This document contains information about a business continuity consulting firm called Continuity and Resilience (CORE) including their contact details in India and the United Arab Emirates. It also summarizes a presentation given by S. Seshadri of CORE at the 4th India Business & IT Resilience Summit on establishing a business continuity management system based on ISO 22301. The presentation covers why organizations implement BCM, key requirements and elements, and issues to consider when initiating a BCM program such as scope, roles, and obtaining leadership support.

1. Continuity and Resilience (CORE)
ISO 22301 BCM Consulting Firm
Presentations by speakers at the
4th India Business & IT Resilience Summit
7th October, 2016 | Hotel Hilton, Mumbai India
Our Contact Details:
INDIA UAE
Continuity and Resilience
Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019
Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535
Email: ms@continuityandresilience.com
Continuity and Resilience
P. O. Box 127557
Abu Dhabi, United Arab Emirates
Mobile:+971 50 8460530
Tel: +971 2 8152831
Fax: +971 2 8152888
Email: info@continuityandresilience.com

2. BCM Program-
Getting started
S Seshadri
Head – Consulting, CORE
4th Biz & IT Resilience Summit, Mumbai
October 7, 2016 2

3. Establishing a BCMS
• Why implement BCM?
• Requirements for BC, based on
– Organisation’s context and objectives
– Legal, regulatory, and contractual requirements
– Interested parties
– Products and services
– Customers
October 7, 2016 3

4. Business Continuity
Before
During
After
Risk Reduction
Response
Recover
4October 7, 2016

5. Business Continuity Management
EMERGENCYMANAGEMENT
ITDISASTERRECOVERY
FACILITIESMANAGEMENT
HUMANRESOURCES
SECURITY
CRISISCOMMUNICATIONS&PR
KNOWLEDGEMANAGEMENT
SUPPLYCHAINMANAGEMENT
QUALITYMANAGEMENT
HEATH&SAFETY
RISKMANAGEMENT
ENVIRONMENTALMANAGEMENT
Involve all Elements of the Organisation
Note: Source – BSI/BCI 5October 7, 2016

6. • BCM is based on a ‘lifecycle’ – it is a continuous
process
• Must become part of the organizational culture
• Commitment from the top, and throughout the
organisation
• Based on impacts – not just threats
• BCM must be proven by exercise and lessons
learnt
• BCM must be maintained in a changing
environment
Key Elements of the Standard
October 7, 2016 6

7. Key Program Initiation Issues
• Identifying the Scope
• Aligning with organization’s objectives
• Issuance of BCM Policy
• Ownership and accountability
• Roles and responsibilities
• Skills and competencies
• Assumption and limitations
• Schedule and Budget
• Implementation
• Ongoing support
7October 7, 2016

8. • What are their requirements and perceptions?
• Who are they?
• Shareholders, Customers, Employees and Suppliers
• Regulators, Financial Investors, Insurers, Auditors,
Professional Bodies, Trade Associations,
Government Departments
• Competitors, the Community, Media and ‘Vested
Interest’ Groups
Interested Parties
October 7, 2016 8

9. Leadership
October 7, 2016 9
• Display thought leadership
• Provide guidance
• Encourage and motivate
• Decide, and communicate
• Define Risk Appetite
• Provide resources
• Establish BCM Policy
• Participate in tests
• Review & enable continual improvement

10. Planning
October 7, 2016 10
• Procedure/ methodology for
• Risk Appetite
• Regulatory Requirements
• Business Impact Analysis
• Risk Assessment
• Strategies Development
• Plan Development
• Exercising
• Reviewing and monitoring
• Performance Evaluation
• Continual improvement
• Management Review
• Internal Audit
• Corrections and CAPA

11. Support
October 7, 2016 11
• The organisation shall commit to support
its BCMS by providing the following
– Resources
– Competence
– Awareness
– Communication
– Documented information

12. The ‘silo’ syndrome
• Business Continuity
• IT Service Continuity
• IT Disaster Recovery
• Information Security
• Risk Assessment
October 7, 2016 12

13. October 7, 2016 13