Business continuity management

Business Continuity Management

..or what do I do when the world turns to..

1(c) Robere & Associates (Thailand) 2010

….A disruption……2(c) Robere & Associates (Thailand) 2010

Let me begin with a story…

• There once was a company…

• Who found themselves in a difficult situation and needed additional financial resources..

• And needed a “key” to unlock their financial resources…


But…

• There’s no Magic when it comes to survival.

• It is a structured approach to understanding our business, and planning for the “unplanned”


What’s important to you?

• Have you ever thought about how you would survive in case of an emergency?– External:

• Political disruptions• Natural Catastrophes• Change in market or customers

– Internal:• Strikes• Fire• breakdowns • illness


How do we ensure on-going business success – continuity?

(c) Robere & Associates (Thailand) 2010 6

• In 2006, British Standards (BSI) created a document called “Business Continuity Management” COP

• It was followed in 2007 by an auditable standard for “Business Continuity Management”

Today, we’ll discuss the BCM Code of Practice

• The whole purpose of this code of practice is to define a structured approach to recognizing the possible areas in the company that could be subject to a disruption and the effect it would cause


Managing the “program”• Similar to ISO9001,

ISO14001• Responsibilities• Ongoing Management• Documentation– Programs– Plans– reporting


Who are we? What do we need?

• Business Impact Analysis (BIA)

• Identification of critical activities

• Determining Continuity Requirements

• Evaluating Threats (Risk Assessment)

• Determining Choices


What are we going to do?

• What are our options?– People– Premises– Technology– Information– Supplies– Stakeholders

• Civil emergencies• Sign off


How do we use our strategy to respond?

• Response Structure:– Confirm the nature of

the problem– Take control– Contain the incident and– Communicate with

stakeholders



Timeline

Incident response

Business continuity

Recovery/ resumption-back-to-normal*

Overall recovery objective:Back-to-normal as quickly as possible

Incident!

Tim

e Ze

ro

Within weeks to months:Damage repair / replacementRelocation to permanent place of workRecovery of costs from insurers

Within minutes to days:Contact staff, customers, suppliers, etc.Recovery of critical business processRebuild lost work-in-progress

Within minutes to hours:Staff and visitors accounted for Casualties dealt withDamage containment / limitationInvocation of BCP

*Note: Do you really want to go back to “normal”?

Exercising, maintaining and reviewing BCM arrangements

• Exercise program– Exercising BCM arrangements– Maintaining BCM arrangements– Reviewing BCM arrangements– Audit– Self-assessment


Types and methods of exercising BCM strategies (Ref: BS25999-1)


Embedding BCM in your organization

• General• Awareness• Skills training


Business Continuity Management is:

An holistic management process that identifies potential threats to an organization and the impacts to business

operations that those threats, if realized, might cause, and which provides a framework for building organizational

resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.(1)


In

Conclusion..

(1) BS25999-1, P1

17

"Upon the plains of hesitation bleach the bones of countless millions who, on the threshold

of victory, sat down to wait, andawaiting they died."

- Anonymous

Thank you for you time and attention…

Paul RobereRobere & Associates (Thailand) Ltd.


Business continuity management

Business

Transcript of Business continuity management