Building a Standard for Business Continuity Planning

Similar documents
Strategic Business Continuity Management

US Business Continuity Safeguarding Your Business from a Disaster

Business Continuity and Natural Disaster Resilience: Where Are We Heading? Adopting best practices for weather safety based on new science

NATURAL DISASTERS AND THE WORKPLACE

Evaluating Your Business Continuity Plan: Beyond Checklists and Walkthroughs. Troy Harris, Director McGladrey LLP. All Rights Reserved.

BUSINESS CONTINUITY PLANNING WORKPROGRAM

The Six Stages of a Crisis. Stage Five: Resolution

Coastal Equities, Inc.

Navigating the Intersection of Vendor Management and Business Continuity

Building and Maintaining a Business Continuity Program

10/9/2013. How to Create an Effective Disaster Recovery Plan. Hurricane Ivan and the Clover Hill Foods Flood of 2004 PRESENTERS

Security Guideline for the Electricity Sector: Business Processes and Operations Continuity

Fordham University BCP / DRP Lunch. Lunch

Business Continuity & IT Disaster Recovery

An introduction to business continuity planning

DISASTER PREPAREDNESS Guide & Template

Emergency Management, Business Continuity, & Crisis Management Self-Assessment Checklist

How Does Business Continuity Differ from Emergency Preparedness?

Essential Concepts. For Effective. Business Continuity Planning

WIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL WIC AGENCIES. Peg Jackson, DPA, CPCU National WIC Association

University of Houston Business Continuity Planning Office of Emergency Management

BUSINESS CONTINUITY FOR FINANCIAL ADVISOR USE ONLY

Business Continuity Management for Singapore s Logistics Sector. By Singapore Business Federation and Singapore Logistics Association

Global Crises: What We Really Need to Do to Be Prepared. Day One / Session C5

Disaster Recovery Planning

ShakeOut Drill Scripts For Businesses and Organizations

Eastman Chemical Implements AtHoc Networked Crisis Communication

CSI Document Services (Formally MSI) Summary DR Document

Business Continuity/ Disaster Recovery. Sean Gunasekera

Business Continuity & Disaster Recovery

12.0 Business Continuity Management

Business Continuity Planning. Diane Engstrom Christian Brothers Risk Management Services

Presentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC

PUBLIC SAFETY California State University Los Angeles

Business Continuity Planning and Disaster Recovery Planning

Mass Notification System

Global Security. Tunisia, Egypt, Libya Situation. Response. Microsoft Office System Customer Solution Case Study

How Your Business Survival Depends On Disaster Recovery.

Concur Travel & Expense, Invoice Risk Management, TripIt!, ExpenseIt!

OPERATIONAL SUPPORT FUNCTION Emergency Level Notifications. Office of Emergency Management

Guide to Business Continuity and Recovery Planning

Duty of Care. Good corporate social responsibility means implementing effective workplace health and safety measures.

Update from the Business Continuity Working Group

Developing an Effective Disaster Recovery Plan

My name is Sam Mulholland and I am the Managing Director of Standby Consulting.

Infrastructure Hosting Service. Service Level Expectations

JCU Business Continuity Management Plan

BUSINESS CONTINUITY MANAGEMENT POLICY

Reinventing the IT War Room:

GUIDE TO BUSINESS CONTINUITY MANAGEMENT

Best Practices for Enhancing Emergency and Disaster Preparedness and Restoration

Head of Security and Business Continuity

Yale University Business Continuity Planning Quick Start Guide

(ISC)2 CISSP EXAM BUNDLE

Protect Your SharePoint Data

IBM Smarter Cities Public Safety Emergency Management

Business Resilience: Equipping the FM for Success

Melanie Quinlan, Business Continuity & Compliance Manager, Resources & Quality Assurance

SI Securities, LLC Business Continuity Plan

CLICNET TELECOMMUNICATIONS INC. Business Continuity Plan

MANAGING STAFF DURING CRISIS SITUATIONS

Business Continuity Plan Activation and Review

Business Continuity Planning & Simulation Testing:

Survival Preparedness and Self Sufficiency A Summary. Matt Carpentier Sault Tribe of Chippewa Indians Emergency Management

Business Continuity Planning

Achieving Business Resilience in HEALTHCARE

Disaster Preparedness & Your Supply Chain

SunGard: Cloud Provider Capabilities

Disaster Preparation and Training Sample Proposal

Protecting your Vital Records from Natural and Man-Made Disasters

2016 Business Continuity / Disaster Recovery Internal Audit Report

10 REASONS WHY YOU SHOULD INVEST IN RESILIENCY

6 Key Elements of Successful DRaaS

ENTERPRISE CONTINUITY PLANNING PRINCIPLE OF DISASTER RECOVERY AND ENTERPRISE CONTINUITY. Presented by: John O. Adeika

Guide to Business Continuity and Recovery Planning

evaluate UCaaS providers and ensure you make an informed decision

CONTINUITY OF OPERATIONS (COOP) WORKSHEETS

FEMA s National Risk Index

EMERGENCY MANAGEMENT EMERGENCY SUPPORT FUNCTION (ESF #5) FORMERLLY ASSESSMENT INFORMATION PLANNING

Business Resilience: Proactive measures for forward-looking enterprises

bizsafe Level 2 Ver. 1.0 by MOM/WSH Council. For Authorised Use Only. All Rights Reserved.

Business Continuity. Building a Program Fit for Purpose

Welcome to Customer Support for Fax2Mail

Business Continuity Guide 2017

Defending the Fortress Women in FM 15 th July Samantha Bowman Senior Facilities Manager

WHO Guidance for business continuity planning World Health Organization

Relax and eat your breakfast. Thanks for coming to listen to me today, before we are done you will wish it was Friday.

Business Loans Network Limited ("ThinCats", the Firm ) Business Continuity Policy ( BCP ) v.2

Cloud Failover Appliance

The Easy Guide to Determining Business Continuity Strategies

Business Continuity Advice. Loss of premises

Incident Management Systems:

In the Wake of a Disaster: Business Continuity Planning Tips and Lessons Learned

Alumni and Development Systems SLE

Information Technology Division Service Level Agreement (SLA) Description and Process

Change Management Process

Transcription:

Building a Standard for Business Continuity Planning John Lugo Sr. Business Continuity Analyst April 17, 2012 1

April 16 18, 2012 Talking Stick Resort Scottsdale, Arizona Business Continuity @ Citrix

Statistics Over 36% of organizations reported incidents of workplace violence Source Society for Human Resource Management (SHRM)

Agenda Business Continuity Goals Global Core Business Continuity Team Structure Regional Business Continuity Plans Disaster Recovery / Business Continuity Testing Crisis Communications Employee Safety and Awareness Programs

Business Continuity Goals Maintain business critical functions and services before, during and after a wide range of disaster events Limit the impact to operations and the magnitude of any financial loss Ensure rapid recovery and timely resumption of company operations to protect employees, customers, shareholders and company reputation The formal BC plans combine preventive and recovery measures; the plans are updated, tested and communicated regularly to ensure effectiveness in mitigating business disruption

Global Business Continuity Team The Teams mission is to provide overall direction / preparation and recovery efforts Team members are a mixture of diverse departments including IT, HR, Legal, Facilities, Physical Security and Finance On Site Recovery Teams are the boots on the ground team responsible for individual offices in EMEA and Pacific Business Unit contacts are part of the Non Core BC Team Structure

Emergency Management Team (EMT) Provide overall recovery / preparation direction Provide strategically response and incident management Ensure Business Continuity Team communication Monitor event activity Escalate alert levels to all team members Facilitate communication with the Executive Management Committee Ensure the appropriate and adequate disaster response

Communications Team Provides communication to all parties including employees, vendors, public service agencies, customers Communication methods including emergency notification systems, email, vmail, external / internal web pages, press releases, media Team conveys a message on behalf of company

Campus Response Team Operational response and business direction Prepare property and equipment for the impending disaster event Provide HR related assistance for building items (people staying on site, building closures, parking garages, etc. Damage assessment from a disaster and its impact on continuing operations; assistance with insurance claims Secure buildings and grounds; liaise with landlord Historian Function Documenting all critical decisions once an event has occurred and keeping track of expenses

Business Readiness Team Make necessary arrangements to implement disaster business operations in accordance with business plan for each unit Provide a tactical response and business direction Act as a liaison with the Business Unit Teams Provide travel assistance for recovery team members Ensure critical business functions are operational at alternate processing centers

On Site Recovery Team Drivers of decisions regarding: Recovery of office Well being of employees Alternate relocation plans Communications out to employees in affected location(s)

Business Continuity Planning Scenarios Our Business Continuity plans are based on two incident types 1) Unexpected Disaster Fire, flood, earthquake, tornados, terrorist act, explosion, workplace violence, flu outbreak 2) Expected Scenario Scheduled protests, scheduled power outages / rolling blackouts Hurricane / severe weather due to our South Florida exposure; lead time allows for storm preparedness

Business Impact Analysis (BIA) The BIA is the initial step for Business Continuity planning from which the whole BCP program is built Provides the data from which appropriate continuity strategies can be determined Ranks core business activities Grades activities from a financial and non financial impact Determines interdependencies Defines Recovery Time Objectives (RTO) Defines process, people, equipment and IT systems needed to meet continuity objectives

Disaster Recovery Strategies What technology based solutions do you incorporate in your BC Program? Cloud computing, data replication, clustering, failover circuits, redundant equipment, restore from tape, software as a service (SAS) Bring Your Own Computer (BYOC) Program Desktop virtualization Work Anywhere Initiative

Business Continuity Plans Structure your plans around the responses from your BIA Plans contain critical processes and procedures to recover business functions in the event of an emergency interruption Individual plans are regional, country and business unit specific and are updated annually

Emergency Response Plans Build your ERPs with the help of executive management host a table top exercise ERPs are based on worse case scenario; anything less severe becomes a subset of the plan Develop plans for specific incidents hurricane, earthquake, active shooter scenario

IT Disaster Recovery Test Based on your requirements, do you have a Hot Site, Cold Site, Warm Site? Review the responses from your BIA to ensure that your critical applications and services reside in your DR environment Create a detailed site bring up script that is simple to follow Do you have plans in place to fail back to Production? Exercise your IT DR Plan at least once a year

Workplace Recovery Test In the event your office is inaccessible for a period of time, where are your employees going to relocate? Leverage offices in other cities / countries Work from home vs contracted office space Exercise your workplace recovery plan once a year Document your results and forward to senior management

Emergency Response Tests Develop realistic scenarios that your organization is likely to experience Establish a strong relationship with external agencies including local fire departments and emergency responders Work with senior management and HR to develop an emergency response plan around workplace violence Coordinate emergency evacuation drills with Facilities Exercise emergency response tests annually

Measurable Results April 16 18, 2012 Talking Stick Resort Scottsdale, Arizona

Crisis Communication Plan Establish a crisis communication program with the Core Business Continuity Team Plan should identify all stake holders that are inclusive of emergency communications employees, clients, vendors, media, EMC Draft sample communications around realistic scenarios that could affect your location Have HR and Public Relations review communications before distribution

Communicate! Emergency notification systems Communicate quickly Push/pull communications Pre script communications Wallet cards and badges Satellite phones

Crisis Communication Tools Use internal resources Telecom Team, PBX, PA system, intranet Sharepoint site, company website Toll free emergency notification numbers for employees Blast emergency alerts through vmail Emergency Notification Software Sungard, Everbridge; sends messages via mobile, email, text, etc Satellite phones service is available even if infrastructure is down

Train the People in Charge Develop table top exercises with Core Business Continuity Teams Research emergency response training through local agencies Red Cross, Fire Departments, SWAT Teams, C.E.R.T. Review the roles and responsibilities with the Core BC Team annually Ensure that the global teams buy into the Standards of Business Continuity Deliver a robust employee safety program, even if there isn t a requirement by law in a particular country!!

Practice Emergency evacuation drills Bomb threat procedures Workplace violence process Emergency training Awareness newsletters Emergency information cards

New Employee Orientations Work with HR to include overview of Business Continuity Program Review emergency evacuation procedures Ensure that employees know where to find BC and DR documentation If possible, make training a mandate for compliance

Communications out to Employees Develop communications around specific incidents hurricane season, earthquake scenario, emergency evacuations Work with Business Unit leads to ensure that teams understand recovery processes Work with HR to develop a newsletter Post Incident Response Action Items in break room or common areas evacuation routes, assembly points, security hotlines

Plans Put into Practice Scenario 2 Scenario 1

Hurricane Wilma at HQ When: October 24 th 2005 Damage: 3 out of our 4 buildings closed for over a week 6 million people without power Local infrastructure damaged Pre storm activities completed Campus prepared Key business teams and IT flown out of area Communication schedule established with employees Post storm Reserved hotel rooms out of the area Employee assistance program Employees helping employees intranet site Post mortem review Long term office opened for customer facing teams out of the path of hurricanes HQ Location

Pandemic Planning Avian, H1N1, H3N2 and Influenza B Viruses Citrix Planning Creation of Pandemic Influenza Continuity Plan Phased alerts from the World Health Organization and the Center for Disease Control Updated internal policies; infected employees requested to stay home until symptoms subsided Employee awareness Communications sent to employees around best practices Travel recommendations posted on Intranet site Manager communication and training Distributed messages to managers around working with employees; options include working from alternate locations

Earthquake in Japan Damage: 10 employees overnight in office (elevator was on limited power) Office closed for 3 days Most employees worked from home leveraging our own products Daily meetings held with on site recovery teams (IT, Facilities and HR) Alternate relocation plan for employees (150 hotel rooms in Hiroshima) Resources sent to Tokyo from CA office Lessons learned: Creation of on site recovery teams for other regions Upgrade emergency notification system in Tokyo

Wrap Up Make sure your plans are flexible Revisit your strategy around DC infrastructure physical vs virtual Partner with key Business Units (IT, Facilities, HR) in other offices to help you build and test plans Include end users within your testing platform People come first!!

Building a Standard for Business Continuity Planning John Lugo Sr. Business Continuity Analyst

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback