TSC Business Continuity & Disaster Recovery Session

Size: px
Start display at page:

Download "TSC Business Continuity & Disaster Recovery Session"

Transcription

1 TSC Business Continuity & Disaster Recovery Session Mohamed Ashmawy Infrastructure Consulting Pursuit Hewlett-Packard Enterprise Saudi Arabia

2 Session Objectives and Outcomes Objectives Share the key aspects of BCDR Business Impact Analysis Service Walkthrough Risk Assessment Service Walkthrough Outcomes Common Understanding on: Business Impact Analysis Risk Assessment Existing delivery capabilities Next Steps

3 Agenda 1 Industry Outlook and Challenges 2 3 HPE Transformation Area 2 Point of View Business Continuity Management Key Aspects 4 Business Impact Analysis Risk Assessment GFS Capability Overview HPE Value Differentiation & Next Steps

4 Industry Outlook & Challenges

5 Gartner Predicts 2015: Business Continuity Management and IT Disaster Recovery Management Demand over legacy backup applications In 2015, focus on improving operational resilience with more automation By 2018, 50% of organizations will use managed failovers By year-end 2020, 15% of organizations will fail due to inadequate protection Source: Gartner Predict 2015

6 Why we should focus on BCDR Market Forecasts and Analysis Business Potential According to Research and Markets agency, the GRC solutions and services market including BC & DR will grow at a 14.7% CAGR to $31.77 billion through 2020 approximately three times the growth rate of the overall GRC market from 2015 How much we can get here? BIA & RA Services are critical steps to generate more and more BCDR opportunities Source : Markets-Enterprise-Governance-Risk-Compliance-Market#.Vd6la_mqqko

7 Gaps in Today s BC & DR Arrangements Market Demand Lack of DR Planning, testing and resources 60+% do not have a fully documented DR plan Remaining 40% DR plans did not prove very useful when it was called on to respond to their worst disaster recovery event or scenario. Almost 65% enterprises are failing in DR testing Financial Impact due to service outage 36% organizations lost one or more critical applications, VMs, or critical data files for hours at a time over the past year 20% organizations indicated losses of more than $50000 to over $5Mn Major causes of outages 50% software failure + network failure 23.5% human error 24% power failure 2.5% weather Source : Disaster Recovery Preparedness Benchmark Survey (DRP)

8 Let s hear your voice! Open HPE Events App, and answer the following question to participate Do you leverage automation and orchestration in your disaster recovery plans in order to improve business outcomes?

9 HPE Transformation Area 2 Point of View

10 Transform to a hybrid infrastructure Protect your digital enterprise Protect your most prized digital assets whether they are on premise, in the cloud or in between. Enable workplace productivity Empower the data-driven organization

11 Protect your digital enterprise Protect Detect & Respond Recover Build it in Identify the threats you face, assess your organization s capabilities to protect your enterprise, Harden your applications, protect your users, and encrypt your most important data Proactively detect and manage breaches Help reduce time-to-breach-resolution with a tight coupling of analytics, correlation, and orchestration. Establish situational awareness to find and shut down threats at scale Safeguard continuity and compliance Drive resilience and business continuity across your IT environments, systems, and applications. Reduce risk with enterprise-wide governance, risk & compliance strategies BIA and RA Services fall under Recover

12 HPE Business Continuity Management Key Aspects

13 HPE Business Continuity 5 Step Approach Global Best Practices & Standards Alignment Business Continuity Program Management 5 Exercising, Maintenance & Audit Building & Embedding BCM Culture 4 1 Understanding your Business BC Program Management Building Resiliency & Continuity Strategies Develop & Implement BCM Response HPE BCM Framework 3 2 Business & Compliance Requirements 1. Understanding the Business Criticality, Compliance mandate, data center operations, support services to identify continuity & recovery requirements. 2. Building Resilience and Continuity Strategies basis the continuity related Risks identified in BIA and RA. 3. Developing and Implementing a Response Plan to Respond to and Manage Service Disruptions. 4. Institutionalizing Business Continuity framework & processes as part of operations to build Business Continuity Maturity. 5. Exercising Business Continuity readiness; Updating of BC Plans and Independent Audit.

14 Business Continuity Management Framework BCM Governance Policies & Standards Roles & Responsibility guide BCM Program Management Office Management Review Policies & Standards Roles & Responsibility guide BCM Program Management Office Management Review Understand Business Requirements Business Process Identification, priority & criticality Compliance Statement Planning Structure Business Impact Analysis Risk Assessment Interdependencies Third Party Independencies Risk Assessment Recovery requirements IT Dependencies Service Level Agreements (SLAs) Interruption Insurance Business Continuity Strategies BC Plan, Design & Implementation People and Process Alternative strategies against the results of BIA exercise Third Party continuity strategies IT Operational Process Requirements Single Point of Failures mapping IT Resiliency & Recovery strategy Business Continuity Plans Crisis Management Plans Crisis Communication Plans Command Center Plan Pandemic Response Plan Emergency Response Plan Business Resumption Work area recovery (Facilities) Plan Return to Home Plan Technology Disaster Recovery Plans Incident Management Plan Recovery Strategy Design Failover and Failback strategy design Data Backup and restoration plan design Plan Administration Post Mortem analysis and reporting DR Testing and simulations Post Mortem Process Audit & Compliance Exercise and Testing On-going improvements Plan Maintenance Align newly Training and Awareness designed/revised Plan Audit strategy/plans with regulatory requirements Compliance report as per legal, regulatory and contractual requirements On-going improvements Align newly designed/revised strategy/plans with regulatory requirements HPE BCM Framework is aligned to ISO Standard

15 Business Impact Analysis Service

16 Objectives Challenges Identify operational and financial impacts due to business disruptions Identify minimum operating requirements Lack of knowledge of financial, reputation and legal impact on the organization No process classification to document the criticalities of organizational assets Associated process interdependencies not identified No established acceptable downtime and recovery level of critical processes Identifying operating requirements is only Resource aiming requirements at minimising necessary financial at and the operational time of a disruption impacts not identified

17 How an incident is managed BCP is a set of advance arrangements to increase organizational resilience through availability of critical processes at acceptable levels and downtimes Level of Operations Normal Level Incident Normal Level Disruption MOR Level RTO (e.g. 2 wd) Crisis duration (e.g. 7 wd) MOR delivery (e.g. 5 wd) Time RTO Recovery Time Objective MOR Minimum Operating Requirements

18 Key Terminologies BIA is the process to predict and review the consequences of disruption of a business function / activities and gathers information needed to develop appropriate recovery strategies BIA helps to identify: Process classification (Critical / Key / Others) Minimum operating requirements (RTO, MOR and RPO) Key resources (People, IT and Infrastructure, 3rd party vendors, documentation) BIA output drives necessary recovery strategies (backup plan) for the following outage scenarios: Site, City, Country, People and Technology RTO (Recovery Time Objective) Duration of time by which a business process / activity must be resumed MOR (Minimum Operating Requirements) MOR (expressed as Head Count) to ensure recovery of operations to predefined service level RPO (Recovery Point Objective) Duration of time of acceptable data loss Process Cluster of activities which produce a defined outcome. Unified processes and not multiple processes with similar name (eg. Budgeting, Payroll management, Event Management within Marketing) Functions Is an entity or team which is typically characterized by a special area of knowledge or experience (HR org wide function, Payroll org wide function, Marketing function)

19 Proven risk assessment methodology aligned to ISO BIA Concepts BIA defines the priorities for recovery of critical operations Identifying and evaluating the impact of disasters on business provides the basis for investment in recovery strategies as well as investment in prevention and mitigation strategies. Evaluate the potential business impact on a process not being performed: Tangible Impacts Financial Exposure Intangible Impacts Brand / Reputation Legal and Regulatory Customer Satisfaction

20 Business Impact Analysis Methodology Comprehensive impact analysis to determine critical recovery requirements Understand Assess Establish Document Structured and targeted focus reviews Process understanding Process Mapping SPOC Identification BIA workshop Questionnaire response Moderation and review Establish RTO and RPO Identify dependencies Identify resource requirements Document BIA workbook Prepare BIA report Management signoff Classification of in-scope processes into criticality continuum Knowledge of recovery requirements Establishing internal & external dependencies Independent review with SMEs Alignment to organization s strategic goals Interviews, workshops, templates

21 Deliverables # Deliverables 1 Kick off Presentation 2 BIA Walkthrough Presentation 3 BIA Template 4 BIA Summary Report 5 Closing Presentation

22 How can we help Customers? Facilitating information gathering and reviewing relevant documentation Developing process flow diagrams, mapping key internal and external dependencies Determining recovery parameters and critical activities for business processes Establishing the correct sequence of recovery activities Determining the critical resource requirements We re certified within our profession, and we re certified by our alliance partners We re experienced, we re present, and we re trusted

23 What Benefits Customers can get?

24 Risk Assessment Service

25 Objectives Challenges Holistic view of all business continuity-related risks Minimize organizational losses Ensure risks are within the organization s risk appetite Implement effective governance Lack of knowledge of key continuity risks Lack of visibility around potential threat sources to the business Residual risks not identified and evaluated Non standard mitigation plan against risks to their business Inadequate / outdated risk assessment documentation Managing risk is about creating value out of uncertainty

26 Risk Assessment Methodology Proven risk assessment methodology aligned to ISO 31000

27 Key Terminologies RA is a process that identifies risks, ranks them by likelihood + impact & implements plans to mitigate these risks RA helps to identify: Key Terms Key risks to the organization Strength of existing controls New controls for implementation Effective governance structure RA output drives necessary mitigation plans to be implemented Low Risks The risk merits management awareness, but does not require remedial action Medium Risks Overall risk is manageable with some senior management intervention and remediation High Risks Risk is significant and strong remediation is required

28 Proven risk assessment methodology aligned to ISO Risk Concepts Risk is the effect of uncertainty on objectives Organizational objectives can be Strategic, Tactical or Operational Effect : Deviation from the expected Positive / Negative Often expressed in terms of combination of the Consequences of an event and the likelihood of occurrence High / Medium risks can be treated, transferred, terminated or tolerated

29 Risk Assessment Methodology Clear deliverables Understand Assess Mitigate Document Structured methodology Process understanding Process Mapping SPOC Identification Defining risk methodology and risk appetite Evaluating risks Computing residual risks Define mitigation plan Assign timelines and owners Prioritize mitigation actions Document risk register Prepare risk report Management signoff Aligned to best practices Compliance to industry standard Independent review with SMEs Alignment to organization s strategic goals Interviews, workshops, templates Long term governance centric

30 Deliverables # Deliverables 1 Kick off Presentation 2 RA Walkthrough Presentation 3 RA Questionnaire 4 Risk Register 5 RA Summary Report 6 Closing Presentation

31 How can we help? Facilitating information gathering and reviewing relevant documentation Developing process flow diagrams, mapping key internal and external dependencies Determining residual risk for business processes, sites and the organization Establishing necessary mitigation plans for various identified risks in line with the risk appetite Assisting in the closure and ongoing evaluation of continuity risks We re certified within our profession, and we re certified by our alliance partners We re experienced, we re present, and we re trusted

32 What Benefits Customers can get?

33 HPE Value Differentiation

34 Our Value Differentiation Help to identify Single Point of Failures Assurance to reduce cost of operations Drive customer satisfaction enhance brand value, drive top line growth & reduce cost of non performance Drive consistent customer experience Support to Improve Service Availability Reduce Service disruptions Help to provide Regulatory Compliance Assurance

35 Let s hear your voice! Open HPE Events App, and answer the following question to participate State 2 of the building blocks to achieve the BCDR

36 Questions

37 Thank You Mohamed Ashmawy HPE TSC Pursuit Saudi Lead

Business continuity management and cyber resiliency

Business continuity management and cyber resiliency Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

How to Conduct a Business Impact Analysis and Risk Assessment

How to Conduct a Business Impact Analysis and Risk Assessment How to Conduct a Business Impact Analysis and Risk Assessment By Larry Pedrazoli Business Recovery Analyst Miller Brewing Company February 2006 Project Management Institute, La Crosse, WI Chapter Agenda

More information

Rejuvenating BCM - Infrastructure. Business Continuity Awareness Week March 2009

Rejuvenating BCM - Infrastructure. Business Continuity Awareness Week March 2009 Rejuvenating BCM - Infrastructure Business Continuity Awareness Week 23 27 March 2009 Brigitte Theuma MBCI, CBCMMA, CBCMP, CBCITP, MIAEM 23 March 2009 Total of 5 pages Table of Contents I. ICT Service

More information

Business Continuity Management: How to get started. Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018

Business Continuity Management: How to get started. Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018 Business Continuity Management: How to get started Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018 Introduction Tony Drewitt - Managing Director: IT Governance UK and EU One

More information

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY RSA ARCHER BUSINESS RESILIENCY INTRODUCTION Organizations are becoming a complex tapestry of products and services, processes, technologies, third parties, employees and more. Each element adds another

More information

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting

More information

Table of Contents. Sample

Table of Contents. Sample TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION... 4 1.1 GOALS AND OBJECTIVES... 5 1.2 REQUIRED REVIEW... 5 1.3 APPLICABILITY... 5 1.4 ROLES AND RESPONSIBILITIES SENIOR MANAGEMENT AND BOARD OF DIRECTORS...

More information

INTELLIGENCE DRIVEN GRC FOR SECURITY

INTELLIGENCE DRIVEN GRC FOR SECURITY INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to

More information

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO

More information

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Charting the Course... Certified Information Systems Auditor (CISA) Course Summary Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business

More information

Disaster Recovery and Business Continuity Planning (Mile2)

Disaster Recovery and Business Continuity Planning (Mile2) Disaster Recovery and Business Continuity Planning (Mile2) Course Number: DRBCP Length: 4 Day(s) Certification Exam This course will help you prepare for the following exams: ABCP: Associate Business Continuity

More information

locuz.com SOC Services

locuz.com SOC Services locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security

More information

BCM s Role in Effective Risk Management: A Risk Manager s Point of View

BCM s Role in Effective Risk Management: A Risk Manager s Point of View BCM s Role in Effective Risk Management: A Risk Manager s Point of View Date: March 24, 2015 Presenter: Randall Davis, MBA, IBD, CPCU, ERM, ARM, ARM E, ABCP Agenda for this session Explore the case for

More information

Disaster recovery strategic planning: How achievable will it be?

Disaster recovery strategic planning: How achievable will it be? April 16 18, 2012 Talking Stick Resort Scottsdale, Arizona Disaster recovery strategic planning: How achievable will it be? Prudence Marasigan Ernst & Young Advisory Services, Senior Manager prudence.marasigan@ey.com

More information

Accelerate Your Enterprise Private Cloud Initiative

Accelerate Your Enterprise Private Cloud Initiative Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service

More information

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business

More information

Implementing a Global Business

Implementing a Global Business GLOBAL OPERATIONS Implementing a Global Business Continuity Management Program Disaster Recovery Journal Spring World 2010 Conference Pfizer Inc. Managing Business Continuity on a Global Scale This presentation

More information

Building a BC/DR Control Library and Regulatory Response Program

Building a BC/DR Control Library and Regulatory Response Program Building a BC/DR Control Library and Regulatory Response Program David Garland, Senior Director, Disaster Recovery & Regulatory Compliance, Business Continuity Management CME Group Regulatory Compliance

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Cyber Security importance by Ashraf Hasanov Business Continuity Expert BCMS BS25999 Lead Auditor Regional Disaster Response Team Member of IFRC What could stop your business?

More information

Session 5: Business Continuity, with Business Impact Analysis

Session 5: Business Continuity, with Business Impact Analysis Session 5: Business Continuity, with Business Impact Analysis By: Tuncay Efendioglu, Acting Director Internal Oversight Division, WIPO Pierre-François Gadpaille, Audit Specialist (Information Systems),

More information

Business Continuity Management Standards A Side-by-Side Comparison

Business Continuity Management Standards A Side-by-Side Comparison Business Continuity Standards A Side-by-Side Comparison By Brian Zawada (CBCP) & Jared Schwartz (CBCP) Whether your organization has begun a grassroots initiative to develop a business continuity plan

More information

Introduction to Business Continuity Management

Introduction to Business Continuity Management Introduction to Business Continuity Management Audio Presented by ABD s Occupational Health and Safety Team Featuring The Cross Connection JULY 24, 2018 Speaker Panel ABD Insurance & Financial Services

More information

Introduction to Business continuity Planning

Introduction to Business continuity Planning Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources

More information

Business Continuity Risk Management IT Service Continuity

Business Continuity Risk Management IT Service Continuity Business Continuity Risk Management IT Service Continuity The Three Musketeers All for one, one for all Author: Athol Culpan, Isaacs George and Ray Botardo Agenda Introductions Athol Culpan Case Study

More information

Continuity of Business

Continuity of Business White Paper Continuity of Business SAS Continuity of Business initiative reflects our commitment to our employees, to our customers, and to all of the stakeholders in our global business community to be

More information

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it

More information

Business Continuity & Disaster Recovery

Business Continuity & Disaster Recovery knowledge partner MARKET INSIGHT Business Continuity & Disaster Recovery Considerations for Saudi Organizations /mobily @MobilyBusiness 056 010 0901 I business.sales@mobily.com.sa About Us Mobily; the

More information

Appendix 3 Disaster Recovery Plan

Appendix 3 Disaster Recovery Plan Appendix 3 Disaster Recovery Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A3-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision

More information

PECB Change Log Form

PECB Change Log Form GENERAL INFORMATION Owner / Department* Approver / Department * Training Development Department Quality Assurance Department Date of Approval* 2019-01-09 Course name: Language: New Version: Previous Version:

More information

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust

More information

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy NHS Gloucestershire Clinical Commissioning Group 1 Document Control Title of Document Gloucestershire CCG Author A Ewens (Emergency Planning and Business Continuity Officer) Review Date February 2017 Classification

More information

AUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014

AUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014 UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY Report No. 1173 Issue Date: 8 January 2014 Table of Contents Executive Summary

More information

Infocomm Professional Development Forum 2011

Infocomm Professional Development Forum 2011 Infocomm Professional Development Forum 2011 1 Agenda Brief Introduction to CITBCM Certification Business & Technology Impact Analysis (BTIA) Workshop 2 Integrated end-to-end approach in increasing resilience

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Version Number: 3.6 Page 1 of 14 Business Continuity Policy First published: 07-01-2014 Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/2014

More information

Threat and Vulnerability Assessment Tool

Threat and Vulnerability Assessment Tool TABLE OF CONTENTS Threat & Vulnerability Assessment Process... 3 Purpose... 4 Components of a Threat & Vulnerability Assessment... 4 Administrative Safeguards... 4 Logical Safeguards... 4 Physical Safeguards...

More information

Cyber Resilience. Think18. Felicity March IBM Corporation

Cyber Resilience. Think18. Felicity March IBM Corporation Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack

More information

Business Continuity Planning

Business Continuity Planning Business Continuity Planning The Unexpected Happens Be Ready Copyright -Business Survival Partners, llc. 2011 - All Rights Reserved www.survivalpartners.biz RISK 2 Risks to National Security A secure and

More information

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion

More information

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx SAMPLE REPORT Business Continuity Gap Analysis Report Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx COMMERCIAL-IN-CONFIDENCE PAGE 1 OF 11 Contact Details CSC Contacts CSC

More information

Disaster Recovery Is A Business Strategy

Disaster Recovery Is A Business Strategy Disaster Recovery Is A Business Strategy A White Paper By Table of Contents Preface Disaster Recovery Is a Business Strategy Disaster Recovery Is a Business Strategy... 2 Disaster Recovery: The Facts...

More information

Facilities Management and Business Continuity. 10 May 2017

Facilities Management and Business Continuity. 10 May 2017 Facilities Management and Business Continuity 10 May 2017 1 Introductions Business Continuity Institute BCI SADC Chapter The Caridon Group 2 The BCI 3 The Caridon Group Consulting Group of select experienced

More information

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI CONTENTS Overview Conceptual Definition Implementation of Strategic Risk Governance Success Factors Changing Internal Audit Roles

More information

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not

More information

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by

More information

REPORT 2015/149 INTERNAL AUDIT DIVISION

REPORT 2015/149 INTERNAL AUDIT DIVISION INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results

More information

MHA Consulting BCM Metrics Resiliency Through Measurement

MHA Consulting BCM Metrics Resiliency Through Measurement 0 MHA Consulting BCM Metrics Resiliency Through Measurement Presented by: Michael Herrera, CBCP March, 2013 2009 2013 MHA MHA Consulting All All Rights Rights Reserved. Reserved. Agenda 1 Overview A Menu

More information

BCM Program Development

BCM Program Development BCM Program Development Course Description: The BCM Program Development course provides you with knowledge to develop an auditable and actionable business continuity program for your organization. This

More information

Leveraging ITIL to improve Business Continuity and Availability. itsmf Conference 2009

Leveraging ITIL to improve Business Continuity and Availability. itsmf Conference 2009 Leveraging ITIL to improve Business Continuity and Availability Samuel Lo MBA, MSc, CDCP, PMP, CISSP, CISA Data Centre Services Manager COL Limited Strictly Business itsmf Conference 2009 25 February 2009

More information

EQUINIX BUSINESS CONTINUITY ADVANCED SERVICES KEEP YOUR BUSINESS UP AND RUNNING

EQUINIX BUSINESS CONTINUITY ADVANCED SERVICES KEEP YOUR BUSINESS UP AND RUNNING EQUINIX BUSINESS CONTINUITY ADVANCED SERVICES KEEP YOUR BUSINESS UP AND RUNNING BUSINESS CONTINUITY EQUINIX BUSINESS CONTINUITY ADVANCED SERVICES The key to every successful Business Continuity Solution

More information

Business Continuity Management Program Overview

Business Continuity Management Program Overview Business Continuity Management Program Overview Improving the lives of our customers by connecting them to the power of the digital world CenturyLink Key Objective CenturyLink may modify or terminate this

More information

Why you should adopt the NIST Cybersecurity Framework

Why you should adopt the NIST Cybersecurity Framework Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive

More information

Certified Information Security Manager (CISM) Course Overview

Certified Information Security Manager (CISM) Course Overview Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,

More information

Securing Your Digital Transformation

Securing Your Digital Transformation Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,

More information

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

Making hybrid IT simple with Capgemini and Microsoft Azure Stack Making hybrid IT simple with Capgemini and Microsoft Azure Stack The significant evolution of cloud computing in the last few years has encouraged IT leaders to rethink their enterprise cloud strategy.

More information

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in

More information

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP Six Weeks to Security Operations The AMP Story Mike Byrne Cyber Security AMP 1 Agenda Introductions The AMP Security Operations Story Lessons Learned 2 Speaker Introduction NAME: Mike Byrne TITLE: Consultant

More information

How ISO helps organisation to achieve operational readiness Ong Liong Chuan 26 Apr 2016

How ISO helps organisation to achieve operational readiness Ong Liong Chuan 26 Apr 2016 How ISO 22301 helps organisation to achieve operational readiness Ong Liong Chuan 26 Apr 2016 Copyright SP PowerGrid Ltd Threat Threat 1 Threat 2 Organisation Threat 3 2 Threat - Terrorist actions ST 19Mar16

More information

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services Virtustream Managed Services Drive value from technology investments through IT management solutions Tim Calahan, Manager Managed Services Virtustream Managed Services Your partner in delivering IT as

More information

How to Derive Value from Business Continuity Planning

How to Derive Value from Business Continuity Planning How to Derive Value from Continuity Planning Presented by Randall J. Till, Principal Till Continuity Group Spring World 2011 Disaster Recovery Journal March 28, 2011 1 BCM Challenges BCM funding is limited

More information

Business Continuity and Disaster Recovery

Business Continuity and Disaster Recovery Business Continuity and Disaster Recovery Index Section Title 1. Executive Summary 2. Policy Statement 3. Strategy 4. Governance 5. Key Documentation 6. Testing 1 Executive Summary Business Continuity

More information

Symantec Business Continuity Solutions for Operational Risk Management

Symantec Business Continuity Solutions for Operational Risk Management Symantec Business Continuity Solutions for Operational Risk Management Manage key elements of operational risk across your enterprise to keep critical processes running and your business moving forward.

More information

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist A Survival Guide to Continuity of Operations David B. Little Senior Principal Product Specialist Customer Perspective: Recovery Time & Objective Asynchronous Replication Synchronous Replication WAN Clustering

More information

VMware BCDR Accelerator Service

VMware BCDR Accelerator Service AT A GLANCE The rapidly deploys a business continuity and disaster recovery (BCDR) solution with a limited, pre-defined scope in a non-production environment. The goal of this service is to prove the solution

More information

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...

More information

CCISO Blueprint v1. EC-Council

CCISO Blueprint v1. EC-Council CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance

More information

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 22301 Lead Implementer www.pecb.com The objective of the Certified ISO 22301 Lead Implementer examination is to ensure that the candidate

More information

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS >> PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS COMPUTACENTER HELPS ORGANISATIONS INCREASE THE AVAILABILITY AND INTEGRITY OF THEIR INFORMATION ASSETS WITH NEW-GENERATION DATA PROTECTION SOLUTIONS >> PROTECT

More information

Driving Global Resilience

Driving Global Resilience Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India Chairman of the Business Continuity Institute

More information

IT123: SABSA Foundation Training

IT123: SABSA Foundation Training IT123: SABSA Foundation Training IT123 Rev.002 CMCT COURSE OUTLINE Page 1 of 8 Training Description: SABSA is the world s leading open security architecture framework and methodology. SABSA is a top-tobottom

More information

Ensuring business continuity with comprehensive and cost-effective disaster recovery service.

Ensuring business continuity with comprehensive and cost-effective disaster recovery service. Singtel Business Product Brochure Managed Disaster Recovery-as-a-Service Ensuring business continuity with comprehensive and cost-effective disaster recovery service. Singtel Managed Disaster Recovery-as-a-Service

More information

Financial CISM. Certified Information Security Manager (CISM) Download Full Version :

Financial CISM. Certified Information Security Manager (CISM) Download Full Version : Financial CISM Certified Information Security Manager (CISM) Download Full Version : http://killexams.com/pass4sure/exam-detail/cism required based on preliminary forensic investigation, but doing so as

More information

Dell helps you simplify IT

Dell helps you simplify IT Dell helps you simplify IT Workshops the first step. Reduce desktop and data center complexity. Improve productivity. Innovate. Dell IT Consulting Services New Edition 2011 Introduction Are you spending

More information

Risk Management. Continuity Management

Risk Management. Continuity Management Risk Management vs Continuity Management Marie Hélène Primeau, CA, MBCI President Premier Continuum DRJ Fall World September 12, 2011 Marie-Hélène Primeau, CA, MBCI Chartered Accountant and Member of the

More information

Defining the Challenges and Solutions. Resiliency Model. A Holistic Approach to Risk Management. Discussion Outline

Defining the Challenges and Solutions. Resiliency Model. A Holistic Approach to Risk Management. Discussion Outline Resiliency Model A Holistic Approach to Risk Management Discussion Outline Defining the Challenges and Solutions The Underlying Concepts of Our Approach Outlining the Resiliency Model (RM) Next Steps The

More information

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup. Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved FlyntGroup.com Flynt Group White Paper Bundling Arrows: Making a Business

More information

MassMutual Business Continuity Disclosure Statement

MassMutual Business Continuity Disclosure Statement MassMutual Business Continuity Disclosure Statement Overview Resiliency is a high priority at Massachusetts Mutual Life Insurance Company ( MassMutual or the Company ). To that end, significant investments

More information

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security Cyber Resiliency Minimizing the impact of breaches on business continuity Jean-Michel Lamby Associate Partner - IBM Security Brussels Think Brussels / Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation

More information

Global Statement of Business Continuity

Global Statement of Business Continuity Business Continuity Management Version 1.0-2017 Date January 25, 2017 Status Author Business Continuity Management (BCM) Table of Contents 1. Credit Suisse Business Continuity Statement 3 2. BCM Program

More information

Cloud Disaster Recovery: Public, Private or Hybrid Cloud Solutions Supporting Disaster Recovery

Cloud Disaster Recovery: Public, Private or Hybrid Cloud Solutions Supporting Disaster Recovery White Paper Cloud Disaster Recovery: Public, Private or Hybrid Cloud Solutions Supporting Disaster Recovery Table of Contents Introduction... 2 Business continuity and disaster recovery development flow...

More information

What Does the Future Look Like for Business Continuity Professionals?

What Does the Future Look Like for Business Continuity Professionals? What Does the Future Look Like for Business Continuity Professionals? October 26, 2016 Brian Zawada, FBCI President, US Chapter of the Business Continuity Institute Agenda and Objectives Change Standards

More information

Changing the Game: An HPR Approach to Cyber CRM007

Changing the Game: An HPR Approach to Cyber CRM007 Speakers: Changing the Game: An HPR Approach to Cyber CRM007 Michal Gnatek, Senior Vice President, Marsh & McLennan Karen Miller, Sr. Treasury & Risk Manager, FireEye, Inc. Learning Objectives At the end

More information

THE POWER OF TECH-SAVVY BOARDS:

THE POWER OF TECH-SAVVY BOARDS: THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES

More information

Designing and Building a Cybersecurity Program

Designing and Building a Cybersecurity Program Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity

More information

2015 HFMA What Healthcare Can Learn from the Banking Industry

2015 HFMA What Healthcare Can Learn from the Banking Industry 2015 HFMA What Healthcare Can Learn from the Banking Industry Agenda Introduction- Background and Experience Healthcare vs. Banking The Results OCR Audit Results Healthcare vs. Banking The Theories Practical

More information

GDPR Update and ENISA guidelines

GDPR Update and ENISA guidelines GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure

More information

Reference Architecture for the Operationalization of a BCMS. Boban Kršić, Chief Information Security Officer. verinice.xp - Berlin, 07.

Reference Architecture for the Operationalization of a BCMS. Boban Kršić, Chief Information Security Officer. verinice.xp - Berlin, 07. Reference Architecture for the Operationalization of a BCMS Boban Kršić, Chief Information Security Officer verinice.xp - Berlin, 07. February 2017 DENIC Mission Founded in 1996 as a cooperative in Frankfurt

More information

STATE ENERGY RISK ASSESSMENT INITIATIVE ENERGY INFRASTRUCTURE MODELING AND ANALYSIS. National Association of State Energy Of ficials

STATE ENERGY RISK ASSESSMENT INITIATIVE ENERGY INFRASTRUCTURE MODELING AND ANALYSIS. National Association of State Energy Of ficials STATE ENERGY RISK ASSESSMENT INITIATIVE ENERGY INFRASTRUCTURE MODELING AND ANALYSIS Alice Lipper t Senior Technical Advisor Of fice of Electricity Deliver y and Energy Reliability (OE) US Depar tment of

More information

Department of Management Services REQUEST FOR INFORMATION

Department of Management Services REQUEST FOR INFORMATION RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President

More information

IT Consulting and Implementation Services

IT Consulting and Implementation Services PORTFOLIO OVERVIEW IT Consulting and Implementation Services Helping IT Transform the Way Business Innovates and Operates 1 2 PORTFOLIO OVERVIEW IT Consulting and Implementation Services IT is moving from

More information

Security Metrics Framework

Security Metrics Framework HP Enterprise Services Metrics Framework Richard Archdeacon October 2012 Effective Spending: Better metrics allow intelligent spending on security that matters The current primary focus of information

More information

Whitepaper. Contents. Foreword. Introduction. Business ContinuITy

Whitepaper. Contents. Foreword. Introduction. Business ContinuITy Whitepaper Contents Business ContinuITy 1 Foreword 1 Introduction 1 What is Business Continuity Management? 2 Components of IT Business Continuity Management 2 Role of Vendors in BCM 5 Bringing BCM to

More information

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing

More information

DATACENTER SERVICES DATACENTER

DATACENTER SERVICES DATACENTER SERVICES SOLUTION SUMMARY ALL CHANGE React, grow and innovate faster with Computacenter s agile infrastructure services Customers expect an always-on, superfast response. Businesses need to release new

More information

IT DISASTER RECOVEry IMPLEMENTER

IT DISASTER RECOVEry IMPLEMENTER IT DISASTER RECOVEry IMPLEMENTER COMPETENCY LEVEL COMPETENCY WHICH LEVEL SHOULD I BE STARTING MY BUSINESS CONTINUITY TRAINING? KNOW DO DRP-200 DRP-300 I am new to IT Disaster Recovery Planning (IT DRP)

More information

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:

More information

Implementing a BCM Programme

Implementing a BCM Programme Implementing a BCM Programme EPICC Vancouver BC April 2009 Russ Stewart UK Head of Continuity Safety & Security Europe KPMG LLP Russell.stewart@kpmg.co.uk 1 Implementing a BCM Programme Lots of good stuff

More information

MITIGATE CYBER ATTACK RISK

MITIGATE CYBER ATTACK RISK SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations

More information

The Common Controls Framework BY ADOBE

The Common Controls Framework BY ADOBE The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.

More information

COPE-ing with Cyber Risk Exposures

COPE-ing with Cyber Risk Exposures COPE-ing with Cyber Risk Exposures Russ Cohen, Chubb Ron Bushar, Mandiant Consulting September 22, 2016 1 Agenda The Challenge Transforming COPE to Cyber COPE Evaluating Risk for Cyber COPE Questions 2

More information