1 / 18

August 2013

August 2013. Business Continuity Management (BCM) A 10,000 foot view of the BCM lifecycle model and how it integrates with IT solutions design and services management. Simon Stannard CBCI. Business Continuity Management (BCM).

moe
Download Presentation

August 2013

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. August 2013 Business Continuity Management (BCM) A 10,000 foot view of the BCM lifecycle model and how it integrates with IT solutions design and services management. Simon Stannard CBCI

  2. Business Continuity Management (BCM) Business Continuity Management (BCM), a 10,000 foot view of the BCM lifecycle model and how it integrates with IT solutions design and services management. Starting with the core levers, Policy and Governance I will will walk through the lifecycle from Impact Analysis through to Exercising and Maintaining plans. This will demystify what Business Continuity means for IT itself as most IT shops struggle to accurately describe their essential services.

  3. Topics covered • What is Business Continuity (BC) • Why is it important • Organisational Resilience (OR) • What is OR and what does BC have to do with it • What 80 Aussie CEOs thought • Where the Aussie CEOs went for information on resilience • Resilience tools, frequency of mention • Trust • The Business Continuity Management (BCM) Lifecycle • BCM Programme Management • Understanding the Business, Impact & Risk • Strategy • Planning • Exercise & Maintain • Imbedding • More Information

  4. What is Business Continuity • Business Continuity Management is a practice to ensure your organisation can continue to deliver critical functions/essential services in periods of disruption.

  5. Why is business continuity planning important? • Disruptions will occur – it is important you are prepared when they do • People depend on your service • Increased expectations around delivery of service • Competitors will take your business if you can’t step up

  6. Organisational Resilience What 80 Aussie CEOs thought…. • an effective business as usualcapability (Short term – BCP) • the ability to change and adapt (medium term – organisational culture) • the ability to actively shape the environmentof the organisation (longer term – continuous innovation)

  7. Organisational Resilience • CEOs go to HR, the board and then general staff before specialist in BCP or technicians Where the Aussie CEOs went, what they use

  8. Organisational Resilience • Business continuity plans are seen as BAU rather then organisational resilience related Resilience tools, frequency of mention

  9. Organisational Resilience • CEOs see trust as a key aspect of delivering organisational resilience. They go to those they trust - people they can be certain of. • Trust means they have a pattern of prediction about behaviour and ability to deliver. Develop plans you can trust, become trusted. Trust: The key cultural aspect

  10. The BCM Lifecycle

  11. BCM Programme Management • Ownership / Responsibility • Standards: eg ISO22301, ISO/IEC FDIS 27031:2010 • Policy • Budget: Time and money • Impact vs scenario planning

  12. Impact & Risk (BIA) • What are: • Your essential services and functions? • Maximum tolerable period of disruption • Minimum resources required to continue function • People, facilities, systems, dependencies (internal and external) • Conduct Risk assessment • BIA is an Input to IT: • Service Design, Solution Design • Change Management

  13. Business Impact Assessment Template (Example)

  14. Strategy • Perform a gap analysis • Risk tolerance (how much will you accept?) • What are the options? • outsourcing • replication of function and or Systems • 3rd party recovery sites, work from and/or Disaster Recovery • standby, suspend or do nothing • insurance • The strategy needs to be realistic and workable

  15. Plan • Short and sweet • Identify who is the end user • Contain • checklists • process flows • key contact information • Document agreed strategies • purpose • manual workarounds and DR invocation • Realistic and workable

  16. Exercise and Maintain • Train staff • Regular exercising of arrangements • staff know what to do • ensure up to date plans • increased business confidence • Helps embed business continuity in your organisation • Develops mature business continuity arrangements

  17. Embedding BCM into business practice • On-going engagement with stakeholders • Exercise, exercise, and exercise • Communicate, communicate and communicate • Build BC into organisational processes • Procurement • Services, Mail, Energy, IT, Telco etc • Supplies, goods (in particular asses JIT logistics) • Change management • Organisational Structures & Functions • Business Process changes – how affect ratings of Systems • Any disruption or change in the business also creates the opportunity to review BC arrangements (…..Newcastle Song).

  18. More information • Standards New Zealand • ISO22301, ISO/IEC FDIS 27031:2010 • Business Continuity Institute • www.thebci.org • Membership recommended • Essential reading; The Good Practice Guidelines 2013 (free with membership otherwise 30 pounds sterling) • Continuity magazine. Free quarterly magazine (downloadable) • For Government • GSBCG - • LinkedIn Search for: New Zealand Government Sector Business Continuity Group

More Related