Driving Global Resilience

Similar documents
Promoting the Art and Science of Business Continuity Management Worldwide. Partner of the DRJ

What Does the Future Look Like for Business Continuity Professionals?

The BCI Certification and Solutions

Business Continuity Management: How to get started. Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018

,000+ What is the BCI Corporate Partnership? What are the benefits of becoming a Corporate Partner? Levels of Partnership

Implementation of Business Continuity Management System (BCMS) based on ISO 22301:2012 requirements

HENRY EE, FBCI, CBCP

Global Statement of Business Continuity

NOW IS THE TIME. to secure our future

CBCI Certification Course (GPG)

Association for International PMOs. Expert. Practitioner. Foundation PMO. Learning.

THE TRUSTED NETWORK POWERING GLOBAL SUPPLY CHAINS AND THEIR COMMUNITIES APPROVED EDUCATION PROVIDER INFORMATION PACK

Association for International PMOs. Expert. Practitioner. Foundation PMO. Learning.

Facilities Management and Business Continuity. 10 May 2017

B13: The Case for Integration Converting the BCM Silo into an Enterprise Risk Foundation

Global Security Consulting Services, compliancy and risk asessment services

Policy. Business Resilience MB2010.P.119

BCI Global Research Summary Key Trends, Influences and Conclusions Affecting the Profession

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

Enterprise resilience and the role of Standards

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Sample Exam Privacy & Data Protection Foundation

CERTIFICATE IV IN COMPLIANCE & RISK MANAGEMENT

ROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success.

Paul Shillcock Transport for London, UK

Business Continuity and Disaster Recovery

Collaborative Working presentation for CIPS. Bob Meakes I C W Associate Director

Business Continuity Management

Professional certification from BCS, The Chartered Institute for IT. bcs.org/certification

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

THE POWER OF TECH-SAVVY BOARDS:

Reference Framework for the FERMA Certification Programme

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Session 5: Business Continuity, with Business Impact Analysis

Security Director - VisionFund International

PROFESSIONAL REGISTRATION OPPORTUNITIES

APMP Certification. Webinar presentation by: Mark Wigginton Regional Director, Shipley Associates September 11, 2013

Risk Advisory Academy Training Brochure

STRATEGIC PLAN. USF Emergency Management

CURRICULUM VITAE. Central European University, Graduate School of Business - Budapest Hungary From To September 2002 December 2003

MSc Digital Marketing

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

Risk Management. Continuity Management

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.

Principles for BCM requirements for the Dutch financial sector and its providers.

Using International Standards to Implement a Business Continuity Management System (BCMS)

Parkroyalon Kitchener Road 5th December 2007

MSc in Compliance Postgraduate education 2014/2015

Incident Response. Tony Drewitt Head of Consultancy IT Governance Ltd

ISO/IEC JTC 1 N 13145

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

TSC Business Continuity & Disaster Recovery Session

BCS EXIN ITAMOrg Software Asset Management Specialist Syllabus Version 1.1 December 2016

Building a BC/DR Control Library and Regulatory Response Program

KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)

A guide to. exemptions

ISSP Sustainability Professional Credentials UPDATE: March 20, 2019

TEL2813/IS2820 Security Management

ISTQB in a Nutshell. ISTQB Marketing Working Group. February 2012 v10

- OQSF - Occupational Qualifications Sub-framework

Policy Title; Business Continuity Management Policy. Date Published/Reviewed; February 2018

How to apply for professional membership and registration. 22 October 2018 Terry Winter Membership Manager

MHA Consulting BCM Metrics Resiliency Through Measurement

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

Our Vision Professional Community

Find out more about APM qualifications and keep up to date with the latest developments at apm.org.uk/apmqualifications

in Compliance Management NSW Associate Intensive (AGRCI)

A Working Paper of the EastWest Institute Breakthrough Group. Increasing the Global Availability and Use of Secure ICT Products and Services

BCS Specialist Certificate in Change Management Syllabus

BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW

PMSA CONTINUOUS PROFESSIONAL DEVELOPMENT FRAMEWORK

Defining FM Excellence

An Overview of ISO/IEC family of Information Security Management System Standards

SOLUTION BRIEF Virtual CISO

TABLE OF CONTENTS ONLY IT Resiliency Benchmarking Report

Recertification Handbook

Exclusive Fast Track Opportunity for CEng Professionals - Gain a recognised Level 5 Diploma in Management and Leadership Qualification

Security Management Models And Practices Feb 5, 2008

BCS Certificates in VeriSM Foundation, Essentials and Plus

Position Description IT Auditor

ISO9001:2015 LEAD IMPLEMENTER & LEAD AUDITOR

ICT Mentors e-learning portfolio provides our delegates with materials for study at the comfort of their homes, work place etc.

When Recognition Matters WHITEPAPER ISO SUPPLY CHAIN SECURITY MANAGEMENT SYSTEMS.

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Effective COBIT Learning Solutions Information package Corporate customers

What is ITIL. Contents

SOC for cybersecurity

Practitioner Certificate in Business Continuity Management (PCBCM) Course Description. 10 th December, 2015 Version 2.0

Foundation. Become a ITIL Foundation Certified Professional from our exclusive 2 full day. conducted by authorized faculties from APMG.

COURSE BROCHURE. COBIT5 FOUNDATION Training & Certification

SECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives

ISO 9001 Auditing Practices Group Guidance on:

Pronouncement 7 CPD v3.0

PROTERRA CERTIFICATION PROTOCOL V2.2

Enabling Open Standards at Scale

ISO Business Continuity Management System

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

Revisit the Foundations of ITSM SMSG

Security and Privacy Governance Program Guidelines

Transcription:

Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India

Chairman of the Business Continuity Institute A member of the BCI Board since 2002 (previously Chairman from 2004-2006) Fellow of the BCI since 2000 Director of Mellish Risk & Resilience Ltd. Associate Lecturer The Emergency Planning College More than 20 years experience leading business continuity in the retail, financial and logistics sectors Introduction

Agenda Introduction About the BCI International Standard ISO 22301 The Good Practice Guidelines (GPG:2013) Supply Chain Survey 2013 Conclusion

Introduction About the BCI Established in 1994 8,000 members in over 100 countries Approximately 3,000 organizations represented Offices in the UK and US

The BCI Strategy Our Purpose: To promote the art and science of Business Continuity Worldwide Our Vision: To be the professional body of choice for Business Continuity professionals Our Values are: Membership Focused - Where our members are at the heart of everything we do Quality Led - Consistently delivering a high value, independent service Global Reach - Building a worldwide community of influential thought leaders Our Goals are: To deliver a consistent BCI experience for members to develop and enhance their qualifications and expertise To strengthen the BCI s role as the global thought leader for business continuity To increase the BCI s global influence within both mature and emerging markets which will be reflected by a growth in membership and retention of members

About the BCI Accreditation Get your professional and technical competency accredited Recognition and Status Achieve global recognition of your professional status Powerful networking join a network of over 8,000 BC professionals Career Advancement Benefit from a range of transformational professional development opportunities Improve your skills Enhance your skills and knowledge with the BCI CPD and Mentoring programmes Have your say Participate in member surveys and BCI research Grow your business Generate new business leads and win new contracts Save Money Benefit from some significant member discounts Be the first to know Keep up to date with latest BC trends and developments with BCI communications Exclusive Access Benefit from exclusive access to the BCI Members Area Share, Learn and Exchange Best Practice from your peers

International Standard for BCM

BCI Survey 2012 Study 1 (July 2012) What does the current landscape look like with respect to the adoption of BCM standards? How is ISO 22301 likely to be received by the BCM community? What are going to be the benefits and difficulties in adopting ISO 22301? Study 2 (November 2012) Who is involved in the decision making process and the development of a business case for adoption? What transition issues were perceived to be challenging in moving from the earlier British Standard BS 25999? The reasons that are given for not following ISO 22301?

ISO brand is seen as a positive for BCM Base: 556. Strongly agree and agree combined totals A common language to work internationally with customers, suppliers and internally (85%) BCM has come of age: a mature, globally recognised discipline (73%) Customers understand and value the ISO brand (69%) 4. It helps drive business improvement and performance (67%) 5. Stakeholders or interested parties understand the ISO brand (63%) 6. Our management understand and value the ISO brand (62%) July 2012

There s enthusiasm to align to the ISO Certification levels are forecast to treble over three years Yes, we will Don t know We will not do this Certify Comply Align Base: 546

Issues in moving to ISO 22301 Decision making process 75% need to convince someone outside the discipline Business case requirement 48% need a business case Transition issues Documentation and education updates New thinking risk appetite, measurement, engaging Top Management, supply chain and outsourcing Reasons to not go down the ISO path No drivers (customer, regulatory) Satisfied with current approach (in-house or another standard)

BCI Survey 2013 Study 3 (September 2013) Understand if the initial views and findings had changed based on real experience 417 responses received from 61 different countries 15 different industry sectors included Results announced at BCM World Conference in November 2013

Key Findings Interest in the standard remains high Alignment to the standard is the dominant intention rather than comply or certify 60% of respondents prefer a bespoke, in-house approach Funding for ISO 22301 is not high on a company s agenda Standard is seen as good but better ROI measures are required

The BCI Good Practice Guidelines 2013 A Guide to Global Good Practice in Business Continuity The most comprehensive and independent view of current thinking in Business Continuity (BC) Written by BC professionals for BC professionals Body of knowledge for Business Continuity Used in training and examining individuals and organizations Reference material for Academic institutions BCI Good Practice Guidelines 2013 14

Why do we produce the GPG? National and International standards for BC Legal and regulatory requirements to have BC GPG is an independent view of thinking in the discipline Enhances and complements existing and emerging standards in BC, Governance, Crisis Management, Incident Management, Emergency Planning, Organizational Resilience, Risk and Compliance. Is the foundation for certification and training for BC professionals worldwide BCI Good Practice Guidelines 2013 15

The BCM Lifecycle: improving organizational resilience GPG: 2013

Responsibilities of Top Management Setting strategic objectives and resources for Business Continuity The importance of the BIA and a stronger link to the organizations approach to risks and threats Resource requirements, skills and competence of people involved Training, awareness and communications Document management Exercising and testing GPG 2013 alignment to ISO 22301 Monitoring performance and measuring value of BC 17

The BCI Good Practice Guidelines (GPG) 2013 Provides not just the what to do, but answers the why, how and when of good BC practice Reflects current global thinking in BC; aligned to ISO 22301:2012, the new international standard for Business Continuity Management BCI Good Practice Guidelines 2013 18

5 th Annual Survey Supply Chain Resilience 2013 Published November 2013

Introduction - Respondent Profile Respondents are based in 71 countries Respondents work in all 15 SIC sectors offered

Almost 90% of respondents experienced an unplanned IT or telecom outage with 55% recording it as causing high or some impact

42% of disruption originated below Tier One Of 257 analysed cases of disruption, 42% originated below the immediate tier one supplier. This shows a slight increase on levels below Tier One compared with findings in 2012 and 2011. Some examples provided of tier two events were around quality control and power outages affecting suppliers as well as failure of banking networks.

IMPACTS 9% single event loss > 1M 9% experienced a single event loss of more than 1M. This compares with 21% in 2012 and 17% in 2011.

20% don t collect BC information Respondent comments: Self-assessment questionnaires have only been used with respect to pandemic preparedness. For the most part, we rely on supplier BC plan documentation, information on test cycles and SOC/Audit reports. All key suppliers will complete a questionnaire and those categorised as 'High' will be subject to independent audit. We do a little of all listed above, however, it is not a coordinated effort, we are in the process of coordinating this now.

Supplier BC information varies with the criticality of the supplier. Only 31% settle for the presence of a BCP

Final Thoughts Supply Chain failure remains a key performance issue for business Tier 2 suppliers and beyond potentially increasing issue Consistent top management support is required to make a change Little improvement in recording, measuring and reporting supplier disruptions Methods to identify critical supplies and suppliers remain inconsistent Professional Procurement can play a key role

Conclusion The BCI is the largest international institute for business continuity professionals Main intent currently is to align to ISO 22301 The BCI Good Practice Guidelines takes the standard and applies real experience BCI thought leadership encourages resilience through innovative tools and techniques Much work to be done to increase supply chain resilience We all want our organizations to be as resilient as possible join and contribute!

Thank You

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback