business continuity - business risk & management
Post on 19-Oct-2014
745 views
DESCRIPTION
Here\'s background information on Business Risk & Management\'s business continuity programTRANSCRIPT
Prepared by:
Andrew StylesManaging Director
Business Continuity/Crisis Management/Disaster Recovery
Planning / Training / Testing
Date: 31 Oct 2011
Business Risk & Management Pte Ltd (BRM)
Number 1… BRM are the premier Thailand-based
business continuity and crisis management service provider
We know Thailand! …the risks associated with operating in the
country and the most effective way to reduce these risks
Cost sensitive $$$ We don’t believe that business continuity
should be expensive so we price accordingly. No budget is too small and no project is too big.
Asia Reach We also provide business continuity
services across all of Asia Confidential 2
We provide an effective services in the following areas: Developing and implementing
business continuity and crisis management plans
Review of your current plans to identify gaps to improve effectiveness
Crisis management team & staff training
Business continuity testing IT systems disaster recovery plansContact…
Andrew StylesBusiness Risk & Management Pte Ltd+66 [email protected]
What is business continuity
“Plan for what is difficult.” Sun Tzu
Focus of business continuity…to minimise disruption
Definitions… The ability to maintain operations/services in the face
of a disruptive event. www.staffordshireprepared.gov.uk/glossary/
Business continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. en.wikipedia.org/wiki/Business_continuity
Confidential 3
Why consider business continuity Events are constantly occurring These unplanned events can have
catastrophic effects on businesses Research shows that companies that don't
have contingency plans in place are more likely to fail…
80% of businesses affected by a major incident either never re-open or close within 18 months (Source, AXA)
Companies that aren't able to resume operations within ten days (of a disaster hit) are not likely to survive. (Strategic Research Institute)
Research by IBM (Varcoe,1993) showed that 80 per cent of organisations without relevant disaster recovery plans who suffered a critical computer disaster went bankrupt
Within two years after Hurricane Andrew struck in 1992, 80 percent of the affected companies that lacked a business continuity plan failed (FEMA)
“It can take 20 years to build a business and 15 minutes to destroy it” Warren Buffet
Confidential4
5
BenefitsPutting business continuity plans in your organization can prepare your business for any potential disaster, help ensure that you will be able to maintain continuity of your business practices, reduce or even possibly remove such calamities could have on your organisation
In addition, business continuity planning will…
reduce your costs when hit by a crisis
make your organization more robust. It can strengthen your organisation against problems
help protect your organisation's image, brand, and reputation
assist in your insurance company viewing you more favourably should some sort of disaster require their
involvement
offer management a better understanding of their business and ultimately helps identify ways to strengthen any
short comings
show your investors that you take business seriously
Instil customer confidence in your business
Recent flooding in Thailand – Honda Car Factory
Reluctance to implement business continuity
Some companies view business continuity as being about preparing for something that may never happen – they’ll deal with crises if they occur.
Companies that don’t assess risks leave themselves vulnerable to events occurring that they could have identified and stopped
Consider these examples and not having any plans in place…
Example 1: A single employee having all the knowledge in one area of the business and that person leaves the organisation suddenly
Example 2: Large fire destroys company’s office building – not having back of critical data, alternative sites
Example 3: A product being sent to a customer is stolen and a replacement is not immediately available
Confidential 6
Crisis Management
Crisis management is a subset of business continuity Crisis management is the process by which an
organisation deals with a major event that threatens to harm the organization, its stakeholders, or the general public http://en.wikipedia.org/wiki/Crisis_management
Confidential 7
“There are risks and costs to a programme of action...but they are far
less than the long ranging costs of
comfortable inaction.”John F Kennedy
Why have crisis management plans?
"The most serious failure of leadership is the failure to foresee“ Robert Greenleaf
Provides a framework for management to respond to a crisis
When people are under extreme pressure they become less effective and are less likely to think straight and logically - same applies to organisations – the ability to come up with logical processes for dealing with issues and developing solutions may be more difficult during the crisis
Developing the crisis management program and having it ready to be implemented before a crisis occurs is more effective
The crisis mgmt plan would include roles/responsibilities of staff, crisis team processes and templates to follow, escalation rules
Confidential 8
Phases of a Crisis
9
time
Business Continuity
Crisis Mgmt
Emergency Response
1 min
2 hrs 6 hrs 1 day 1 wk 1 month
inte
nsity
?
Business incident response is made up of 3 phases
Approximate time periods are shown on the diagram
Having all 3 responses in place prior to an event reduces the impact on the business & minimises disruption
What is disaster recovery?
Process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster.
Disaster recovery is a subset of business continuity
While business continuity involves planning for keeping all aspects of a business functioning in the midst of disruptive events, disaster recovery focuses on the IT or technology systems that support business functions
Confidential 10
BCM Outcomes
Business Continuity Plans
A detailed set of plans that the company can follow during a crisis to ensure mission critical services are maintained and disruption is minimised
Confidential 11
Effective Crisis Management
Management have a clear understanding on how to manage the crisisA company spokesperson has the skills to talk to the media Staff knowing what to do…
An organisational understanding of what to do during a crisisAll staff understand and can implement their respective roles during a crisis
Implementing a BCM program results in the following…
Become certified in Business Continuity
After implementing a BC program, companies can become certified
Certification can be by either:
Do a self-declaration that the company complies
or Have a certification company
come in and audit the program to verify it complies with the standard selected
Confidential 12
13
Contact details
Need help with… Business Continuity | Crisis Management | Disaster Recovery | Security | Investigations
Contact… Andrew StylesBusiness Risk & Management Pte Ltd+66 [email protected]