SlideShare a Scribd company logo

BCS 307 Lecture 8.pdf

J
John119649

Business Continuity and Disaster Recovery

Business
1 of 24
Download to read offline
BCS 307 - BUSINESS CONTINUITY PLANNING JOHN AMBELE MWAIPOPO INFORMATION SCIENCE DEPARTMENT JORDAN UNIVERSITY COLLEGE
BC/DR Plan Maintenance Layout of this Lecture BC/DR change management Strategies for managing change BC/DR plan audit Plan maintenance activities Project close out
Maintaining the plan you’ve developed may end up being the biggest challenge you face in the entire business continuity and disaster recovery plan process. Many people assume that once the project is complete, they can simply chalk up another successful project and move on, but that’s far from true. There are many areas in which you can incorporate BC/DR strategies and activities in your standard operating procedures. BC/DR Plan Maintenance Last phase of BC/DR planning.
 Change is constant in organizations—change in operations, change in technology, change in personnel, change in regulations—the list goes on. BC/DR Plan Change Management  Change management has several discrete steps, as depicted in Figure to the right.  First step is to monitor changes.  Next step is to decide how the changes impact your BC/DR plan. Not all changes have an impact on your plan.  If a change impacts your plan, the next step is to determine how to address the change in your plan.  Cycle back and perform a modified version of your risk assessment, business impact analysis, and mitigation strategy development.  There are numerous sources of change that we’ll discuss shortly.
Training, testing, and auditing Training often involves testing the plan, and that testing the plan trains staff on how to implement the plan and carry out the tasks assigned. Changes will naturally come out of these processes, and that’s part of the purpose of training and testing. It’s difficult, if not impossible, to develop a perfect plan the first time through. It’s not until you try putting the plan to work that you discover steps out of order, errors, omissions, or redundancies. Capture a list of changes that need to be made to the BC/DR plan as you deliver your training and perform your testing, you should. These changes should be submitted for review. Not all requested changes should be made for a variety of reasons. BC/DR Plan Change Management
Changes in information technologies IT team should be familiar with reviewing and assessing change—from the location and duties of various servers to the implementation of new applications to the reorganization of existing infrastructure. Even the most innocuous changes can suddenly inject all kinds of problems into your network and systems. Have a process for evaluating the implementation of new technology, a process that says “Assess impact of this new technology on BC/DR plans.” Systems are upgraded, swapped out, modified, or retired, be sure to include a line item task to consider the impact on BC/DR plans. BC/DR Plan Change Management
Changes in operations Operations are not static, and changes over time to operations impacts the BC/DR plan. Reorganization, expansion, new departments, new facilities, and new management structures can all impact operations in a variety of ways. In some cases, changes in operation happen slowly over time and these changes may go unnoticed as it relates to the BC/DR plan. Business’s mission-critical operations changes over time or if the processes used to accomplish these functions have changed, the BC/DR plan is at significant risk of failure and should be revised. Changes to operational processes should be implemented as needed. BC/DR Plan Change Management
Corporate changes Corporate mergers, acquisitions, spin-offs, restructuring, and other types of corporate changes can have a major impact on the BC/DR plan. Continually look to incorporate BC/DR activities into your normal operations and planning activities and to continually look to protecting data first. When critical data are safe, putting systems in place to access and utilize that data can be secondary during times of turbulent or unexpected change. BC/DR Plan Change Management
Legal, regulatory, or compliance changes Changes to the legal, regulatory, or compliance landscape will certainly trigger required changes to your BC/DR plan. For example, if laws change regarding data security, you will have to review your BC/DR plan to determine whether your existing plan meets these new requirements or whether you’ll need to implement additional tools, technologies, or processes. Major change may require you to cycle through all phases of the BC/DR project planning stages and create a plan for implementing required changes. In most cases, changes in this arena will impact operations or IT, and the impact to the BC/DR plan will be addressed through those channels. BC/DR Plan Change Management
Strategies for managing change Two strategies for managing change are: 1. Having a process for monitoring change requests 2. Having a process for evaluating change requests. It’s easier to monitor change and respond to it as needed over time rather than sitting down once a year and trying to remember (or determine) what’s changed since your last review of the plan. Easiest way to monitor change, is to include an additional step or two in standard operating procedures. These steps can be as simple as “Determine impact, if any, on BC/DR plan. If impact exists, submit BC/DR change request to [insert position responsible BC/DR Plan Change Management
Monitor change Implementing processes for monitoring change can make your job of maintaining the BC/DR plan much easier. Develop processes that can be incorporated into everyday workflows so that as changes occur, they can quickly be assessed for their potential impact. If the change has no impact, it can be ignored (from a BC/DR perspective). If the change will have an impact, a change request should be submitted to the BC/DR team. A change request may be just a matter of noting that the leader of the Emergency Response Team has changed. This change request should trigger the appropriate revision to the BC/DR plan including contact names, phone numbers, and team rosters. BC/DR Plan Change Management
People People leave organizations, get promoted, or move into different jobs. A periodic review of changes to the organization can help you determine if there have been personnel changes that impact your plan. Process Changes to processes should be monitored as well. Monitor changes to key processes and flagging changes for BC/DR review. Many corporate processes remain fairly unchanged over time. Changes to mission-critical functions should be reviewed with the highest priority. BC/DR Plan Change Management
Technology Technology may fall outside the scope of IT management. If your company works with scientific equipment, manufacturing equipment, medical equipment, or other specialized technology, changes in this arena should be monitored and assessed. Often changes in technology create changes in processes, so the trigger for review and modification may come from either area. A process for triggering a review should be included in your technology implementation plans to make BC/DR plan maintenance as low as possible. BC/DR Plan Change Management
 Evaluate and incorporate change  Change review process should be well defined.  Someone should be specifically responsible for processing change requests, a projector manager or team member.  Use a change management process for managing projects.  Not all changes requested can or should be implemented into a plan.  Changes that are required by law, regulation, or compliance must be made.  Analysis may be required for each change you consider.  Some changes increase your risks; other changes reduce your risks.  Some changes may have a strong effect on the business impact analysis outcomes; others may have no effect at all.  All approved changes should be incorporated in the training, testing, and auditing processes and procedures. BC/DR Plan Change Management
Points to consider to manage change: 1. Compile all change requests and prioritize based on potential risk, vulnerability, impact (if applicable). 2. Determine if change requests are required for legal, regulatory, or compliance reasons. If so, flag these as required changes. 3. Review compiled change requests, review for redundancy, relevancy, etc. Revise compiled list as appropriate. 4. Prioritize compiled list. For each item, determine how the change impacts (or is impacted by): • Selected risks and threats • Threat vulnerability • Business impact analysis • Risk mitigation strategies BC/DR Plan Change Management
5. Assess potential cost, risk profile (does it inject or reduce risk?), desirability, feasibility, and interaction with other elements of the plan. 6. Determine if change request should be incorporated, delayed, rejected, or closed. 7. For each change request incorporated, document impact to BC/DR plan in detail. Advise change requestor of change acceptance, if appropriate. 8. For each change incorporated, determine need for additional training or testing activities. Trigger notification for training, testing, or auditing if appropriate. 9. For each change delayed, document reason for delay and how change will be processed later. Communicate decision to change requestor, if appropriate. 10. For each change rejected or closed, document reason for denying change. Communicate the status of the change with the rationale to the requestor, if appropriate. 11. For all approved changes, make revisions to BC/DR plan, note change in plan, and notify plan stakeholders of plan revision, if appropriate. BC/DR Plan Change Management
Audit your BC/DR plan when performing training and testing. Audit is a process in which you review the BC/DR plan against specific requirements. Review can be on the organization’s business practices, objectives, strategies, or changing financial situation. You may also review the plan against external constraints such as legal or regulatory requirements. Auditing does not test the plan. No assurance that steps and processes included in the plan will work. The audit does not train people in the use of the plan or in the skills needed to implement and execute the plan. BC/DR Plan Audit
 Audit is impartial review of the plan to assess whether it meets the company’s overall needs.  Audit plan should be created and should include: • Audit scope, timeline, requirements, and constraints • Review of corporate risks and risk management strategies including BC/DR • Review of business impact • Review of BC/DR plan development activities • Review of BC/DR plan test plans and activities • Review of BC/DR plan training plans and activities • Review of BC/DR change management and plan maintenance processes  Reviewing these elements result in the generation of change requests that should be processed by the BC/DR team.  Develop an audit checklist so you can periodically review the plan. BC/DR Plan Audit
Plan Maintenance Activities  Activities hat can help you keep your plan up to date and ready to go. 1. If the plan is revised, the BC/DR team members should be notified in a timely manner. 2. The plan should use a revision numbering system so team members know whether they have the latest version of the plan. 3. Review, update, and revise key contact information regularly. This includes staff, vendors, contractors, key customers, alternate sites, and facilities, among others. 4. Create a BC/DR plan distribution list that is limited to authorized personnel but that includes all relevant parties. This distribution list should include off-site and remote facilities that may be used in the event of BC/DR plan activation. 5. Be sure there are up-to-date copies of the BC/DR plan off-site in the event the building is inaccessible. Alternatively, be sure a copy is secure but accessible in the cloud and provide secure access to these documents.
6. Be sure there are up-to-date paper copies and/or CDs/DVDs/thumb drives of the BC/DR plan on-site in the event IT systems go down. If these contain sensitive information such as key codes, passwords, or other credentialing data, ensure they are encrypted or kept in a secure location that would be accessible during a disaster. 7. Implement a process whereby all old versions of the plan are destroyed or archived and new versions replace them. This helps avoid a scenario where team members are working from different versions of the plan. 8. Always check soft copy and remote storage copies of your plan when changes are made to the plan. If you store copies off-site or at your alternate work site, these versions should be updated any time the plan is modified. 9. Whenever significant changes are requested or implemented, test the plan. This will ensure there are no new areas of concern and will help train staff on the changes. 10. Integrate BC/DR considerations into operational processes to reduce plan Plan Maintenance Activities
11. Assign responsibility for managing BC/DR change notification and requests to someone on the BC/DR team. The project management adage that “a task without an owner won’t get done” is especially true here. 12. Document plan maintenance procedures and follow these procedures to avoid introducing additional risk into the project. Use periodic prescheduled meetings to ensure these events occur on a regular basis. 13. Incorporate training into the change process so changes to people, process, and technology that are incorporated into the BC/DR plan also trigger changes to training plans. 14. Include BC/DR plan testing, training, auditing, and maintenance activities in your IT or corporate budget for future activities related to BC/DR. Plan Maintenance Activities
Project Close Out  Be ready to close out your BC/DR project.  Have a clear, comprehensive, and reasonable business continuity and disaster recovery plan that should address the major threats to your company and mitigate risks to the most critical business functions.  Develop procedures to monitoring change, implementing change, and maintaining the BC/DR plan that can be folded into standard corporate operations.  Take time to do several project close-out activities. 1. Ensure all documentation is complete and finalized. 2. Ensure the BC/DR plan is distributed to appropriate personnel. 3. Announce plan completion to project sponsor and other project stakeholders; gain formal approval or sign-off. 4. Announce plan completion to company to increase awareness and celebrate success.
5. Announce plan completion to regulatory authorities, as appropriate or required. 6. Announce training or testing plans, if appropriate. 7. Hold a project review session to discuss lessons learned and incorporate into process. This should not be held at the same time as a project close out or celebration. This should be a working meeting to capture best practices and lessons learned. 8. Hold project close-out meeting to celebrate completion and recognize individual efforts, as appropriate. 9. Complete any staff reviews related to project work. 10. Submit summary or close out report to project sponsor, executive team, or other stakeholders, as appropriate. 11. Update legal or compliance documentation to reflect BC/DR readiness, as appropriate. Project Close Out
BCS 307 Lecture 8.pdf

Recommended

Governing Your PPM Solution Post Implementation
Governing Your PPM Solution Post ImplementationGoverning Your PPM Solution Post Implementation
Governing Your PPM Solution Post ImplementationDavid J Rosenthal
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDrFereydounDejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementdrdej19
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDrFereydounDejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...SN Panigrahi, PMP
 

Recommended

Governing Your PPM Solution Post Implementation
Governing Your PPM Solution Post ImplementationGoverning Your PPM Solution Post Implementation
Governing Your PPM Solution Post ImplementationDavid J Rosenthal
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDrFereydounDejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementdrdej19
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDrFereydounDejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
014 changes-cost overrun measurement
014 changes-cost overrun measurement014 changes-cost overrun measurement
014 changes-cost overrun measurementDr Fereidoun Dejahang
 
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...
#Perform Integrated Change Control (PICC) Process for PMP Exam - By SN Panig...SN Panigrahi, PMP
 
P2 how to develop an it change management program
P2 how to develop an it change management programP2 how to develop an it change management program
P2 how to develop an it change management programIT-Toolkits.org
 
4 integration
4 integration4 integration
4 integrationWaseem Siddique
 
Monitor and Control Process Group - Part One
Monitor and Control Process Group - Part OneMonitor and Control Process Group - Part One
Monitor and Control Process Group - Part OneHossam Maghrabi
 
Software Engineering I by hmftj
Software Engineering I by hmftj Software Engineering I by hmftj
Software Engineering I by hmftj LGS, GBHS&IC, University Of South-Asia, TARA-Technologies
 
Change management
Change managementChange management
Change managementmehak1990
 
Benefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefitsBenefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefitsAssociation for Project Management
 
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docxRunning Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docxjeanettehully
 
Case Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docxCase Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docxketurahhazelhurst
 
University of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docxUniversity of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docxouldparis
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxwrite12
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxstudywriters
 
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...IRJET Journal
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...soumyapottola
 
Change management process 17.01.15
Change management process 17.01.15Change management process 17.01.15
Change management process 17.01.15Stephanus Roux C Eng , IntPE(uk) , FIET
 
Optimize your Change Management Process
Optimize your Change Management ProcessOptimize your Change Management Process
Optimize your Change Management ProcessJason Goncalves
 
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxBusiness Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxfelicidaddinwoodie
 
Change control
Change controlChange control
Change controlSyeda Abeer
 
Diploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity SequencesDiploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity Sequencesdanieljohn810
 
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...OmnaCool
 
Assisit with devlopment.pptx
Assisit with devlopment.pptxAssisit with devlopment.pptx
Assisit with devlopment.pptxTadeseBeyene
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 

More Related Content

Similar to BCS 307 Lecture 8.pdf

P2 how to develop an it change management program
P2 how to develop an it change management programP2 how to develop an it change management program
P2 how to develop an it change management programIT-Toolkits.org
 
Monitor and Control Process Group - Part One
Monitor and Control Process Group - Part OneMonitor and Control Process Group - Part One
Monitor and Control Process Group - Part OneHossam Maghrabi
 
Change management
Change managementChange management
Change managementmehak1990
 
Benefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefitsBenefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefitsAssociation for Project Management
 
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docxRunning Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docxjeanettehully
 
Case Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docxCase Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docxketurahhazelhurst
 
University of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docxUniversity of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docxouldparis
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxwrite12
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxstudywriters
 
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...IRJET Journal
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...soumyapottola
 
Optimize your Change Management Process
Optimize your Change Management ProcessOptimize your Change Management Process
Optimize your Change Management ProcessJason Goncalves
 
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxBusiness Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxfelicidaddinwoodie
 
Diploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity SequencesDiploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity Sequencesdanieljohn810
 
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...OmnaCool
 
Assisit with devlopment.pptx
Assisit with devlopment.pptxAssisit with devlopment.pptx
Assisit with devlopment.pptxTadeseBeyene
 

Similar to BCS 307 Lecture 8.pdf (20)

P2 how to develop an it change management program
P2 how to develop an it change management programP2 how to develop an it change management program
P2 how to develop an it change management program
 
4 integration
4 integration4 integration
4 integration
 
Monitor and Control Process Group - Part One
Monitor and Control Process Group - Part OneMonitor and Control Process Group - Part One
Monitor and Control Process Group - Part One
 
Software Engineering I by hmftj
Software Engineering I by hmftj Software Engineering I by hmftj
Software Engineering I by hmftj
 
Change management
Change managementChange management
Change management
 
Benefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefitsBenefits Management in Health and Care part 1: Identify and map target benefits
Benefits Management in Health and Care part 1: Identify and map target benefits
 
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docxRunning Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
Running Head PROJECT PLAN-BUSINESS REQUIREMENT DOCUMENT .docx
 
Case Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docxCase Study on Operational Strategy for an IT OrganizationYou are.docx
Case Study on Operational Strategy for an IT OrganizationYou are.docx
 
University of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docxUniversity of the CumberlandsITS 831 Information Technology Impo.docx
University of the CumberlandsITS 831 Information Technology Impo.docx
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docx
 
case study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docxcase study on operational strategy for an it organization.docx
case study on operational strategy for an it organization.docx
 
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
IRJET- Project Management, Planning and its Prospectus in the Context of Proj...
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
 
Change management process 17.01.15
Change management process 17.01.15Change management process 17.01.15
Change management process 17.01.15
 
Optimize your Change Management Process
Optimize your Change Management ProcessOptimize your Change Management Process
Optimize your Change Management Process
 
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docxBusiness Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
Business Continuity Plan TemplateCIO Maria Sosa has asked you to p.docx
 
Change control
Change controlChange control
Change control
 
Diploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity SequencesDiploma of Project Management – How to Set Up Project Activity Sequences
Diploma of Project Management – How to Set Up Project Activity Sequences
 
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
IS Change& knowledge Management Processes AwarnessTraining PPT June 2023-draf...
 
Assisit with devlopment.pptx
Assisit with devlopment.pptxAssisit with devlopment.pptx
Assisit with devlopment.pptx
 

Recently uploaded

Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creationsnakalysalcedo61
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...lizamodels9
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Serviceankitnayak356677
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 

Recently uploaded (20)

Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creations
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 

BCS 307 Lecture 8.pdf

  • 1. BCS 307 - BUSINESS CONTINUITY PLANNING JOHN AMBELE MWAIPOPO INFORMATION SCIENCE DEPARTMENT JORDAN UNIVERSITY COLLEGE
  • 2. BC/DR Plan Maintenance Layout of this Lecture BC/DR change management Strategies for managing change BC/DR plan audit Plan maintenance activities Project close out
  • 3. Maintaining the plan you’ve developed may end up being the biggest challenge you face in the entire business continuity and disaster recovery plan process. Many people assume that once the project is complete, they can simply chalk up another successful project and move on, but that’s far from true. There are many areas in which you can incorporate BC/DR strategies and activities in your standard operating procedures. BC/DR Plan Maintenance Last phase of BC/DR planning.
  • 4.  Change is constant in organizations—change in operations, change in technology, change in personnel, change in regulations—the list goes on. BC/DR Plan Change Management  Change management has several discrete steps, as depicted in Figure to the right.  First step is to monitor changes.  Next step is to decide how the changes impact your BC/DR plan. Not all changes have an impact on your plan.  If a change impacts your plan, the next step is to determine how to address the change in your plan.  Cycle back and perform a modified version of your risk assessment, business impact analysis, and mitigation strategy development.  There are numerous sources of change that we’ll discuss shortly.
  • 5. Training, testing, and auditing Training often involves testing the plan, and that testing the plan trains staff on how to implement the plan and carry out the tasks assigned. Changes will naturally come out of these processes, and that’s part of the purpose of training and testing. It’s difficult, if not impossible, to develop a perfect plan the first time through. It’s not until you try putting the plan to work that you discover steps out of order, errors, omissions, or redundancies. Capture a list of changes that need to be made to the BC/DR plan as you deliver your training and perform your testing, you should. These changes should be submitted for review. Not all requested changes should be made for a variety of reasons. BC/DR Plan Change Management
  • 6. Changes in information technologies IT team should be familiar with reviewing and assessing change—from the location and duties of various servers to the implementation of new applications to the reorganization of existing infrastructure. Even the most innocuous changes can suddenly inject all kinds of problems into your network and systems. Have a process for evaluating the implementation of new technology, a process that says “Assess impact of this new technology on BC/DR plans.” Systems are upgraded, swapped out, modified, or retired, be sure to include a line item task to consider the impact on BC/DR plans. BC/DR Plan Change Management
  • 7. Changes in operations Operations are not static, and changes over time to operations impacts the BC/DR plan. Reorganization, expansion, new departments, new facilities, and new management structures can all impact operations in a variety of ways. In some cases, changes in operation happen slowly over time and these changes may go unnoticed as it relates to the BC/DR plan. Business’s mission-critical operations changes over time or if the processes used to accomplish these functions have changed, the BC/DR plan is at significant risk of failure and should be revised. Changes to operational processes should be implemented as needed. BC/DR Plan Change Management
  • 8. Corporate changes Corporate mergers, acquisitions, spin-offs, restructuring, and other types of corporate changes can have a major impact on the BC/DR plan. Continually look to incorporate BC/DR activities into your normal operations and planning activities and to continually look to protecting data first. When critical data are safe, putting systems in place to access and utilize that data can be secondary during times of turbulent or unexpected change. BC/DR Plan Change Management
  • 9. Legal, regulatory, or compliance changes Changes to the legal, regulatory, or compliance landscape will certainly trigger required changes to your BC/DR plan. For example, if laws change regarding data security, you will have to review your BC/DR plan to determine whether your existing plan meets these new requirements or whether you’ll need to implement additional tools, technologies, or processes. Major change may require you to cycle through all phases of the BC/DR project planning stages and create a plan for implementing required changes. In most cases, changes in this arena will impact operations or IT, and the impact to the BC/DR plan will be addressed through those channels. BC/DR Plan Change Management
  • 10. Strategies for managing change Two strategies for managing change are: 1. Having a process for monitoring change requests 2. Having a process for evaluating change requests. It’s easier to monitor change and respond to it as needed over time rather than sitting down once a year and trying to remember (or determine) what’s changed since your last review of the plan. Easiest way to monitor change, is to include an additional step or two in standard operating procedures. These steps can be as simple as “Determine impact, if any, on BC/DR plan. If impact exists, submit BC/DR change request to [insert position responsible BC/DR Plan Change Management
  • 11. Monitor change Implementing processes for monitoring change can make your job of maintaining the BC/DR plan much easier. Develop processes that can be incorporated into everyday workflows so that as changes occur, they can quickly be assessed for their potential impact. If the change has no impact, it can be ignored (from a BC/DR perspective). If the change will have an impact, a change request should be submitted to the BC/DR team. A change request may be just a matter of noting that the leader of the Emergency Response Team has changed. This change request should trigger the appropriate revision to the BC/DR plan including contact names, phone numbers, and team rosters. BC/DR Plan Change Management
  • 12. People People leave organizations, get promoted, or move into different jobs. A periodic review of changes to the organization can help you determine if there have been personnel changes that impact your plan. Process Changes to processes should be monitored as well. Monitor changes to key processes and flagging changes for BC/DR review. Many corporate processes remain fairly unchanged over time. Changes to mission-critical functions should be reviewed with the highest priority. BC/DR Plan Change Management
  • 13. Technology Technology may fall outside the scope of IT management. If your company works with scientific equipment, manufacturing equipment, medical equipment, or other specialized technology, changes in this arena should be monitored and assessed. Often changes in technology create changes in processes, so the trigger for review and modification may come from either area. A process for triggering a review should be included in your technology implementation plans to make BC/DR plan maintenance as low as possible. BC/DR Plan Change Management
  • 14.  Evaluate and incorporate change  Change review process should be well defined.  Someone should be specifically responsible for processing change requests, a projector manager or team member.  Use a change management process for managing projects.  Not all changes requested can or should be implemented into a plan.  Changes that are required by law, regulation, or compliance must be made.  Analysis may be required for each change you consider.  Some changes increase your risks; other changes reduce your risks.  Some changes may have a strong effect on the business impact analysis outcomes; others may have no effect at all.  All approved changes should be incorporated in the training, testing, and auditing processes and procedures. BC/DR Plan Change Management
  • 15. Points to consider to manage change: 1. Compile all change requests and prioritize based on potential risk, vulnerability, impact (if applicable). 2. Determine if change requests are required for legal, regulatory, or compliance reasons. If so, flag these as required changes. 3. Review compiled change requests, review for redundancy, relevancy, etc. Revise compiled list as appropriate. 4. Prioritize compiled list. For each item, determine how the change impacts (or is impacted by): • Selected risks and threats • Threat vulnerability • Business impact analysis • Risk mitigation strategies BC/DR Plan Change Management
  • 16. 5. Assess potential cost, risk profile (does it inject or reduce risk?), desirability, feasibility, and interaction with other elements of the plan. 6. Determine if change request should be incorporated, delayed, rejected, or closed. 7. For each change request incorporated, document impact to BC/DR plan in detail. Advise change requestor of change acceptance, if appropriate. 8. For each change incorporated, determine need for additional training or testing activities. Trigger notification for training, testing, or auditing if appropriate. 9. For each change delayed, document reason for delay and how change will be processed later. Communicate decision to change requestor, if appropriate. 10. For each change rejected or closed, document reason for denying change. Communicate the status of the change with the rationale to the requestor, if appropriate. 11. For all approved changes, make revisions to BC/DR plan, note change in plan, and notify plan stakeholders of plan revision, if appropriate. BC/DR Plan Change Management
  • 17. Audit your BC/DR plan when performing training and testing. Audit is a process in which you review the BC/DR plan against specific requirements. Review can be on the organization’s business practices, objectives, strategies, or changing financial situation. You may also review the plan against external constraints such as legal or regulatory requirements. Auditing does not test the plan. No assurance that steps and processes included in the plan will work. The audit does not train people in the use of the plan or in the skills needed to implement and execute the plan. BC/DR Plan Audit
  • 18.  Audit is impartial review of the plan to assess whether it meets the company’s overall needs.  Audit plan should be created and should include: • Audit scope, timeline, requirements, and constraints • Review of corporate risks and risk management strategies including BC/DR • Review of business impact • Review of BC/DR plan development activities • Review of BC/DR plan test plans and activities • Review of BC/DR plan training plans and activities • Review of BC/DR change management and plan maintenance processes  Reviewing these elements result in the generation of change requests that should be processed by the BC/DR team.  Develop an audit checklist so you can periodically review the plan. BC/DR Plan Audit
  • 19. Plan Maintenance Activities  Activities hat can help you keep your plan up to date and ready to go. 1. If the plan is revised, the BC/DR team members should be notified in a timely manner. 2. The plan should use a revision numbering system so team members know whether they have the latest version of the plan. 3. Review, update, and revise key contact information regularly. This includes staff, vendors, contractors, key customers, alternate sites, and facilities, among others. 4. Create a BC/DR plan distribution list that is limited to authorized personnel but that includes all relevant parties. This distribution list should include off-site and remote facilities that may be used in the event of BC/DR plan activation. 5. Be sure there are up-to-date copies of the BC/DR plan off-site in the event the building is inaccessible. Alternatively, be sure a copy is secure but accessible in the cloud and provide secure access to these documents.
  • 20. 6. Be sure there are up-to-date paper copies and/or CDs/DVDs/thumb drives of the BC/DR plan on-site in the event IT systems go down. If these contain sensitive information such as key codes, passwords, or other credentialing data, ensure they are encrypted or kept in a secure location that would be accessible during a disaster. 7. Implement a process whereby all old versions of the plan are destroyed or archived and new versions replace them. This helps avoid a scenario where team members are working from different versions of the plan. 8. Always check soft copy and remote storage copies of your plan when changes are made to the plan. If you store copies off-site or at your alternate work site, these versions should be updated any time the plan is modified. 9. Whenever significant changes are requested or implemented, test the plan. This will ensure there are no new areas of concern and will help train staff on the changes. 10. Integrate BC/DR considerations into operational processes to reduce plan Plan Maintenance Activities
  • 21. 11. Assign responsibility for managing BC/DR change notification and requests to someone on the BC/DR team. The project management adage that “a task without an owner won’t get done” is especially true here. 12. Document plan maintenance procedures and follow these procedures to avoid introducing additional risk into the project. Use periodic prescheduled meetings to ensure these events occur on a regular basis. 13. Incorporate training into the change process so changes to people, process, and technology that are incorporated into the BC/DR plan also trigger changes to training plans. 14. Include BC/DR plan testing, training, auditing, and maintenance activities in your IT or corporate budget for future activities related to BC/DR. Plan Maintenance Activities
  • 22. Project Close Out  Be ready to close out your BC/DR project.  Have a clear, comprehensive, and reasonable business continuity and disaster recovery plan that should address the major threats to your company and mitigate risks to the most critical business functions.  Develop procedures to monitoring change, implementing change, and maintaining the BC/DR plan that can be folded into standard corporate operations.  Take time to do several project close-out activities. 1. Ensure all documentation is complete and finalized. 2. Ensure the BC/DR plan is distributed to appropriate personnel. 3. Announce plan completion to project sponsor and other project stakeholders; gain formal approval or sign-off. 4. Announce plan completion to company to increase awareness and celebrate success.
  • 23. 5. Announce plan completion to regulatory authorities, as appropriate or required. 6. Announce training or testing plans, if appropriate. 7. Hold a project review session to discuss lessons learned and incorporate into process. This should not be held at the same time as a project close out or celebration. This should be a working meeting to capture best practices and lessons learned. 8. Hold project close-out meeting to celebrate completion and recognize individual efforts, as appropriate. 9. Complete any staff reviews related to project work. 10. Submit summary or close out report to project sponsor, executive team, or other stakeholders, as appropriate. 11. Update legal or compliance documentation to reflect BC/DR readiness, as appropriate. Project Close Out