Transcript Business Continuity Basics

Business Continuity Basics
David Tickner MBCI
Business Continuity Planning
• What is it?
• Why is it so important?
• What part can you play?
• What’s in it for you?
2
What is BCP?
• the processes by which business can be maintained to
an acceptable level until full processes and systems are
restored
• the plans and supporting procedures that guide the
continuity or timely recovery of business operations
following an unplanned interruption to business
operations over an extended period
• BCP is about minimizing the impacts of critical events
on an organisation and its stakeholders [internal and
external]
3
Business Continuity in context
Disaster Recovery - the creation & execution of
plans to recover the data & systems of an
organisation to the point immediately prior to the
interruption
Contingency - the physical or process alternative to
a single point of failure eg. Back up generator for
power failures
Operational Continuity - the alternative processes
implemented during a failure, which allow the
“process” to continue, whilst relying on the
contingencies or DR Plans to restore full
operations
Business Continuity - the processes by which
business can be maintained to an acceptable level
until full processes and systems are restored
Where does BCP Fit In
A Key Component of Compliance & Business Resilience
MYTHS & ASSUMPTIONS
Emergency
Management
IT/DRP
Risk
Management
BR
BCP
Crisis
Management
•
If you have an IT DR Plan you don’t
need BC Planning
•
Contingency planning and risk
management cover BCP
•
We’ve already got Evac. Plans
•
We’re well insured against losses
•
We’ve been OK until now and
survived a few problems – we’ll be
OK!
•
BCP is a minimalist approach
Goals of BC Planning
• To identify the organisation’s key processes
• To identify the critical underlying technology &
services
• To identify the critical stakeholder relationships
• To identify the alternative approaches
• To establish a plan[s] that can be readily and
effectively activated
• To provide real operational alternatives
6
In the event of…….
The nature of the major impact incidents would be those that result in:
– Extended loss of, unavailability of or denial of access to the organisation’s
major location at .....................................;
– Extended loss of, or unavailability of key personnel required to deliver the
key functions;
– Extended and significant interruption to critical supply chain goods and
services;
– Extended loss or unavailability of critical infrastructure necessary for the
operation of the organisation or the delivery of its services;
– Extended loss of or unavailability of key information/vital documents,
including electronic data & systems,
Or the combination of or consequential impacts of any of the
above impacts.
Why is BCP so important?
• Recent international and business crisis events
– September 11
– Asian Tsunami
– BP Oil Rig blow-out
- Hurricane Katrina
- Christchurch ‘quakes
- Carbon Tax
• Corporate governance/compliance
– Sarbanes-Oxley, APRA, ASIC/ASX, because of failures like
• HIH Insurance, Enron
• Protecting assets, employees and stakeholders
– The influenza pandemics
• Government - for the public good
– New fire warning and evacuation regulations
– Public transport, public safety
8
The Basic BC Planning Model
9
Identifying Key Stakeholders
Supplier’s
Supplier(s)
Supplier
Customer
Customer’s
Customer(s)
A
C
S
S
B
S
Your
Organisation
C
A
C
B
Potential impacts on you
Potential impacts you could create
Recovery Actions
– too soon? Or too late?
COST/IMPACT
Short RPO
RPO
RTO
Unrealistic
- Cost
Realistic
- Optimal
time, cost
& Impact
Long RPO
MAO
Unrealistic
- Impact &
Time
TIME
A Simple BCP
Everyone has done BC Planning before.
Just take a holiday…..seriously
The Safeway Warehouse Fire
A perfect scenario…..
13
In review
What went right?
What went wrong?
The Real Benefits of BCP
•
•
•
•
•
Maintaining a viable ongoing business
Continuity of key services
Reduces and manages uncertainty
An aid to meeting legal and moral commitments
Protection of:
–
–
–
–
Staff & staff confidence
Assets
Reputation
Economic position
• A firm level of security for both suppliers and
customers
15
Establishing a lasting & effective
culture
Business Continuity Essentials:
– Corporate Commitment
– Staff understanding & training
– Stakeholder engagement
– Planning & testing
– Continuing Review and Revision
Your Presenter
David Tickner MBCI
Consulting Principal – Computrix Services P/L