Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

02 Practical Strategies of Conducting BIA

3.841 Aufrufe

Veröffentlicht am

Veröffentlicht in: Business, Bildung
  • Als Erste(r) kommentieren

02 Practical Strategies of Conducting BIA

  1. 1. Practical Strategies of Conducting a Business Impact Analysis<br />
  2. 2. Practical Strategies of Conducting a Business Impact Analysis<br />Dr Goh Moh Heng <br />PhD BCCE DRCE BCCLA<br />President<br />2<br />
  3. 3. Dr Goh Moh Heng<br />President<br />Business Continuity Management (BCM) Institute<br />www.bcm-institute.org<br />Managing Director<br />GMH Continuity Architects<br />Asia Pacific BCM Consulting Firm<br />www.GMHasia.com<br />Professional BCM Appointments<br />Technical Advisor for TR19:2005 & SS540:2008 BCM Standard (Management Council and Technical Committee) www.ss540.org<br />Project Director, Technical Working Group for SS507:2004 <br />ISO/IEC 24762 Guidelines for BC-DR Services<br />SS507<br />SS540<br />http://www.bcmpedia.org/wiki/Dr_Goh_Moh_Heng<br />
  4. 4. Dr Goh Moh Heng<br />Prior Appointments<br />Government of Singapore Investment Corporation (GIC)<br />Standard Chartered Bank<br />Global Head for BCM<br />PriceWaterhouse (Coopers)<br />Past Certification Broad Member for DRI International’s Certification Board<br />Past Executive Director for DRI Asia<br />Senior Technical Advisor, China Business Continuity Management Forum<br />http://www.bcmpedia.org/wiki/Dr_Goh_Moh_Heng<br />
  5. 5. BCM Institute<br />Started in January 2005.<br />Provide competency based BC-DR training to all levels.<br />Certify BC-DR professionals globally.<br />Started Certification programme in April 2007.<br />More than 1500 professionals from 850 organizations and 40 countries.<br />
  6. 6. Professional Certification<br />Business Continuity<br />IT Disaster <br />Recovery<br />BCM Audit<br />Membership<br />
  7. 7. Agenda<br />What Exactly is BIA?<br />Key concepts<br />Strategic, tactical and operational BIA<br />Walkthrough of BIA Template<br />
  8. 8. Source: <br />Goh, Moh Heng (2008): Managing Your Business Continuity Planning Project 2nd Edition ISBN: 978-981-05-9767-2<br />Business Impact Analysis<br />How-to Do It?<br />
  9. 9. Business Continuity Management Body of Knowledge 3 <br />Implement business impact analysis (BIA) process. <br />Understand the principles and scope of the BIA process. <br />Apply the BIA implementation process. <br />Understand the available BIA data collection mechanisms. <br />Determine and apply the appropriate BIA data collection mechanism. <br />Design a custom tailored BIA questionnaire. <br />Gather BIA Information. <br />Identify activities that support Critical Business Functions (CBF) and identify owners. <br />Determine impacts of a disruption to each activity/process across the organization that may damage organization's reputation, assets or financial position. <br />Quantify timescales where interruption becomes unacceptable to organization. <br />Determine key requirement for organization-wide tolerable downtime. <br />Determine Inter-dependencies and intra-dependencies. <br />Identify vital records needed for recovery. <br />Identify and document CBFs, critical processes and critical application. <br />Determine continuity resources. <br />Provide the resource information to determine or recommend recovery strategies. <br />Identify internal and external resource requirements to support activities. <br />Quantify the people, technology and telephony resources required over time to maintain business activities at an acceptable level and within the maximum tolerable period of disruption. <br />Seek Executive Management Approval. <br />Seek sign off of requirements by process owners. <br />Present requirements to executive management and seek approval to adopt the findings as the basis for determining a BC strategy. <br />9<br />http://www.bcmpedia.org/wiki/BCMBoK_3:_Business_Impact_Analysis<br />
  10. 10. Mandatory Understanding of BIA Terminology<br />Minimum Business Continuity Objective (MBCO)<br />Business Impact Analysis (BIA)<br />Critical Business Function (CBF)<br />Recovery Time Objective (RTO)<br />Recovery Point Objective (RPO)<br />Impact <br />Quantitative<br />Qualitative<br />
  11. 11. Business Impact Analysis Steps<br />Determine information to gather<br />Tailor questionnaires to internal requirements<br />Conduct training on completion of questionnaire<br />Collate and review questionnaires<br />Conduct selective interviews<br />Consolidate and analyze data<br />Summarize and present findings<br />
  12. 12. Recovery Time Objective<br />Time-Sensitive<br />Systems are <br />Operational <br />with Current &<br />Accurate Data<br />Time-Sensitive<br />Systems are <br />Operational <br />Resumption of Critical Functions<br />Point of<br />Disruption<br />Recovery Time Objective<br />Time<br />The maximum tolerable time within which Critical Business Functions must be restored to its MBCO<br />
  13. 13. Wks<br />RTO versus RPO<br />Secs<br />Mins<br />Hrs<br />Days<br /> Wks<br />Secs<br />Mins<br />Hrs<br />Days<br />Recovery Point<br />Recovery Time<br />
  14. 14. BCMpedia<br />www.bcmpedia.org<br />
  15. 15. Minimum Business Continuity Objective (MBCO)<br />is the minimum level of services and/or products that is acceptable to the organization to achieve its business objectives during an incident, emergency or disaster. <br />is set by the Executive Management of the organization and can be influenced, dictated and/or changed by current regulatory requirements or industry practices.<br />The definition provided here rephrases the operational perspective into an objective - the mission objective for BCM<br />
  16. 16. MBCO<br />16<br />
  17. 17. Walkthrough of a BIA Questionnaires<br />Workbook<br />
  18. 18. Minimum Business Continuity Objective<br />
  19. 19. P1: Identify BU and Business Functions<br />Workbook<br />
  20. 20. P2: Identification of Impact<br />Workbook<br />
  21. 21. P3: Impact Over Time<br />Workbook<br />
  22. 22. P4: Vulnerable Periods of Critical Business Functions<br />Workbook<br />
  23. 23. P5: Resources Required for Critical Business Functions during a Crisis<br />Workbook<br />
  24. 24. P6: Inter-dependencies<br />Workbook<br />
  25. 25. P7: Vital Records<br />Workbook<br />
  26. 26. BCM Institute Forum<br />Building a Community<br />80% Asian and Middle Eastern BCM and DR Professionals<br />bcmi.groupsite.com<br />
  27. 27. Summary<br />Provide a key understanding on the fundamentals of BIA<br />Understand the strategic, tactical and operational aspects of BIA<br />Experienced a walkthrough of BIA process using template<br />Be aware of tools and guides<br />
  28. 28. THANK YOU<br />Dr Goh Moh Heng<br />President<br />Mobile: +65 96711022<br />Tel: +65 63231500<br />Fax: +65 63230933<br />Email: moh_heng@bcm-institute.org<br />

×