US Business Continuity Safeguarding Your Business from a Disaster
|
|
- Kellie Little
- 6 years ago
- Views:
Transcription
1 US Business Continuity Safeguarding Your Business from a Disaster Juanita Hardin BMO Harris Bank Head TPS Risk and Compliance William Simmons BMO Harris Bank Vice President Business Continuity Management
2 Questions? HOW DO YOU PROTECT OUR BUSINESS? 2
3 What IS Business Continuity Planning? A Business Continuity Plan (BCP) is a documented plan which defines the actions, resources and data required to ensure the continuity of the Business Unit s processes in the event of a business disruption. The BCP should be an integral part of your business continuity risk management strategy. BCP addresses the whole business continuity management process from risk & business impact analysis through strategy & plan development to implementation, testing and ongoing change control. At BMO, our program consists of four parts; Business Continuity Planning, Event Management, Life Safety and Quality Assurance 3
4 Regulatory Guidance FFIEC: Business Continuity Planning Booklet (2008) Applies to the US banks and their service providers The FFIEC is responsible for establishing standards to which financial institutions are held. The 2008 version focused on the role of the board and senior management; the addition of pandemic planning, a push toward risk management integration, the emphasis of proactive risk mitigation, and the overall attempt to eliminate ambiguity. This is a mandatory regulatory requirement. Key regulatory agencies and councils overseeing our business continuity efforts include: Federal Financial Institutions Examination Council (FFIEC) Office of the Comptroller of the Currency (OCC) Federal Reserve Bank (FRB) Securities Exchange Commission (SEC) Financial Industry, Regulatory Authority (FINRA) State agencies and other industry associations Office of the Superintendent of Financial Institutions (OSFI) is our primary Canadian Regulatory Office UPDATE: In February 2015, the FFIEC released a new appendix to the Business Continuity Planning booklet Appendix J: Strengthening the Resilience of Outsourced Technology Services highlights that a financial institution s reliance on third-party service providers to perform or support critical operations does not relieve a financial institution of its responsibility to ensure that outsourced activities are conducted in a safe and sound manner. 4
5 Framework & Governance Lines of Business / Operating Group Employees are responsible for being familiar with their BCPs overall strategy and any items which pertain to them and adhering to the US BCM Mandate & Corporate Standard. The US BCM Program Office has a mandate and is responsible to satisfy US jurisdictional requirements through the implementation, maintenance and management of the BCM Program for BMO Financial Corp. US BCM 1B EBCM is part of the second line of defense. The CSA has responsibility for Governance and Methodology of the BCM Framework, its execution and its analysis. EBCM 2 nd Line Audit helps our organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Audit 3 rd Line Business Units 1 st Line The Business Continuity Management framework consists of processes, structures, controls and IT systems, managing Business Continuity Risk. It is maintained at an enterprise level and is aligned with the principles and requirements contained in the Operational Risk Corporate Policy, Guidelines and other published guidance. 5
6 Business Continuity Program Office Program Overview BCM includes both Business Continuity Planning and Event Management. These processes provide a framework for building Resilience and the capability for an effective response safeguarding the interests of our key stakeholders, reputation, brand and value creating activities. BCP Training Ongoing executive and employee training is supported by monthly BCM forums which allow business continuity coordinators to keep abreast of ongoing business continuity issues, table-top exercises, facilitated information presentations, and online annual educational materials. BCP BCM Project Managers assist the coordinators on the various items to maintain within the Sustainable Planner BCP tools; including Business Impact Analysis, Risk Assessment, recovery planning and overall quality assurance. Testing An established framework that facilitates the rapid recovery of critical operations following any disruption to business as designated by LOB and Strategic Sourcing. This framework is exercised bi-annually to ensure continuity plan robustness and technologies Maximum Tolerable Outage (MTO)/Recovery Point Objective (RPO). Also includes 3 rd party and vendor testing. Quality Assurance (QA) Conducts a Quality Assurance (QA) review is to ensure an independent assessment of the BIA, Risk Assessment and BCP and to validate its effectiveness and completeness. 6
7 The importance our organization places on our ability to respond to natural, technological, and human events (i.e. work place violence, protests and security breaches) is critical to our survival. BCM (Business Continuity Management) is a plan, a team and a process that companies use to protect themselves from financial loss, and an Incident Response Plan is a major part of BCM planning. Crisis Management 7
8 Event Management Framework: US Response & Status Team 1:Oversight Corporate Audit Enterprise Risk & Portfolio Management Compliance 2:Governance U.S. BCM Governance Committee U.S. BCM Program Office 3:US Corporate Services Overall Bank Recovery USRST US Corporate Services Operational Management Audit Human Resources Real Estate Finance Legal Corporate Communications Security 5:Technology & Operations Technology & Development Enterprise Infrastructure Operations 4:Business Operation Groups BMO Capital Markets US P&C Retail US P&C Commercial
9 Event Management Framework: Incident Response Team FEI Behavioral Health Staffs the Crisis Call Center and tracks incoming reports from employees and first responders Corporate Real Estate Assesses short and long term damage assessments, and availability of building and works to find alternate locations and equipment Corporate Communications Reviews, approves and responds to immediate external media inquires and arranges all internal communications Corporate Security (I&SS) Utilizes internal and external resources to determine the security requirements and to provide physical security to the affected and alternate sites. Human Resources Manages all employee-related communication and Corporate policy and standard issues Business Representatives Represents the business units impacted by the event and manages the on-site personal\messages The Business Continuity Program Office provides the facilitation of the IRT event calls and assists in the impact efforts. It may evoke a dashboard to record strategy decisions and aid in the communication to executives, USRST, ERST and regulatory agencies. 9
10 The Life Safety & Accounting for People process is crucial to the safety of employees following an evacuation. Assigning the Emergency Team roles, along with knowing and practicing the Accounting for People process, will ensure that missing people are quickly identified and reported to the local authorities. Life Safety 10
11 Accounting for People The Accounting for People process is trained on at least an annual bases via evacuation drills and classroom style instruction. The U.S. Business Continuity Office maintains the training and partners with the life safety teams, building landlords and facility offices to ensure maximum exposure to employees. Floor Captains Accounting for People Coordinator Searchers Accounting for People Team Leader Stairwell \ Elevator Monitors Accounting for People Team Member BMO FC Emergency Hotline XXX-XXX-XXXX XXX-XXX-XXXX Crisis Call Center 11
12 Other Life Safety Initiatives AED\CPR We manage 115 units across 41 sites across the U.S and sponsor AED/CPR certification for all U.S. sites via 3 rd party vendor. Shelter-in-Place Severe weather Extreme temperatures Public disturbance Environmental dangers Explosions or man-made dangers Active Shooter Emergency Mass Notification The Everbridge Mass Notification system is used to contact the IRT, USRST, and LOB personnel quickly and conveniently via Cell, , and Land Lines. Employee Emergency Handbooks The U.S. BCM Office maintains and publishes unique site specific handbooks that address guidelines to assist in the management of localized emergencies (i.e. medical, weather) that may disrupt business. 12
13 Business Continuity Planning aims to develop advance arrangements and procedures to avoid, mitigate and minimize losses during and after business interruptions by applying the BIA / RA and mitigation to the business applications and processes. Business Continuity Planning, and regular BCP updates, are required of all Business Units on an annual basis and/or following significant changes. BC Planning 13
14 Sustainable Planner Sustainable Planner (SP) is the enterprise-wide BCM software-based tool maintained by BCM and used across the business in determining and documenting all business unit planning activities. Coordinators are required to store all business continuity-related documentation in SP. This includes supporting documentation, QA Approvals and Executive Approvals. Business Impact Analysis Assessment of how uncontrolled, non-specific events could impact the business; and prioritization of business functions and processes that must be recovered in the event of service disruptions. Risk Assessment The RA assesses the severity and likelihood of events specific to the Business Unit and prioritizes potential business disruptions based on the impact to operations and the likelihood of occurrence. Business Continuity Plan Aims to develop advance arrangements and procedures to avoid, mitigate and minimize losses, during and after business interruptions. Executive Approvals BCP sign off must be obtained after plan completion, annual updates and whenever plans are revised due to significant changes. Executive Approval must follow completion of successful QA review 14
15 Coordinator: Roles and Responsibilities Coordinator Overview A coordinator directs the development of Business Continuity plans and procedures, and provides regular status updates to senior management, executives and the BCM Office. Administration Facilitate the gathering and organization of all the elements for the BIA\Risk\BCP in the sustainable Planner tool from the appropriate stakeholders. Coordinate electronic access to, and hard copy distribution of, the Business Continuity plans and procedures. Protect the confidentiality, integrity and availability of the Business Continuity plans and procedures. Training and Awareness Ensure all personnel with specific Business Continuity responsibilities are adequately trained to fulfill those responsibilities. Testing and Exercising Plan and coordinate testing elements involving all critical business units, personnel, and recovery locations. Document the results of all tests and exercises, and identify any recommended enhancements to the Business Continuity plans and procedures. Reporting Ensure that all records, documents and testing data are accurately accounted for within Sustainable Planner and reported to senior management, executives, and business continuity departments. 15
16 Stakeholders: Crowd Sourcing US Management Committee Federal Financial Institutions Examination Council (FFIEC) Office of the Comptroller of the Currency (OCC) Management Executive Senior Manager Line of Business Federal Reserve Bank (FRB) Securities Exchange Commission (SEC) Financial Industry Regulatory Authority (FINRA) Regulatory Subject Matter Experts Technology Business Continuity Office Clients Suppliers What is expected of Business Continuity Coordinators is NOT to be complete subject matter experts; however, they should be aware of the groups they need to talk to and gather information from. This will be accomplished by scheduling several meetings over a course of time. 16
17 Challenge: Quality Assurance The purpose of conducting an annual Quality Assurance (QA) review on the Business Continuity Planning process and supporting documentation is to ensure an independent assessment of the BIA, Risk Assessment and BCP and to validate its effectiveness and completeness. The QA review provides valuable feedback and information related to the people, technology, facilities and critical processes that the business performs. All observations and recommendations are shared with the business following the principles of effective challenge. This provides continuous improvement for effective business continuity planning and considers risk implications, outcomes and improves proactive risk mitigation. This is not an audit, nor does it substitute for an audit. Effective Challenge 1. Clarity of purpose 2. Staff expertise/capacity 3. Independence 4. Proactivity 5. Timing 6. Transparency 7. Review Criteria 8. Roles and Responsibilities 9. Consistent across the Enterprise Quality Assurance 1. BCP planning process (BIA, RA, BCP); 2. Critical examination of documentation supporting the MTO 3. Validation that RTO meets MTO and related escalation 4. DR gap analysis 5. DR Risk Acknowledgements 6. Testing 7. Issues & Mediation 17
18 In Closing: Review 27 Nothing Next Steps Mid- Level Next Steps Expert Next Steps Download the Virtual Maturity Model Template here: and get started on assessing your business Review the four Pillars for gaps and maturity; Business Continuity Planning, Event Management, Life Safety, and Quality Assurance. Consider an independent review of your plans and process via Quality Assurance. Whether it s within your department or an outside group.
19 Thank You Juanita Hardin Director - Head Risk and Compliance William Simmons CBCP Vice President, Business Continuity When planning for a year, plant corn. When planning for a decade, plant trees. When planning for life, train and educate people. - Chinese proverb 19
Business Continuity Management and Resilience Framework
Business Continuity Management and Resilience Framework Approving authority University Council Approval date 3 December 2018 Advisor Next scheduled review 2021 Peter Bryant Vice President (Corporate Services)
More informationCitizens Property Insurance Corporation Business Continuity Framework
Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...
More informationEnsuring Organizational & Enterprise Resiliency with Third Parties
Ensuring Organizational & Enterprise Resiliency with Third Parties Geno Pandolfi Tuesday, May 17, 2016 Room 7&8 (1:30-2:15 PM) Session Review Objectives Approaches to Third Party Risk Management Core Concepts
More informationBusiness Continuity 101. Fairchild Resiliency Systems
Business Continuity 101 Fairchild Resiliency Systems Business Continuity Business Continuity (BC) is defined as the capability of the organization to continue delivery of products or services at acceptable
More informationCity of Saskatoon Business Continuity Internal Audit Report
www.pwc.com/ca City of Saskatoon Business Continuity Internal Audit Report June 2018 Executive Summary The City of Saskatoon s (the City ) Strategic Risk Register identifies Business Continuity as a high
More informationBusiness Continuity Framework
Business Continuity Framework A definition to the Components of Resiliency March, 1 Business Continuity Framework 1. INTRODUCTION... 3 2. PURPOSE... 3 3. THE FRAMEWORK... 4 4. STEERING COMMITTEE... 5 5.
More informationCiti Institutional Clients Group - Business Continuity Management
Citi Institutional Clients Group - Business Continuity Management Enterprise Risk Management Establishing a Risk Control-based Continuity Program, CBCP, CBCP Senior Vice President, Citi Institutional Clients
More informationOptimizing an Enterprise Wide Effective Vendor Risk Management Program. Pam Schott Head and VP Enterprise Supplier Governance
Optimizing an Enterprise Wide Effective Vendor Risk Program Pam Schott Head and VP Enterprise Supplier Governance June 1, 2015 Emerging Industry Trends As Procurement organizations mature; their focus
More informationA Guide to Business Continuity
A Guide to Business Continuity Getting Started Business Continuity Management is a process driven from the top of the organisation. The first stage has to be an acceptance by the Board or the Executive
More informationBuilding a Standard for Business Continuity Planning
Building a Standard for Business Continuity Planning John Lugo Sr. Business Continuity Analyst April 17, 2012 1 April 16 18, 2012 Talking Stick Resort Scottsdale, Arizona Business Continuity @ Citrix Statistics
More informationBusiness Continuity Management Policy. Guidance
Management Guidance Document Type: Guidance Parent Policy: Management Policy Policy Owner: Chief Supt Department: Document Writer: Co-ordinator Effective Date: 12 th March 2015 Review Date: 12 th March
More informationIntroducing ISO 22301
Introducing ISO 22301 1 2 Background How was the ISO22301 formed? Contributors 3 Context 4 Source documents included BS25999-2 NFPA 1600 ASIS OR standard Singapore standards ISO 27031 ISO Guide 73 ISOPAS22399
More informationMeet Our Presenter. Equipping You For Success: An ISO Certification Case Study
Equipping You For Success: An ISO 22301 Certification Case Study March 28, 2017 10:45 11:45 am Maureen Roskoski, Corporate Sustainability Officer, Facility Engineering Associates, PC Meet Our Presenter
More informationNavigating the Intersection of Vendor Management and Business Continuity
Navigating the Intersection of Vendor Management and Business Continuity MICHAEL BERMAN, J.D. Table of Contents Why are we here? Business Continuity and Vendor Management Primary Intersection BCP Each
More informationExternal Supplier Control Obligations
External Supplier Control Obligations Resilience Control Title Control Description Why this is important 1.Resilience and recovery governance Supplier must establish effective governance to maintain resilience
More informationBusiness Continuity. Building a Program Fit for Purpose
Business Continuity. Building a Program Fit for Purpose Tim Janes. Director Fulcrum Risk Services Tuesday 2 September. 11.30-12.45 T Janes. BC SLIDES. RIMS Risk Forum Aust 2014 v1.0 Building a BC Program
More informationDRI CBCP. Certified Business Continuity Professional.
DRI CBCP Certified Business Continuity Professional http://killexams.com/exam-detail/cbcp Question: 118 Which are included in the Business Continuity professional's role? Select all that apply: A. Act
More informationNHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY
NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY 1 AUTHOR/ APPROVAL DETAILS Document Author Written By: Phil Hartwell Authorised Signature Authorised By: Helen Shields Date: 06
More informationThe 13th Annual Continuity Insights Management Conference
The 13th Annual Continuity Insights Management Conference Presented by: Continuity Insights What Enterprise-Wide Business Continuity Really Means Communicating the value of BC to management and embedding
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Learning Objectives To understand the concept of Business Continuity Management; To understand the key phases and components of a Business
More informationBusiness Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini
Business Continuity Planning LGMA Conference October 27, 2011 Presented by Lisa Benini What is it? Business Continuity Planning Definition: Process of developing and documenting advance arrangements and
More informationGlobal Crises: What We Really Need to Do to Be Prepared. Day One / Session C5
Global Crises: What We Really Need to Do to Be Prepared Day One / Session C5 April 12, 2010 Clyde Berger Adam Chusid 0 Today s Objectives Present practical solutions for building a viable sustainable program
More informationEffectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders. October 7, 2014
Effectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders October 7, 2014 Agenda Background Program Elements What Makes it Enterprise-wide Recommended Strategies
More informationChallenges and Direction of Business Continuity
Challenges and Direction of Business Continuity Don DeMarco Vice President IBM Business Resilience & Security Services Let s go back to mid-2000 The Future State of Our Industry: Business Process Continuity
More informationENTERPRISE RISK SERVICES Managing Risk, Driving Results
ENTERPRISE RISK SERVICES Managing Risk, Driving Results Risk Management Solutions At MNP, our Enterprise Risk Services team assists organizations as they navigate through uncertainty by helping them effectively
More informationOversight by Board, Risk Management & Audit Committee (RMAC) and other committees. Second line of defense
47 In the business environment that we live in, doing nothing might be the biggest risk of all. At Cim, the Board plays a crucial role in risk oversight; it is bringing more diverse viewpoints into the
More informationAudit of Business Continuity Planning
Audit of Business Continuity Planning February, 2018 Office of Internal Audit and Evaluation Report submitted to the Parks Canada Audit Committee: February 27, 2018 Approved by the Agency CEO: April 17,
More informationEmergency Management Program
Program Emergency Management Program Revision: 00 2017-07-18 Approved - Uncontrolled When Printed Approved by Reviewed by Vice President, Operational Compliance & Information Services Director, Operational
More informationIT EXAMS TOP 5 CITATIONS. Top 5 citations LOUISIANA BANKERS ASSOCIATION TECHNOLOGY CONFERENCE Policy and Risk Assessment 2.
IT EXAMS LOUISIANA BANKERS ASSOCIATION TECHNOLOGY CONFERENCE 2015 @TrainaCPA TOP 5 CITATIONS Top 5 citations 1. Policy and Risk Assessment 2. ACH/CATO 3. Disaster planning 4. Audit 5. Oversight 1. POLICY
More informationGUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))
GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for
More informationBusiness Continuity Policy
Business Continuity Policy 1. Scope and Aims... 1 2. Objectives... 1 3. Delivery... 1 4. Governance... 2 5. Roles and Responsibilities... 2 6. Outcomes and Reviews... 4 7. Links to other policies / procedures...
More informationOffice of Internal Audit. The University of Texas Southwestern Medical Center Business Continuity/Disaster Recovery. Internal Audit Report 16:32
Office of Internal Audit The University of Texas Southwestern Medical Center Business Continuity/Disaster Recovery Internal Audit Report 16:32 December 7, 2016 Table of Contents I. Executive Summary 3
More informationBusiness Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA
Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Understand the context and relevance of BCM A Philippine & Telco Perspective Comprehend how
More informationContinuity Awareness & Training The Right Way
425.670.8700 www.ripcordsolutions.com Continuity Awareness & Training The Right Way Phil Lambert MBCI, CBCP President phil.lambert@ripcordsolutions.com www.linkedin.com/in/phillambert/ Continuity s Focus
More informationWILTSHIRE POLICE FORCE POLICY
Template v4 WILTSHIRE POLICE FORCE POLICY BUSINESS CONTINUITY MANAGEMENT SYSTEMS (BCMS) Date of Publication: January 2017 Version: 3.0 Next Review Date: January 2019 POLICY STATEMENT Wiltshire Police has
More informationBUSINESS CONTINUITY PLANNING WORKPROGRAM
BUSINESS CONTINUITY PLANNING WORKPROGRAM EXAMINATION OBJECTIVE: Determine the quality and effectiveness of the organization s business continuity planning process, and determine whether the continuity
More informationPresentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC
Presentation on Crisis Management and Business Continuity ISCA Breakfast Talk 13 September 2017 See Hong Pek, Partner, . Some definitions.. Business Continuity is the: Capacity of the organization to continue
More informationPoints of Discussion
Business Continuity Planning Considerations for Business Process Offshoring Todd Litman, CBCP DRJ Spring World March 18, 2013 1 Points of Discussion Business Process Offshoring Benefits & Risks Business
More informationHead of Security and Business Continuity
Services Security and Business Continuity Ser-Sec-003 07/11/2017 Author Name Author Job Title Alan Cain Head of Security and Business Continuity Version No. 1.1 EIA Approval Date 28/06/2017 Committee Recommend
More informationBCP Methodology Benefits realisation
www.pwc.com.cy BCP Methodology Benefits realisation Risk Assurance Consulting (RAC) Risk Assurance Consulting (RAC) helps management to make well informed decisions. The insight and independent assurance
More informationRef Domain Standard Detail
Ref Domain Standard Detail Clinical Commissionin Evidence - examples listed below g Group 1 Governance Appointed AEO The organisation has appointed an Accountable Emergency Officer (AEO) responsible for
More informationProtecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning MIS5206 Week 9 Case study discussion Business Continuity Planning (BCP) and Disaster Recovery (DR) Planning Test
More informationThe City of Edmonton. Enterprise Risk Management and Business Continuity Management
The City of Edmonton Enterprise Risk Management and Business Continuity Management Presenters: Ken Baker, CPA, CMA, ARM-E, Corporate Manager, Enterprise Risk Management Butch Brennan, MBA, CBCP, Business
More informationEY s Africa Resilience Survey 2016
EY s Africa Resilience Survey 2016 For more information, please visit: ey.com/za Follow us on Twitter: @EY_Africa B EY s Africa Resilience Survey 2016 Foreword Welcome to EY s Africa Resilience Survey
More informationBusiness Continuity Guide 2017
Business Continuity Guide 2017 June 2017 Page 1 Acknowledgements The Business Continuity Guide is the primary resource document for the Government of Alberta s departments in the development of a business
More informationTHE ARCG CHARTER. Issued in March 2008
THE ARCG CHARTER Issued in March 2008 Index Part A Internal Audit Purpose Charter Mission Independence Scope & Responsibilities Authority Accountability Standards Part B Compliance Introduction Guiding
More informationSMS Elements Veriforce, LLC. All rights reserved.
1. Leadership and Management Commitment 2. Stakeholder Engagement 3. Risk Management 4. Operational Controls 5. Incident Investigation, Evaluation, and Lessons Learned 6. Safety Assurance 7. Management
More informationFOUNDATION OF THE PLAN WAS A RISK ANALYSIS. Basic Flaw focus on threat probability instead of potential impact
FOUNDATION OF THE PLAN WAS A RISK ANALYSIS Basic Flaw focus on threat probability instead of potential impact NOBODY KNEW ANYTHING How do you create a plan? How do you do a Risk Analysis? How much processing
More informationBusiness Continuity Management Policy
Business Continuity Management Policy Version FINAL 1.0 Ratified by Dudley CCG Audit Committee Date ratified 17/03/16 Name of originator(s) / author(s) David Morris, Midlands and Lancashire CSU/ Sue Johnson,
More informationBusiness Continuity Management and Business Impact Analysis (BIA)
Presented by Richard A. Harris, CBCP, MPMP Absolute Continuity Solutions Consultants, LLC Absolute solutions for all your enterprise s consulting needs Business Continuity Management and Business Impact
More informationRisk Management at Statistics Canada
Risk Management at Statistics Canada Presentation to Workshop on Risk Management Practices in Statistical Organizations J. Mayda April 25 th, 2016 Introduction Statistics Canada has had a formal Integrated
More informationEDINBURGH NAPIER UNIVERSITY BUSINESS CONTINUITY POLICY AND FRAMEWORK
EDINBURGH NAPIER UNIVERSITY BUSINESS CONTINUITY POLICY AND FRAMEWORK Purpose This policy sets out the University s approach to maintaining and developing business continuity plans on an on-going basis
More informationpwc.co.uk Business continuity management
pwc.co.uk Business continuity management Contents What s on your mind? 01 Our point of view 02 What can PwC do to support you? 04 What you gain 06 When to act 07 Intelligent Digital 08 What s on your mind?
More informationSub-section Content. 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx
Sub-section Content 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx 2 Job Purpose - To assist in the maintenance and development of
More informationIndigenous and Northern Affairs Canada. Internal Audit Report. Audit of Business Continuity Planning. Prepared by: Audit and Assurance Services Branch
Indigenous and Northern Affairs Canada Internal Audit Report Audit of Business Continuity Planning Prepared by: Audit and Assurance Services Branch August 2017 TABLE OF CONTENTS TABLE OF CONTENTS... i
More informationEnterprise Risk Management 2016
Senior Management Conference November 3, 2016 Enterprise Risk Management 2016 Presented by: Jack R. Salvetti, Principal S.R. Snodgrass, P.C. 2016 S.R. Snodgrass, P.C. All Rights Reserved Risk: Exposure
More informationBroadridge Business Process Outsourcing, LLC Business Continuity Plan Disclosure
Broadridge Business Process Outsourcing, LLC Business Continuity Plan Disclosure I. Summary In accordance with FINRA Rule 4370, Broadridge Business Process Outsourcing, LLC (the Firm ) is providing you
More information[RESTRICTED ACCESS: SECURITY] COMMONS EXECUTIVE COMMITTEE Update on business resilience capability and annual approval of Business Resilience Policy
EC2016.P.04 COMMONS EXECUTIVE COMMITTEE Update on business resilience capability and annual approval of Business Resilience Policy Paper from: David Leakey, Chair of the Business Resilience Group Paper
More informationRISK ENGINEERING GUIDELINE
RISK ENGINEERING GUIDELINE BUSINESS CONTINUITY MANAGEMENT (BCM) HDI Risk Consulting Business Interruption www.hdi.global Development and Implementation of a Business Continuity Management System (BCMS)
More informationAppendix A - Service Provider RACI Model
Portfolio es: R A C / I P.1 Portfolio Strategy Centralized management of one or more portfolios (major programs), which includes identifying, prioritizing, authorizing, managing, and controlling projects,
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the
More informationOctober WFE Response to the BoE-FCA-PRA Discussion Paper: Operational Resilience
October 2018 WFE Response to the BoE-FCA-PRA Discussion Paper: Operational Resilience Background The World Federation of Exchanges (WFE) is the global trade association for exchanges and clearing houses,
More informationBest Practices: Vendor Risk Questionnaires PROCESSUNITY WEBINAR SERIES
Best Practices: Vendor Risk Questionnaires PROCESSUNITY WEBINAR SERIES Today s Presenters Tom Garrubba Senior Director Shared Assessments Bryan Burnhart Head of Strategic Alliances ProcessUnity Ed Thomas
More informationSTATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
Governance Digi.Com Berhad Annual Report 2017 73 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL IN ACCORDANCE WITH PARAGRAPH 15.26 (b) OF THE MAIN MARKET LISTING REQUIREMENTS OF BURSA MALAYSIA SECURITIES
More informationJennie Clinton, Pearce Global Partners May 10 th, 2012
Jennie Clinton, Pearce Global Partners May 10 th, 2012 Workshop Overview Workshop will focus on three area of business resiliency: Business Continuity Plans and Crisis Response Look at how these plans
More informationOffice of the Superintendent of Financial Institutions. Internal Audit Report on Supervision Sector: Deposit Taking Group - Conglomerates
Office of the Superintendent of Financial Institutions Internal Audit Report on Supervision Sector: Deposit Taking Group - Conglomerates June 2013 Table of Contents 1. Background... 3 2. Audit Objective,
More informationCrisis Management Who s In Charge?
Crisis Management Who s In Charge? Presented by: Cynthia Simeone, CBCP, PMP Satori Consulting Judith Walker, PMP Goldman Sachs Crisis Management What is Crisis Management? Crisis Management involves identifying
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationIT Framework Memorandum. For. Supervised Institutions
CENTRALE BANK VAN CURAÇAO EN SINT MAARTEN (Central Bank) IT Framework Memorandum For Supervised Institutions WILLEMSTAD, Updated version April 2011 IT Framework Memorandum for Supervised Institutions 1.
More informationOperational Resilience Measure and Report
Operational Resilience Measure and Report 26 Sept 2017 Lewis McKenzie Andrew Charlton Evolution of Resilience Regulation Regulatory Challenge Board accountability for critical infrastructure. Requirement
More informationTABLE OF CONTENTS ONLY Business Continuity - Critical Supplier Management Assessment
TABLE OF CONTENTS ONLY Business Continuity - Critical Supplier Management Assessment 2014 Prepared by BC Management, Inc. Benchmarking. Plan Ahead. Be Ahead. Table of Contents Reporting History 4 Study
More informationHow to Build an Enterprise BC Program (That gets around the roadblocks)
February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 How to Build an Enterprise BC Program (That gets around the roadblocks) Scott Baldwin, CBCP, MBCI VP, Strategic Product
More information5/28/2018. Disaster Recovery Are You Ready. Speaker. Agenda
Disaster Recovery Are You Ready Central Iowa American Payroll Association 2017 Statewide Conference Friday October 6 Speaker Bruce E. Phipps CPP APA Vice Presindent 2011 APA Payroll Man of the Year Principal
More informationManagement Excluded Job Description
Management Excluded Job Description 1. Position Identification Position Number 993234 Position Title Department Reports to (title) Associate Director, Supply Management Purchasing Services Director, Purchasing
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationCreating a Risk Intelligent Enterprise: Risk governance
Creating a Risk Intelligent Enterprise: Risk governance Risk governance: Overseeing risk and risk management Robust risk governance drives a consistent and coordinated approach to risk across the organization
More informationCoastal Equities, Inc.
Coastal Equities, Inc. Business Continuity Plan Summary Updated On: March 1, 2017 The foregoing is a true and accurate representation of the business continuity steps taken by Coastal Equities, Inc. As
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationThis charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.
CORPORATE AUDIT DEPARTMENT CHARTER PURPOSE This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department. The Institute of Internal Auditors
More informationBusiness Continuity Management Policy. Date Version Number Planned Review Date Oct 2014 Issue 1 Oct 2017
Business Continuity Management Policy Document Code PtHB / CGP 001 Date Version Number Planned Review Date Oct 2014 Issue 1 Oct 2017 Document Owner Approved by Date Civil Contingencies Executive Team 08/10/2014
More informationBusiness Impact Management Moving Beyond the Traditional BIA THINK DIFFERENT. THINK SUCCESS.
Business Impact Management Moving Beyond the Traditional BIA 1 Change can be challenging! 2 Discussion Topics Impact Assessment Concepts Effective Data Gathering Creating Actionable Information Impact
More informationBUSINESS CONTINUITY MANAGEMENT
BUSINESS CONTINUITY MANAGEMENT RCG020-V1-01/2017 Page 1 2017 Royal & Sun Alliance Insurance plc Contents Introduction... 3 Business Continuity Management... 3 Getting started... 3 Business Impact Analysis...
More informationSupply Chain Management within Business Continuity
Supply Chain Management within Business Continuity Al Berman Executive Director DRI International DRI International Who Are We? A Non-Profit Organization Committed to: Promoting a base of common knowledge
More informationMr. Paul Druckman Chief Executive Officer, International Integrated Reporting Council
Philip D. Tarling, CIA, CRMA, CMIIA Global Chairman of the Board The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL 32701 July 12, 2013 Professor Mervyn King Chairman, International
More informationWHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY
WHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY It s hard to find an organization not impacted by at least one natural, man-made or cyber disruption in 2017. From earthquakes in Mexico, to
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationBUSINESS CONTINUITY MANAGEMENT A MANAGER S TOOLKIT A
Anytown Council BUSINESS CONTINUITY MANAGEMENT A MANAGER S TOOLKIT A guide to Business Continuity Management in Anytown Council CONTENTS Introduction - The need for Business Continuity Management (BCM)
More informationBCP Methodology Benefits realisation
www.pwc.com.cy/technology-consulting BCP Methodology Benefits realisation BCP Methodology Our BCP methodology incorporates five (5) phases. The phases take an organisation from prioritising core business
More informationREGULATORY HOT TOPIC Third Party IT Vendor Management
REGULATORY HOT TOPIC Third Party IT Vendor Management 1 Todays Outsourced Technology Services Core Processing Internet Banking Mobile Banking Managed Security Services Managed Data Center Services And
More informationBusiness Continuity vs. Operational Risk Management vs. Business Resiliency. Karen Dye Oakley, CBCP, MBCI
Business Continuity vs. Operational Risk Management vs. Business Resiliency Karen Dye Oakley, CBCP, MBCI www.karendyeconsulting.com Background Most recently with Sun Microsystems, Inc. Director, Global
More informationHot Topics in Third Party Management. April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
Hot Topics in Third Party Management April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2018 Wolf & Company, P.C. Before we get started Today s presentation slides can
More informationRISK MANAGEMENT REPORT
RISK MANAGEMENT REPORT A RCL FOODS RISK MANAGEMENT REPORT 2016 RISK MANAGEMENT REPORT FRAMEWORK Risk management is considered by the Board to be a key business discipline, designed to balance risk and
More information18 Business Continuity Management
18 Business Continuity Management Business Continuity is the strategic and tactical capability of the organisation to plan for and respond to incidents and business disruptions in order to continue business
More informationBUSINESS CONTINUITY MANAGEMENT
Loss Control BUSINESS CONTINUITY MANAGEMENT Preparing for the Unexpected Preparing your organization for a disaster can be an overwhelming task, but the risk of being unprepared can be even more devastating.
More informationPOLICY ON RISK MANAGEMENT
POLICY ON RISK MANAGEMENT This Policy was approved by the Board of Trustees on March 14, 2017. Table of Contents 1. INTRODUCTION... 1 2. OBJECTIVE... 1 3. APPLICATION... 1 4. POLICY... 1 5. ROLES AND RESPONSIBILITIES...
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Introductory Note to User: CompanyLongName There is no requirement in Australia for a non-publicly listed entity (other than a company regulated by APRA) to comply
More informationBusiness Continuity Planning: As A Business Owner, What Do I Need to Consider? David Sutton Manager, Environment, Safety and Health.
Business Continuity Planning: As A Business Owner, What Do I Need to Consider? David Sutton Manager, Environment, Safety and Health June 15, 2006 Qualifying Event Continuum Normal Business Operations Business
More informationBusiness Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013
Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013 Carey A. Loukides, CBCP, ARM, MBCI Senior Consultant, Global Risk Consulting Enterprise Risk Management, Business Continuity
More informationBusiness Continuity Management Policy and Framework
Management Policy and Framework Version: 9 Produced by: University Manager with the assistance of the Operational Group Date Produced: 11 th March 2010 Approved by: Steering Group (14 December 2010) Updated:
More informationBCP MANUAL. February 2012
BCP MANUAL February 2012 This document contains confidential information and remains the sole property of EXFO Inc. It may not be reproduced in whole or in part without written consent of EXFO Inc. Table
More information