11

IT Service ContinuityIT Service Continuity ManagementManagement

22

Goal – Primary ObjectiveGoal – Primary Objective

•To support the overall To support the overall Business Business ContinuityContinuity management process by management process by ensuring that the required IT technical ensuring that the required IT technical services and facilities can be services and facilities can be recoveredrecovered within required and agreed within required and agreed business time-scalesbusiness time-scales

33

Why Continuity ManagementWhy Continuity Management

• Ensuring business survival by Ensuring business survival by reducing the impact reducing the impact of a disasterof a disaster or major failure or major failure

• Reducing the Reducing the vulnerabilityvulnerability and risk and risk to the to the business by effective risk analysis and risk business by effective risk analysis and risk managementmanagement

• Preventing the loss of Customer and User confidencePreventing the loss of Customer and User confidence

• Producing IT recovery plans that are integrated with Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business and fully support the organisation’s overall Business Continuity PlanContinuity Plan

44

ConsiderationsConsiderations

• IT Service Continuity options need to be understood IT Service Continuity options need to be understood and the most appropriate solution chosen in support and the most appropriate solution chosen in support of BCM requirementsof BCM requirements

• Roles and responsibilities need to be identified and Roles and responsibilities need to be identified and supported from a senior levelsupported from a senior level

• IT IT recovery plansrecovery plans and Business Continuity plans and Business Continuity plans need to be aligned regularly reviewed, revised and need to be aligned regularly reviewed, revised and testedtested

55

The Business Continuity Life-The Business Continuity Life-cycle Overviewcycle Overview• Stage 1 – InitiationStage 1 – Initiation

– Initiate Business Continuity ManagerInitiate Business Continuity Manager

• Stage 2 – Requirements and StrategyStage 2 – Requirements and Strategy• Stage 3 - ImplementationStage 3 - Implementation• Stage 4 - Operational ManagementStage 4 - Operational Management

66

Stage 2 – Requirements and Stage 2 – Requirements and StrategyStrategyBusiness Impact AnalysisBusiness Impact Analysis

Identification of Critical Business Processes and Speed of Identification of Critical Business Processes and Speed of RecoveryRecovery

Risk Assessment and MethodologyRisk Assessment and Methodology

Threats to AssetsThreats to Assets

CRAMM – CRAMM – CCCTA’s CTA’s RRisk isk AAnalysis nalysis MManagement anagement MMethodologyethodology

(Central Computer and Telecommunications Agency)(Central Computer and Telecommunications Agency)

Business Continuity StrategyBusiness Continuity Strategy

Based on Top RisksBased on Top Risks

77

Risk Analysis (CRAMM)Risk Analysis (CRAMM)ANALYSIS

Assets Threats Vulnerabilities

MANAGEMENT

Risks

Countermeasures

88

Risk AnalysisRisk Analysis

• Asset Categorise and RANK 1-10Asset Categorise and RANK 1-10– HardwareHardware– SoftwareSoftware– PeoplePeople– Buildings etc.Buildings etc.

• Threat List and RANK 1-3Threat List and RANK 1-3

• Vulnerability against Assets Matrix RANK 1-3Vulnerability against Assets Matrix RANK 1-3

Risk = Asset * Threats * VulnerabilityRisk = Asset * Threats * Vulnerability

99

IT Recovery OptionsIT Recovery Options

• Do nothingDo nothing

• Manual back-up – revert to pen and paperManual back-up – revert to pen and paper

• Reciprocal arrangements with another companyReciprocal arrangements with another company

• Gradual recovery - Cold StandbyGradual recovery - Cold Standby

• Intermediate recovery - Warm StandbyIntermediate recovery - Warm Standby

• Immediate recovery - Hot StandbyImmediate recovery - Hot Standby

1010

Gradual Recovery – COLD Gradual Recovery – COLD standbystandby• Time to recovery > 72hrsTime to recovery > 72hrs

• Empty Computer spaceEmpty Computer space– RemoteRemote– PortablePortable

• Nothing in the roomsNothing in the rooms

• Requires contracts / procedures in place to set upRequires contracts / procedures in place to set up

1111

Intermediate Recovery – Intermediate Recovery – WARM standby WARM standby • Time to recovery 24hrs to 72hrsTime to recovery 24hrs to 72hrs

• Filled Computer spaceFilled Computer space– RemoteRemote– PortablePortable

• Networked Computers but with Networked Computers but with NO DataNO Data

1212

Immediate Recovery – HOT Immediate Recovery – HOT standbystandby• Time to recovery “within the working day” 0hrs to Time to recovery “within the working day” 0hrs to

8hrs8hrs

• Filled Computer SpaceFilled Computer Space– RemoteRemote– PortablePortable

• Networked Computers Networked Computers with Data with Data (but not (but not necessarily up to date)necessarily up to date)

1313

Benefits of Continuity Benefits of Continuity ManagementManagement• Management of risk and the consequent reduction of Management of risk and the consequent reduction of

the impact of failurethe impact of failure

• Fulfilment of regulatory requirementsFulfilment of regulatory requirements

• Potentially lower insurance premiumsPotentially lower insurance premiums

• A more business focussed approach to IT continuity A more business focussed approach to IT continuity and recoveryand recovery

• Reduced business disruption during an incidentReduced business disruption during an incident

• Increased customer confidence and organisational Increased customer confidence and organisational credibilitycredibility

1414

Exam TipsExam Tips

•Know the Know the Disaster Recovery Disaster Recovery optionsoptions

ISCM

1515

Exam QuestionsExam Questions

• In relation to IT Service Continuity Planning, the In relation to IT Service Continuity Planning, the severityseverity of a of a disasterdisaster depends upon: depends upon:

AA The time of day it occursThe time of day it occurs

BB How many people are available to assist in recoveryHow many people are available to assist in recovery

CC The type of disaster, whether flood, fire etcThe type of disaster, whether flood, fire etc

DD The The impact impact ((EFFECTEFFECT) upon customers’ businesses) upon customers’ businesses

1616

Exam QuestionsExam Questions

• Consider the following statements about IT Service Continuity Consider the following statements about IT Service Continuity Planning:Planning:

11 The intermediate recovery external option offers a The intermediate recovery external option offers a remoteremote installation, fully equipped with all the required hardware, installation, fully equipped with all the required hardware, software, communications and environmental control equipmentsoftware, communications and environmental control equipment

22 The intermediate recovery external option is often shared between The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be multiple customers and in the event of a disaster may not be available due to over-subscriptionavailable due to over-subscription

AA BothBothBB NeitherNeitherCC Only 1Only 1DD Only 2Only 2

1717

Exam QuestionsExam Questions

• Your organisation has just entered into a Your organisation has just entered into a Gradual Recovery Gradual Recovery (Cold Standby) IT service Continuity Agreement. Within the ITIL (Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is definition, which of the following lists is INCORRECTINCORRECT for what for what you could find at the contingency site?you could find at the contingency site?

AA A building, electricity, telecommunications equipment, office A building, electricity, telecommunications equipment, office space for technical staffspace for technical staff

BB Stand-by generator, telecommunications equipment, system Stand-by generator, telecommunications equipment, system manuals, support staff, watermanuals, support staff, water

CC A building, telecommunications equipment, A building, telecommunications equipment, a computera computer, , support staff, documentationsupport staff, documentation

DD A building, electricity, water, support staff, system manualsA building, electricity, water, support staff, system manuals

1818

Exam QuestionsExam Questions

• Which of the following would you Which of the following would you NOTNOT expect to see in an IT expect to see in an IT Service Continuity Plan?Service Continuity Plan?

AA Contact listsContact lists

BB The version numberThe version number

CC Reference to change control proceduresReference to change control procedures

DD Full Service Level Agreements (Full Service Level Agreements (SLMSLM))