ANB Confidential

Continuity and Resilience (CORE)

ISO 22301 BCM Consulting Firm

Presentations by speakers at the

5th Middle East Business & IT Resilience Summit

20 – 21 April 2016 – Palace Hotel DownTown Dubai

Our Contact Details:

INDIA UAE

Continuity and Resilience

Level 15,Eros Corporate Tower

Nehru Place ,New Delhi-110019

Tel: +91 11 41055534/ +91 11 41613033

Fax: ++91 11 41055535

Email: neha@continuityandresilience.com

Continuity and Resilience

P. O. Box 127557

Abu Dhabi, United Arab Emirates

Mobile:+971 50 8460530

Tel: +971 2 8152831

Fax: +971 2 8152888

Email: info@continuityandresilience.com

Please write to us if you would like to get in touch with the Speaker

ANB Confidential

Business Impact Analysis – How To

Derive Maximum Benefit From The

Process?

Abdulrahman Alonaizan

Manager – Business Continuity Division

Arab National Bank

Saudi Arabia

2

ANB Confidential

3

Maintain and

Improve

(Act)

Implement and

Operate

(Do)

Establish

(Plan)

Monitor and

Review

(Check)

The BCM Cycle

I. Plan

a. Determining BCM Strategy

b. Embedding BCM in ANB Culture

II. Do

a. Continuity Level Agreement

(CLA)

b. Understanding the Organization

(BIA/Risk Analysis )

c. Developing & Implementing BCM

Response

d. Business Continuity Plan ( BCP )

e. Exercising , Maintenance and

Review (Scenarios)

III. Check

a. Management review

b. Auditing (External/Internal)

c) Act

Corrective Actions and

Preventions

ANB Confidential

The Business Impact Analysis (BIA) process

Information Collection

Impact Analysis

Measuring of disruptions

Deriving BC Strategies

Developing BC Plans

4

ANB Confidential

Information Collection

Sample BIA Survey Page

5

Service Code RGCAC01 RGCAC02 RGCAC03

Service Name Credit Document

Custody

Credit Limits

Maintenance

Credit Admin

Description Keep the Original copies

of documents from

Clients

Enter clients credit limit,

check loans against

limits.

- Update Credit

Information.

- Credit Reporting.

- Credit checking with

ANB and Others Banks.

- Enter treasury related

limits.

Is this service critical? Yes Yes Yes

Is there a workaround for the service /

process? If yes, please describe briefly

Yes, Manual Procedures No (Needs applications) No (Needs applications)

Minimum level at which the service needs to

be performed upon resumption

60% 60% 60%

Are there any seasonal features / aspects of

this service / process

Every last week of the

Month

Every last week of the

Month

Every last week of the Month

ANB Confidential

Information Analysis

Understand business processes

Define resource requirements

Determine business impact

Determine dependencies

Identify vital records

6

ANB Confidential

Disruption Timeline

7 7 7

Business As Usual

Time

Target time to recover the

service or product after an

incident

Service / product could not be

recovered. Organization’s

viability unresolved threatened.

RTO MTPD

Crisis

Management

BCMS

Plan

DO

Check

Act

Business

Continuity

Plan

ANB Confidential

Financial Impact

Methodology to link the RTO with the financial

loss due to the disruption of a service

If average daily net income of Organization is: SR 1,000,000

2% of average daily net income of Organization: SR 20,000

Average hourly lost revenue due to service disruption : SR 2,500

The RTO will be reached at (20,000/2500) = 8 hours 8

ANB Confidential

9

ANB Confidential

Using BIA results for Business Continuity Plans

Information update

o Resource requirements

Technology

Staff

Workplace

Dependencies

Workarounds / Manual Procedures

Vital Records

10

ANB Confidential

BC Strategy Elements Derived from BIA

Services RTO / MTPoD

Sequence of recovery

Seating capacity requirements

DRC capabilities

11

ANB Confidential

Corporate BIA

The Corporate BIA focuses on the business impact of a

disruption at the corporate level.

The objectives of the Corporate BIA Report are to:

Analyze continuity resource requirements from the

corporate viewpoint

Highlight the key items which need to be addressed at

the corporate level

12

ANB Confidential

key Resources

The Corporate BIA reviews the key resources of the

organization which have to be available for the business to

continue its operations and provide services to its

customers:

Technology

Workplace

People

13

ANB Confidential

Technology

DRC technical capacity

to provide continuity for

all services in the

Business Continuity

Plans

DRC technical

sustainability

Data replication

Sequence of recovery

14

ANB Confidential

Workplace

Review with Group managers’

about workspace requirements

o Up to three months’ time

from the disruption

o Up to 6 months’ time

o Up to one year time

Alternate arrangements

(e.g. shifts, work from home)

Summarized recommendations

15

ANB Confidential

People

Options to be considered to address unavailability

of staff (e.g. pandemic):

Working from home

Outsourcing

Skills matrix

16

ANB Confidential

Thank You

Any questions?

17

ANB Confidential

18

Continuity and Resilience (CORE)

ISO 22301 BCM Consulting Firm

Presentations by speakers at the

5th Middle East Business & IT Resilience Summit

20 – 21 April 2016 – Palace Hotel DownTown Dubai

Our Contact Details:

INDIA UAE

Continuity and Resilience

Level 15,Eros Corporate Tower

Nehru Place ,New Delhi-110019

Tel: +91 11 41055534/ +91 11 41613033

Fax: ++91 11 41055535

Email: neha@continuityandresilience.com

Continuity and Resilience

P. O. Box 127557

Abu Dhabi, United Arab Emirates

Mobile:+971 50 8460530

Tel: +971 2 8152831

Fax: +971 2 8152888

Email: info@continuityandresilience.com

Please write to us if you would like to get in touch with the Speaker