SlideShare a Scribd company logo

Disaster Recovery and Business Continuity for Your Clinical and Safety Systems

Perficient, Inc.
Perficient, Inc.

Your systems are up and running. You have no issues. It’s business as usual and all is as it should be. Then, suddenly, it’s not. A flood, an earthquake, a tornado or a fire threatens your organization’s ability to continue operating. Systems are offline, critical business processes have stalled. What damage has been inflicted? How long until you can recover? What do you do in the meantime? These are questions that no organization can properly answer without proper planning and testing. The implications of an unplanned and unprepared-for event can be devastating to a company, as well as to the patients it serves. The only way to mitigate such risks is through comprehensive planning and testing. Sean Bernard, lead business consultant in Perficient's life sciences practice, discussed why business continuity and disaster planning are so critical to life sciences companies, and shares best practices for preparing your company for the unforeseen.

Technology
1 of 42
Download to read offline
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems Sean Bernard, Lead Business Consultant, Life Sciences, Perficient
2 ABOUT PERFICIENT Perficient is a leading information technology consulting firm serving clients throughout North America. We help clients implement business-driven technology solutions that integrate business processes, improve worker productivity, increase customer loyalty and create a more agile enterprise to better respond to new business opportunities.
3 PERFICIENT PROFILE Founded in 1997 Public, NASDAQ: PRFT 2014 projected revenue ~$454 million Major market locations: Allentown, Atlanta, Ann Arbor, Boston, Charlotte, Chicago, Cincinnati, Columbus, Dallas, Denver, Detroit, Fairfax, Houston, Indianapolis, Lafayette, Milwaukee, Minneapolis, New York City, Northern California, Oxford (UK), Southern California, St. Louis, Toronto Global delivery centers in China and India >2,600 colleagues Dedicated solution practices ~90% repeat business rate Alliance partnerships with major technology vendors Multiple vendor/industry technology and growth awards
4 Business Process Management Customer Relationship Management Enterprise Performance Management Enterprise Information Solutions Enterprise Resource Planning Experience Design Portal / Collaboration Content Management Information Management Mobile BUSINESSSOLUTIONS 50+PARTNERS Safety / PV Clinical Data Management Electronic Data Capture Medical Coding Clinical Data Warehousing Clinical Data Analytics Clinical Trial Management Healthcare Data Warehousing Healthcare Analytics CLINICAL/HEALTHCAREIT Consulting Implementation Integration Migration Upgrade Managed Services Private Cloud Hosting Validation Study Setup Project Management Application Development Software Licensing Application Support Staff Augmentation Training SERVICES OUR SOLUTIONS PORTFOLIO
5 WELCOME AND INTRODUCTION Sean Bernard, Lead Business Consultant, Computer Systems Validation Life Sciences, Perficient (603) 340-7857 Sean.Bernard@perficient.com
6 AGENDA • The Danger is Real • Business Continuity and Disaster Recovery Overview • Regulatory Requirements for BC and DR • What a BC Program Is and Why You Need One • BC Program Stages and Deliverables • Conclusions • Questions
7 THE DANGER IS REAL The (Business) World is a Scary Place
8 THE DANGER IS REAL Weather and Climate Disasters 1980 - 2014 From 1980–2014, there were: • 22 drought events • 20 flooding events • 7 freeze events • 70 severe storm events • 34 tropical cyclones • 12 wildfire events • 13 winter storm events EACH with losses exceeding $1 billion (CPI-Adjusted) “Billion Dollar Weather and Climate Disasters”, National Oceanic and Atmospheric Administration, http://www.ncdc.noaa.gov/billions/mapping (accessed 23-Jan-2015)
9 THE DANGER IS REAL Natural Disaster Losses in the US, 1980 - 2014 “Catastrophes: US”, Insurance Information Institute, http://www.iii.org/fact-statistic/catastrophes-us (accessed 23-Jan-2015)
10 THE DANGER IS REAL “Cyberattacks account for up to $1 trillion in global losses”, Dana Kerr, CNET, http://www.cnet.com/news/cyberattacks-account-for-up-to-1-trillion-in-global-losses/ (accessed 10-Feb- 2014)
11 THE DANGER IS REAL • The most common generalized threats are: – Computer systems outages – Criminal activity/hostilities – Fire – Natural disasters – Epidemic/pandemic
12 THE DANGER IS REAL So BC and DR are taken seriously…right?
13 THE DANGER IS REAL “2013 AT&T Business Continuity Study Results - U.S. Trend Data, http://www.business.att.com/content/article/2013-ATT- BCStudy-Comparison-Results.pdf (accessed 27-Jan-2015) Business Continuity Trends
14 Business Continuity and Disaster Recovery Overview
15 BC & DR OVERVIEW Business Continuity • Can be defined as: A proactive process which identifies the key functions of an organization and the likely threats to those functions; from this information plans and procedures which ensure key functions can continue whatever the circumstances can be developed.1 Disaster Recovery • Can be defined as: The process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.2 1. The Definitive Handbook of Business Continuity Management, ed. Andrew Hines and Peter Barnes (West Sussex: John Wiley & Sons, Ltd., 2006), 379 2. “Information on Business Continuity and Disaster Recovery,” www.disasterrecovery.org (accessed 30- Dec-2014)
16 BC & DR OVERVIEW What’s the difference between BC and DR? • Business continuity is about the survival of critical business functions. • Disaster recovery is about the survival of critical IT systems. • Since most critical business functions rely on systems, DR is frequently seen as a subset of BC, which is how we’ll look at it in this presentation. • BC is higher-level, and less technical. DR is lower-level, and more technical.
17 BC & DR OVERVIEW Example: XYZ PharmaCo, Inc. is a small pharmaceutical company located in Buffalo, NY. They have defined Clinical Data Acquisition as one of their critical business functions. XYZ has a data center in Buffalo equipped with IT systems which include Oracle Clinical and Oracle Remote Data Capture systems. Site users from the Northern NY area log into the systems to enter clinical study data for ongoing trials. So for XYZ, an interruption in the operation of these IT systems would result in an interruption of the Clinical Data Acquisition function. So, since both the systems and the function are interrupted the outage would encompass both DR and BC. However, the Clinical Data Acquisition could also be interrupted by a strong winter storm. Site personnel and patients would be unable to report to the site, and data acquisition would not be possible. The IT systems are intact and working perfectly, but the function is still interrupted. This interruption would require only BC.
18 BC & DR OVERVIEW Common misconceptions about BC and DR: • I’ve got a Disaster Recovery Plan, I’m good! – Since DR only covers systems, BC is also required to cover functions. • Business continuity is only for large organizations. – Every organization has critical functions which must be protected. • We have multiple locations, so we don’t have to worry. – Multiple locations may help during recovery operations, but they cannot replace BC/DR • Regulations don’t require me to have BC/DR. – 21 CFR Part 11 Subpart B 11.10c requires you to protect your data, as does EU Annex 11.
19 Regulatory Requirements for DR / BC
20 REGULATORY REQUIREMENTS FOR DR/BC 21 CFR Part 11, Subpart B, Section 11.10c “Controls for Closed Systems” states: Persons who use closed systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records... Such procedures and controls shall include the following: ... (c) Protection of records to enable their accurate and ready retrieval throughout the records retention period. ... “CFR Code of Federal Regulations Title 21”, US Food and Drug Administration, http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?fr=11.10 (accessed 31-Dec-2014)
21 REGULATORY REQUIREMENTS FOR DR/BC The FDA, through issued guidance, has affirmed that 21 CFR Part 11 applies to DR. Section 5.2.5: System level software testing addresses functional concerns and the following elements of a device's software that are related to the intended use(s): ... Effectiveness of recovery procedures, including disaster recovery; ... “CFR Code of Federal Regulations Title 21”, US Food and Drug Administration, http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?fr=11.10 (accessed 31-Dec-2014)
22 REGULATORY REQUIREMENTS FOR DR/BC EU Volume 4, Annex 11, Computerised Systems, Section 16 states: For the availability of computerised systems supporting critical processes, provisions should be made to ensure continuity of support for those processes in the event of a system breakdown (e.g. a manual or alternative system). The time required to bring the alternative arrangements into use should be based on risk and appropriate for a particular system and the business process it supports. These arrangements should be adequately documented and tested. “Volume 4, Good Manufacturing Practice, Medical Products for Human and Veterinary Use, Annex 11, Computerised Systems”, European Commission, Health and Consumers Directorate-General, http://ec.europa.eu/health/files/eudralex/vol-4/annex11_01-2011_en.pdf (accessed 31-Dec-2014)
23 REGULATORY REQUIREMENTS FOR DR/BC So… Strictly speaking, the regs could be interpreted to mean that Disaster Recovery is a regulatory requirement for your Clinical & Safety systems, and BC is not a regulatory requirement. BUT… (Big But) A BC Program should ALWAYS be a business requirement
24 What a BC Program Is and Why You Need One
25 BC PROGRAM – WHAT AND WHY? What is a BC Program? • A BC Program is a comprehensive, ongoing process of developing, testing, and maintaining a Business Continuity Plan (BCP) and recovery procedures for your organization. • A BCP is a living document that must be continually refined in order to ensure it is kept accurate and up- to-date as your business matures and changes. • BC planning is not a one-and-done affair, it is a continuous process. • A BC Program must be sponsored and approved by senior management. It is a high visibility core business function, and should receive a high degree of attention. • A good BC Program integrates with ongoing GxP validation and Quality Assurance activities. • An outdated BCP and/or DRP can be more dangerous than none at all, as it will give obsolete information at a time of great need.
26 BC PROGRAM – WHAT AND WHY? You need a BC Program because… • Systems alone do not operate your business • Recovery takes much longer and is much more expensive without a BC program • Difficult to determine critical systems without knowing your critical functions • If you’re a service provider, consulting company, or CRO, you’re clients will need to know your business, and their data, can survive.
27 BC PROGRAM – WHAT AND WHY? • Planned and tested – reduces the likelihood and impact of the disaster • Orderly – Critical functions and systems have been identified, so effort can be made to recover them first, and then concentrate on non-critical functions/systems • Fast – People know what to do and where to find information Recovery With a BC Program
28 BC PROGRAM – WHAT AND WHY? • Unplanned and untested – will increase the impact that any disaster will have • Chaotic – What functions/systems should we bring up first? Using what resources? Using what procedures? • Slow – Since critical functions/systems haven’t been identified, this will need to be done during the disaster or people will be working on non-critical functions/systems Recovery Without a BC Program
29 BC PROGRAM – WHAT AND WHY? • We’ve discussed: – WHY you must have DR – WHY you should have a BC Program – WHAT a BC Program is • Now we’ll look at HOW to implement it
30 BC Program Stages and Deliverables
31 BC PROGRAM – STAGES & DELIVERABLES • Analysis – Business Impact Analysis • Development – Business Continuity Plan (BCP) – Disaster Recovery Plan (DRP) – BC and DR policies, procedures, and guidelines – Forms, templates, etc. to support BC and DR functions and testing • Implementation – Approve and release BCP, DRP, policies, procedures, guidelines, and forms • Testing – Approved and executed BC Test Plan and DR Test Plan, forms, test cases, etc. – Approved summary reports for BC and DR testing • Maintenance – Lessons learned from testing feed back into Analysis phase
32 BC PROGRAM - ANALYSIS • BC starts with a thorough Business Impact Analysis which identifies: – Critical business functions for your organization – Information systems which support critical business functions – Maximum allowable downtime for these functions – The objective ($) impact that offline functions will have on the organization – Assets and resources needed for the continued operation/recovery of these systems & functions • Must have approval AND buy-in from senior management • Must be exhaustive so that no critical functions are overlooked • Must identify the BC champion and other responsible parties
33 BC PROGRAM - DEVELOPMENT From the knowledge gained from the Business Impact Analysis: • Develop Policies, Procedures, and Guidelines – State that a BCP and DRP will be created, and what they will contain – Describe when and how they will be tested, testing constraints, and acceptance criteria – How testing will be summarized and reported – How the BCP and DRP will be reviewed, maintained, and updated • Write the BCP – Contains a risk assessment analyzing current threats – Details any measures taken for disaster preparedness – Lists critical business functions – Details the procedures to be taken during a disaster to recover critical functions – Lists personnel and other resources involved in BC activities – Flexible enough to handle unforeseen threats
34 BC PROGRAM - DEVELOPMENT From the knowledge gained from the Business Impact Analysis: • Write the DRP – Contains a risk assessment analyzing company systems to determine which should be considered critical – Lists critical information systems and services – Describes measures taken to reduce data loss, and determines the maximum data loss – Details the procedures to be taken during a disaster to recover critical information systems – Lists personnel and other resources involved in DR activities – Lists contact information for approved vendors providing DR materials/services • Create any forms, templates, documents to support BC and DR testing – Damage assessment forms – Incident report forms – Testing templates, etc.
35 BC PROGRAM - IMPLEMENTATION After the development and review of governing documents: • Approve and release the Policies, Procedures, and Guidelines – Approved by senior management and Quality Assurance – Release in accordance with your Quality Management System (QMS) – Allow time for training before effective dates – Retain training records for all personnel with BC/DR responsibilities – Release any required forms, templates, testing docs, etc. • Approve the BCP and DRP – Same as above (approval, release, and training) – Schedule testing in accordance with the approved policies, procedures, and guidelines
36 BC PROGRAM - TESTING After the implementation of the governing documents: • Schedule testing – In accordance with policies, procedures, and guidelines – Notify responsible personnel of testing schedule • Write the BC and DR Test Plans – Scope of testing (what critical functions and systems are to be recovered) – Responsibilities – Test methodology – Deliverables – Acceptance criteria
37 BC PROGRAM - TESTING After the implementation of the governing documents: • Execute testing – Documented supporting evidence (completed forms, executed test cases, screenshots, etc.) – Reviewed • Write the BC and DR Summary Reports – Summary of test results – Detail any deviations or issues encountered during testing – State whether the acceptance criteria has been met
38 BC PROGRAM – MAINTENANCE After the testing has been completed: • Lessons Learned – Schedule meeting with personnel who conducted testing and those who have BC/DR responsibilities – Capture lessons learned and action items • What worked? What didn’t? • Were gaps identified during testing? • What discrepancies were identified during testing? – Assign action items and deadlines for completion, monitor progress. • Completed action items feed back into the Analysis phase
39 BC PROGRAM - REVIEWS Periodic Reviews In accordance with the schedule specified in policies, procedures, and guidelines – restart the BC Program: • Review/revise the Business Impact Analysis (Analysis phase): – Have the critical functions/systems changed? What is the impact? – Have recovery timeframes increased or decreased? • Review/revise policies, procedures, and guidelines (Development & Implementation phases) – Have changes in the Business Impact Analysis affected BC/DR procedures? • Review/revise BCP & DRP (Development & Implementation phases) – Have recovery procedures changed? – Have critical functions/systems changed? What are the recovery procedures? – Have BC/DR personnel, vendors, contractors, etc. changed? Ad Hoc Reviews Same activities, but not scheduled. Predicated on audit findings, changes in threats, changes in personnel, etc.
40 CONCLUSIONS • Regulatory agencies require DR, but BC Program is necessary to fully protect your business • A wide array of threats exist in the world, and without analyzing and preparing for these threats, your business is unprepared to deal with them if they become a reality • Everyone in the organization must recognize the value in protecting the business, from senior management down • A BC Program results in the creation of a BC Plan and a DR Plan which must be reviewed, tested, and maintained in order to remain accurate, timely, and comprehensive • The phases of the BC Program constitute a lifecycle approach that is a best practice for the creation, implementation, testing, and maintenance of the BCP and DRP
41 QUESTIONS? Please submit your questions in the chat box.
42 www.facebook.com/perficient www.perficient.com www.twitter.com/perficient_LS For more information, please contact: Sean.Bernard@perficient.com LifeSciencesInfo@perficient.com (Sales) +1 877 654 0033 (U.S. Sales) +1 303 570 8464 (U.S. Sales) +44 (0) 1865 910200 (U.K. Sales) THANK YOU linkedin.com/company/perficient

Recommended

Qms 065 manufacturing-rework_procedure_sample
Qms 065 manufacturing-rework_procedure_sampleQms 065 manufacturing-rework_procedure_sample
Qms 065 manufacturing-rework_procedure_samplePhat Lu Anh
 
IT-Centric Disaster Recovery & Business Continuity
IT-Centric Disaster Recovery & Business ContinuityIT-Centric Disaster Recovery & Business Continuity
IT-Centric Disaster Recovery & Business ContinuitySteve Susina
 
How to write an IT DR plan
How to write an IT DR planHow to write an IT DR plan
How to write an IT DR planDatabarracks
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Planmhdpaknejad
 
GCP Overview by Compliance Insight, Inc.
GCP Overview by Compliance Insight, Inc.GCP Overview by Compliance Insight, Inc.
GCP Overview by Compliance Insight, Inc.Compliance Insight, Inc.
 
Quantitative signal detection for the mid sized pharma - webcast
Quantitative signal detection for the mid sized pharma - webcastQuantitative signal detection for the mid sized pharma - webcast
Quantitative signal detection for the mid sized pharma - webcastpharmasol
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Goutama Bachtiar
 
BCP Awareness
BCP Awareness BCP Awareness
BCP Awareness Imad Almurib
 

Recommended

Qms 065 manufacturing-rework_procedure_sample
Qms 065 manufacturing-rework_procedure_sampleQms 065 manufacturing-rework_procedure_sample
Qms 065 manufacturing-rework_procedure_samplePhat Lu Anh
 
IT-Centric Disaster Recovery & Business Continuity
IT-Centric Disaster Recovery & Business ContinuityIT-Centric Disaster Recovery & Business Continuity
IT-Centric Disaster Recovery & Business ContinuitySteve Susina
 
How to write an IT DR plan
How to write an IT DR planHow to write an IT DR plan
How to write an IT DR planDatabarracks
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Planmhdpaknejad
 
GCP Overview by Compliance Insight, Inc.
GCP Overview by Compliance Insight, Inc.GCP Overview by Compliance Insight, Inc.
GCP Overview by Compliance Insight, Inc.Compliance Insight, Inc.
 
Quantitative signal detection for the mid sized pharma - webcast
Quantitative signal detection for the mid sized pharma - webcastQuantitative signal detection for the mid sized pharma - webcast
Quantitative signal detection for the mid sized pharma - webcastpharmasol
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Goutama Bachtiar
 
BCP Awareness
BCP Awareness BCP Awareness
BCP Awareness Imad Almurib
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryoDanang suryo Wardhono
 
ASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and QualificationsASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and QualificationsGMP EDUCATION : Not for Profit Organization
 
Enabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit ManagementEnabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit ManagementUntil ROI
 
Preparing for ISO 45001 - The new WHS Systems Standard
Preparing for ISO 45001 - The new WHS Systems StandardPreparing for ISO 45001 - The new WHS Systems Standard
Preparing for ISO 45001 - The new WHS Systems StandardAustralian Institute of Health & Safety
 
PV Audit
PV AuditPV Audit
PV AuditSteve Jolley
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planninggcleary
 
Calculation of Risk Priority Numbar
Calculation of Risk Priority NumbarCalculation of Risk Priority Numbar
Calculation of Risk Priority NumbarGMP EDUCATION : Not for Profit Organization
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk ManagementRamiro Cid
 
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Greenlight Guru
 
Practical Signal Management
Practical Signal ManagementPractical Signal Management
Practical Signal ManagementPerficient
 
PMS and PMCF report
PMS and PMCF reportPMS and PMCF report
PMS and PMCF reportSakthisri87
 
Process Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical DevicesProcess Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical DevicesRina Nir
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
 
ISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive SystemsISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive SystemsSAMTRAC International
 
Pharmacovigilance
Pharmacovigilance Pharmacovigilance
Pharmacovigilance ISF COLLEGE OF PHARMACY MOGA
 
Quality Risk management Application of FMEA
Quality Risk management Application of FMEAQuality Risk management Application of FMEA
Quality Risk management Application of FMEAGMP EDUCATION : Not for Profit Organization
 
ISO-13485-2016.pptx
ISO-13485-2016.pptxISO-13485-2016.pptx
ISO-13485-2016.pptxPradeepa J
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesSlideTeam
 
E2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTSE2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTSAnurag Raghuvanshi
 
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...EMC
 
Hospital Management System
Hospital Management SystemHospital Management System
Hospital Management Systemidowume
 

More Related Content

What's hot

Enabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit ManagementEnabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit ManagementUntil ROI
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planninggcleary
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk ManagementRamiro Cid
 
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Greenlight Guru
 
Practical Signal Management
Practical Signal ManagementPractical Signal Management
Practical Signal ManagementPerficient
 
PMS and PMCF report
PMS and PMCF reportPMS and PMCF report
PMS and PMCF reportSakthisri87
 
Process Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical DevicesProcess Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical DevicesRina Nir
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
 
ISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive SystemsISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive SystemsSAMTRAC International
 
ISO-13485-2016.pptx
ISO-13485-2016.pptxISO-13485-2016.pptx
ISO-13485-2016.pptxPradeepa J
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesSlideTeam
 
E2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTSE2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTSAnurag Raghuvanshi
 

What's hot (20)

Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
 
ASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and QualificationsASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and Qualifications
 
Enabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit ManagementEnabling Risk Management: From Safety Signal to Risk/Benefit Management
Enabling Risk Management: From Safety Signal to Risk/Benefit Management
 
Preparing for ISO 45001 - The new WHS Systems Standard
Preparing for ISO 45001 - The new WHS Systems StandardPreparing for ISO 45001 - The new WHS Systems Standard
Preparing for ISO 45001 - The new WHS Systems Standard
 
PV Audit
PV AuditPV Audit
PV Audit
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
 
Calculation of Risk Priority Numbar
Calculation of Risk Priority NumbarCalculation of Risk Priority Numbar
Calculation of Risk Priority Numbar
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcp
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk Management
 
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
 
Practical Signal Management
Practical Signal ManagementPractical Signal Management
Practical Signal Management
 
PMS and PMCF report
PMS and PMCF reportPMS and PMCF report
PMS and PMCF report
 
Process Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical DevicesProcess Validation & Verification (V&V) for Medical Devices
Process Validation & Verification (V&V) for Medical Devices
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity Plan
 
ISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive SystemsISO 45001 and Organisations as Complex Adaptive Systems
ISO 45001 and Organisations as Complex Adaptive Systems
 
Pharmacovigilance
Pharmacovigilance Pharmacovigilance
Pharmacovigilance
 
Quality Risk management Application of FMEA
Quality Risk management Application of FMEAQuality Risk management Application of FMEA
Quality Risk management Application of FMEA
 
ISO-13485-2016.pptx
ISO-13485-2016.pptxISO-13485-2016.pptx
ISO-13485-2016.pptx
 
Effective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation SlidesEffective Business Continuity Plan Powerpoint Presentation Slides
Effective Business Continuity Plan Powerpoint Presentation Slides
 
E2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTSE2B(R2) vs E2B(R3) ICSR ELEMENTS
E2B(R2) vs E2B(R3) ICSR ELEMENTS
 

Similar to Disaster Recovery and Business Continuity for Your Clinical and Safety Systems

Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...EMC
 
Hospital Management System
Hospital Management SystemHospital Management System
Hospital Management Systemidowume
 
5 Ways to Boost Regulatory Compliance
5 Ways to Boost Regulatory Compliance5 Ways to Boost Regulatory Compliance
5 Ways to Boost Regulatory ComplianceFlatirons Solutions®
 
Clearprotocol investorpitchdeck
Clearprotocol investorpitchdeckClearprotocol investorpitchdeck
Clearprotocol investorpitchdeckSteveArmstrong46
 
Midwest Regional Health - EHR
Midwest Regional Health - EHRMidwest Regional Health - EHR
Midwest Regional Health - EHRWILLIE GREER
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planningguest340570
 
Executive Brief- 4 Critical Risks for Healthcare IT
Executive Brief- 4 Critical Risks for Healthcare IT Executive Brief- 4 Critical Risks for Healthcare IT
Executive Brief- 4 Critical Risks for Healthcare IT Sungard Availability Services
 
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...Target Health, Inc.
 
PROJECT softwares (28 May 14)
PROJECT softwares (28 May 14)PROJECT softwares (28 May 14)
PROJECT softwares (28 May 14)Preeti Sirohi
 
Clinical data collection and management
Clinical data collection and managementClinical data collection and management
Clinical data collection and managementMOHAMMAD ASIM
 
Optimizing patient care with Citrix XenApp & XenDestop
Optimizing patient care with Citrix XenApp & XenDestopOptimizing patient care with Citrix XenApp & XenDestop
Optimizing patient care with Citrix XenApp & XenDestopCitrix
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...hiij
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...hiij
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...hiij
 
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...Kishore Jethanandani, MBA, MA, MPhil,
 
Health Care EA Presentation
Health Care EA PresentationHealth Care EA Presentation
Health Care EA PresentationBill Wimsatt
 

Similar to Disaster Recovery and Business Continuity for Your Clinical and Safety Systems (20)

Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
Improve Patient Care and Reduce IT Costs with Vendor Neutral Archiving and Cl...
 
Hospital Management System
Hospital Management SystemHospital Management System
Hospital Management System
 
Evaluation of a CIS
Evaluation of a CISEvaluation of a CIS
Evaluation of a CIS
 
5 Ways to Boost Regulatory Compliance
5 Ways to Boost Regulatory Compliance5 Ways to Boost Regulatory Compliance
5 Ways to Boost Regulatory Compliance
 
Clearprotocol investorpitchdeck
Clearprotocol investorpitchdeckClearprotocol investorpitchdeck
Clearprotocol investorpitchdeck
 
MIS Pre.pptx
MIS Pre.pptxMIS Pre.pptx
MIS Pre.pptx
 
Midwest Regional Health - EHR
Midwest Regional Health - EHRMidwest Regional Health - EHR
Midwest Regional Health - EHR
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planning
 
Executive Brief- 4 Critical Risks for Healthcare IT
Executive Brief- 4 Critical Risks for Healthcare IT Executive Brief- 4 Critical Risks for Healthcare IT
Executive Brief- 4 Critical Risks for Healthcare IT
 
EHR White Paper
EHR White PaperEHR White Paper
EHR White Paper
 
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...
A Pharma/CRO Partnership in the Design and Execution of Paperless Clinical Tr...
 
PROJECT softwares (28 May 14)
PROJECT softwares (28 May 14)PROJECT softwares (28 May 14)
PROJECT softwares (28 May 14)
 
Trial io pcori doc v1
Trial io pcori doc v1Trial io pcori doc v1
Trial io pcori doc v1
 
Clinical data collection and management
Clinical data collection and managementClinical data collection and management
Clinical data collection and management
 
Optimizing patient care with Citrix XenApp & XenDestop
Optimizing patient care with Citrix XenApp & XenDestopOptimizing patient care with Citrix XenApp & XenDestop
Optimizing patient care with Citrix XenApp & XenDestop
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH -IN A LARGE HEALTHCARE ORGANI...
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
 
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
THE 4 R’S – REASON, REDCAP, REVIEW AND RESEARCH - IN A LARGE HEALTHCARE ORGAN...
 
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
 
Health Care EA Presentation
Health Care EA PresentationHealth Care EA Presentation
Health Care EA Presentation
 

More from Perficient, Inc.

Driving Strong 2020 Holiday Season Results
Driving Strong 2020 Holiday Season ResultsDriving Strong 2020 Holiday Season Results
Driving Strong 2020 Holiday Season ResultsPerficient, Inc.
 
Transforming Pharmacovigilance Workflows with AI & Automation
Transforming Pharmacovigilance Workflows with AI & Automation Transforming Pharmacovigilance Workflows with AI & Automation
Transforming Pharmacovigilance Workflows with AI & Automation Perficient, Inc.
 
The Secret to Acquiring and Retaining Customers in Financial Services
The Secret to Acquiring and Retaining Customers in Financial ServicesThe Secret to Acquiring and Retaining Customers in Financial Services
The Secret to Acquiring and Retaining Customers in Financial ServicesPerficient, Inc.
 
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.Perficient, Inc.
 
Content, Commerce, and... COVID
Content, Commerce, and... COVIDContent, Commerce, and... COVID
Content, Commerce, and... COVIDPerficient, Inc.
 
Centene's Financial Transformation Journey: A OneStream Success Story
Centene's Financial Transformation Journey: A OneStream Success StoryCentene's Financial Transformation Journey: A OneStream Success Story
Centene's Financial Transformation Journey: A OneStream Success StoryPerficient, Inc.
 
Automate Medical Coding With WHODrug Koda
Automate Medical Coding With WHODrug KodaAutomate Medical Coding With WHODrug Koda
Automate Medical Coding With WHODrug KodaPerficient, Inc.
 
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration ProjectPreparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration ProjectPerficient, Inc.
 
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19Perficient, Inc.
 
The Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
The Critical Role of Audience Intelligence with Eric Enge and Rand FishkinThe Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
The Critical Role of Audience Intelligence with Eric Enge and Rand FishkinPerficient, Inc.
 
Cardtronics Future Ready with Oracle EPM Cloud
Cardtronics Future Ready with Oracle EPM CloudCardtronics Future Ready with Oracle EPM Cloud
Cardtronics Future Ready with Oracle EPM CloudPerficient, Inc.
 
Teams Summit - What is New and Coming
Teams Summit - What is New and ComingTeams Summit - What is New and Coming
Teams Summit - What is New and ComingPerficient, Inc.
 
Empower Your Organization with Teams & Remote Work Crisis Management
Empower Your Organization with Teams & Remote Work Crisis ManagementEmpower Your Organization with Teams & Remote Work Crisis Management
Empower Your Organization with Teams & Remote Work Crisis ManagementPerficient, Inc.
 
Adoption & Change Management Overview
Adoption & Change Management OverviewAdoption & Change Management Overview
Adoption & Change Management OverviewPerficient, Inc.
 
Microsoft Teams: Measuring Activity of Employees Working from Home
Microsoft Teams: Measuring Activity of Employees Working from HomeMicrosoft Teams: Measuring Activity of Employees Working from Home
Microsoft Teams: Measuring Activity of Employees Working from HomePerficient, Inc.
 
Securing Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkSecuring Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkPerficient, Inc.
 
Infrastructure Best Practices for Teams Remote Workers
Infrastructure Best Practices for Teams Remote WorkersInfrastructure Best Practices for Teams Remote Workers
Infrastructure Best Practices for Teams Remote WorkersPerficient, Inc.
 
Accelerate Adoption for Microsoft Teams
Accelerate Adoption for Microsoft TeamsAccelerate Adoption for Microsoft Teams
Accelerate Adoption for Microsoft TeamsPerficient, Inc.
 
Preparing for Project Cortex and the Future of Knowledge Management
Preparing for Project Cortex and the Future of Knowledge ManagementPreparing for Project Cortex and the Future of Knowledge Management
Preparing for Project Cortex and the Future of Knowledge ManagementPerficient, Inc.
 
Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Perficient, Inc.
 

More from Perficient, Inc. (20)

Driving Strong 2020 Holiday Season Results
Driving Strong 2020 Holiday Season ResultsDriving Strong 2020 Holiday Season Results
Driving Strong 2020 Holiday Season Results
 
Transforming Pharmacovigilance Workflows with AI & Automation
Transforming Pharmacovigilance Workflows with AI & Automation Transforming Pharmacovigilance Workflows with AI & Automation
Transforming Pharmacovigilance Workflows with AI & Automation
 
The Secret to Acquiring and Retaining Customers in Financial Services
The Secret to Acquiring and Retaining Customers in Financial ServicesThe Secret to Acquiring and Retaining Customers in Financial Services
The Secret to Acquiring and Retaining Customers in Financial Services
 
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
 
Content, Commerce, and... COVID
Content, Commerce, and... COVIDContent, Commerce, and... COVID
Content, Commerce, and... COVID
 
Centene's Financial Transformation Journey: A OneStream Success Story
Centene's Financial Transformation Journey: A OneStream Success StoryCentene's Financial Transformation Journey: A OneStream Success Story
Centene's Financial Transformation Journey: A OneStream Success Story
 
Automate Medical Coding With WHODrug Koda
Automate Medical Coding With WHODrug KodaAutomate Medical Coding With WHODrug Koda
Automate Medical Coding With WHODrug Koda
 
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration ProjectPreparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
 
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
 
The Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
The Critical Role of Audience Intelligence with Eric Enge and Rand FishkinThe Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
The Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
 
Cardtronics Future Ready with Oracle EPM Cloud
Cardtronics Future Ready with Oracle EPM CloudCardtronics Future Ready with Oracle EPM Cloud
Cardtronics Future Ready with Oracle EPM Cloud
 
Teams Summit - What is New and Coming
Teams Summit - What is New and ComingTeams Summit - What is New and Coming
Teams Summit - What is New and Coming
 
Empower Your Organization with Teams & Remote Work Crisis Management
Empower Your Organization with Teams & Remote Work Crisis ManagementEmpower Your Organization with Teams & Remote Work Crisis Management
Empower Your Organization with Teams & Remote Work Crisis Management
 
Adoption & Change Management Overview
Adoption & Change Management OverviewAdoption & Change Management Overview
Adoption & Change Management Overview
 
Microsoft Teams: Measuring Activity of Employees Working from Home
Microsoft Teams: Measuring Activity of Employees Working from HomeMicrosoft Teams: Measuring Activity of Employees Working from Home
Microsoft Teams: Measuring Activity of Employees Working from Home
 
Securing Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkSecuring Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote Work
 
Infrastructure Best Practices for Teams Remote Workers
Infrastructure Best Practices for Teams Remote WorkersInfrastructure Best Practices for Teams Remote Workers
Infrastructure Best Practices for Teams Remote Workers
 
Accelerate Adoption for Microsoft Teams
Accelerate Adoption for Microsoft TeamsAccelerate Adoption for Microsoft Teams
Accelerate Adoption for Microsoft Teams
 
Preparing for Project Cortex and the Future of Knowledge Management
Preparing for Project Cortex and the Future of Knowledge ManagementPreparing for Project Cortex and the Future of Knowledge Management
Preparing for Project Cortex and the Future of Knowledge Management
 
Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

Disaster Recovery and Business Continuity for Your Clinical and Safety Systems

  • 1. Disaster Recovery and Business Continuity for Your Clinical and Safety Systems Sean Bernard, Lead Business Consultant, Life Sciences, Perficient
  • 2. 2 ABOUT PERFICIENT Perficient is a leading information technology consulting firm serving clients throughout North America. We help clients implement business-driven technology solutions that integrate business processes, improve worker productivity, increase customer loyalty and create a more agile enterprise to better respond to new business opportunities.
  • 3. 3 PERFICIENT PROFILE Founded in 1997 Public, NASDAQ: PRFT 2014 projected revenue ~$454 million Major market locations: Allentown, Atlanta, Ann Arbor, Boston, Charlotte, Chicago, Cincinnati, Columbus, Dallas, Denver, Detroit, Fairfax, Houston, Indianapolis, Lafayette, Milwaukee, Minneapolis, New York City, Northern California, Oxford (UK), Southern California, St. Louis, Toronto Global delivery centers in China and India >2,600 colleagues Dedicated solution practices ~90% repeat business rate Alliance partnerships with major technology vendors Multiple vendor/industry technology and growth awards
  • 4. 4 Business Process Management Customer Relationship Management Enterprise Performance Management Enterprise Information Solutions Enterprise Resource Planning Experience Design Portal / Collaboration Content Management Information Management Mobile BUSINESSSOLUTIONS 50+PARTNERS Safety / PV Clinical Data Management Electronic Data Capture Medical Coding Clinical Data Warehousing Clinical Data Analytics Clinical Trial Management Healthcare Data Warehousing Healthcare Analytics CLINICAL/HEALTHCAREIT Consulting Implementation Integration Migration Upgrade Managed Services Private Cloud Hosting Validation Study Setup Project Management Application Development Software Licensing Application Support Staff Augmentation Training SERVICES OUR SOLUTIONS PORTFOLIO
  • 5. 5 WELCOME AND INTRODUCTION Sean Bernard, Lead Business Consultant, Computer Systems Validation Life Sciences, Perficient (603) 340-7857 Sean.Bernard@perficient.com
  • 6. 6 AGENDA • The Danger is Real • Business Continuity and Disaster Recovery Overview • Regulatory Requirements for BC and DR • What a BC Program Is and Why You Need One • BC Program Stages and Deliverables • Conclusions • Questions
  • 7. 7 THE DANGER IS REAL The (Business) World is a Scary Place
  • 8. 8 THE DANGER IS REAL Weather and Climate Disasters 1980 - 2014 From 1980–2014, there were: • 22 drought events • 20 flooding events • 7 freeze events • 70 severe storm events • 34 tropical cyclones • 12 wildfire events • 13 winter storm events EACH with losses exceeding $1 billion (CPI-Adjusted) “Billion Dollar Weather and Climate Disasters”, National Oceanic and Atmospheric Administration, http://www.ncdc.noaa.gov/billions/mapping (accessed 23-Jan-2015)
  • 9. 9 THE DANGER IS REAL Natural Disaster Losses in the US, 1980 - 2014 “Catastrophes: US”, Insurance Information Institute, http://www.iii.org/fact-statistic/catastrophes-us (accessed 23-Jan-2015)
  • 10. 10 THE DANGER IS REAL “Cyberattacks account for up to $1 trillion in global losses”, Dana Kerr, CNET, http://www.cnet.com/news/cyberattacks-account-for-up-to-1-trillion-in-global-losses/ (accessed 10-Feb- 2014)
  • 11. 11 THE DANGER IS REAL • The most common generalized threats are: – Computer systems outages – Criminal activity/hostilities – Fire – Natural disasters – Epidemic/pandemic
  • 12. 12 THE DANGER IS REAL So BC and DR are taken seriously…right?
  • 13. 13 THE DANGER IS REAL “2013 AT&T Business Continuity Study Results - U.S. Trend Data, http://www.business.att.com/content/article/2013-ATT- BCStudy-Comparison-Results.pdf (accessed 27-Jan-2015) Business Continuity Trends
  • 14. 14 Business Continuity and Disaster Recovery Overview
  • 15. 15 BC & DR OVERVIEW Business Continuity • Can be defined as: A proactive process which identifies the key functions of an organization and the likely threats to those functions; from this information plans and procedures which ensure key functions can continue whatever the circumstances can be developed.1 Disaster Recovery • Can be defined as: The process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.2 1. The Definitive Handbook of Business Continuity Management, ed. Andrew Hines and Peter Barnes (West Sussex: John Wiley & Sons, Ltd., 2006), 379 2. “Information on Business Continuity and Disaster Recovery,” www.disasterrecovery.org (accessed 30- Dec-2014)
  • 16. 16 BC & DR OVERVIEW What’s the difference between BC and DR? • Business continuity is about the survival of critical business functions. • Disaster recovery is about the survival of critical IT systems. • Since most critical business functions rely on systems, DR is frequently seen as a subset of BC, which is how we’ll look at it in this presentation. • BC is higher-level, and less technical. DR is lower-level, and more technical.
  • 17. 17 BC & DR OVERVIEW Example: XYZ PharmaCo, Inc. is a small pharmaceutical company located in Buffalo, NY. They have defined Clinical Data Acquisition as one of their critical business functions. XYZ has a data center in Buffalo equipped with IT systems which include Oracle Clinical and Oracle Remote Data Capture systems. Site users from the Northern NY area log into the systems to enter clinical study data for ongoing trials. So for XYZ, an interruption in the operation of these IT systems would result in an interruption of the Clinical Data Acquisition function. So, since both the systems and the function are interrupted the outage would encompass both DR and BC. However, the Clinical Data Acquisition could also be interrupted by a strong winter storm. Site personnel and patients would be unable to report to the site, and data acquisition would not be possible. The IT systems are intact and working perfectly, but the function is still interrupted. This interruption would require only BC.
  • 18. 18 BC & DR OVERVIEW Common misconceptions about BC and DR: • I’ve got a Disaster Recovery Plan, I’m good! – Since DR only covers systems, BC is also required to cover functions. • Business continuity is only for large organizations. – Every organization has critical functions which must be protected. • We have multiple locations, so we don’t have to worry. – Multiple locations may help during recovery operations, but they cannot replace BC/DR • Regulations don’t require me to have BC/DR. – 21 CFR Part 11 Subpart B 11.10c requires you to protect your data, as does EU Annex 11.
  • 20. 20 REGULATORY REQUIREMENTS FOR DR/BC 21 CFR Part 11, Subpart B, Section 11.10c “Controls for Closed Systems” states: Persons who use closed systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records... Such procedures and controls shall include the following: ... (c) Protection of records to enable their accurate and ready retrieval throughout the records retention period. ... “CFR Code of Federal Regulations Title 21”, US Food and Drug Administration, http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?fr=11.10 (accessed 31-Dec-2014)
  • 21. 21 REGULATORY REQUIREMENTS FOR DR/BC The FDA, through issued guidance, has affirmed that 21 CFR Part 11 applies to DR. Section 5.2.5: System level software testing addresses functional concerns and the following elements of a device's software that are related to the intended use(s): ... Effectiveness of recovery procedures, including disaster recovery; ... “CFR Code of Federal Regulations Title 21”, US Food and Drug Administration, http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?fr=11.10 (accessed 31-Dec-2014)
  • 22. 22 REGULATORY REQUIREMENTS FOR DR/BC EU Volume 4, Annex 11, Computerised Systems, Section 16 states: For the availability of computerised systems supporting critical processes, provisions should be made to ensure continuity of support for those processes in the event of a system breakdown (e.g. a manual or alternative system). The time required to bring the alternative arrangements into use should be based on risk and appropriate for a particular system and the business process it supports. These arrangements should be adequately documented and tested. “Volume 4, Good Manufacturing Practice, Medical Products for Human and Veterinary Use, Annex 11, Computerised Systems”, European Commission, Health and Consumers Directorate-General, http://ec.europa.eu/health/files/eudralex/vol-4/annex11_01-2011_en.pdf (accessed 31-Dec-2014)
  • 23. 23 REGULATORY REQUIREMENTS FOR DR/BC So… Strictly speaking, the regs could be interpreted to mean that Disaster Recovery is a regulatory requirement for your Clinical & Safety systems, and BC is not a regulatory requirement. BUT… (Big But) A BC Program should ALWAYS be a business requirement
  • 24. 24 What a BC Program Is and Why You Need One
  • 25. 25 BC PROGRAM – WHAT AND WHY? What is a BC Program? • A BC Program is a comprehensive, ongoing process of developing, testing, and maintaining a Business Continuity Plan (BCP) and recovery procedures for your organization. • A BCP is a living document that must be continually refined in order to ensure it is kept accurate and up- to-date as your business matures and changes. • BC planning is not a one-and-done affair, it is a continuous process. • A BC Program must be sponsored and approved by senior management. It is a high visibility core business function, and should receive a high degree of attention. • A good BC Program integrates with ongoing GxP validation and Quality Assurance activities. • An outdated BCP and/or DRP can be more dangerous than none at all, as it will give obsolete information at a time of great need.
  • 26. 26 BC PROGRAM – WHAT AND WHY? You need a BC Program because… • Systems alone do not operate your business • Recovery takes much longer and is much more expensive without a BC program • Difficult to determine critical systems without knowing your critical functions • If you’re a service provider, consulting company, or CRO, you’re clients will need to know your business, and their data, can survive.
  • 27. 27 BC PROGRAM – WHAT AND WHY? • Planned and tested – reduces the likelihood and impact of the disaster • Orderly – Critical functions and systems have been identified, so effort can be made to recover them first, and then concentrate on non-critical functions/systems • Fast – People know what to do and where to find information Recovery With a BC Program
  • 28. 28 BC PROGRAM – WHAT AND WHY? • Unplanned and untested – will increase the impact that any disaster will have • Chaotic – What functions/systems should we bring up first? Using what resources? Using what procedures? • Slow – Since critical functions/systems haven’t been identified, this will need to be done during the disaster or people will be working on non-critical functions/systems Recovery Without a BC Program
  • 29. 29 BC PROGRAM – WHAT AND WHY? • We’ve discussed: – WHY you must have DR – WHY you should have a BC Program – WHAT a BC Program is • Now we’ll look at HOW to implement it
  • 30. 30 BC Program Stages and Deliverables
  • 31. 31 BC PROGRAM – STAGES & DELIVERABLES • Analysis – Business Impact Analysis • Development – Business Continuity Plan (BCP) – Disaster Recovery Plan (DRP) – BC and DR policies, procedures, and guidelines – Forms, templates, etc. to support BC and DR functions and testing • Implementation – Approve and release BCP, DRP, policies, procedures, guidelines, and forms • Testing – Approved and executed BC Test Plan and DR Test Plan, forms, test cases, etc. – Approved summary reports for BC and DR testing • Maintenance – Lessons learned from testing feed back into Analysis phase
  • 32. 32 BC PROGRAM - ANALYSIS • BC starts with a thorough Business Impact Analysis which identifies: – Critical business functions for your organization – Information systems which support critical business functions – Maximum allowable downtime for these functions – The objective ($) impact that offline functions will have on the organization – Assets and resources needed for the continued operation/recovery of these systems & functions • Must have approval AND buy-in from senior management • Must be exhaustive so that no critical functions are overlooked • Must identify the BC champion and other responsible parties
  • 33. 33 BC PROGRAM - DEVELOPMENT From the knowledge gained from the Business Impact Analysis: • Develop Policies, Procedures, and Guidelines – State that a BCP and DRP will be created, and what they will contain – Describe when and how they will be tested, testing constraints, and acceptance criteria – How testing will be summarized and reported – How the BCP and DRP will be reviewed, maintained, and updated • Write the BCP – Contains a risk assessment analyzing current threats – Details any measures taken for disaster preparedness – Lists critical business functions – Details the procedures to be taken during a disaster to recover critical functions – Lists personnel and other resources involved in BC activities – Flexible enough to handle unforeseen threats
  • 34. 34 BC PROGRAM - DEVELOPMENT From the knowledge gained from the Business Impact Analysis: • Write the DRP – Contains a risk assessment analyzing company systems to determine which should be considered critical – Lists critical information systems and services – Describes measures taken to reduce data loss, and determines the maximum data loss – Details the procedures to be taken during a disaster to recover critical information systems – Lists personnel and other resources involved in DR activities – Lists contact information for approved vendors providing DR materials/services • Create any forms, templates, documents to support BC and DR testing – Damage assessment forms – Incident report forms – Testing templates, etc.
  • 35. 35 BC PROGRAM - IMPLEMENTATION After the development and review of governing documents: • Approve and release the Policies, Procedures, and Guidelines – Approved by senior management and Quality Assurance – Release in accordance with your Quality Management System (QMS) – Allow time for training before effective dates – Retain training records for all personnel with BC/DR responsibilities – Release any required forms, templates, testing docs, etc. • Approve the BCP and DRP – Same as above (approval, release, and training) – Schedule testing in accordance with the approved policies, procedures, and guidelines
  • 36. 36 BC PROGRAM - TESTING After the implementation of the governing documents: • Schedule testing – In accordance with policies, procedures, and guidelines – Notify responsible personnel of testing schedule • Write the BC and DR Test Plans – Scope of testing (what critical functions and systems are to be recovered) – Responsibilities – Test methodology – Deliverables – Acceptance criteria
  • 37. 37 BC PROGRAM - TESTING After the implementation of the governing documents: • Execute testing – Documented supporting evidence (completed forms, executed test cases, screenshots, etc.) – Reviewed • Write the BC and DR Summary Reports – Summary of test results – Detail any deviations or issues encountered during testing – State whether the acceptance criteria has been met
  • 38. 38 BC PROGRAM – MAINTENANCE After the testing has been completed: • Lessons Learned – Schedule meeting with personnel who conducted testing and those who have BC/DR responsibilities – Capture lessons learned and action items • What worked? What didn’t? • Were gaps identified during testing? • What discrepancies were identified during testing? – Assign action items and deadlines for completion, monitor progress. • Completed action items feed back into the Analysis phase
  • 39. 39 BC PROGRAM - REVIEWS Periodic Reviews In accordance with the schedule specified in policies, procedures, and guidelines – restart the BC Program: • Review/revise the Business Impact Analysis (Analysis phase): – Have the critical functions/systems changed? What is the impact? – Have recovery timeframes increased or decreased? • Review/revise policies, procedures, and guidelines (Development & Implementation phases) – Have changes in the Business Impact Analysis affected BC/DR procedures? • Review/revise BCP & DRP (Development & Implementation phases) – Have recovery procedures changed? – Have critical functions/systems changed? What are the recovery procedures? – Have BC/DR personnel, vendors, contractors, etc. changed? Ad Hoc Reviews Same activities, but not scheduled. Predicated on audit findings, changes in threats, changes in personnel, etc.
  • 40. 40 CONCLUSIONS • Regulatory agencies require DR, but BC Program is necessary to fully protect your business • A wide array of threats exist in the world, and without analyzing and preparing for these threats, your business is unprepared to deal with them if they become a reality • Everyone in the organization must recognize the value in protecting the business, from senior management down • A BC Program results in the creation of a BC Plan and a DR Plan which must be reviewed, tested, and maintained in order to remain accurate, timely, and comprehensive • The phases of the BC Program constitute a lifecycle approach that is a best practice for the creation, implementation, testing, and maintenance of the BCP and DRP
  • 41. 41 QUESTIONS? Please submit your questions in the chat box.
  • 42. 42 www.facebook.com/perficient www.perficient.com www.twitter.com/perficient_LS For more information, please contact: Sean.Bernard@perficient.com LifeSciencesInfo@perficient.com (Sales) +1 877 654 0033 (U.S. Sales) +1 303 570 8464 (U.S. Sales) +44 (0) 1865 910200 (U.K. Sales) THANK YOU linkedin.com/company/perficient