This document discusses business continuity management and planning. It defines disasters and the importance of emergency preparedness. Organizations should analyze threats, risks, and business impacts to develop business continuity plans. These plans should include response, contingency, recovery, and resumption components to ensure the organization can respond to and recover from disasters. The plans should be tested, maintained, and audited.
Business continuity and disaster recovery are not the same but complement each other. Planning on BCP and DRP is necessary for all business. This slide contains information on how to achieve and maintain them.
Business continuity and disaster recovery are not the same but complement each other. Planning on BCP and DRP is necessary for all business. This slide contains information on how to achieve and maintain them.
Understand and apply concepts of confidentiality, integrity and availability, Apply security governance principles,
Understand legal and regulatory issues that pertain to information security in a global context, Develop and implement documented security policy, standards, procedures, and guidelines, Understand business continuity requirements
Contribute to personnel security policies, Understand and apply risk management concepts, Understand and apply threat modeling, Integrate security risk considerations into acquisition strategy and practice, Establish and manage information security education, training, and awareness
Presenter:
Ali Bin Mohammed AlMuwaijei
Chief Risk Manager, Municipality & Planning Dept-Ajman
Risk and Business Continuity Management
Enterprise Risk Management
Presenter: Sagarika Chakraborty
1.1 Risk Mapping in India
1.2 Understanding Business Continuity Planning
1.3 Business Continuity Planning and Risk Management
Just created a slideshare presentation giving a basic introduction to ISO27001 and its Scope, Implementation & Application. You can see more slideshows on http://www.slideshare.net/ImranahmedIT or visit my website: http://imran-ahmed.co.uk
Cybersecurity Assessment Framework. Includes baseline security. Operationalizing the steps and implementing the 4 processes Predict, Prevent, Detect, Respond
Understand and apply concepts of confidentiality, integrity and availability, Apply security governance principles,
Understand legal and regulatory issues that pertain to information security in a global context, Develop and implement documented security policy, standards, procedures, and guidelines, Understand business continuity requirements
Contribute to personnel security policies, Understand and apply risk management concepts, Understand and apply threat modeling, Integrate security risk considerations into acquisition strategy and practice, Establish and manage information security education, training, and awareness
Presenter:
Ali Bin Mohammed AlMuwaijei
Chief Risk Manager, Municipality & Planning Dept-Ajman
Risk and Business Continuity Management
Enterprise Risk Management
Presenter: Sagarika Chakraborty
1.1 Risk Mapping in India
1.2 Understanding Business Continuity Planning
1.3 Business Continuity Planning and Risk Management
Just created a slideshare presentation giving a basic introduction to ISO27001 and its Scope, Implementation & Application. You can see more slideshows on http://www.slideshare.net/ImranahmedIT or visit my website: http://imran-ahmed.co.uk
Cybersecurity Assessment Framework. Includes baseline security. Operationalizing the steps and implementing the 4 processes Predict, Prevent, Detect, Respond
The disaster recovery plan guides managers and employees in the management of responses to various disasters that may occur in the course of business operations. The term disaster refers to any event that results in a disruption in the ability to provide normal services. A disaster may range in scope and duration from relatively minor, such as a temporary power outage, to a catastrophic event that interrupts service for a long period of time. Regardless of the magnitude of the business interruption, it must be managed.
A short presentation of the essentials of business continuity planning. Often put on the back burner because it's seems too complex. Whereas the principles are quite straightforward.
Let’s understand the concepts of business continuity and Disaster Recovery in brief. To know more, visit: www.eccouncil.org/business-continuity-and-disaster-recovery
Steps Asset Intensive Industries can take to PIVOT in Response to COVID-19Subodh Nayar
This presentation illustrates how FieldForce4 assists businesses to transition to maintain service levels during and after the COVID-19 pandemic.
In summary the FF4>>PIVOT is a structured approach to preparation, planning and alignment that identifies the key areas for the business to focus on to maintain service levels and then provides the lens to prepare for a return to normal operations.
Principles of Incident Response and Disaster Recovery, 2nd E.docxstilliegeorgiana
Principles of Incident Response
and Disaster Recovery, 2nd Edition
Chapter 10
Disaster Recovery: Operation and
Maintenance
Objectives
• Describe the key challenges an organization faces
when engaged in DR operations
• Discuss what actions organizations should take to
prepare for the activation of the DR plan
• List the critical elements that comprise the response
phase of the DR plan
• Explain what occurs in the recovery phase of the DR
plan
• Describe how an organization uses the resumption
phase of the DR plan
Principles of Incident Response and Disaster Recovery, 2nd Edition 2
Objectives (cont’d.)
• Discuss how an organization resumes normal
operations using the restoration phase of the DR
plan
Principles of Incident Response and Disaster Recovery, 2nd Edition 3
Introduction
• When disaster occurs organizations need
– Meticulous preparation and ongoing diligence
– Quick and decisive reaction to restore operations
– To prepare to promptly reestablish operations at a
new permanent location
• Each area of the world has its own challenges and
risks of disaster
– Natural or man-made
• DR plans and procedures are similar to those
undertaken for IR and BC actions
Principles of Incident Response and Disaster Recovery, 2nd Edition 4
Facing Key Challenges
• Widespread disasters frequently affect:
– Departments and various organization levels
– Communities encompassing the organization
– Vendors and suppliers
• Outside help may be unavailable for days or weeks
– Emergency services, public services, grocers and
other suppliers, utility services, private services,
telecommunications services, and air and surface
transportation
• Worst-case scenario
– Seemingly routine event quickly spins out of control
Principles of Incident Response and Disaster Recovery, 2nd Edition 5
Facing Key Challenges (cont’d.)
• Most disaster-related losses cause:
– Inability to react properly to the disaster
– A need to improvise, adapt, and overcome obstacles
• Most disasters last hours or a few days
• DR plan phases
– Preparation
– Response
– Recovery
– Resumption
– Restoration
Principles of Incident Response and Disaster Recovery, 2nd Edition 6
Preparation: Training the DR Team and
the Users
• No prevention phase in DR planning
– Reason: majority of disasters cannot be prevented
• Can minimize disaster probability by planning
• Preparation
– Being ready for possible contingencies that can
escalate to become disasters
• Develop BIA and DR plans
• Organize and staff various DR teams
• Train various stakeholders and practice the plan
Principles of Incident Response and Disaster Recovery, 2nd Edition 7
Plan Distribution
• Must distribute plan to those who need it most
• Ensure that all personnel:
– Have access to the plan
– Have fully read the plan
– Understand the plan
• IR, DR, or BC plan storage
– Physical copy easy to misplace
– Online storage locations
• Electronic disruptions could prevent access
Prin ...
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
2. Copyright 2014 Pearson Education, Inc. 2
Objectives
❑ Define a disaster
❑ Appreciate the importance of emergency
preparedness
❑ Analyze threats, risks, and business impact
assessments
❑ Explain the components of a business continuity
plan and program
❑ Develop policies related to business continuity
management
3. Copyright 2014 Pearson Education, Inc. 3
Emergency Preparedness
■ Disaster
❑ Any event that results in damage or destruction,
loss of life, or drastic change to the environment
❑ A disruption of normal business functions where
the expected time for returning to normalcy would
seriously impact the organization’s capability to
maintain operations, including customer
commitments and regulatory compliance
❑ The cause can be environmental, operational,
accidental, or willful
4. Emergency Preparedness cont.
■ Resilient organization
❑ Has the capability to quickly adapt and recover
from known or unknown change to the
environment
■ Business disruption has an economic and
societal ripple effect
■ Emergency preparedness is a civic duty and
regulatory requirement
❑ Presidential Decision Directive (PDD) 63 Critical
Infrastructure Protection
❑ Federal Continuity Directive 1
Copyright 2014 Pearson Education, Inc. 4
5. Copyright 2014 Pearson Education, Inc. 5
Business Continuity Risk
Management
■ Continuity planning
❑ The business practice of ensuring the execution of
essential functions
❑ Component of organizational risk management
❑ Risk management for continuity of operations
requires the organizations to
■ Identify the threats that can disrupt operations
■ Determine the risk
■ Assess the impact on the company
6. Business Continuity Risk
Management cont.
■ Business continuity threat assessment
❑ Identify viable threats and predict the likelihood of
occurrence
❑ Threat modeling takes into account historical and
predictive geographic, technological, physical,
environmental, industry, and third-party factors
■ Business continuity threat assessment
❑ Evaluates the sufficiency of controls to prevent a
threat from occurring or to minimize its impact
Copyright 2014 Pearson Education, Inc. 6
7. Copyright 2014 Pearson Education, Inc. 7
What Is a Business Impact
Assessment?
■ Business Impact Analysis
❑ Identify essential services/processes and recovery
timeframes
❑ It is a multistep collaborative activity that involves
business process owners, stakeholders, and
corporate officers
❑ A BIA incorporates three metrics
■ Maximum tolerable downtime (MTD)
■ Recovery time objective (RTO)
■ Recovery point objective (RPO)
8. Copyright 2014 Pearson Education, Inc. 8
Business Continuity Plan
■ The objective is to ensure the organization
has the capability to respond and recover
from a disaster
■ Component:
❑ Response plans
❑ Contingency plans
❑ Recovery plans
❑ Resumption plans
9. Business Continuity Plan cont.
■ Business continuity management involves the
entire organization
❑ Board of Directors provides oversight and
guidance, authorizes the related policy, and is
legally accountable for the actions of the
organization
❑ Executive management provides leadership
❑ Business Continuity Team (BCT) has the authority
to make decisions related to disaster preparation,
response, and recovery
Copyright 2014 Pearson Education, Inc. 9
10. Copyright 2014 Pearson Education, Inc. 10
Disaster Response Plans
■ Addresses what should be done immediately following a
significant incident
■ Defines who has the authority to declare a disaster
■ Defines who has the authority to contact external entities
■ Defines evacuation procedures
■ Defines emergency communication & notification procedures
■ Upon declaration of a disaster, all BCT members should
report to a designated command and control center
■ Occupant emergency Plan (OEP)
❑ Describes evacuation and shelter-in-place procedures in the
event of a threat or incident to the health and safety of personnel
11. Disaster Response Plans cont.
■ Relocation strategies
❑ Hot site
❑ Fully operational location with redundant equipment.
❑ The data has been streamed to the site on a real-time basis or close to real time
❑ Warm site
❑ Configured to support operations including communications capabilities, peripheral
devices, power, and HVAC.
❑ Spare computers may be located there that then would need to be configured in the
event of a disaster
❑ Date must be restored
❑ Cold site
❑ Available alternative location
❑ Equipped with power, HVAC, and secure access
❑ Mobile site
❑ Self-contained unit
❑ Equipped with the required hardware, software, and peripherals
❑ Data needs to be restored
Copyright 2014 Pearson Education, Inc. 11
12. Operational Contingency Plans
■ Addresses how an organization’s essential
business processes will be delivered during
the recovery process
■ Developed at the departmental level
■ Responsibility of the business process owner
■ The documentation should follow the same
form as the SOPs
Copyright 2014 Pearson Education, Inc. 12
13. Copyright 2014 Pearson Education, Inc. 13
The Disaster Recovery Phase
■ Recovery strategies
❑ The path to bringing the company back to a
normal business environment
❑ A plan should be in place that breaks down each
category of the overall recovery effort to simplify
the daunting recovery process:
■ Mainframe
■ Network
■ Communications
■ Infrastructure
■ Facilities
14. Copyright 2014 Pearson Education, Inc. 14
The Disaster Recovery Phase
Cont.
■ Recovery procedures
❑ All procedures should be designed, tested,
documented, and approved prior to when the disaster
strikes
❑ Procedures should be written as if the person who will
be following them is not intimately familiar with the
information system or component
❑ Procedures should explain what needs to be done,
when, where, and how
❑ The key is to respond fast using predefined steps
❑ Recovery procedures should be reviewed annually
15. Copyright 2014 Pearson Education, Inc. 15
The Resumption Phase
■ The objective is to transition to normal
operations
■ Two major activities
❑ Validation
■ Verifying recovered systems are operating correctly
❑ Deactivation
■ The official notification that the organization is no longer
operating in emergency or disaster mode
16. Copyright 2014 Pearson Education, Inc. 16
Plan Testing and Maintenance
❑ Proactive testing of the plan is essential
❑ Until tested, the plan is theoretical at best
❑ The tests should prove that the procedures and
the plan are:
■ Relevant
■ Operable under adverse conditions
■ Accurate
❑ Tests are used to discover errors and
inadequacies
17. Copyright 2014 Pearson Education, Inc. 17
Plan Testing and Maintenance
Cont.
■ Three standard testing methodologies
❑ Tabletop exercise
■ Structured review
■ Simulation
❑ Functional exercises
❑ Full-scale testing
■ Business continuity plan audit
❑ Evaluation of how the business continuity program
in its entirety is being managed
❑ Auditors must be independent
18. Copyright 2014 Pearson Education, Inc. 18
Plan Maintenance
❑ Business environments are dynamic: The plan
should be reviewed and edited regularly to match
the changes that occur in the company and/or the
industry in which the company is involved
❑ The plan cannot be reviewed without the risk
assessment being reviewed as well
❑ Responsibility for maintaining the plan should be
assigned to a specific role such as the ISO
19. Copyright 2014 Pearson Education, Inc. 19
Summary
■ A disaster can strike at any time. The organization
must be prepared to respond to continue to provide
services/products to its clients.
■ It is the responsibility of executive management to
insure that threats are evaluated, impact to business
processes recognized, and resources allocated.
■ This requires the creation and maintenance of an
audited business continuity plan and of a set of
ancillary procedures.