Essential Concepts. For Effective. Business Continuity Planning
|
|
- Marcia Burke
- 6 years ago
- Views:
Transcription
1 Essential Concepts For Effective Business Continuity Planning 1
2 What is a Business Continuity Plan (BCP)? A Business Continuity Plan (BCP) is a comprehensive set of business strategies and actions designed to protect people and the business in the event of a disruption. Disruptions can take many forms, including natural disasters, technical failures, terrorism, sabotage, security breaches or other threats. A key outcome of a BCP is business resilience. The BCP provides a roadmap for prompt threat assessment, response and recovery, thereby enabling continued product delivery and service. Effective BCPs are based on a continuous cycle of Plan-Do-Check-Act. (See preceding graphic). This management system approach helps ensure a constant vigilance for disruption threats, development of appropriate strategies and plans, organizational training, plan testing and maintenance and continuous improvement. This White Paper provides a tour of what I feel are essential concepts for effective business continuity planning. The Business Continuity Planning Life Cycle - Tom Rancour Let s take a closer look at the Business Continuity Planning process. mentioned, it follows a classic Plan-Do-Check-Act life cycle approach. As In the PLAN step of the cycle, BCP roles and responsibilities are defined. Critical business processes and systems are identified, threats and risks to those processes and systems are determined and protection and mitigation strategies are developed. In the DO step, plans are developed, including a Crisis Management Plan, Business Recovery Plans, and Communications Plans. In the CHECK step of the cycle, plans are tested and maintained. In the ACT step, the entire BCP program is reviewed and continuous improvement opportunities are identified and acted upon.
3 PLAN BCP Roles and Responsibilities An early step is to establish key BCP roles and responsibilities: BCP Champion. This person is the owner and champion for the overall plan. Typically, the senior executive for the site assumes this role. They ensure appropriate financial and human resources are available to implement the plan. They are ultimately responsible for ensuring the plan identifies and addresses potential losses to critical business processes and systems, and that the plan is tested and maintained. BCP Coordinator. This person leads the overall BCP development and implementation effort, including chairing an on-going BCP Steering Committee. The BCP Coordinator s responsibilities include collecting and reporting progress data on BCP effectiveness and plan status. BCP Steering Committee. The BCP Steering Committee is a working group, comprised of cross-functional leaders responsible for developing specific business continuity strategies, supporting plans and procedures. The BCP Steering Committee collectively analyzes threats, determines risks and develops necessary business and process recovery plans. In addition, the BCP Committee designs and deploys appropriate tests to check the effectiveness of the BCP and continuously improve it. The BCP Committee ideally has representatives from line management, facilities/building maintenance, safety, health, environment and security, human resources, finance, supply chain, sales and marketing, legal and communications. Crisis Communications Coordinator. Another important BCP role is the Crisis Communications Coordinator. This individual is responsible for internal and external communications before, during and after a crisis event. Risk Assessment and Business Impact Analysis In the PLAN step, potential threats and vulnerabilities to business continuity are identified. This is completed as a BCP Steering Committee brainstorming session. Threats and vulnerabilities may include threats to the entire enterprise 3
4 or to specific critical processes and functions. Critical business processes and functions are identified by the BCP Steering Committee. These are broadly defined as those processes and systems whose failure would most quickly threaten product or service delivery and/or cause a material financial and operational impact. Example threats and vulnerabilities include natural disasters, fires, and loss of critical infrastructure (such as power, water, equipment and data damage, etc.) Threats and vulnerabilities might also include strikes or labor disruptions, systems failures, security breaches, disclosure of proprietary information, or other man-made events. Threats and vulnerabilities might also take the form of non-compliance with legislation, regulations and/or accepted industry practices. After identifying threats and vulnerabilities, the BCP Committee must assess risk. A risk assessment evaluates the impact and probability of each threat. A Business Impact Analysis (BIA) is then conducted on elevated risks (higher impact and probability threats). The BIA provides an estimate of anticipated financial/operational impacts following a disruption. It is a valuable method for establishing Recovery Time Objectives (RTOs), that is, how quickly a critical business process or system must be continued to prevent a serious impact. Besides establishing recovery priorities, the BIA also estimates the minimum amount of resources needed for recovery. Develop Strategies During the PLAN step, existing risk prevention, mitigation and recovery strategies are identified by the BCP Steering Committee. Potential new strategies are also identified in this phase and costs and benefits analyzed. Also, steps are taken to monitor for new or modified threats and risks. DO Develop and Implement Plans This phase of the BCP Life Cycle involves putting plans in place to implement BCP strategies. Output of this phase includes development of a Crisis Management Plan, Business Recovery Plans, and Communications Plans. 4
5 Crisis Management Plan (CMP) The Crisis Management Plan establishes procedures for promptly evaluating situations/events and, as appropriate, declaring a crisis and activating employee protection, recovery plans and communications plans. Situation assessments and decision-making are conducted by a Crisis Management Team who has decision-making authority. The Crisis Management Plan often includes designation of interim management personnel or alternates, in the event that senior management is unavailable during an emergency or crisis event. Business Recovery Plans (BRPs) Business Recovery Plans include a Site Emergency Response Plan, an IT Disaster Recovery Plan, and Process Recovery Plans. Emergency Response Plan The Emergency Response Plan (ERP) should include a description of the site s emergency response organization. For example, use of an Incident Command System with designation of an Incident Commander, an Emergency Operations Center, and Emergency Response Team. Specific information on response team roles and responsibilities should be included, along with names and contact information. The ERP also contains the Site Evacuation Plan designating evacuation routes, rally points, headcount reconciliation methods, and other procedures. A Shelter-in-Place Plan may also be included where there is a likely threat of earthquake, adverse weather, environmental hazards (chemical or radiological event in the area) or other applicable events where evacuation is inappropriate. IT Disaster Recovery Plan An IT Disaster Recovery Plan (IT DRP) describes procedures and information for responding to information system and telecom disasters. The IT DRP describes vital IT operations, users, equipment and materials and recovery times/recovery 5
6 points. The plan describes various foreseeable IT disasters and response and recovery strategies, procedures and responsibilities. The IT DRP may also describe methods for protection, storage and retrieval of critical documents. Process Recovery Plans (PRPs) Process Recovery Plans provide for the continuation/recovery of critical business processes and systems in the event of disaster. Examples actions might include relocating business processes to unaffected areas (either on-site or off-site), providing temporary measures to support existing operations (for example, portable generators to maintain power for critical production), and leveraging product distribution networks, distributed manufacturing, and supply chains. PRPs include detailed descriptions for the restoration of critical business process and systems impacted by a disaster. Specific individuals accountable for the identified critical business processes or systems must be identified and designated. These BCP Process Owners develop and maintain PRPs. Communications Plans Communication Plans typically address both internal and external communications before, during and after a disruption. Communications Plans include methods for notifying employees of emergencies, disasters and disruptions. This includes contacting off-site employees to keep them informed concerning site conditions and whether or not to report to work. Communications Plans also specify who to notify (both internal and third parties) when a crisis or emergency occurs and establishes communications procedures for situation updates. BCP Training An important part of the BCP effort is training. Employees must be trained in applicable BCP roles, responsibilities and procedures. For example, all employees should receive training on site emergency response/evacuation procedures. More specific roles and responsibility training must be provided to 6
7 employees with crisis management, damage assessment and disaster recovery responsibilities. CHECK Plan Testing and Maintenance Plans must be tested to check their effectiveness. In this phase, response and recovery capabilities are tested through a table top or practical exercise. A critique of tests is conducted by the BCP Steering Committee and continuous improvement actions are implemented to address identified gaps. Plans also must be updated as appropriate following tests. ACT Management Review Consistent with continuous improvement principles, the entire BCP program is evaluated at least annually by senior management to determine overall effectiveness and identify areas for improvement. For example, have new risks been identified and evaluated? What is the status of risk mitigation efforts? What are the lessons learned from response to actual disruptions? Are all critical processes identified and are Process Recovery Plans in place? What changes, if any, are necessary in the BCP Steering Committee membership? 7
8 Summary & Disclaimer This White Paper is intended to provide a brief overview of essential principles and practices to help you develop an effective Business Continuity Plan BCP). It is important to note that an effective BCP requires an on-going and extensive risk assessment and management effort. This White Paper therefore is not intended as a total solution or review of all essential elements for your situation nor a replacement for an overall effective, comprehensive business continuity management system. About the Author Tom Rancour helps organizations achieve excellence in safety, health, business continuity and sustainability through relentless focus on culture, processes and management systems. He has over 30 years of diverse experience across multiple industries. Prior to founding Rancour & Associates, Tom was Corporate Director, Safety and Environmental Operations for Honeywell International, Inc., Morristown NJ. He is a Certified Safety Professional (CSP) and Certified Industrial Hygienist (CIH) and holds advanced degrees from the University of Michigan and Michigan State University. He is a Board member of the Michigan Industrial Hygiene Society and a member of ASIS International, the preeminent organization for security professionals. He resides in the Detroit metropolitan area. Interested in transforming your business continuity culture, processes and systems? Give us a call today! 8
CONTINUITY OF OPERATIONS PLAN
CONTINUITY OF OPERATIONS PLAN (TEMPLATE) NAME OF ORGANIZATION/BUSINESS ADDRESS PHONE NUMBER Organization Logo Continuity of Operations Plan Version 1.5 Table of Contents I. Introduction... 1 II. Purpose...
More informationBusiness Continuity Framework
Business Continuity Framework A definition to the Components of Resiliency March, 1 Business Continuity Framework 1. INTRODUCTION... 3 2. PURPOSE... 3 3. THE FRAMEWORK... 4 4. STEERING COMMITTEE... 5 5.
More informationBusiness Continuity Planning System for the KDPW Group - BCP System Policy (excerpt)
Business Continuity Planning System for the KDPW Group - BCP System Policy (excerpt) Contents: I. Introduction... 2 II. BCP System general principles... 2 III. BCP System Documentation... 4 IV. BCP System
More informationCoastal Equities, Inc.
Coastal Equities, Inc. Business Continuity Plan Summary Updated On: March 1, 2017 The foregoing is a true and accurate representation of the business continuity steps taken by Coastal Equities, Inc. As
More informationIntroducing ISO 22301
Introducing ISO 22301 1 2 Background How was the ISO22301 formed? Contributors 3 Context 4 Source documents included BS25999-2 NFPA 1600 ASIS OR standard Singapore standards ISO 27031 ISO Guide 73 ISOPAS22399
More informationKeep Your Company Moving After A Disaster With A Business Continuity Plan (BCP)
Keep Your Company Moving After A Disaster With A Business Continuity Plan (BCP) HR Benefits Payroll gnapartners.com It only takes one major interruption to its business operations for a company to recognize
More informationThe City of Edmonton. Enterprise Risk Management and Business Continuity Management
The City of Edmonton Enterprise Risk Management and Business Continuity Management Presenters: Ken Baker, CPA, CMA, ARM-E, Corporate Manager, Enterprise Risk Management Butch Brennan, MBA, CBCP, Business
More informationCISSP Certified Information Systems Security Professional (CISSP)
QUESTION 1 CISSP Certified Information Systems Security Professional (CISSP) During a recovery procedure, one important step is to maintain records of important events that happen during the procedure.
More informationBCP Methodology Benefits realisation
www.pwc.com.cy BCP Methodology Benefits realisation Risk Assurance Consulting (RAC) Risk Assurance Consulting (RAC) helps management to make well informed decisions. The insight and independent assurance
More informationDrought THIRA Capability Statement Worksheet 1
Drought THIRA Statement Worksheet 1 Community Resilience Description: Enable the recognition, understanding, communication of, and planning for risk and empower individuals and communities to make informed
More informationBusiness Continuity Management and Resilience Framework
Business Continuity Management and Resilience Framework Approving authority University Council Approval date 3 December 2018 Advisor Next scheduled review 2021 Peter Bryant Vice President (Corporate Services)
More informationA Guide to Business Continuity
A Guide to Business Continuity Getting Started Business Continuity Management is a process driven from the top of the organisation. The first stage has to be an acceptance by the Board or the Executive
More informationBusiness Continuity Through Planning, Prevention and Preparedness. READINESS RESOURCES
READINESS RESOURCES Federal Emergency Management Agency -- www.fema.gov Emergency Management Guide for Business & Industry: http://www.fema.gov/pdf/business/guide/bizindst.pdf American Red Cross -- www.redcross.org
More informationBusiness Continuity Through Planning, Prevention and Preparedness. READINESS RESOURCES
READINESS RESOURCES Federal Emergency Management Agency Emergency Management Guide for Business & Industry: www.fema.gov/pdf/business/guide/bizindst.pdf PS-Prep - www.fema.gov/ps-preptm-voluntary-private-sector-preparedness
More informationYale University Business Continuity Planning Quick Start Guide
Yale University Business Continuity Planning Quick Start Guide Introduction A Business Continuity Plan (BCP) (previously referred to as Continuity of Operations Plan or COOP) is a collection of resources,
More informationDon t Panic! How to develop and implement an emergency response plan for your attraction
Don t Panic! How to develop and implement an emergency response plan for your attraction Paul Chatelot, Director / Prevention, Safety & Environment DiSNEYLAND PARIS September 19, 2016 Agenda Don t panic
More informationThe Disaster Experience: Putting Business Continuity to the Test
The Disaster Experience: Putting Business Continuity to the Test Presented by Bob Mellinger, CBCV OM33 5/5/2018 1:15 PM The handout(s) and presentation(s) attached are copyright and trademark protected
More informationEmerging Threats: The importance of Interagency Coordination WEATHERING THE STORM 6 TH ANNUAL REGIONAL DISASTER CONFERENCE
Emerging Threats: The importance of Interagency Coordination WEATHERING THE STORM 6 TH ANNUAL REGIONAL DISASTER CONFERENCE WORLDWIDE THREAT ASSESSMENT of the US INTELLIGENCE COMMUNITY February 9, 2016
More informationBUSINESS CONTINUITY MANAGEMENT
BUSINESS CONTINUITY MANAGEMENT RCG020-V1-01/2017 Page 1 2017 Royal & Sun Alliance Insurance plc Contents Introduction... 3 Business Continuity Management... 3 Getting started... 3 Business Impact Analysis...
More informationAuditing the Corporate Business Continuity and Disaster Recover Plan
Auditing the Corporate Business Continuity and Disaster Recover Plan IIA 16 th Annual Conference Transforming Internal Audit to Drive Value Sarova Whitesands, Mombasa June 2018 International ), a Swiss
More informationBuilding a Standard for Business Continuity Planning
Building a Standard for Business Continuity Planning John Lugo Sr. Business Continuity Analyst April 17, 2012 1 April 16 18, 2012 Talking Stick Resort Scottsdale, Arizona Business Continuity @ Citrix Statistics
More informationHead of Security and Business Continuity
Services Security and Business Continuity Ser-Sec-003 07/11/2017 Author Name Author Job Title Alan Cain Head of Security and Business Continuity Version No. 1.1 EIA Approval Date 28/06/2017 Committee Recommend
More informationBusiness Continuity Management Policy and Framework
Management Policy and Framework Version: 9 Produced by: University Manager with the assistance of the Operational Group Date Produced: 11 th March 2010 Approved by: Steering Group (14 December 2010) Updated:
More informationLeading Change: Building Organisational Resilience. Jean D. Rowe, MBCI, CDCP May 1, 2017
Leading Change: Building Organisational Resilience Jean D. Rowe, MBCI, CDCP May 1, 2017 Jean.Rowe@ae.ey.com Agenda What is Organizational Resilience? Why Should You Care? Are You Prepared? What Do You
More informationNHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY
NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY 1 AUTHOR/ APPROVAL DETAILS Document Author Written By: Phil Hartwell Authorised Signature Authorised By: Helen Shields Date: 06
More informationBusiness Continuity 101. Fairchild Resiliency Systems
Business Continuity 101 Fairchild Resiliency Systems Business Continuity Business Continuity (BC) is defined as the capability of the organization to continue delivery of products or services at acceptable
More informationEMERGENCY MANAGEMENT EMERGENCY SUPPORT FUNCTION (ESF #5) FORMERLLY ASSESSMENT INFORMATION PLANNING
Assessment, Information and Planning ICS Category: Planning ESF # 5 Responsible for Assessment, Information and Planning Reports to the Planning Coordinator DATE OF ACTIVATION: REASON FOR ACTIVATION: ESF
More informationBusiness Recovery & Continuity Plan
Page 1 of 22 Business Recovery & Continuity Plan Document Control Responsible Person Review Frequency Reviewed by Chief Executive 3-Yearly (Strategic Review) Board Date Approved November 2017 Next Review
More informationEDINBURGH NAPIER UNIVERSITY BUSINESS CONTINUITY POLICY AND FRAMEWORK
EDINBURGH NAPIER UNIVERSITY BUSINESS CONTINUITY POLICY AND FRAMEWORK Purpose This policy sets out the University s approach to maintaining and developing business continuity plans on an on-going basis
More informationBACK TO BASICS BUSINESS CONTINUITY MANAGEMENT 101. June 11, 2013
BACK TO BASICS BUSINESS CONTINUITY MANAGEMENT 101 June 11, 2013 Your Presenter Shanda Chronowich, CBCP, CRM Senior Manager MNP LLC 2 There cannot be a crisis next week. My schedule is already full. U.S.
More information5/28/2018. Disaster Recovery Are You Ready. Speaker. Agenda
Disaster Recovery Are You Ready Central Iowa American Payroll Association 2017 Statewide Conference Friday October 6 Speaker Bruce E. Phipps CPP APA Vice Presindent 2011 APA Payroll Man of the Year Principal
More informationBUSINESS CONTINUITY PLANNING WORKPROGRAM
BUSINESS CONTINUITY PLANNING WORKPROGRAM EXAMINATION OBJECTIVE: Determine the quality and effectiveness of the organization s business continuity planning process, and determine whether the continuity
More information1/8/2015. Learning Objectives. Why have a plan? Emergency Preparedness, Business Continuity, and Disaster Recovery. Can you anticipate the unexpected?
Emergency Preparedness, Business Continuity, and Disaster Recovery APPA-Institute for Facilities Management J. Craig Klimczak, D.V.M., M.S. 321 South Mosley Road St. Louis, MO 63141 compuvet@aol.com Learning
More informationCRS Report for Congress
Order Code RS21780 March 26, 2004 CRS Report for Congress Received through the CRS Web Idaho Emergency Management and Homeland Security Statutory Authorities Summarized Summary Keith Bea Specialist in
More informationFederal Policy for Emergency Management BUILDING A SAFE AND RESILIENT CANADA
Federal Policy for Emergency Management BUILDING A SAFE AND RESILIENT CANADA DECEMBER 2009 Her Majesty the Queen in Right of Canada, 2012 Cat. No.: PS4-127/2012 ISBN: 978-1-100-54206-5 Printed in Canada
More informationGlobal Crises: What We Really Need to Do to Be Prepared. Day One / Session C5
Global Crises: What We Really Need to Do to Be Prepared Day One / Session C5 April 12, 2010 Clyde Berger Adam Chusid 0 Today s Objectives Present practical solutions for building a viable sustainable program
More informationUnit 3: Elements of a Viable Continuity Capability
Unit 3: Elements of a Viable Continuity Capability Unit 3 Objectives Identify all organization essential functions and their effect upon staffing levels in a continuity event. Recognize and incorporate
More informationJennie Clinton, Pearce Global Partners May 10 th, 2012
Jennie Clinton, Pearce Global Partners May 10 th, 2012 Workshop Overview Workshop will focus on three area of business resiliency: Business Continuity Plans and Crisis Response Look at how these plans
More informationPresentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC
Presentation on Crisis Management and Business Continuity ISCA Breakfast Talk 13 September 2017 See Hong Pek, Partner, . Some definitions.. Business Continuity is the: Capacity of the organization to continue
More informationBusiness Recovery & Continuity Plan
Page 1 of 22 Business Recovery & Continuity Plan Document Control Responsible Person Review Frequency Reviewed by Chief Executive 3-Yearly (Strategic Review) Board Date Approved November 2017 Next Review
More informationBusiness Continuity Management Policy. Guidance
Management Guidance Document Type: Guidance Parent Policy: Management Policy Policy Owner: Chief Supt Department: Document Writer: Co-ordinator Effective Date: 12 th March 2015 Review Date: 12 th March
More informationBCP Methodology Benefits realisation
www.pwc.com.cy/technology-consulting BCP Methodology Benefits realisation BCP Methodology Our BCP methodology incorporates five (5) phases. The phases take an organisation from prioritising core business
More informationEmergency Management Program
Program Emergency Management Program Revision: 00 2017-07-18 Approved - Uncontrolled When Printed Approved by Reviewed by Vice President, Operational Compliance & Information Services Director, Operational
More informationBUSINESS CONTINUITY MANAGEMENT
Loss Control BUSINESS CONTINUITY MANAGEMENT Preparing for the Unexpected Preparing your organization for a disaster can be an overwhelming task, but the risk of being unprepared can be even more devastating.
More informationAudit of Business Continuity Planning (BCP) Audit and Evaluation Branch
Final Audit Report Audit and Evaluation Branch June 2006 Tabled and approved by DAEC on January 9, 2007 TABLE OF CONTENTS 1.0 EXECUTIVE SUMMARY... 2 1.1 INTRODUCTION... 2 1.2 OVERALL ASSESSMENT... 2 1.3
More informationExternal Supplier Control Obligations
External Supplier Control Obligations Resilience Control Title Control Description Why this is important 1.Resilience and recovery governance Supplier must establish effective governance to maintain resilience
More informationEMERGENCY OPERATIONS PLANNING AND CONTINUITY OF OPERATIONS
EMERGENCY OPERATIONS PLANNING AND CONTINUITY OF OPERATIONS County Commissioner Clerks/Engineers Administrative Professional Association Winter Conference - Columbus Convention Center Emergency Management
More informationUS Business Continuity Safeguarding Your Business from a Disaster
US Business Continuity Safeguarding Your Business from a Disaster Juanita Hardin BMO Harris Bank Head TPS Risk and Compliance William Simmons BMO Harris Bank Vice President Business Continuity Management
More informationCitizens Property Insurance Corporation Business Continuity Framework
Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...
More informationGovernance, Risk Management
Yokogawa has prepared frameworks for corporate governance, risk management, internal control, and compliance, spanning the entire Group. In major areas, including environment, health and safety, quality,
More informationCreating a Business Continuity Plan for your Health Center
Creating a Business Continuity Plan for your Health Center 1 Page Left Intentionally Blank 2 About This Manual This tool is the result of collaboration between the Primary Care Development Corporation
More informationNavigating the Intersection of Vendor Management and Business Continuity
Navigating the Intersection of Vendor Management and Business Continuity MICHAEL BERMAN, J.D. Table of Contents Why are we here? Business Continuity and Vendor Management Primary Intersection BCP Each
More informationPreparing for the Unexpected: Business Continuity and Information Security Trends and Tactics
Preparing for the Unexpected: Business Continuity and Information Security Trends and Tactics August 2018 By Kevin Kondo Assistant Vice President, Enterprise Security Kevin Kondo is Assistant Vice President
More informationThe City of Toronto. Emergency Plan
The City of Toronto Emergency Plan Table of Contents 1.0 Introduction... 2 2.0 Purpose... 3 3.0 Scope... 3 4.0 Legal Authorities... 4 4.1 City of Toronto Municipal Code, Chapter 59... 4 4.2 Provincial
More informationEnabling a Comprehensive Platform for BCMP that integrates People, Process and Technology
Enabling a Comprehensive Platform for BCMP that integrates People, Process and Technology TM Overview Perpetuuiti provides an intelligent, end-to-end automated approach towards Business Continuity Planning
More informationCity of Saskatoon Business Continuity Internal Audit Report
www.pwc.com/ca City of Saskatoon Business Continuity Internal Audit Report June 2018 Executive Summary The City of Saskatoon s (the City ) Strategic Risk Register identifies Business Continuity as a high
More informationGoing Global. Michael Lazcano
Going Global Michael Lazcano Agenda Building the organization where to start The shape of your organization The Scope of responsibility Crisis leadership starts with practice Summary and questions 1 Building
More informationBusiness Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini
Business Continuity Planning LGMA Conference October 27, 2011 Presented by Lisa Benini What is it? Business Continuity Planning Definition: Process of developing and documenting advance arrangements and
More informationDiscovering the TAC 202 Information Security Standard
This PathMaker Group white paper describes the subject matter within the standard and purpose of each area of measurement. Ryker Exum Introduction The TAC 202 is a freely available security standards framework
More informationAdvancing your BCP Program
BCP and DR Planning for Healthcare Organizations Advancing your BCP Program Agenda for Presentation Stick to the basics Know your crucial technology Get your clients input - BIA Obtaining senior management
More informationBusiness Continuity & IT Disaster Recovery
Business Continuity & IT Disaster Recovery DONALD L. SCHMIDT, ARM, CBCP, MCP, CBCLA, CEM PREPAREDNESS, LLC MARCH 30, 2017 www.preparednessllc.com What are Business Continuity & IT Disaster Recovery? BUSINESS
More informationCambridge Climate Resiliency Tabletop Exercise Business Continuity Coordination. After Action Report April 25, 2018
Cambridge Climate Resiliency Tabletop Exercise After Action Report April 25, 2018 This page is intentionally left blank. After Action Report i TABLE OF CONTENTS TABLE OF CONTENTS... ii EXERCISE OVERVIEW...
More informationCONTINUITY OF GOVERNMENT (COG) and CONTINUITY OF OPERATIONS (COOP)
CONTINUITY OF GOVERNMENT (COG) and CONTINUITY OF OPERATIONS (COOP) 1.0 GENERAL Purpose: Background: The Continuity of Government (COG) and Continuity of Operations (COOP) Annex delineates responsibilities
More informationProtecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning MIS5206 Week 9 Case study discussion Business Continuity Planning (BCP) and Disaster Recovery (DR) Planning Test
More informationBusiness Continuity Overview
Business Continuity Overview Introductions Goal for this Workshop What happens when an organization doesn t have a BCP? Why FBNYC encourages our network to have a BCP? Business Continuity Plan What is
More information12.0 Business Continuity Management
Number 12.0 Policy Owner Information Security and Technology Policy Business Continuity Management Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 12. Business Continuity
More informationHow to apply the 10 BCP best practices to Treasury
How to apply the 10 BCP best practices to Treasury Jill Piligra, Vice President Treasury Management Sales Consultant Seth Marlowe, Vice President Solutions Sales Consultant AFPWNY Lunch Meeting April 17,
More informationESF 12 Energy and Utilities
ESF 12 Energy and Utilities Purpose This ESF Annex provides guidance to help ensure the continued operation of essential utility services in the County. Specifically, ESF #12 addresses: Energy system assessment,
More informationEvaluating Your Business Continuity Plan: Beyond Checklists and Walkthroughs. Troy Harris, Director McGladrey LLP. All Rights Reserved.
Evaluating Your Business Continuity Plan: Beyond Checklists and Walkthroughs Troy Harris, Director McGladrey LLP Agenda Business Continuity Planning Overview Program Initiation and Management Disaster
More informationIndustrial Safety & Health
Industrial Safety & Health Review Mid-Term Some Follow-Up Ergonomics Information Articles: Current Events In Safety Business Continuity Planning Safe Meetings for HR Professionals 1 Business Continuity
More informationEmergency Management Program
Program Emergency Management Program Revision: 01 2018-06-21 For Alliance Pipeline Internal Use Only Approved - Uncontrolled When Printed Approved by Reviewed by Prepared by Alain Parise Director, Corridor
More informationBoth water contamination threats and
13 UNIVERSITIES COUNCIL ON WATER RESOURCES ISSUE 129, PAGES 13-17, OCTOBER 2004 Responding to Threats and Incidents of Intentional Drinking Water Contamination Steven C. Allgeier 1 and Matthew L. Magnuson
More informationHow Does Business Continuity Differ from Emergency Preparedness?
Emergency Preparedness and Business Continuity Program Presented by: Brandon Stock and Jeff Wood How Does Business Continuity Differ from Emergency Preparedness? Business Continuity Focuses on the University
More informationPreparing an Emergency Response Plan (ERP)
Preparing an Emergency Response Plan (ERP) A lack of preparedness in responding effectively to potential active shooters can have disastrous consequences. This section discusses several measures you need
More informationFor a leader to be effective in today s uncertain world, they have to. understand the nature of complexity and adapt their leadership role in a
Exercise and Testing IDRC 2010 Emergent Leadership For a leader to be effective in today s uncertain world, they have to understand the nature of complexity and adapt their leadership role in a manner
More informationEmergency Preparedness, Resilience & Response (EPRR) Policy
A member of: Association of UK University Hospitals Emergency Preparedness, Resilience & Response (EPRR) Policy POLICY NUMBER TP/CO/092 POLICY VERSION V.1 RATIFYING COMMITTEE Clinical Practice Forum,DATE
More informationCreating an Actionable Disaster Recovery Plan
Creating an Actionable Disaster Recovery Plan Presentation Outline Plan Justification Disaster Definitions & Facts Costs of a Disaster Benefits of Planning Building an Actionable Disaster Recovery Plan
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Learning Objectives To understand the concept of Business Continuity Management; To understand the key phases and components of a Business
More informationMontreal Pipe Line Limited Emergency Management Program:
Montreal Pipe Line Limited Emergency Management Program: Introduction: As stated in the Montreal Pipe Line Limited (MPLL) Corporate Policy on the Environment MPLL will manage our business with the goal
More informationCITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY BUSINESS CONTINUITY MANAGEMENT FRAMEWORK
CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Effective Date 1 July 2016 TABLE OF CONTENTS GLOSSARY OF TERMS... 4 PRIMARY LEGISLATIVE AND REGULATORY PROVISIONS...
More informationBusiness Continuity Planning for Major Disruptions Checklist 255
Business Continuity Planning for Major Disruptions Checklist 255 Introduction Major disruptions to organisations come in many forms. Extreme weather conditions, technical failure, people related factors
More informationGOVERNANCE TOOLKIT. Business Continuity Management. Version 1: 1 March 2016 THIS TOOLKIT PROUDLY SUPPORTED BY
GOVERNANCE TOOLKIT Business Continuity Management Version 1: 1 March 2016 THIS TOOLKIT PROUDLY SUPPORTED BY Purpose of the Governance Toolkits AIST has developed the Governance Toolkits to assist Trustees
More informationWHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY
WHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY It s hard to find an organization not impacted by at least one natural, man-made or cyber disruption in 2017. From earthquakes in Mexico, to
More informationBusiness Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013
Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013 Carey A. Loukides, CBCP, ARM, MBCI Senior Consultant, Global Risk Consulting Enterprise Risk Management, Business Continuity
More informationNUKG Business Solutions Pvt Ltd. Business Continuity and Disaster Recovery Policy
NUKG Business Solutions Pvt Ltd Business Continuity and Disaster Recovery Policy Version No 1.0 Document Classification Prepared by CH Sai Ramadasu Reviewed by Ravi Kanduri Approved by Ravi Kanduri Date
More informationBUSINESS CONTINUITY MANAGEMENT A MANAGER S TOOLKIT A
Anytown Council BUSINESS CONTINUITY MANAGEMENT A MANAGER S TOOLKIT A guide to Business Continuity Management in Anytown Council CONTENTS Introduction - The need for Business Continuity Management (BCM)
More informationBusiness Continuity Guide 2017
Business Continuity Guide 2017 June 2017 Page 1 Acknowledgements The Business Continuity Guide is the primary resource document for the Government of Alberta s departments in the development of a business
More informationINSIDE. 2 Introduction 12 Conclusion 4 6. How Prepared Are Corporate Law Departments?
INSIDE 1 A Message From Morrison & Foerster s Global Risk & Crisis Management Chair 7 How Prepared Are Corporate Law Departments? 2 Introduction 12 Conclusion 4 6 Risk and Crisis Management: An Emerging
More informationIncident Management Framework. Part One: Overview and Policy. Final Draft. other plans. incident management framework. business as usual (BAU)
Final Draft Incident Management Framework Part One: Overview and Policy business as usual (BAU) incident management framework other plans Crisis Solutions 18 Hanover Square London, W1S 1HX Tel 0845 130
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR) that takes effect in 2018 will bring changes for
More informationBusiness Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA
Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Understand the context and relevance of BCM A Philippine & Telco Perspective Comprehend how
More informationActivity 1 Failure Mode and Effects Analysis (FMEA)
5 Whys Analysis and the Fishbone Diagram Activities 1 Activity 1 Failure Mode and Effects Analysis (FMEA) Questions 1. This is the product of rankings for consequence, occurrence, and detection used to
More informationEmergency Management, Business Continuity, & Crisis Management Self-Assessment Checklist
Emergency Management, Business Continuity, & Crisis Management Self-Assessment Checklist Self-assessment tool for evaluating preparedness using NFPA 1600 Standard on Disaster/Emergency Management and Business
More informationOctober WFE Response to the BoE-FCA-PRA Discussion Paper: Operational Resilience
October 2018 WFE Response to the BoE-FCA-PRA Discussion Paper: Operational Resilience Background The World Federation of Exchanges (WFE) is the global trade association for exchanges and clearing houses,
More informationMission Essential Functions
Texas Emergency Management Conference 2017 Mission Essential Functions Identification and Prioritization Continuity of Operations (COOP) Program Management Lifecycle Alan Sowell, TDEM COOP Unit Supervisor
More informationCITY OF GREATER SUDBURY EMERGENCY RESPONSE PLAN
CITY OF GREATER SUDBURY EMERGENCY RESPONSE PLAN REVISED: July 13, 2011 This page left intentionally blank RECORD OF AMENDMENTS Amendment Number Section(s) or Page(s) Amended Date of Amendment This page
More informationSecurity Guideline for the Electricity Sector: Business Processes and Operations Continuity
Security Guideline for the Electricity Sector: Business Processes and Operations Continuity Preamble: It is in the public interest for NERC to develop guidelines that are useful for improving the reliability
More informationESF 11 - Agriculture and Natural Resources
Coordinating Agency: Harvey County Extension Office Primary Agency: Harvey County Extension Office ESF - Agriculture and Natural Resources Support Agencies: Adjutant General's Office, Kansas Division of
More informationANNEX A DIRECTION & CONTROL
ANNEX A DIRECTION & CONTROL I. PURPOSE This annex will develop a capability for the chief executive and key individuals of the City of Rolla to direct and control response and recovery operations from
More informationDisaster Planning Checklist for Chief Financial Officers of Healthcare Organizations
According to the National Safety Council, the 10 most common problems or errors with emergency response plans are: 1. No upper management support 7. No communication methods to alert employees 2. Lack
More information