LB35: Verifying IT and Business Continuity. Lucas G. Aimes & Terry DiVittorio, Project Performance Corporation (PPC)

Similar documents
BMC - Business Service Management Platform

Business Resilience: Proactive measures for forward-looking enterprises

Governance in a Multi-Supplier Environment

Building a Foundation for Effective Service Delivery and Process Automation

Harbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2015

Business Continuity: Can Orange County Stay Open for Business After a Disaster?

ITIL from brain dump_formatted

Change Management Process

Business Continuity Planning and Disaster Recovery Planning

Introducing ISO 22301

ITIL: Operational Support & Analysis (OSA) (Revision 1.6)

Manage Risk. Enhance Compliance. Boost Profitability.

Building and Maintaining a Business Continuity Program

Business Resilience: Equipping the FM for Success

IT Management & Governance Tool Assess the importance and effectiveness of your core IT processes

BUSINESS CONTINUITY PLANNING WORKPROGRAM

General Guidance for Developing, Documenting, Implementing, Maintaining, and Auditing an SQF Quality System. Quality Code. SQF Quality Code, Edition 8

REQUEST FOR PROPOSAL

A Guide to. Cogeneration. Plant Solutions. Plant Solutions A Guide to Cogeneration

12.0 Business Continuity Management

WORK PLAN AND IV&V METHODOLOGY Information Technology - Independent Verification and Validation RFP No IVV-B

Certified Identity Governance Expert (CIGE) Overview & Curriculum

ERP IMPLEMENTATION RISK

IBM High Availability Services for resilient infrastructure. Frequently Asked Questions

Managed IT Services. Eliminating technology pains in small businesses

Oracle Systems Optimization Support

Reduces the risk of downtime caused by infrastructure failure.

CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS

KEY SUCCESS FACTORS FOR MAJOR PROGRAMS THAT LEVERAGE IT. The 7-S for Success Framework

S U R V E Y I D C O P I N I O N. Cushing Anderson

IT PROJECT ANALYST/MANAGER

Business Resilience They Cannot Do This Without You!

BUSINESS CONTINUITY AS A SERVICE

Managed IT Services. Eliminating technology pains in small businesses

Managed IT Services. Eliminating technology pains for small businesses

REQUEST FOR PROPOSALS: INFORMATION TECHNOLOGY SUPPORT SERVICES

INTELLECTUAL PROPERTY MANAGEMENT ENTERPRISE ESCROW BEST PRACTICES REPORT

This resource is associated with the following paper: Assessing the maturity of software testing services using CMMI-SVC: an industrial case study

EXIN ITIL. Exam Name: Exin ITIL Foundation

Concept of Operations. Disaster Cycle Services Program Essentials DCS WC OPS PE

Information Technology Division Service Level Agreement (SLA) Description and Process

An Overview of the AWS Cloud Adoption Framework

Contents An Introductory Overview of ITIL Service Lifecycle: concept and overview...3 I. Service strategy...6 The 4 P's of ITIL Service

Evaluating Your Business Continuity Plan: Beyond Checklists and Walkthroughs. Troy Harris, Director McGladrey LLP. All Rights Reserved.

Organizing For Systems Management

GOVERNANCE AES 2012 INFORMATION TECHNOLOGY GENERAL COMPUTING CONTROLS (ITGC) CATALOG. Aut. / Man. Control ID # Key SOX Control. Prev. / Det.

Capacity Management from the ground up

Driving value for your business

Managed IT Services. Eliminating technology pains for small businesses

2016 Business Continuity / Disaster Recovery Internal Audit Report

Configure Inc. Overview and IP Telephony Management Solutions Review. A Trusted IT Partner for Over 20 Years

Competency Area: Business Continuity and Information Assurance

Mining Field Services. Making the big difference for our customers

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

Federal Financial Supervisory Authority (BaFin)

Business Continuity & Disaster Recovery

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

Emergency Management, Business Continuity, & Crisis Management Self-Assessment Checklist

3 PART THREE: WORK PLAN AND IV&V METHODOLOGY (SECTION 5.3.3)

SharePoint as a Cost-Effective ECM Solution

Learn How To Implement Cloud on System z. Delivering and optimizing private cloud on System z with Integrated Service Management

Service Management - Framework 2013

ITSM Process/Change Management

Strategic IT Review. Reach your full potential

Evaluating Agile Effectiveness (AE) of Organizations and Programs

Infrastructure Hosting Service. Service Level Expectations

TECHNOLOGY brief: Event Management. Event Management. Nancy Hinich-Gualda

Managed IT Services. Eliminating technology pains for small businesses

IT Alignment and The Cloud. How Cloud Computing Can Help Your Organization s Technology Management

PART THREE: Work Plan and IV&V Methodology (RFP 5.3.3)

Security Monitoring Service Description

ITIL CSI Intermediate. How to pass the exam

Emerging Technology and Security Update

Improving the RFP and Contracts Process With COBIT 5

When Measurement Really Matters Consider the Benefits of EGM Outsourcing

Business Continuity Management for Singapore s Logistics Sector. By Singapore Business Federation and Singapore Logistics Association

Maximizing The Value Of Your Smart Grid Investment

Building up an IT Service Management System through the ISO Certification

Business Case for Value Realization During Implementation Delivering Projects on Time, on Budget, and on Value

ITIL Intermediate Capability Stream:

Reengineering your core processes and service layer A critical digital ecosystem enabler

Smart Outsourcing: Strategic Alignment, Risk Management, and New Relationships

The Future of Internal Auditing:

Developing Connected Products - What s needed? Driven to enable your success!

Information Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus

EX0-117 Exin ITIL Certification Exam

Operating Level Agreement (OLA) Template

SAP HANA Enterprise Cloud Power of Real Time with Simplicity of the Cloud

REPORT 2014/115 INTERNAL AUDIT DIVISION. Audit of information and communications technology management at the United Nations Office at Geneva

Enterprise Technology Governance & Risk Management Framework for Financial Institutions

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

Information Lifecycle Management Solution from IBM

Implementing ITIL Best Practices

Self-Assessment for the CoSN Certified Education Technology Leader (CETL ) Certification Exam

ISO Business Continuity Management. Your implementation guide

SOLUTION BRIEF RSA ARCHER PUBLIC SECTOR SOLUTIONS

HOUSTON, TX, USA 5 8 NOVEMBER 2017 #PMOSym

TDWI strives to provide course books that are content-rich and that serve as useful reference documents after a class has ended.

Transcription:

LB35: Verifying IT and Business Continuity Lucas G. Aimes & Terry DiVittorio, Project Performance Corporation (PPC)

Introductions Lucas G. Aimes Deputy Practice Lead, Verification & Verification Practice @ Project Performance Corporation (PPC) Project Management Professional (PMP) Terry DiVittorio Director, Security & Privacy Division @ Project Performance Corporation (PPC) Certified Information Systems Security Professional (CISSP)

Agenda Challenges Facing Leaders as they Manage Continuity Planning within their Business Environment Managing these Leadership Challenges Independent Verification and Validation Role Benefits of IV&V Lessons Learned September 11 th Mitigation Strategy September 11 th Lessons Learned Hurricane Katrina Mitigation Strategy Hurricane Katrina Summary

Leadership Challenges in Business Continuity - Resources (People) Who s in charge and what are they responsible for? Where does everyone go? Which staff go where? How do you inform people? Who else needs to be told? How long does this all take? Can you afford it?

Leadership Challenges in Business Continuity - Processes Which processes are affected - and what are the consequences? Which processes are truly critical? Have we identified where the dependencies are for our critical processes? Who are the process owners?

Leadership Challenges in Business Continuity - Technology How do you/we ensure critical data is available? Do employees/customers have access to data? How do you/we ensure systems and data at the backup site is/are current and accurate? Has the technology at the backup site been tested?

Managing Leadership Challenges Maximizing your Return on Investment (ROI) Do your IT investments cover the organization in the event of a disaster Business Resiliency Optimizing your planning strategy Before disaster and after disaster Driving efficiencies within your organization Smart processes and Procedures Efficient Tools, Mechanisms, and Methodologies

IV&V Role in Business Continuity Configuration Management Business Continuity Planning verification Business Continuity Planning testing Walkthroughs and desk checking Scenario testing Communications testing Disaster recovery testing Full business continuity test Business Continuity Planning consultancy Quality Assurance/Quality Control

Configuration Management Account for all IT assets Provide accurate information to support other Service Management processes Provide a sound a base for Incident, Problem, Change, and Release Management Verify records against the infrastructure Correct exceptions

Business Continuity Planning Verification Staffing changes Changes to important clients and their contact details Changes to important vendors/suppliers and their contact details Organizational changes like new, closed or fundamentally changed departments Changes in portfolio and mission statement

Business Continuity Planning Testing Virus definition distribution Application security and service patch distribution Hardware operability check Application operability check Data verification

Business Continuity Planning Consultancy Assist with addressing issues found during verification and/or testing Properly update processes and/or documentation Maintenance of changes to business continuity processes Audits and metrics Staff training

Quality Assurance/Quality Control Measure the gap between management expectations and business performance Trigger responses that ensure that management expectations and business performance remain aligned over time Investment protection to ensure that tactical recovery solutions perform as expected

IV&V Benefits to Business Continuity You know that your recovery plan works You discover problems, mistakes, and errors, and can resolve them before you have to use the procedures Your staff are educated in executing tests and managing disaster recovery situations Your recovery plan becomes a living document Members of your IT organization recognize the necessity of such a disaster recovery concept, and plan accordingly Awareness of your disaster recovery strategy is increased

Business Continuity during 9/11 Lessons Learned Plans must be updated and tested frequently All types of threats must be considered Dependencies and interdependencies should be carefully analyzed Key personnel may be unavailable Alternate sites for IT backup should not be situated close to the primary site Copies of plans should be stored at a secure off-site location \

Business Continuity during 9/11 Mitigation Strategy Create a plan to verify and validate the Business Continuity Plan and Disaster Recovery Plan on a regularly schedule basis Consider other threats outside of the natural type Document a communication plan and/or call plan with primary and secondary resources Carefully evaluate proper location of your backup and/or disaster recovery site Maintain configuration items (documentation, hardware, and software) in a shared area

Business Continuity during Hurricane Katrina Lessons Learned Communications outages made it difficult to locate missing personnel. Lack of electrical power or fuel for generators rendered computer systems inoperable. Multiple facilities were destroyed outright or sustained significant damage. Some organizations may not have anticipated or prepared for the extensive destruction and prolonged recovery period resulting from Hurricane Katrina.

Business Continuity during Hurricane Katrina Mitigation Strategy Automate the business continuity and/or disaster recovery process Plan for short-term and long-term recovery periods Test your plans based on current knowledge of potential threats Establish multiple recovery locations in anticipation of threats that shutdown of your primary site

Summary People, Processes, and Technology need to be addressed during Business Continuity Planning Threats can be traditional and non-traditional Proper planning and guidance prior to a disaster and/or threat can assist in managing/mitigating leadership challenges Past disasters and/or threats can promote more accurate planning and plan maintenance learn from mistakes

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback