Keeping it Simple Driving BCM Program Adoption Through Simplification

Similar documents
Business Continuity Management Program Overview

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

Disaster Recovery and Business Continuity Planning (Mile2)

Introduction to Business continuity Planning

BCM Program Development

Best-in-Class Crisis Preparation: Maximize Readiness with the Four T s. Business Continuity Readiness Overview

Continuity of Business

TSC Business Continuity & Disaster Recovery Session

Introduction. Overview. Every Crisis Management Team Needs a Critical Decision Checklist. Presented by Roseanne Rostron, CBCP President Raido Response

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

Appendix 3 Disaster Recovery Plan

Our key considerations include:

Business Continuity Management Standards A Side-by-Side Comparison

Table of Contents. Sample

How to Derive Value from Business Continuity Planning

Business Continuity Planning Keeping Pace with New Technology

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy

BCM s Role in Effective Risk Management: A Risk Manager s Point of View

Information Technology Disaster Recovery Planning Audit Redacted Public Report

Dell helps you simplify IT

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Session 5: Business Continuity, with Business Impact Analysis

Business Continuity Policy

3.4 DISASTER RECOVERY (L , M.3.9, comp_req_id 806)

Building a BC/DR Control Library and Regulatory Response Program

SOLUTION BRIEF RSA ARCHER BUSINESS RESILIENCY

NORTH CAROLINA NC MRITE. Nominating Category: Enterprise IT Management Initiatives

National Level Exercise 2018 After-Action Findings

BCP At Bangkok Bank, Thailand

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

NUIT Tech Talk. Emergency Preparedness. March 1, Sharlene Mielke. Jay Bagley. Disaster Recovery / Business Continuity Coordinator

NW NATURAL CYBER SECURITY 2016.JUNE.16

Leveraging ITIL to improve Business Continuity and Availability. itsmf Conference 2009

The Office of Infrastructure Protection

Incident Response Services

TUFTS HEALTH PLAN CORPORATE CONTINUITY STRATEGY

Are Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments

How to Conduct a Business Impact Analysis and Risk Assessment

November 14, Emergency Management and Hurricane Irma. Florida Human Resources People and Strategy (FLHRPS)

WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY. Integrating Resiliency into Our Culture and DNA

S&T Stakeholders Conference

Florida State University

MassMutual Business Continuity Disclosure Statement

Business Continuity and Disaster Recovery

Global Statement of Business Continuity

Emergency Management Program Letters of Recognition

SM04: Transforming Your Security Command Post into a Strategic Information Nerve Center

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

Introduction to Business Continuity Management

Prepare your Emergency respons, continuity plan, recovery plan

Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery

Implementing a BCM Programme

Railroad Infrastructure Security

INTELLIGENCE DRIVEN GRC FOR SECURITY

INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) DISASTER RECOVERY POLICY AND PROCEDURES

Role of BC / DR in CISRP. Ramesh Warrier Director ebrp Solutions

Business Continuity: How to Keep City Departments in Business after a Disaster

Mississippi Emergency Management Agency. Brittany Hilderbrand & Kamika Durr. Office Of Preparedness

Business Continuity - An Inside Perspective

Business Continuity Management

CIO Guide: Disaster recovery solutions that work. Making it happen with Azure in the public cloud

NERCPI Regional Cyber Disruption Planning.

Business Continuity Planning

Business continuity management and cyber resiliency

eplus Managed Services eplus. Where Technology Means More.

Best Practices for Incident Communications: Simplifying the Mass Notification Process for Government

Mississippi Emergency Management Agency. Shawn Wise. Office Of Preparedness

VMware vcloud Air Accelerator Service

Emergency Management & Disaster Planning

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

For ACP-South Texas chapter program meeting in October 2012 only. Do not cite, copy or distribute without the author's consent. 1

New Madrid Earthquake Catastrophic Planning Project Overview

Facilities Management and Business Continuity. 10 May 2017

Healthcare IT Optimization: 6 Mistakes to Avoid Along the Way

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

RECENT HURRICANE CASE STUDIES: IMPACT OF BUSINESS RECOVERY PLANNING AND TESTING. Dan Perrin, Regus Stephanie Samuels, Voya

Using ITIL to Measure Your BCP

Implementing a Global Business

Chapter 1. Chapter 2. Chapter 3

PECB Change Log Form

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Promoting the Art and Science of Business Continuity Management Worldwide. Partner of the DRJ

Whitepaper. Contents. Foreword. Introduction. Business ContinuITy

Business Impact Analysis (BIA)

Disaster recovery planning for health care data and HIPAA compliance regulations

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Business Continuity Risk Management IT Service Continuity

DISASTER RECOVERY PRIMER

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

Sage Data Security Services Directory

SECURITY INCIDENT MANAGEMENT. Solution Primer. Jenn Black. Senior Research AnalystSolutions Research and Development Office of the CISO, Optiv

Ever Vigilant. The Pursuit of Enterprise Resiliency

2 ESF 2 Communications

IT Management Excellence. Contents are subject to change. For the latest updates visit Page 1 of 7

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Policy. Business Resilience MB2010.P.119

Emergence of Business Continuity to Ensure Business and IT Operations. Solutions to successfully meet the requirements of business continuity.

Template. IT Disaster Recovery Planning: A Template

Transcription:

Keeping it Simple Driving BCM Program Adoption Through Simplification This case study will discuss how Time Warner Cable has redesigned the BCM program to focus on simplicity in planning and preparation and streamlined response requirements. The new program makes the plan creation process easier for the departments creating plans and has driven greater executive support and departmental participation in the overall BCM program. Rachelle Loyear MBCP, MBCI, PMP

Outline Past BCM Structure and Issues Lessons Learned from Hurricane Sandy Current BCM Structure and Benefits 2

Past Structure - Aligned Geographically Multiple BCM Managers implementing all program components in local footprints including: BIA / Risk Assessment BCM and DR Planning BCM Training and Personal Preparedness Plan Testing and Exercising Crisis Response Coordination Public / Private Partnerships Issues Lessened enterprise uniformity of program. Inconsistent messaging BCM team continually focus-switching across program components Functional Area SMEs are not BCM experts BCM responsibilities added to full plates for non-bcm personnel Executive support high / but low adoption at the front line level 3

Past Structure BCM Software Platform Software Program / Planner End Users Organization Structure BIA Risk Assessments Plans Issues Training Time Performance Issues Changing SMEs Complex Requirements / Extensive Plans Non-Uniform planning (levels of detail) 4

And Then 5

Sandy Landfall 6

Paidge Avenue Flooding 7

BCM Lesson 1: Hurricane Sandy Lessons Learned Your BCM plan will not serve as a floatation device. Bigger does not always equal better. Plans stayed on the shelf. Important considerations were overlooked. 8

BCM Lesson 2: Hurricane Sandy Lessons Learned Local Assessment and Response Personnel in place had the best insight to the needs. 9

BCM Lesson 3: Hurricane Sandy Lessons Learned Recovery personnel are better used to recover Endless conference calls do not aid recovery. Not everyone needs to be on every call. 10

BCM Program Changes RESPONDING TO LESSONS LEARNED 11

BCM Program Changes Functional Department Alignment BCM Planning Model Localized Response / Management Teams Emergency Response Program 12

Functional Alignment Single BCM Manager implementing single program component enterprise-wide Planning Responsible for defining BCM plan structure, templates, checklists, teams and other planning requirements. Responsible for assisting all Enterprise functional areas, facilities and crisis teams with plan creation and instituting and monitoring an annual maintenance /update schedule for all business continuity plans. Training, Testing, and Crisis Response Responsible for training all Crisis Management Team members across the TWC enterprise in crisis recovery responsibilities and for designing, planning, scheduling and facilitating annual BCM testing at the market level and any required ad hoc business process testing as needed / on demand and providing post-test reviews, action item tracking, and readiness reports. Response Readiness and Crisis Logistics Responsible for identifying vital assets and TWC needs/ method of protection and resource requirements for replacement of critical functions. Manages contingency contracts / vendor relationships for enterprise response plans. Manages the BCM emergency equipment program. Coordinates matrixed employees to oversee the local / state OEM / EOC representation. 13

Functional Alignment Benefits Single BCM Manager implementing single program component enterprise-wide Centralized function, control and delivery of program procedures and requirements. Top Down Implementation Single BCM point of contact for TWC Operations and Support departments ensures standardization of message and deliverables planning across the enterprise. Function-based program allows focus on excellence in the program component span of control Consistent Messaging 14

BCM Planning Model BIA Risk Assessment Universal Plans / Checklists Function / Team Specific Plans Interview Methodology 15

Business Impact Analysis / Risk Assessment Less Detailed Coverage BIA 8 pages of BIA questions to a single sheet. Scoring matrix based on plain language questions Risk Assessment Only for high BIA areas. 16

BIA / Risk Assessment 17

BIA / Risk Assessment Benefits BIA / Risk Assessment Limited questions find risks more effectively. Key points not obscured by extraneous information. Interview model minimizes overthinking. Scoring model allows uniform comparison. 18

Emergency Response Plans / Checklists Subsidiary Response Plan Reputation Incident Response Plan Business Operation Response Plans Local Market Facilities Functions / Departments Earthquake Incident Response Checklist Executive Crisis Management Team Data Loss Incident Response Plan Sever Weather Response Checklist Critical Infrastructure Incident Response Plan Pandemic Incident Response Checklist Cyber Incident Response Plan

Universal Checklists 20

Planning Checklist Benefits Universal Considerations Ensures all aspects of crisis are covered on management calls. Personnel not directly involved in recovery can ensure any overlooked items are addressed. Multiple functions contribute to checklists. Updates after any exercise or event feed future events. 21

Function / Team Specific Plans Simple Tool InfoPath in SharePoint Shortened Plan Templates Immediate Recovery Template 6 sections Delayed Recovery Template 3 sections Interview Based / BCM Team Completes 22

23

Function Plan Benefits Simplified Form Less time required from SMEs. 2 to 3 hour meetings vs. weeks of time in old plans. Interview Model SME does not need BCM expertise, only knowledge of their area. Less stress for function SMEs. Group interviews allow for more robust plans. discussion draws out ideas. Better maintenance of plans by having quarterly checks for things such as POC information, etc., BCP is treated as a living document. 24

Local Crisis Assessment Team (CAT) The CAT assesses potential crisis events and determines whether the business impact is such that it can be dealt with locally by the local Crisis Response Team (CRT), or if it requires activation of the wider geographic market Crisis Management Team (CMT). Assessments are based on local trigger events. Triggers and team activation processes may differ geographically and are outlined in each individual CAT plan document. 25

Escalation Flow CAT > CRT > CMT The role of the CRT / CMT is to manage the response to / recovery from any business impacting disaster or crisis as outlined in the business continuity and disaster recovery plans that are in place across the TWC enterprise. Escalations can expand geographically or hierarchically. 26

Emergency Response Centralized call bridge management. Local technical operations centers have local visibility. National Operations Center for market events. CAT / CRT / CMT representation is department leadership. Status update calls for crisis management. Internal discussions happen at the department level. 27

Crisis Response and Escalation 28

Local Team / Response Benefits Efficiency of Crisis Response Enterprise Uniformity of Crisis Response Higher Level Coordination of Crisis Response / Exercises Market Level Exercises Enterprise Level Functional Area Involvement Train and Test our Crisis Management Team across the Enterprise Minimizing training time requirements Focused training per audience 29

Current stats Feedback / Adoption Planning satisfaction surveys 100% satisfied or higher. Testing satisfaction surveys 96% satisfied or higher. Plans completed YTD August 2014 75 plans completed of needed 170. Tracking completion of all plans by end of year. 30

Feedback / Adoption Comments The new format/methodology for plan building is great you guys took a 6-8 week very labor intensive project and turned it into a one day meeting of the SME s to produce a viable comprehensive plan that will actually be referenced during emergency situations. Your BCM webpage is like one stop shopping and makes home preparedness much easier, the checklists and templates are fantastic! Thank you. The plan was easy to follow and the project coordinator did an excellent job keeping all focused on the outcome of the plan. My feedback was taken into consideration and all others as well. We hope we never have to utilize this plan, but we feel confident that should we have to, that it will work as well as it was planned and thought out. 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback