• No results found

(Instructor-led; 2 Days)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "(Instructor-led; 2 Days)"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

P

P

r

r

o

o

t

t

e

e

c

c

t

t

i

i

n

n

g

g

Y

Y

o

o

u

u

r

r

R

R

e

e

v

v

e

e

n

n

u

u

e

e

s

s

:

:

A

A

Ri

R

i

sk

s

k

Ma

M

a

n

n

a

a

ge

g

e

m

m

en

e

nt

t

A

A

p

p

p

p

r

r

o

o

a

a

ch

c

h

t

to

o

Bu

B

u

s

s

in

i

ne

e

s

s

s

s

Co

C

o

n

n

t

t

i

i

n

n

ui

u

it

ty

y

Pl

P

la

an

n

n

n

i

i

ng

n

g

(Instructor-led; 2 Days)

(2)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

Module I.

Project Initiation and Management

A. DRII/BCI Project initiation and control B. Business continuity project activities C. Business Continuity Planning Scope D. Disaster Recovery Planning Scope E. Business Continuity Awareness

1. Communication to management

2. Communication to employees, vendors, customers, investors, and other

stakeholders

F. Planning steering committee G. Project planning

1. Budgetary requirements

2. Reporting to senior management

H. Resources provided:

1. Checklist: Project Initiation

2. Example – BCP/DRP Communication Briefing

3. Example – Disaster Recovery Project

4. Example – Business Continuity Project: Terms and Scope

5. Example – Business Continuity Plan

6. Indicative Project Deliverables and Investment

(3)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

Module II.

Risk Evaluation and Control

A. DRII/BCI Risk Evaluation and Control B. Risk Assessment

1. Business needs

2. Health and safety

3. System safety programs

4. Risk management for finance and the finance sector

5. Food industry

6. Health care

7. Other industries

C. Risk Assessment Guidance and Compliance

1. Statutory requirement and duty of care

2. The U.K. Combined Code (Turnbull Report)

D. Risk Assessment Process E. Risk Management Methods

F. Critical Component Failure Analysis G. Operational Risk Management

H. Prioritizing Risk Management I. Security and Siting – Risk Areas J. Case Studies

(4)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

3. Case Study – The E-Bomb Threat

a) Definition b) History c) Technology d) Defense

4. Case Study: Fire Hazard from Computer Tapes

a) Testing environment b) The tape burn

c) Explanation of computer tapes and their pyrolysis products

5. Case Study: Smoke Tests

6. Case Study: Foot and Mouth Disease Disaster

7. Checklist: Site, Environmental, Health, and Safety Risk Assessment

8. Action Plan – Risk Evaluation and Control

Module III.

Business Impact Analysis

A. DRII/BCI Business Impact Analysis B. The BIA Project

1. BIA Data collection methods

2. Critical success factors / Business process matrix

3. Key performance indicators

4. Process flows

5. Outputs and deliverables

6. Activity categorization

7. Desk review

(5)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

9. Interviews

C. Managing and Internally Promoting the BIA Project

1. Workshops

2. Financial justification for Business Continuity Management

3. Compliance and legal requirements

4. Designing an Impact Matrix

D. A Tiered Approach to Business Continuity Planning

1. Business continuity and service-level agreements

E. Resources Provided:

1. Example – Resource and Timescale for Provisioning

2. Example – Risk and Impact Analysis

3. Example – A Service-Level Agreement Using Tier Rating

4. Action Plan – Business Impact Analysis

Module IV.

Developing Continuity Strategies

A. DRII/BCI Business Continuity Strategy Development B. Vital Materials and Backup

C. Business Continuity Strategy Options

1. Continuous processing

2. Distributed processing

3. Alternate sites

(6)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

E. Insurance F. Consultants

G. Resources Provided:

1. Example – A Business Continuity Strategy Project

2. Action Plan – Developing Continuity Strategies

Module V.

Emergency Response and Operations

A. DRII/BCI Emergency Response and Operations B. Types of Emergencies

C. Coordination with Public Authorities D. Emergency Response Standards E. International Coordination

F. Public Relations and Crisis Communication

1. Media management

2. Communication with stakeholders

G. Salvage and Restoration H. Resources Provided:

1. Examples – Emergency Plans

2. Emergency Response Acronyms

3. Action Plan – Emergency Response

Module VI.

Developing and Implementing the Business Continuity Plan

A. Plan Components

1. Introduction

(7)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

3. Tasks, actions, and functions

4. Roles and responsibilities

a) BC Management b) Operations

5. Alternative standby locations

6. Internal and external contact details

7. Vital documents and materials

8. Resource requirements

9. Reporting processes and requirements

10. Audit trail

11. Plan confidentiality, version control, and document management

12. Plan structure

B. Interim Plans

C. Software Tools for Plan Development D. Resources Provided:

1. Example – Office Services Plan for a Professional Practice

2. Example – Contents of Generic BC Plan Appendices

3. Examples – Commercially Available BC Planning Software

4. Checklist: BC Planning Software

5. Action Plan – Developing and Implementing the Business Continuity

Plan

(8)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

C. Identifying Functional Awareness and Training Gaps D. Developing the Best Training Methodology

E. Acquiring or Developing Training Aids F. Outsourcing Training

G. Identifying Vehicles for Corporate Awareness H. Resources Provided:

1. Checklist: Staff Skills Assessment Matrix

2. Example: Disaster Management Event News Resources

3. Action Plan – Business Continuity/Disaster Recovery Awareness and

Training

Module VIII.

Maintaining and Testing the Business Continuity Plan

and Disaster Recovery Plan

A. DRII/BCI BCP/DRP Plan Maintenance and Testing B. Business Continuity Plan Audit and Review

1. BC Plan audit areas

C. Testing

1. Justification

2. Testing strategy

3. Testing methods

4. Using a structured approach to plan testing

5. Post-Test reporting

D. Resources Provided:

1. Example – Notes from a Test Planning Meeting

(9)

BusinessContinuityandDisasterRecoveryManagementbyCertifiedInformationSecurity

3. Case Study: Setting up Testing with Initial Briefings and Situation

Reports

4. Action Plan - Maintaining and Testing the Business Continuity Plan and

Disaster Recovery Plan

Module IX.

Business Continuity/Disaster Recovery Standards and

Guidelines

A. Overview

B. Various Governmental Standards Bodies C. BS 7799

D. ISO 17799

E. Resources Provided:

References

Download now ( PDF - 9 Page - 161.52 KB )

Related documents

Information Technology Internal Audit Report

• Insufficient Disaster Recovery Plan and Business Continuity Plan – As recommended in the FY 2012 and 2013 IT internal audit remediation plan, the current disaster recovery plan

Evaluating and Improving Your Business Continuity Plan

Business Continuity Plan Exercise, Audit and Maintenance  Exercise/Testing Program  Plan Maintenance Program  Business Continuity Audit Process  Communicate

Introduction to Business Continuity Planning

Normally Business Continuity Coordinator or Disaster Recovery Coordinator will responsible for maintaining Business Continuity Plan.. However his or her job is not updating the Plan

Business Continuity and Disaster Recovery Plan

The BCP addresses: data back up and recovery; all mission critical systems; financial and operational assessments; alternative communications with customers, employees, and

BUSINESS CONTINUITY AND DISASTER RECOVERY PLAN

Swiss Alpine Wealth Management maintains its primary hard copy books and records and its electronic records at its main office location previously referenced in

Rural unemployment pushes migrants to urban areas in Jiangsu Province, China

( 2008 ) selected six factors, which included labor, planted area, irrigated area, fertilizer use, machinery power, and pesticide use, as the factors of rural agricultural

Festo Hidraulica

Por ejemplo, en todo el mundo se utilizan máquinas de procesamiento de madera, máquinas herramienta, equipos de procesos continuos, prensas, máquinas de procesamiento de materiales

South Cambridgeshire Pilot Brownfield Register

Note - sites with planning permission, allocations in the Development Plans and the SHLAA site are included in their entirety (i.e. the greenfield and brownfield land) as