• No results found

The Resilient IT Infrastructure

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "The Resilient IT Infrastructure"

Copied!
29
0
0

Loading.... (view fulltext now)

Download now ( 29 Page )

Full text

(1)

The Resilient IT Infrastructure

Jeremy Wong Senior Vice President

BCM Institute

(2)

Jeremy Wong

• Senior Vice President

– Business Continuity

Management (BCM) Institute

[email protected] – www.bcm-institute.org

• Senior Vice President

– GMH Continuity Architects – Asia Pacific BCM

(3)

Jeremy Wong

• Nomura

– Head of BCM, South Asia

• United Overseas Bank

– Head of BCM

• Bax Global

• J. P. Morgan

(4)

Agenda

How business continuity and IT disaster

recovery standards have evolved?

What are the IT DR competencies needed to

sustain resiliency?

What can we learn from IT disruptions in the

(5)

IT DISASTER RECOVERY

(6)

IT Disaster Recovery (DR)

Is the ability of an organization to provide critical

Information Technology (IT) and

telecommunications capabilities and services, after

it is disrupted by an incident, emergency or

disaster.

Recovers the disrupted IT and telecommunications

capabilities to ensure CBFs can continue within a

minimum period of time, pre-determined by the

(7)
(8)

IT DR AND BCM STANDARDS

(9)

10 Benefits of Standards

1. Standards help you compete on a level playing field with bigger organisations

2. Standards open up export markets for your products and services

3. Standards help you discover best business practices

4. Standards drive efficiency in your business operations 5. Standards add credibility and

confidence for your customers

6. Standards open new

business opportunities and sales

7. Standards give you the competitive edge

8. Standards make your brand name internationally

recognised

9. Standards help your company grow

10. Standards enable a common “language” to be used across an industry sector

(10)

Business Continuity and IT Disaster

Recovery Standards

• SS507:2008 Singapore Standard for Information and

Communications Technology Disaster Recovery Services • ISO/IEC 24762:2008 Information technology — Security

techniques

– Guidelines for information and communications technology disaster

recovery services

• ISO/IEC 27031:2011 Information Technology: Security Techniques

– Guidelines for ICT Readiness for Business Continuity

• ISO/IEC 22301:2012 Societal Security: Business Continuity Management

(11)

SS 507:2008 Singapore Standard for ICT Disaster

Recovery Services

• Targeted at ICT DR service providers (internal and outsourced) that wish to get certified under the standard;

• Provides a basis to certify and differentiate the outsourced ICT DR service providers;

• Helps the end user organisations in selecting the best-fit service providers ;

• Provides quality assurance;

• Establishes industry best practices to mitigate outsourcing risks

(12)

ISO/IEC 24762:2008 Guidelines for information and

communications technology disaster recovery services

Aimed at aiding the operation of an

Information Security Management

System (ISMS) by providing guidance

on the provision of information and

communications technology disaster

recovery (ICT DR) services as part of

business continuity management

* ISO/IEC 27001 and ISO/IEC 27002 include a control objective for information security aspects of business continuity management

(13)

ISO/IEC 24762:2008 Guidelines for information and

communications technology disaster recovery services

ISO/IEC 24762:2008 specifies:

• The requirements for implementing, operating,

monitoring and maintaining ICT DR services and facilities;

• The capabilities which outsourced ICT DR service

providers should possess and the practices they should follow, so as to provide basic secure operating

environments and facilitate organizations' recovery efforts;

• The guidance for selection of recovery site; and

• The guidance for ICT DR service providers to continuously

(14)

ISO/IEC 24762:2008 Guidelines for information and

(15)

ISO/IEC 27031:2011 Guidelines for ICT Readiness for

Business Continuity

Effective BCM is frequently dependent

upon effective ICT readiness to ensure

that the organization's objectives can

continue to be met in times of

disruptions

* As part of the implementation and operation of an information security management system (ISMS) specified in ISO/IEC 27001

(16)

ISO/IEC 27031:2011 Guidelines for ICT Readiness for

Business Continuity

ISO/IEC 27031:2011

• Describes the concepts and principles of information and

communication technology (ICT) readiness for business continuity

• Provides a framework of methods and processes to

identify and specify all aspects for improving an

organization's ICT readiness to ensure business continuity

• Enables an organization to measure performance

parameters that correlate to its IRBC in a consistent and recognized manner

(17)

Integration of IRBC and BCMS

IRBC: ICT

Readiness for

Business

Continuity

BCMS: Business

Continuity

Management

System

(18)

ISO/IEC 22301:2012 Societal Security: Business

Continuity Management

• Specifies requirements for setting up and managing an effective

Business Continuity Management System (BCMS).

• The BCMS Includes:

o Policy

o Roles and Responsibilities o Management Processes

(19)

ISO/IEC 22301:2012 Societal Security: Business

Continuity Management

(20)
(21)

IT DR COMPETENCY

(22)

BCM Body of Knowledge

(23)

Competency Level

(24)

DR Competency

Key DR elements in addition to methodology

and management processes:

People

Facilities

Technology (Hardware/Network/Software)

Data

Processes

(25)

IT DISRUPTIONS

(26)

BCM Institute Profile

• We are a global convergence of thought leadership in Business Continuity, Disaster Recovery

and Crisis Management

• Global Professional Development and Qualification developed by Technical Experts and

Thought Leaders

• Largest Continuity Training and Certification Organization in Asia Pacific • Governed by Education, Examination and Certification Committees • Delivered by Industry Practitioners, Professionals and Peers

• Learned by Professionals, Practitioners, Consultants, Auditors, Officials from all industry

sectors of over 850 Organisations and Multi National Corporations (MNC) across 40 countries

Education Certification & Professional Development

Thought Leadership

(27)

BCM Institute started in January 2005

Provide competency based BC, CM and DR

training to all levels

Started certification

programme in April 2007 professionals globally Certify BC and DR

More than 1500 professionals from 40

(28)

BICSI and BCM Institute

BICSI

Focuses on developing

professionals to build,

manage and design of

IT systems like

datacentre

BCM Institute

BCMI focuses on

developing

professionals to plan,

build and manage the

IT-DR plan

(29)

Jeremy Wong

Senior Vice President

Mobile: +65 9794 3980 Tel: +65 6748 1528

Email: [email protected]

If you are interested in this topic, send me a note on your view …..

References

Download now ( PDF - 29 Page - 879.15 KB )

Related documents

North Lands Ledger Case Analysis

However distance is important to make sure you show them who the boss is, and the draw the line at the right time and that is what Potter did even though he delegated

CITY COUNCIL MEETING DATE: 03/02/2021 AGENDA HEADING: Consent Calendar

It is the City Council’s policy that commitments of fund balance for a fiscal year must be adopted by resolution prior to fiscal year end. Amounts that have been

Blood biomarkers of outcomes after ischemic stroke

investigated 595 ischemic stroke patients and found that serum concentrations of NFL at 3 months after the index stroke were significantly higher in the group with poor outcome (mRS

RAISING LONDON S HIGH SPEED CONNECTIVITY TO WORLD CLASS LEVELS

The Mayor and the GLA Group will, and all other strategic agencies should: facilitate the provision and delivery of the information and communications technology (ICT)

Information Security Management System (ISMS) Policy

Information Technology Services Page 15 of 37 <TRIM Doc No.> Secretary Executive Committee Information Security Forum ITS Staff (Directors, Managers, Staff) Internal

MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION

The Office of Internal Audit (OIA) conducted a management audit of the Disaster Recovery (DR) Plan prepared by the Information Technology Services Division (ITSD), a

Strategic Analysis of Petty Corruption: Entrepreneurs and Bureaucrats

Theorem 4 If the track of N bureaucrats is replaced by a “single window” of one bureaucrat, but with an application cost Nc, then the total second-best equilibrium bribe is

Coca Cola Invented Santa Claus

Discrepancy around the coca cola invented claus in the world is easy unsubscribe links are off old white were modern image?. At a lot of me to make it or