WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY. Integrating Resiliency into Our Culture and DNA

Similar documents
CONFIDENTLY INTEGRATE VMWARE CLOUD ON AWS WITH INTELLIGENT OPERATIONS

VMware Cloud Operations Management Technology Consulting Services

Session 5: Business Continuity, with Business Impact Analysis

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Professional Services for Cloud Management Solutions

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

Appendix 3 Disaster Recovery Plan

REDUCE TCO AND IMPROVE BUSINESS AND OPERATIONAL EFFICIENCY

L18: Integrate Control Disciplines to Increase Control and Save Money

STREAMLINING THE DELIVERY, PROTECTION AND MANAGEMENT OF VIRTUAL DESKTOPS. VMware Workstation and Fusion. A White Paper for IT Professionals

Our key considerations include:

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery

Business continuity management and cyber resiliency

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

VMware NSX: Accelerating the Business

STRATEGIC PLAN. USF Emergency Management

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

VMware vcloud Air Accelerator Service

DISASTER RECOVERY- AS-A-SERVICE FOR VMWARE CLOUD PROVIDER PARTNERS WHITE PAPER - OCTOBER 2017

BCM s Role in Effective Risk Management: A Risk Manager s Point of View

Global Statement of Business Continuity

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Best-in-Class Crisis Preparation: Maximize Readiness with the Four T s. Business Continuity Readiness Overview

WHITE PAPER OCTOBER 2016 MAKING THE INTELLIGENT DECISION. vrealize Network Insight

EXPLORING MONITORING AND ANALYTICS VMware Horizon

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Organizing for the Cloud

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

Build a viable plan for disaster recovery and crisis management.

BUSTED! 5 COMMON MYTHS OF MODERN INFRASTRUCTURE. These Common Misconceptions Could Be Holding You Back

Prepare your Emergency respons, continuity plan, recovery plan

Building a BC/DR Control Library and Regulatory Response Program

A Model for Resilience

Advanced Architecture Design for Cloud-Based Disaster Recovery WHITE PAPER

VMware BCDR Accelerator Service

10 QUESTIONS, 10 ANSWERS. Get to know VMware Cloud on AWS The Best-in-Class Hybrid Cloud Service

MODERNIZE INFRASTRUCTURE

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

Explore Resilience and Risk Management Around the World

Business Continuity Management Program Overview

Business Continuity Planning

How to Derive Value from Business Continuity Planning

How to Embed BCP: A Strategic Roadmap. Content

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

VMware vcloud Air SOC 1 Control Matrix

TSC Business Continuity & Disaster Recovery Session

3.4 DISASTER RECOVERY (L , M.3.9, comp_req_id 806)

Continuity of Business

HOW MIDSIZE ORGANIZATIONS CAN MEET COMPLIANCE REQUIREMENTS AND ENHANCE CYBERSECURITY WITH MICRO-SEGMENTATION WHITE PAPER FEBRUARY 2018

THE POWER OF TECH-SAVVY BOARDS:

Configuring OneSign 4.9 Virtual Desktop Access with Horizon View HOW-TO GUIDE

Policy-Based Security, Compliance, and Risk Management

TECHNICAL WHITE PAPER AUGUST 2017 VMWARE APP VOLUMES 2.X DATABASE BEST PRACTICES. VMware App Volumes 2.x

NORTH CAROLINA NC MRITE. Nominating Category: Enterprise IT Management Initiatives

INTELLIGENCE DRIVEN GRC FOR SECURITY

Branch Office Desktop

THREE-PART GUIDE TO DEVELOPING A BYOD STRATEGY WHITE PAPER FEBRUARY 2017

Integration of Business Continuity, Emergency Preparedness, and Emergency Response

Security Director - VisionFund International

RSA Advanced Cyber Defence Summit

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

JSC THE JUSTICE & SAFETY CENTER. Snapshot 2014

VMware AppCatalyst Technical Preview June 2015 TECHNICAL WHITE PAPER

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016

Implementing a BCM Programme

Security and Privacy Governance Program Guidelines

VMWARE HORIZON CLOUD SERVICE HOSTED INFRASTRUCTURE ONBOARDING SERVICE SILVER

Introduction. Overview. Every Crisis Management Team Needs a Critical Decision Checklist. Presented by Roseanne Rostron, CBCP President Raido Response

What s New in VMware vcloud Automation Center 5.1

What s New in VMware vsphere Availability

Florida State University

Information Technology Disaster Recovery Planning Audit Redacted Public Report

Turning Strategic Insight Into Business Impact

Facilities Management and Business Continuity. 10 May 2017

Implementing a Global Business

What s New in VMware vsphere 5.1 VMware vcenter Server

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

Accelerating the Business Value of Virtualization

VMWARE CLOUD FOUNDATION: THE SIMPLEST PATH TO THE HYBRID CLOUD WHITE PAPER AUGUST 2018

Disaster Recovery and Business Continuity Planning (Mile2)

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Table of Contents. Sample

SIEM: Five Requirements that Solve the Bigger Business Issues

BREAK OUT OF THE NETWORK UPGRADE CYCLE OF THE PAST. Modernize Your Network with a Software-First Approach

Cyber Resilience. Think18. Felicity March IBM Corporation

CERT Organization. CERT Basic Training Unit 6

BUSINESS CONTINUITY. Topics covered in this checklist include: General Planning

What Does the Future Look Like for Business Continuity Professionals?

Symantec Data Center Transformation

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

VMware Infrastructure 3

A Whole of Community Framework for Catastrophic Preparedness, Planning & Response

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI

Max Security Solutions

Accelerate Your Enterprise Private Cloud Initiative

Business Continuity Planning Keeping Pace with New Technology

MITIGATE CYBER ATTACK RISK

Transcription:

WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY Integrating Resiliency into Our Culture and DNA

Table of Contents Executive Summary.... 3 Background.... 4 Charter.................................................................4 Key Objectives.... 5 Risk Management 5 Governance 6 Organizational Awareness 6 Summary.... 6 WHITE PAPER 2

Resiliency isn t about being perfect; it s about making continuous progress. Executive Summary VMware executive leadership sponsored the launch of an enterprise resiliency (ER) program in 2015. The program launch was in response to the company s rapid global growth and the increasingly volatile world in which we live. Today the ER program is focused on improving the company s resiliency and preparedness toward potentially business-disrupting events. The ER program brings together the company s business continuity, disaster recovery, emergency response, and crisis management programs under a common governance framework. This common governance framework drives stronger alignment among the programs and provides better visibility to executive staff and other key stakeholders. Beginning in the company s headquarters in Palo Alto, the program has grown and is now in operation across the globe. Given the inherent uncertainty about the timing and impact of business-disrupting events, the program focuses on aligning key stakeholders on the acceptable level of risk for the company and then driving development of business continuity plans, emergency management, and response plans to address identified risks. Plans undergo regular testing, ranging from plan evaluations using a variety of disrupting scenarios to global integrated drills. Another key component of the program is driving organizational awareness so employees are aware of their role in making the company more resilient and are familiar with the basic steps they should take if they find themselves in an emergency. WHITE PAPER 3

Background Like most companies, VMware historically had separate business continuity, crisis management, disaster recovery, and safety and security programs. Although they were all doing great work, they were operating in silos with limited interaction with each other. There were varying levels of maturity within each program and a lack of clear visibility to company executives and the board. We realized we needed a different approach since the company had grown rapidly and the world was becoming much more complex. We launched an enterprise resiliency program aimed at bringing these disparate programs under a common governance framework to drive better alignment and synergies between them and provide better visibility to our executive team and key stakeholders. Charter Ensure that VMware is adequately prepared for a critical business disruption so that its people, processes, systems, facilities, and other assets are able to respond, recover, and resume operations safely and efficiently; and make sure that there is effective communication with all stakeholders, thus minimizing financial, customer, brand, and operational impact to the company. Over time, integrate enterprise resiliency into our culture and DNA. (See Figure 1.) Business Continuity (Functions, Sites) Emergency Response (Safety & Security) Building evacuation Rescue, medical, and security duties Account for personnel Facility assessment Initial diagnosis Crisis Management Notification of CMT response Coordination with impacted areas Status reports to exec staff Provides direction on recovery of business units or lines of business Provide status updates to EMT teams and business units Disaster Recovery (Technology) Manage recovery of critical technology Provide status updates to EMT teams Figure 1. Responding to a Major Business Disruption WHITE PAPER 4

Key Objectives Risk Management The ER program is responsible for making sure that VMware is adequately prepared to respond to and recover from major business disruptions that could result from a set of top business continuity risks the company tracks. This is primarily achieved by developing, periodically testing, and continuously improving crisis management plans for each of the top risks. At a high level, these plans include a risk assessment, industry best practices, key internal and external contacts, and specific steps that need to be taken if that risk materializes. These plans are initially developed at a global level and then made available to all key sites across the world so they can be tailored as needed for those sites. In addition, the ER program addresses other programmatic risks. For example, the ER team drove a significant restructuring of the Crisis Management (CMT) program to align it with industry best practice and make it appropriate for the size and complexity of VMware (Figure 2). CMT Executive Team Incident Command (The Decision Makers) CMT program structure is built based on Incident Command System (ICS) Framework, created to ensure VMware is ready and able to respond to, recover, and resume normal operations in the event of a significant global critical business disruption. Operations (The Doers) Manages all tactical operations for an incident (e.g., SAS/ERT, DR, BC, field, business units, sales) Safety Officer Communication Officer Planning (The Thinkers) Plans, evaluates, and provides status of incident (e.g., ops PMO) Logistics (The Getters) Liaison Officer Provides all logistical support needs (e.g., communications, HR, legal, facilities [REW], marketing) Finance (The Payers) Manages all financial aspects of incident (e.g., FP&A, risk management, investor relations) Tier 1 Sites Tier 1 sites follow same framework, customized for their respective region and roll up to global CMT Figure 2. Crisis Management Program Structure WHITE PAPER 5

LEARN MORE Email resiliency@vmware.com to learn more about the VMware journey towards becoming a resilient enterprise. Governance The ER program (Figure 3) brings together related programs, including business continuity planning (BC), disaster recovery (DR), crisis management team (CMT), and emergency response team (ERT), under a common governance framework. Executive Steering Committee Enterprise Resiliency (ER) Business Continuity (BC) Disaster Recovery (DR) Crisis Management (CMT) Emergency Response (ERT) Other Stakeholders / Supporting Functions Finance Communications Internal Audit R&D Others Figure 3. Enterprise Resiliency Charter and Governance Each program now has a documented charter and clearly defined roles and responsibilities to ensure there are no overlaps between the programs yet at the same time things do not fall through the cracks. The ER program brings each of these programs together on a regular basis to stay aligned on priorities, goals, and initiatives and quickly address any issues. Key highlights and major issues across all programs are brought to the attention of key stakeholders and the steering committee in a unified view to get due recognition for the programs and to ensure prompt disposition of major issues. Organizational Awareness Every employee has a role to play in driving resiliency in a large company. Recognizing this, a key focus area for the ER program is to drive awareness across our employee population about the critical role they all have to play in making and keeping VMware resilient. We do this through a global awareness, communication, and training program aimed at providing employees the knowledge and resources to keep themselves, their families, and their company safe and resilient. Summary Since the launch of its enterprise resiliency program, VMware has made rapid strides in understanding its top business continuity risks, developing plans to address them, bringing together related programs under a common governance framework, and increasing organizational awareness. Although there is a lot more work to do, we are well on our way to becoming a resilient enterprise. Solid support from executive management, strong program leadership, and a focused global program team working in close partnership with key stakeholders have been the key ingredients of this successful journey. WHITE PAPER 6

VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright 2017 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. and its subsidiaries in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: 59620vmw-wp-EnterpriseResiliency-uslet-103 10/17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback