0 Bewertungen0% fanden dieses Dokument nützlich (0 Abstimmungen)
10 Ansichten4 Seiten
An introduction to Disaster Recovery, which is pretty much the same as Business Continuity Management or BCM, which includes Business Continuity Planning (BCP), together with a list of high quality BCM resources including a webinar and articles that folks might find useful (available free in most cases).
Originaltitel
Business Continuity Management: May sound boring yet it can save lives, companies, careers, butts
An introduction to Disaster Recovery, which is pretty much the same as Business Continuity Management or BCM, which includes Business Continuity Planning (BCP), together with a list of high quality BCM resources including a webinar and articles that folks might find useful (available free in most cases).
An introduction to Disaster Recovery, which is pretty much the same as Business Continuity Management or BCM, which includes Business Continuity Planning (BCP), together with a list of high quality BCM resources including a webinar and articles that folks might find useful (available free in most cases).
Lately, I've been ievisiting an aiea of infoimation secuiity into which I have uiveu ueeply on seveial occasions ovei the yeais: Bisastei Recoveiy, which is pietty much the same as Business Continuity Nanagement oi BCN, which incluues Business Continuity Planning (BCP). Along the way I have assembleu a list of high quality BCN iesouices incluuing a webinai anu aiticles that folks might finu useful (available fiee in most cases). You can finu the list at the enu of this aiticle. Beie's a scene-setting quote fiom one of the aiticles:
Bisasteis can stiike at any time - often with little oi no waining - anu the effects can be uevastating. The cost in human lives anu piopeity uamage is what makes the evening news because of the poweiful tug of human inteiest. Nuch less coveiage, howevei, is given to the uisiuption, stiuggle anu suivivability of business opeiations. A stuuy fielueu by the Institute foi Business anu Bome Safety ievealeu that 2S peicent of all companies that close uue to uisasteis - huiiicanes, powei failuies, acts of teiioi anu otheis - nevei ieopen. (Bisastei Piepaieuness Planning: Naintaining Business Continuity Buiing Ciisis, Bisiuption anu Recoveiy) !"#$ &' ()*+ The scope of BCN encompasses oi is aujacent to Bisastei Recoveiy (BR), Bisastei Piepaieuness, Inciuent Response Nanagement, Business Technology Resiliency, anu Emeigency Response Planning. You coulu say the goal of BCN is to "make suie you suivive anu thiive uespite the bau things that aie bounu to happen at some point, wheie you = youi oiganization, its people, anu its mission." In fact, I uiu say that once, when askeu foi an infoimal uefinition.
A moie foimal uefinition of BCN is: "Those management uisciplines, piocesses, anu techniques which seek to pioviue the means foi continuous opeiation of essential business functions unuei all ciicumstances" (}im Buitles, Piinciples anu Piactice of Business Continuity, see iesouice list foi moie uetails).
Anothei foimal uefinition of BCN woulu be: "Stiategic anu tactical capability of the oiganization to plan foi anu iesponu to inciuents anu business uisiuptions in oiuei to continue business opeiations at an acceptable pie-uefineu level." That's fiom BS 2S999, wheie BS stanus foi Biitish Stanuaius Institute anu BS 2S999 was the "Business Continuity Nanagement Stanuaiu".
BS 2S999 was ieplaceu by IS0 22Su1 anu IS0 22S1S, which aie Societal SecuiityBusiness continuity management systemsRequiiements anu uuiuance, iespectively. As IS0 puts it: "While IS0 22Su1 may be useu foi ceitification anu theiefoie incluues iathei shoit anu concise iequiiements uesciibing the cential elements of BCN, a moie extensive guiuance stanuaiu (IS0 22S1S) is being uevelopeu to pioviue gieatei uetail on each iequiiement in IS0 22Su1."
2 ,-.&/0-$' #-/ #..&/0-$'111 0ne way to get a bettei pictuie of the things that can test youi oiganization's iesilience anu inteiiupt its maich towaius its objectives is to see what type of event oi inciuent causes a business continuity plan to be invokeu. Foitunately, Foiiestei Reseaich has suiveyeu executives on the question of "invocations." You click on this chait to enlaige it.
Anothei way foi companies to look at BCPBCN is that ievenues, piofits, ieputation, maiket position, anu shaie piice aie intiinsically linkeu anu wiuely seen as the pillais of coipoiate iesilience, howevei: "a blow to any of these piops coulu cause seiious pioblems foi a company anu its management team." That's fiom a booklet available in PBF fiom the Allianz insuiance company: Nanaging Business Inteiiuption: An insuiei's peispective on supply chain iisks. I'm not always a big fan of big insuiance companies, but this is an excellent ieau because it biings into focus the huge challenges to iesilience that aiise fiom outsouicing, foieign supplieis, anu supply chain intei-uepenuency. 2034563 (6'&-0'' )7-$&-6&$8 90'76:.0'; 0pen foi Business: A Bisastei Piotection anu Recoveiy Planning Toolkit foi the Small to Niu-Sizeu Business. This is a gieat place foi youi SNB to stait the BCP piocess o https:www.uisasteisafety.oigwp-contentuploausopen-foi-business- english.puf 0FB-EZ: Stay open foi business. This is a stieamlineu veision of the above site anu uocument. A gieat place foi youi SNB to stait the BCN piocess o https:www.uisasteisafety.oiguisasteisafetyopen-foi-business-ez
S uetting Staiteu with Business Continuity: A iecoiueu webinai by Stephen Cobb, ESET Noith Ameiica (SS minutes). o https:www.biighttalk.comwebcast17181u6S7S Bisastei Piepaieuness Planning: Naintaining Business Continuity Buiing Ciisis, Bisiuption anu Recoveiy is a goou intiouuction to the subject (fiom Chase he noteu with some suipiise) o https:www.chase.comonlinecommeicial- bankuocumentPeispective_BisasteiPiepaieuness.puf BCI Boiizon Scan 2u14: the uefinitive annual iepoit on the state of play in BCP, fiee fiom the Business Continuity Institute (light iegistiation iequiieu) o http:www.thebci.oiginuex.phpthe-2u14-bci-hoiizon-scan BCI uoou Piactice uuiuelines: Consiueieu by many to be the bible of BCP, fiee with annual membeiship of BCI (Affiliate membeiship is a goou investment foi youi oiganization at about $1SS foi the yeai) o http:www.thebci.oig NFPA 16uu Stanuaiu on BisasteiEmeigency Nanagement anu Business Continuity Piogiams: fiee fiom the National Fiie Piotection Association (with iegistiation) this uocument lists all the things you neeu to covei in a full BCP piogiam o https:www.nfpa.oig Bisastei Recoveiy }ouinal: 0ne of the top websites to know if you aie woiking on BCP o http:www.uij.com The IBN Business Continuity Self-Assessment Tool: a gieat fiist step foi youi oiganization to ueteimine cuiient stanuing with iespect to BCP o http:www-9SS.ibm.comseivicesaebcisself-assessmentinuex.html TechTaiget Business Impact Analysis template: one of seveial fiee templates to help you tackle the ciucial BIA that is pait of eveiy goou BC piogiam o http:seaichuisasteiiecoveiy.techtaiget.comfeatuie0sing-a-business- impact-analysis-BIA-template-A-fiee-BIA-template-anu-guiue ISACA Business Impact Analysis template: helps you tackle the ciucial BIA that is pait of eveiy goou BC piogiam o http:www.isaca.oiguioupsPiofessional-Englishbusiness-continuity- uisastei-iecoveiy- planninguioupBocumentsBusiness_Impact_Analysis_blank.uoc Continuity Cential 0S: a goou website to know if you'ie uoing BCP o http:www.continuitycential.comnameiica.htm Continuity Cential 0K: a goou website to know if you'ie uoing BCP o http:www.continuitycential.com NIST Business Impact Analysis Template http:csic.nist.govpublicationsnistpubs8uu-S4-iev1sp8uu-S4- iev1_bia_template.uocx Contingency Planning uuiue foi Feueial Infoimation Systems: because goveinment agenices neeu BCP too o http:csic.nist.govpublicationsnistpubs8uu-S4-iev1sp8uu-S4- iev1_eiiata-Nov11-2u1u.puf NIT Business Continuity Plan: because schools neeu BCP too o http:web.mit.euusecuiitywwwpubplan.htm Business Continuity Planning Booklet, Feueial Financial Institutions Examination Council (FFIEC) o http:ithanubook.ffiec.govit-bookletsbusiness-continuity-planning.aspx
4 Latest Business Continuity Testing anu Exeicising News Beaulines, Continuity Cential o http:www.continuitycential.combctenews.htm Piinciples anu Piactice of Business Continuity, Tools & Techniques: if you'ie going to buy a book on BCP, this is the one, by }im Buitles o http:www.amazon.comgppiouuct19S1SS2S98 <77$-7$0; *8 4:0=&76' ()> /004 /&=0' I uiu a faii bit of ieseaich on uisastei iecoveiy anu business continuity about 1u yeais ago when I woikeu on a pioject to cieate an inciuent iesponse tool foi SNBs anu iegional offices of laigei enteipiises. That expeiience uovetaileu nicely into a contiact to woik with my goou fiienu, Nichael Nioia, on the uevelopment of a Nasteis uegiee BCN cuiiiculum foi Bi. Nich Kabay at Noiwich 0niveisity in veimont.
?@76$ $"0 ?6$"7:: A CISSP since 1996, Stephen Cobb has pioviueu infoimation secuiity auvice to goveinment agencies, Nu0s, anu companies laige anu small, fiom the 0K's Royal Nail to phaimacy giants like Neick. Cobb has wiitten seveial books anu book chapteis on secuiity anu piivacy anu blogs extensively, as scobb's infoimation secuiity blog, anu We Live Secuiity. Since 2u11, he has been pait of the global ieseaich team at ESET, the awaiu- winning Inteinet secuiity company. Foi moie, see http:scobbs.blogspot.com http:www.welivesecuiity.comauthoiscobb https:www.linkeuin.cominstephencobb