Business Continuity vs. Incident Command
Introductions The GD Approach BCP vs Incident Command Keys to success Descriptions Incident Drivers & Social Media How they Stack up Summary
What We Are All About Radically shifting the global economy towards small business and protecting it with ingrained recovery solutions. Who We Are Michael Ray: BCP Manager Ruben Mariscal: DR Manager Our Combined Background 8 Years of Go Daddy experience 10+ Years Business Continuity 15+ Years Incident Command 15+ Years Information Technology
A opportunity to compare and contrast traditional Business Continuity Planning and Incident Command. Discuss the Pro s and Con s of both.
BUSINESS CONTINUITY The Positives of BCP Easily audited. Strong focus plans. Excellent plan ownership. Solid plan implementation. Strong historical plan documentation. Defined maintenance and testing formats.
INCIDENT COMMAND The Positives of Incident Command Team focus. Solution focused. Able to expand as incident progresses. Defined command structure from incident start. Fast repeatable response to variety of incidents. Allows for team response and collaboration of ideas.
How do they stack up BCP Limited to plan design Promotes full resolution. Defined plan ownership. Well defined plans for specific scenarios Plans are developed through BIA process. Does not directly manage active incidents. Disconnected from inflight issues Incident Command Data saturated approach. The Resolution approach. Team driven. No plan owner. Able to evolve as incident grows. Creates new incident plans immediately. Requires AAR and team follow up on incident for full resolution driven by program manager. Emphasis here. How did we get here and where do we go?
IT S A EVOLVING PROCESS: Paper Plans Semi Automated Fully Automated Automatic Plans in hand, everything is manual. People run scripts and plans, tool and automation remove some manual tasks. Tools and service run along side the product remove manual tasks. Product or plan runs, monitors, scales and heals itself (unattended process)
Crisis Management Team: A Crisis Management team will consist of the Business Continuity Team and the Disaster Recovery team. These programs will provided design and how to implement recovery strategies for all business functionality. They will act as a facilitator during the active incident. They will work with all teams to help them understand impacts and dependencies. They help teams to design playbooks for quick resolutions of a crisis event. They focus on providing a safe work environment for all of our employees.
DR Drills Automation Technology RPO / RTO Dependencies BCP BIA Risk People Revenue Impact Business Contact Safety Security Safety Drills Building Audits Environmental Designs
Focus on the infrastructure, process and facilities. Time will be spent with teams to understand the impact they have within the organization. Team will also work on developing solid plan for the continuous ability to preform key job functions. Will focus in the network and the enterprise designs which provides the foundation of the company. They will also work with the support teams to understand the support needs to keep the core system working in any DR scenario. Will look at all the safety concerns of the company and help develop plans around the environmental and physical safety needs of the company. Will also help design and support all of the systems which monitor the infrastructure and facilities.
Approach - Address scenarios which have the greatest impact on the sustainability of Business Processes. If a location is unavailable than the people who manage the Hardware, Services and products will not be able to keep the business process running.
Traditional BCP Plans focus on RPO and RTO to determine MTO or MTTR. Data can only move as fast as the designed RTO. Tomorrow's plans need to automate Configuration, Testing and Validation. This will help to reduce the MTO or MTTR.
Some Key to Succeed: Create solid plans which work for you and your organization. Use methods that are most effective. From paper to full automation Do not be afraid to break out of the normal. Be willing to challenge you idea of status que. Be able to listen to the changes in your environment. Be mindful of your historical incidents. Be willing to adapt to your companies growth. Do not be afraid to start over. Emphasis here.
Lets look at some incident drivers.
But it was only smoke:
Why wont it load:
Perception:
SOCIAL MEDIA: NOTE: Inserting Twitterfall video
In summary: Business Continuity and Incident Command should work in harmony together. Plans need to be developed to be efficient ways which can be quickly accessed or automated if needed. If you are not tuned into Social Media and brand sentiment your incident can quickly escalate. Your plans need Emphasis to fit your business model. Sometimes here. you need to just create something net new. Time is against you in a incident. Be ready, automate and prepare your testing, configuration and validation steps to reduce MTO or MTTR. People safety is always the first concern.