual Procedures No (Needs applications) No (Needs applications)
Minimum level at which the service needs to
be performed upon resumption
60% 60% 60%
Are there any seasonal features / aspects of
this service / process
Every last week of the
Month
Every last week of the
Month
Every last week of the Month

6. ANB Confidential
Information Analysis
 Understand business processes
 Define resource requirements
 Determine business impact
 Determine dependencies
 Identify vital records
6

7. ANB Confidential
Disruption Timeline
777
Business As Usual
Time
Target time to recover the
service or product after an
incident
Service / product could not be
recovered. Organization’s
viability unresolved threatened.
RTO
MTPD
Crisis
Management
BCMS
Plan
DO
Check
Act
Business
Continuity
Plan

8. ANB Confidential
Financial Impact
Methodology to link the RTO with the financial
loss due to the disruption of a service
If average daily net income of Organization is: SR 1,000,000
2% of average daily net income of Organization: SR 20,000
Average hourly lost revenue due to service disruption : SR 2,500
The RTO will be reached at (20,000/2500) = 8 hours 8

9. ANB Confidential
9

10. ANB Confidential
Using BIA results for Business Continuity Plans
 Information update
o Resource requirements
 Technology
 Staff
 Workplace
 Dependencies
 Workarounds / Manual Procedures
 Vital Records
10

11. ANB Confidential
BC Strategy Elements Derived from BIA
 Services RTO / MTPoD
 Sequence of recovery
 Seating capacity requirements
 DRC capabilities
11

12. ANB Confidential
Corporate BIA
The Corporate BIA focuses on the business impact of a
disruption at the corporate level.
The objectives of the Corporate BIA Report are to:
 Analyze continuity resource requirements from the
corporate viewpoint
 Highlight the key items which need to be addressed at
the corporate level
12

13. ANB Confidential
key Resources
The Corporate BIA reviews the key resources of the
organization which have to be available for the business to
continue its operations and provide services to its
customers:
 Technology
 Workplace
 People
13

14. ANB Confidential
Technology
 DRC technical capacity
to provide continuity for
all services in the
Business Continuity
Plans
 DRC technical
sustainability
 Data replication
 Sequence of recovery
14

15. ANB Confidential
Workplace
 Review with Group managers’
about workspace requirements
o Up to three months’ time
from the disruption
o Up to 6 months’ time
o Up to one year time
 Alternate arrangements
(e.g. shifts, work from home)
 Summarized recommendations
15

16. ANB Confidential
People
Options to be considered to address unavailability
of staff (e.g. pandemic):
 Working from home
 Outsourcing
 Skills matrix
16

17. ANB Confidential
Thank You
Any questions?
17

18. ANB Confidential
18
Continuity and Resilience (CORE)
ISO 22301 BCM Consulting Firm
Presentations by speakers at the
5th Middle East Business & IT Resilience Summit
20 – 21 April 2016 – Palace Hotel DownTown Dubai
Our Contact Details:
INDIA UAE
Continuity and Resilience
Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019
Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535
Email: neha@continuityandresilience.com
Continuity and Resilience
P. O. Box 127557
Abu Dhabi, United Arab Emirates
Mobile:+971 50 8460530
Tel: +971 2 8152831
Fax: +971 2 8152888
Email: info@continuityandresilience.com
Please write to us if you would like to get in touch with the Speaker