Maturity Modeling: A Strategic Roadmap to Improve Your Business Continuity Program

Similar documents
John Liuzzi, CBCP, CBRITP National Director, Business Continuity Southern Glazer s Wine and Spirits

The Best Offense. Presented by: Kimberly Hirsch MBCP, MBCI, ISO22301 Lead Auditor Fusion Risk Management

A Results-driven Transformation to Business Resilience

KPMG s financial management practice

Welcome Back Thursday, April 13, Session 8. Engagement Certificate. Welcome to the world: Addison Grace Costello. Agenda

CORROSION MANAGEMENT MATURITY MODEL

CHANGE MANAGEMENT IN PROCUREMENT TRANSFORMATION. Bloomberg. Page 1

Jennie Clinton, Pearce Global Partners May 10 th, 2012

Aon Risk Solutions Higher Education Practice. Higher Education. We Understand Your Risks. Risk. Reinsurance. Human Resources.

Law Firm Procurement Roundtable Executive Summary. hbrconsulting.com HBR Consulting LLC. All rights reserved.

Catalyst 2018 Digital Organization & Culture Transformation TM Forum, Detecon International GmbH, Concentra Consulting Limited, The GC Index 1

White Paper Describing the BI journey

Aon Infrastructure Solutions

EXECUTE MEASUREMENT & BENEFIT REALIZATION PLAN BEST PRACTICES

PMO In A Box. Prepared for UBS

IT Business Management Driving Cost Transparency, Value and IT Transformation

SESSION 607 Thursday, April 14, 2:45pm - 3:45pm Track: Metrics and Measurements. The Good, Bad and Ugly of Service Desk Metrics. Session Description

City of Saskatoon Business Continuity Internal Audit Report

Taking ERM to a. 6 GRC Today / October 2015

SOA Health, Governance and Security

Portfolio Marketing. Research and Advisory Service

Law Firm Procurement Roundtable Executive Summary. hbrconsulting.com HBR Consulting LLC. All rights reserved.

Build a Future-Ready Enterprise With NTT DATA Modernization Services

2019 IT Budget Review. September 19, 2018

Aon Hewitt Performance, Rewards & Talent. Engagement Solutions. Employee Engagement for the Real World. Risk. Reinsurance. Human Resources.

Session 608 Tuesday, October 22, 2:45 PM - 3:45 PM Track: Industry Insights

The Insight Driven Organization

7 th APRAST SMS/SSP Workshop Outcome 31 August 2015 Bangkok, Thailand

The Role of Service Owners in an IT Organization

Creating an Agile PMO via Scrum

Insurance Analytics: Organizing Analytics capabilities to get value from Data Analytics solutions A Deloitte point of view on Data Analytics within

Job Family Matrix. Core Duties Core Duties Core Duties

Job Family: Work Place Managers

Is your operational risk management helping execute your strategy?

Beware the Cloud or Learn to Control it. Info-Tech Research Group

Sponsor/CRO Partnership Optimization

Benchmark Your Customer Experience Maturity

Session R16: Examining the Inherency of Business Continuity in the Organization. Edward Cahn, PhD, PMP, CBCP BAE Systems

How To Assess Your Integration Capability

The innovation engine for the digitized world The New Style of IT

PLANNING AGILE MODERNIZATION FOR SUCCESS

Technology Assurance: A Challenge for RAFM in an Evolving Market. Jerusa Verasamy

Talent Management Puzzle In Turbulent Times

Digital Transformation Blueprint. The Dawn of the Digital Industrial

This resource is associated with the following paper: Assessing the maturity of software testing services using CMMI-SVC: an industrial case study

the council initiative on public engagement

Steven Horvath. Differentiating ITSM with Transformation. CTO/Practice Lead

Regulatory Reporting: Implementing the proposed MAS Notice 610. Navigating the regulatory reporting and data challenge

WHITE PAPER. Emerging Trends to Manage your Indirect and Services Procurement Spend

Customer Success Services. Services you need for successful digital transformation

Professional Diploma in Digital & Social Selling

Simple Strategies, Big Results: Driving Internal Audit Value. October 28 th, 2016

Steven Horvath. Differentiating ITSM with Transformation. CTO/Practice Lead

Effectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders. October 7, 2014

Meet Our Presenter. Equipping You For Success: An ISO Certification Case Study

The Secrets of Successful Knowledge Management

OPTIMIZED FOR EXCELLENCE. An Incentive Compensation Management (ICM) Assessment Case Study of OpenText Corporation

Strategic Technology Advisory Services. Building a better working world from strategy through execution

ISO 14001:2015 Updates and Key Themes

Policy Capability Framework. Development, insights and applications

Changing IT Leadership: Part 5 Partnering with Vendors and Suppliers

Data Science Services from GE Digital. Unlock new business value from your industrial enterprise data

Identity and Access Management. Program Primer

Building an Insight Driven Organisation March 2017

Optiv's Third- Party Risk Management Solution

Leading Practice: Approaches to Organizational Change Management

OCCUPIER ADVISORS. Industry Leading Professionals Providing Optimal Solutions

Six Steps to Improving Corporate Performance with a Communication Plan

5 Ways to Blow Away Your C-suite ABBY ATKINSON SENIOR MANAGER FIREEYE LIGHTHOUSE PROGRAM

David Nolan, CEO Fusion Risk Management, Inc.

How much has the efficiency of support functions improved?

IT Executive Programs

PAPER CX Governance. CX Governance. Align your organization around a unified CX objective to achieve better business results. MARITZCX.

Outsourcing banking processes: The question is no longer if, but how to effectively manage extended enterprises

Citizens Property Insurance Corporation Business Continuity Framework

Advanced Performance Management for Government

Nonprofit Data Management Checklist

Continuous Process Improvement Organizational Implementation Planning Framework

Strategy Based View and Balanced Score Card Approach to Quality Assurance. Presentation at QAI Software Testing Conference 2012

Implementing Benefits Realization at Farm Credit Canada. Jacob van der Merwe Project Portfolio Manager November 8, 2011

Culture and behaviours Creating confidence in your biggest asset

ABA Compliance School Advanced

How to do it? Digital transformation in Energy & Utilities

A problem-solving research and services organization for corporate security and risk markets/professionals

Make money, save money and manage risk

DASA DEVOPS PRACTITIONER

IT Governance Overview

ISO Changing the Conversation Mark T. Gasser Nicholas E. Fioravante

How to Build an Enterprise BC Program (That gets around the roadblocks)

Banking and Capital Markets

Information and Communication Technologies Strategic Plan 2016/ /20

Communicating an Evidence Based Asset Management Program By Daryush Esmaili

Harnessing the Power of Agile. Krishna Srinivasan Boris Cononetz, Jr.

GW Human Resources Strategic Plan

Using Metrics to Improve Your Third-Party Risk Management Program

Integrating Partners into Key Go-to-Market Plans and Execution How We Align to the Benefit of the Partner Audience

RSAM User Conference. Janice Sarver Karen Bulawa InfoSec Risk Management September 25, 2013

Requirements Maturity

Risk Management: Building an Integrated Program to Drive Business Value

The Path to Creating and Sustaining Value. The Scorecard. for Selecting, Managing & Leveraging your Services Team:

Transcription:

Maturity Modeling: A Strategic Roadmap to Improve Your Business Continuity Program Presentation to Association of Contingency Planners November Meeting

Agenda Section 1 Metrics Section 2 Program Maturity Model Section 3 Reporting: Framing the Message

Aon: A World of Resources 72,000 500 120 Aon colleagues around the world Global offices Countries in which Aon operates #1 consulting Rated risk services broker, reinsurance intermediary, and human resources and outsourcing provider Aon plc (NYSE: AON) is a leading global provider of risk management, insurance and reinsurance brokerage, and human resource solutions and outsourcing services.

Metrics

Beginning with the End in Mind Why are we measuring? Who is the audience? What are we using to measure / benchmark? What information do we need to collect? Where are we now? Where do we want to be? How frequently do we measure / report?

Areas of Focus Engage the Business Invest in Colleagues Protect Assets Right people, right skills, right # of people Thought leadership Compliance & metrics Vendor / partner collaboration Risk awareness & advocacy Trusted, agile business partners Training, tools, & tactics leveraged to optimize colleague skillsets Risk management Defined processes, requirements, & clear expectations Training & awareness Security principles Leadership & governance

Business Continuity Audit Framework Maturity Model Standard to assess maturity and quality Baseline BC maturity metrics & monitoring program Meaningful data to inform business risk, mitigation, & remediation action plans

BC Audit Framework: Maturity Definitions BC Plan Rating BC Plan Maturity Model Detailed Definitions # Components Description 1-Initial 2-Developing 3-Defined 4-Managed 5-Optimized 4 1 Teams This section shows how people are organized to execute their plan (e.g.teams, Positions on Teams, and who's assigned are not to fill each position. If identified. required, includes vendor and customer representatives in a separate document. Team identified however colleagues Team identified Team memberspartially. One or assigned in the more roles in the Teams not assigned teams have either left the company or had a role change. Team identified and assigned. Assignments reviewed on an annual basis or as colleague changes occur

BC Audit Framework: Maturity Definitions BC Exercise Rating 4 Exercises Maturity Model Detailed Definitions # Components Description 1-Initial 2-Developing 3-Defined 4-Managed 5-Optimized This section shows how people are organized to execute 1 Teams their plan No (e.g.teams, Positions on Teams, and who's assigned to fill each position. If required, includes vendor and customer representatives in a separate document. participation in the exercises through out the year No/limited success achieved in the exercises participated in the year. Participation in all in year exercises. Objectives and expected results defined. One or more activity did not achieve the desired result. Remediation required. Exercised on an annual basis Participation in all in year exercises. Objectives and expected results defined. Representation from required stakeholders with successful results. Exercised on an annual basis Participation in all in year exercises. Ensured all critical colleagues representation from all the Business units with successful results. Exercised on a quarterly basis of as changes occur

BC Audit Framework: Maturity Definitions BC Awareness / Training Rating 3 Awareness and Training Maturity Model Detailed Definitions # Components Description 1-Initial 2-Developing 3-Defined 4-Managed 5-Optimized 1 Teams This section shows how people are organized to execute their plan (e.g.teams, Positions on Teams, and who's assigned to fill each position. If required, includes vendor and customer representatives in a separate document. Teams have not participated in the training and awareness sessions Plan Owner, Coordinator, SRT Leader are aware. Key/some team members have not participated in training and awareness sessions. Team training plan is established Full team has not participated in training and awareness sessions in over a year. All team members clearly demonstrate understanding of roles/ responsibilities At least one of the key stakeholders (i.e., external party, BU leader, etc.) has participated in the training and awareness sessions. Participating stakeholders clearly demonstrate understanding of their relationship(s) to the team. Training on an annual basis All key stakeholders (i.e., external party, BU leaders, crosspractices, etc.) has participated in the training and awareness sessions. Participating stakeholders clearly demonstrate understanding of their relationship(s) to the team. Training as changes occur or annually whichever comes first

Program Maturity Model

Maturity: Defining 1 2 3 4 5 Initial Developing Defined Managed Optimized Adhoc, disconnected, and disorganized Limited but increasing recognition Defined and recognized as necessary Proactively managed and meets business needs Embedded in culture and considered fundamental to business operations

Maturity: Strategic Platform for Growth Engage the Business Through conversation, educational opportunities, and consulting, we teach the business about GSS, learn what its needs are, how tolerant it is of risk, and the budgetary considerations it uses Practice / Year 1 2 3 4 5 Initial Developing Defined Managed Optimized Smart Budget/Cost Management Appropriate budget funding to realize business delivery & Practice strategy Funding None Unmanaged and decentralized Centralized program funding established. GSS value framework introduced Funding aligns to GSS strategic objectives. Value framework clearly shows alignment to business strategy Funding supports best in class, differentiated service offerings with business levers for capacity and agility Current State Target State

Maturity: Status Summary Clear Snapshot of Current Level & Goal Level 1 Level 2 Level 3 Level 4 Level 5 Initial Developing Defined Managed Optimized Engage the Business Smart Budget / Cost Management Funding Current Target Practice Maturity Invest in Colleagues Developing Colleagues, Managers, & Leaders (Description) Training Program Current Target Security Maturity Protect Assets Current Target

Maturity: Strategic Equation Keeping the Big Picture in Front of You at All Times EXAMPLE Practice Name Strategic Equation Maturity Model Continuum INITIAL DEVELOPING DEFINED MANAGED OPTIMIZED STRATEGIC EQUATION Roadmap # Protect Assets x x Objectives with Supporting Programs, Projects, Initiatives, or Activities CURRENT STATE 2015 (Regional) 2015 (Global) 2016 (Regional) 2016 (Global) 2017 (Regional) 2017 (Global) TARGET STATE Objective 1 Foundation - A program that delivers scalable, cost-effective and efficient services 1 5 8 Program Governance Objective 2 Objective 3 3 2 1 5 4 5

Maturity: GSS Strategic Planning Methodology Revise 3-Year Plan 8 Cascade Objectives 9 7 Finalize Detailed Annual Plan 1 Review Maturity Model Future Planning Communicating Annual Initiatives Align Annual Plan Externally 2 Getting Ready 6 Review Global Risk Register Planning in Action Prioritize Initiatives 5 3 Refresh Executive Plan 4 Validate Initiatives

Reporting: Framing the Message

Reporting Versatility: Use Your Metrics to Tell the Right Story Aon Leadership Plan Country Tier Global Region Frequency Business Unit Incident Duration BCM Community Maturity Level Location Clients Colleagues Incident Type

Connect with Me Josh Falcone, CBCP Aon Services Corporation Global Security Services, Global Business Continuity +1.610-308-5786 josh.falcone@aon.com 2015 Aon plc

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback