Beruflich Dokumente
Kultur Dokumente
for
<Name of Organization>
TABLE OF CONTENTS
1 BCP POLICY STATEMENT
1.1 Preliminary BCP Project Budget 1.2 Communication on BCP to All Employees 1.3 Assessing Business Risk and Impact of Potential Emergencies 1.3.1 Emergency Incident Assessment 1.3.2 Environmental Disasters 1.3.3 Organized and / or Deliberate Disruption 1.3.4 Loss of Utilities and Services 1.3.5 Equipment or System Failure 1.3.6 Serious Information Security Incidents 1.3.7 Other Emergency Situations 4 4 5 6 6 6 8 9 10 10 11 12 12 12 13 13 14 14 15 16 16 16 17 17 18 18 18 18 19 19 19 20 20 21 21 21
2 PROJECT ORGANIZATION
2.1 2.2 2.3 2.4 2.5 2.6 2.7 Appoint BCP Project Manager and Deputy Select and Notify BCP Project Team Initial BCP Project Meeting Project Objectives and Deliverables Required Documents and Information IT and Communications Back-up Power Arrangements
A successful BCP Project depends on receiving a high level of support from the Executive Management. The Executive Management has approved the following BCP Policy Statement. The organization should develop a comprehensive BCP. A formal risk assessment should be undertaken in order to determine the requirements for the BCP. The BCP should cover all essential and critical business activities. The BCP should be periodically tested in a simulated environment (where possible) to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed. All staff must be made aware of the BCP and their own respective roles. The BCP is to be kept up-to-date to take into account changing circumstances. ADDITIONAL COMMENTS: 1.1 Preliminary BCP Project Budget Projected costs for preparing the BCP could include issues as shown below. DESCRIPTION OF ITEM 1. Manpower cost of the BCP Project Management. 2. Cross-charging (if applicable) of cost of persons seconded to the BCP Team. 3. BCP Planning Tools, Templates and Reference Materials. 4. Additional equipment e.g. PCs, printers, laptops, mobiles, software etc. for the BCP Planning Team. ADDITIONAL COMMENTS: COST
1.2 Communication on BCP to All Employees It is necessary that all employees are kept regularly up to date on issues concerning the BCP Project. The following statement concerning the BCP Project was issued to all employees on <DATE> to advise them about the initiation of the project. "The Executive Management has approved a top priority project to formalise the organization's Business Continuity Planning process. It recognizes that there are significant risks to its essential business processes through potential and unexpected disruptive events. The increasing development in technologically based processes and the related high level of dependence upon such processes in order to conduct our business makes it prudent to initiate a Business Continuity Planning project with immediate effect. This project will be placed under the overall control of the BCP Project Manager and all management and staff are expected to fully support this process. A BCP Planning Team will be formed to develop the BCP document. The BCP Project Manager will be and the Deputy BCP Project Manager will be Managing Directors and Departments Heads should nominate a responsible official to coordinate the Business Continuity Planning process in respect of that Division's or Department's activities."
1.3 Assessing Business Risk and Impact of Potential Emergencies A key part of the BCP Process is the assessment of the potential risks to the business that could be caused through disasters or emergency situations. It is necessary to consider all the possible incidents and the impact each may have on the organization's ability to continue to deliver its normal business services. This section of the BCP will examine the possibility of serious situations disrupting the business operations and the potential impact of such events. The following table shall be used for the numerical rating: Table 1.3
SCORE 1 2 3 4 5 PROBABILITY RATING LEVEL VERY HIGH HIGH MEDIUM LOW VERY LOW SCORE 1 2 3 4 5 IMPACT RATING LEVEL TERMINAL DEVASTATING CRITICAL CONTROLLABLE IRRITATING
1.3.1 Emergency Incident Assessment There are many potential disruptive threats that can occur at any time and affect the normal business process. The BCP Team have considered a wide range of potential threats and the results of their deliberations are included in this section. 1.3.2 Environmental Disasters The BCP Project Team has examined each potential environmental disaster or emergency situation. The focus here is on the level of business disruption that could arise from each type of disaster. Potential environmental disasters have been assessed as follows: Table 1.3.2
POTENTIAL DISASTER Tornado Tornadoes are tight columns of circling air creating a funnel shape. The wind forces within the tornado can reach over miles per hour. Tornadoes can often travel in excess of. miles per hour. They can cause significant structural damage and can also cause severe injuries and death. Hurricane Hurricanes are storms with heavy circular winds exceeding 60 miles per hour. The eye or centre of the hurricane is usually calm. The hurricane contains both extremely strong winds and torrential rain. Hurricanes can cause flooding, massive structural damage to homes and business premises with associated power failures, and even injury and death. Flood Floods result from thunderstorms, tropical storms, snow thaws or heavy and prolonged rainfall causing rivers to overflow their banks and flood the surrounding areas. Floods can seriously affect buildings and equipment causing power failures and loss of facilities and can even result in injury or death. Snowstorm Snowstorm conditions can include blizzards, strong winds, freezing temperatures with significant amounts of snow. Snow and ice can impact power and communications and employees may be unable to travel to work due to the impact on public transport or road conditions. It is possible for buildings to collapse under the weight of snow and injuries or even death could occur through freezing temperatures and icy conditions.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
POTENTIAL DISASTER Earthquake Earthquakes are caused by a shifting of the earths rock plates beneath its surface resulting in violent shaking and movement of the earths upper surface. Severe earthquakes can destroy power and communication lines and disrupt gas, water and sewerage services. Significant damage to structures can occur including total collapse of buildings, bridges or other elevated structures. Earthquakes can also bring landslides, damage to dams, and aftershocks and resulting damage can hinder rescue efforts. In addition to being trapped in a collapsing building, of particular danger to human life is the possibility of falling glass or other objects. Electrical storms The impact of lightning strikes can be significant. It can cause disruption to power and can also cause fires. It may also damage electrical equipment including computer systems. Structural damage is also possible through falling trees or other objects. Fire Fires are often devastating and can be started through a wide range of events which may be accidental or environmental. Deliberate fires caused through arson are dealt with in topic BC 020102. The impact on the business will vary depending on the severity of the fire and the speed within which it can be brought under control. A fire can cause human injury or death and damage can also be caused to records and equipment and the fabric or structure of premises. Subsidence and Landslides Subsidence and landslides are often caused through a change in the composition of the earths surface. This change can often result from flooding, where flowing water can create cavernous open areas beneath structures. Subsidence or landslides can cause structural damage and can also disrupt transport services and affect travelling conditions. Freezing Conditions Freezing conditions can occur in winter periods and the effects can be devastating. Where temperatures fall in excess of - Tenp Centigrade they can create conditions which significantly disrupt businesses and even cause death or injury. Businesses and homes can be seriously affected through burst pipes, inadequate heating facilities, disruption to transportation and malfunctioning equipment. Work undertaken outside of buildings in the open environment will obviously be seriously affected. Contamination and Environmental Hazards Contamination and environmental hazards include polluted air, polluted water, chemicals, radiation, asbestos, smoke, dampness and mildew, toxic waste and oil pollution. Many of these conditions can disrupt business processes directly and, in addition, cause sickness among employees. This can result in prosecution or litigation if more permanent damage to employees health occurs. Epidemic An epidemic can occur when a contagious illness affects a large number of persons within a country or region. This can have a particularly devastating short term impact on business through a large number of persons being absent from work at the same time. Certain illnesses can have a longer term effect on the business where long term illness or death results. An example of this extreme situation is occurring in certain third world countries where the Aids virus is considered to be of epidemic proportions.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
1.3.3 Organized and / or Deliberate Disruption The BCP Project Team has examined each potential disaster or emergency situation resulting from organized disruption. The focus here is on the level of business disruption that could arise from each type of disaster. Potential disasters resulting from 'organized disruption' have been assessed as follows: Table 1.3.3
POTENTIAL DISASTER Act of terrorism Acts of terrorism include explosions, bomb threats, hostage taking, sabotage and organized violence. Whether this is perpetrated through a recognised terrorist organization or a violent protest group, the effect on individuals and business is the same. Such acts create uncertainty and fear and serve to de-stabilise the general environment. Act of Sabotage An act of sabotage is the deliberate serious disruption of an organizations activities with an attempt to discredit or financially damage the organization. Business will often be immediately and seriously affected by successful acts of sabotage. This can affect the normal operations and also serve to de-stabilise the workforce. An internal attack on the IT systems through the use of malicious code can be considered to be an act of sabotage. Act of war An act of war is the commencement of hostilities between one country and another. This could take the form of air strikes, ground strikes, invasion or blockades. Business could be immediately affected where they are either located near the outbreak of hostilities or where they are dependent upon imports or exports for survival. Many businesses do not survive a prolonged outbreak of war. Theft This hazard could range from the theft of goods or equipment to the theft of money or other valuables. In addition to possibly financially damaging the organization, theft can cause suspicion and uncertainty with the workforce where it may be believed that one or more of them could have been involved. Arson Arson is the deliberate setting of a fire to damage the organizations premises and contents. As this can cause both loss of premises and loss of goods and other assets, this can be highly disruptive to the organization. Labour Disputes / Industrial Action This disruptive threat is the withdrawal of labour or working to rule usually organized by a union to which employee groups may belong. It can follow a dispute between the workers and the management of a company which has not been resolved. A withdrawal of labour is often accompanied by picketing across the entrance of the companys premises to try to discourage anyone from entering. This sort of action is highly disruptive to the business and normally results in a shutdown of the business until the dispute is resolved.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
1.3.4 Loss of Utilities and Services The BCP Project Team has examined each potential disaster or emergency situation resulting from loss of utilities and services. The focus here is on the level of business disruption that could arise from each type of disaster. Potential disasters have been assessed as follows: Table 1.3.4
POTENTIAL DISASTER Electrical power failure All organizations depend on electrical power to continue normal operations. Without power the organizations computers, lights, telephones and other communication medium will not be operational and the impact on normal business operations can be devastating. All organizations should be prepared for a possible electrical power failure as the impact can be so severe. Data can be lost, customers can be lost and there can be a serious impact on revenue. Pre-planning is essential as a regional outage can cause a shortage of back up electrical generators. Consideration should be given to installing UPS systems to avoid brownouts. Loss of gas supply The loss of gas supply can be extremely serious where the business relies on gas to fuel either its production processes or provide heating within its premises. The impact that a loss of gas supply can have on the production process can result in the whole process shutting down. The impact on the organization will also be particularly acute where the loss of gas-fired heating could render the premises unusable during periods of low external temperatures. Loss of water supply The loss of the water supply is likely to close down a business premises until the supply is restored. Where the water is used in the production process this is particularly serious. The loss of water supply is also a health and safety issue as minimum sanitary needs cannot be met. This is often caused through a fault in a water supply route or as a result of a particularly severe drought. Petroleum and oil shortage For most countries in the world, a petroleum shortage can occur at any time. This has a serious impact on businesses as rationing is likely to be imposed immediately affecting transportation and the normal operations of diesel or petrol fuelled machinery. For example, this type of shortage can be caused by a sudden reduction in production output imposed by one of the OPEC members. It could also be caused through the short-term failure of a refinery, thereby affecting output of particular grades of fuel. Communications services breakdown Most businesses are fully dependent upon their telecommunications services to operate their normal business processes and to enable their networks to function. A disruption to the telecommunications services can result in a business losing revenue and customers. The use of cell-based telephones can help to alleviate this but the main reliance is likely to be on the land based lines. Loss of drainage / waste removal The loss of drainage or waste removal is likely to cause a serious sanitation and health issue for most businesses. This is likely to impact on the business through the possible loss of its workforce during the period where drainage services are not available. This, in turn, will have an immediate impact on revenue. A large number of businesses also rely on waste removal for its production processes and this will be impacted also.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
1.3.5 Equipment or System Failure The BCP Project Team has examined each potential disaster or emergency situation resulting from equipment or system failure. The focus here is on the level of business disruption that could arise from each type of disaster. Potential disasters have been assessed as follows. Table 1.3.5
POTENTIAL DISASTER Internal power failure An internal power failure is an interruption to the electrical power services caused through an internal equipment or cabling failure. This type of fault will need to be repaired by a qualified electrician and delays will inevitably impact on the business process. Where particularly serious faults have occurred, such as damage to main cables, the repairs could take some time and could have a severe effect on the business. Air conditioning failure An air conditioning (AC) failure could have serious consequences where the AC unit is protecting particularly sensitive equipment such as a main computer processing unit, and the rise in temperature could cause the equipment to fail and be damaged. It can also affect the workforce as conditions in buildings can become extremely uncomfortable with a significant rise in temperatures and where the staff are adversely affected. Portable AC equipment may possibly be used as back up. Equipment failure (excluding IT hardware) All businesses rely on a whole range of different types of equipment in order to run their business processes. In many cases, it is possible to move to alternative processes to enable the business processes to continue but this requires considerable planning and preparation. See BC 020105 below for computer systems failure.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
1.3.6 Serious Information Security Incidents The BCP Project Team has examined each potential disaster or emergency situation resulting from serious information security incidents. The focus here is on the level of business disruption that could arise from each type of disaster. Potential disasters have been assessed as follows: Table 1.36
POTENTIAL DISASTER Cyber crime Cyber crime is a major area of information security risk. It includes attacks by hackers, denial of service attacks, virus attacks, hoax virus warnings and premeditated internal attacks. All cyber crime attacks can have an immediate and devastating affect on the organizations normal business processes. The average cost of an information security incident has been estimated at $ and over .% of organizations are reported to experience one or more incidents every year. Loss of records or data The loss of records or data can be particularly disruptive where poor back-up and recovery procedures result in the need to re-input and re-compile the records. This is normally a slow process and is particularly labour intensive. This can result in an increase in costs through additional working hours and a great deal of embarrassment where information is unexpectedly not available. Disclosure of sensitive information This is a serious information security incident which can result in severe embarrassment, financial loss, and even litigation where damage has been caused to someones reputation or financial standing. Further types of serious disclosure involve secret patent information, plans and strategic directions, secret recipes or ingredients, information disclosed to legal representatives etc. Deliberate unauthorised disclosure of sensitive information is also referred to as espionage. IT system failure With the almost total level of dependence on IT systems within the vast majority of businesses, a failure to these systems can be particularly devastating. The types of threats to computer systems are many and varied, including hardware failure, damage to cables, water leaks and fires, air conditioning system failures, network failures, application system failures, telecommunications equipment failures etc.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
10
1.3.7 Other Emergency Situations The BCP Project Team has examined each potential disaster resulting from other emergency situations. The focus here is on the level of business disruption that could arise from each type of disaster. Other potential emergency situations have been assessed as follows: Table 1.3.7
POTENTIAL DISASTER Workplace violence Acts of violence in the workplace can affect morale, absenteeism, create fear and uncertainty and increase the rate of turnover of employees. This can have a significant affect on productivity and could also result in claims for workers compensation, harassment claims and a need for increased security measures. Statistically, this type of incident is especially prevalent at organizations which have recently merged or are being re-sized or restructured, where there are regular threats of industrial action, or where permanent employees have been replaced with temporary employees. Public transportation disruption Disruption to public transport has a major effect on businesses through the inability of employees to get to their normal place of work. This disruption can be caused through major accidents, industrial action, equipment failure, bad weather conditions and major preventative repairs. Difficult travelling conditions increase absenteeism as well as lower morale and productivity. Neighbourhood hazard A neighbourhood hazard is defined as a disruptive event in the close vicinity which directly or indirectly affects your own premises and employees. An example would be a seepage of hazardous waste from a neighbouring factory or the escape of toxic gases from a local chemical plant. Health and safety regulations require that the organization take suitable action to protect its employees. This may have severe disruptive implications for the business particularly where it can take some time to clear the hazard. Health and Safety Regulations For organizations that do not properly and fully observe all the necessary Health and Safety Regulations, a complaint or an inspection can result in the operation being completely closed down until the situation is corrected. This could result in substantial delays on major projects with significant financial implications. Organizations should ensure that they meet the necessary regulations and requirements at all times. Employee morale A large number of internal or external factors can have a direct impact on the level of employee morale. This can often arise where there is a combination of poor management, uncertainty and difficult working conditions. Productivity will be affected and employee turnover is likely to rise. Negative publicity Unfavourable press comments can result in a lowering of employee morale or a loss of customers. Any company can suffer from negative publicity and an internal crisis is best resolved from within, prior to the media feeding of the uncertainties and disputes. Reports may also be inaccurate, particularly where reliable information is not available, and therefore, well-worded press statements may be issued to quieten down adverse reports. Information can be leaked to the press from disgruntled employees and industry competitors. Legal problems Legal problems are both time consuming and expensive. Organizations can experience a wide range of legal issues including sexual harassment, contract disputes, copyright disputes, health and safety regulations and discrimination. It is important that organizations are fully aware of their legal duties and the rights of their employees.
PROBABILITY RATING
(SEE TABLE BELOW)
IMPACT RATING
(SEE TABLE BELOW)
11
2 PROJECT ORGANIZATION
2.1 Appoint BCP Project Manager and Deputy The BCP Project is led by an appointed Project Manager supported by a Deputy Project Manager. Information on the current BCP Project Manager and BCP Deputy Project Manager is as follows. Table 2.1 a BCP Project Manager Name Date appointed as BCP Project Manager Normal contact details Emergency contact details Table 2.1 b BCP Deputy Project Manager Name Date appointed as BCP Project Deputy Manager Normal contact details Emergency contact details 2.2 Select and Notify BCP Project Team Each of the main business and operational areas within the organization are to be represented on the BCP Project Team. The Project Team has overall responsibility for the development and maintenance of the Plan. Members of the BCP Project Team are currently as follows. Table 2.2
NAME JOB TITLE AND DEPARTMENT WITHIN ORGANIZATION DATE APPOINTED TO PROJECT TEAM REMARKS
12
2.3 Initial BCP Project Meeting An initial meeting of the BCP Project Team should be held shortly after the Team Members have been notified about their involvement in the project. The Initial Meeting of the BCP Project Team was held on <DATE> to discuss the following agenda: Introduction to BCP by the BCP Project Manager. Project organization structure. Project initial information requirements. Preliminary consideration of key business processes. Consideration of impact of potential disaster or emergencies. BCP testing and training. 2.4 Project Objectives and Deliverables To enable the BCP Project Team to focus their efforts on the key issues, and to ensure that the work undertaken is relevant to the requirements of the project, the project's objectives and deliverables must be clearly defined. The following list of objectives and deliverables have been approved by the Executive Management:
OBJECTIVES OF BCP PROJECT:
The project's principle objective could be stated as: "The development and testing of a well structured and coherent plan which will enable the organization to recover as quickly and effectively as possible from an unforeseen disaster or emergency which interrupts normal business operations." The organization should ensure that all employees fully understand their duties in implementing such a plan, the need to ensure that information security policies are adhered to within all planned activities or the need to ensure that the proposed contingency arrangements are cost effective.
DELIVERABLES OF BCP PROJECT:
Documented activities necessary to prepare the organization for possible emergencies (including strategic recovery measures) Detailed activities for dealing with the Disaster Recovery Phase Procedure for managing the Business Recovery Process Plan for testing the Business Recovery Process Plan for training the staff in the Business Recovery Process Procedure for keeping the Plan up-to-date
13
2.5 Required Documents and Information The BCP Project Team has prepared the following list of documents and information that are required by the BCP Process. Note: this includes documents containing sensitive information, care must be taken to ensure that confidentiality is not compromised. Table 2.5 DESCRIPTION OF DOCUMENT/INFORMATION 2.5 a - Organization chart showing names and positions 2.5 b - Existing BCP (if available) 2.5 c - Staff emergency contact information 2.5 d - List of suppliers and contact numbers 2.5 e - List of professional advisers & contact information 2.5 f - List of emergency services and contact numbers 2.5 g - Premises lists, information, addresses and maps 2.5 h - Communication system specification 2.5 i - Copies of maintenance agreements / service agreements 2.5 j - Existing evacuation procedures and fire regulations 2.5 k - Health and Safety procedures 2.5 l - Operations and Administrative procedures 2.5 m - Personnel administrative procedures 2.5 n - Copies of floor plans 2.5 o - Asset inventories 2.5 p - Off-site storage procedures 2.5 q - Relevant industry regulations and guidelines 2.5 r - Insurance information 2.5 s - IT BCP DOCUMENT LOCATION
2.6 IT and Communications Of particular importance when considering business risks and the impact of potential emergencies is the disruption to, and availability of, IT services and communications. The level of dependency that most organizations have on IT and communications systems and the nature of customer services which are often on a 24/7 basis, has meant that it is essential that organizations are able to keep their IT networks and communications systems operational at all times. The IT BCP shall be completed and attached to this main BCP as an Annex.
14
2.7 Back-up Power Arrangements Back-up generators have been provided in critical areas to allow critical business processes to continue when there is a power outage. UPS systems are also used for key equipment or services that may be affected by sudden surges of power, or where data may be corrupted when the system switches over from mains power to a back-up generator. Existing back-up power arrangements is listed below, together with the critical functions that they support: Table 2.7
TYPE OF BACK-UP GENERATOR CRITICAL FUNCTIONS SUPPORTED REQUIRED DATE TEST FREQUENCY OF LAST TESTING CARRIED OUT RESPONSIBLE FOR TESTING/ MAINTENANCE
15
It is critical to be able to continue to provide an adequate level of service to the Organization's customers throughout an emergency. Customer relations management shall also been considered. Affected customers shall be immediately notified of the potential impact on the supply of products or services.
16
3.3 Off-site Storage The off-site locations used by the organization to store key documents, data and systems are listed below, together with the names and contact numbers of those personnel who are responsible for the safe keeping of these items. Table 3.3
NAME OF LOCATION Address Contact Person Normal contact no. Emergency contact no. Any special arrangements in case of emergency KEY ITEMS STORED AT LOCATION
3.4 Emergency Stationery and Office Supplies In the event of an emergency where the organization's stationery and office supplies are destroyed, back-up stock can be obtained from off-site locations, as follows. Also listed below are details of suppliers who can provide emergency stationery and office supplies on a next-day delivery basis. Table 3.4 a - EMERGENCY STATIONERY & OFFICE SUPPLIES HELD OFF-SITE
ITEM NAME OF LOCATION ADDRESS OF LOCATION CONTACT PERSON CONTACT NO.
17
RELEVANT COMMENTS (E.G. SPECIFIC INSTRUCTIONS ISSUED) Note: Insert more rows and columns as required
18
4.4 Notification to Management and Key Employees The following is a list of those members of management and key employees who will need to be contacted in the event of an emergency. * WHERE THE PERSON CONCERNED NEEDS TO BE CONTACTED ONLY IN THE EVENT OF A PARTICULAR TYPE OF DISASTER Table 4.4
NAME JOB TITLE NORMAL EMERGENCY TYPE OF AREA(S) OF CONTACT CONTACT DISASTER RESPONSIBILITY DETAILS DETAILS APPLICABLE *
4.5 Handling Personnel Families Notification In the event that an employee's immediate family needs to be notified of an injury to the employee as a result of a disaster situation, this notification must be undertaken by an authorised personnel. * WHERE AUTHORISED TO NOTIFY THE FAMILIES OF SPECIFIC DEPARTMENTS OR UNITS WITHIN THE ORGANIZATION Table 4.5
NAME POSITION WITHIN ORGANIZATION NORMAL CONTACT DETAILS EMERGENCY CONTACT DETAILS RESPONSIBLE FOR DEPARTMENTS /UNITS *
4.6 Handling Media during Disaster Recovery Phase Media contact during the disaster recovery phase may only be undertaken by the following authorized personnel. Table 4.6
NAME POSITION WITHIN ORGANIZATION CONTACT DETAILS NORMAL EMERGENCY
For a business recovery process to be effective it is necessary to carefully consider and plan for the potentially complex series of activities needed to recover from a serious emergency. A planned approach is likely to result in a more coherent and structured recovery.
19
An untested plan can often be more hindrance than having no plan at all. The ability of the BCP to be effective in emergency situations can only be assessed if rigorous testing is carried out in realistic conditions. The BCP testing phase contains important verification activities which should enable the plan to stand up to most disrupted events. All staff shall be trained in the Disaster and Business Recovery process. The BCP should be tested within a realistic environment which means simulating conditions which would be applicable in an actual emergency. It is also important that the tests should be carried out by the persons who would be responsible for those activities in a crisis. Each phase of the BCP process that incurs a cost requires that a budget be prepared and approved. The 'Preparing for a Possible Emergency' Phase will identify strategies for back-up and recovery of data files or a part of a business process, and it is inevitable that these processes will involve additional costs. Where the costs are significant they should be approved separately, with a specific budget for the establishment costs and on-going maintenance costs. It is necessary for the Core Testing Team to be trained in the emergency procedures. The tests must be carried out under authentic conditions and all participants must take the process seriously. It is important that all persons who are likely to be involved with recovering a particular business process in the event of an emergency should participate in the testing process. It should be mandatory for the management of a business unit to be present when that unit is involved with conducting the tests. As far as practical, each critical part of the Business Recovery Process should be fully tested, to ensure its validity and relevance. 5.1 Assess Test Results For each business process, the following form is to be completed following the test assessment. Table 5.1
BUSINESS PROCESS Name: Test Reference: Test Date: Test Result:
Were test objectives met? (If not, provide further comment) Were conditions reasonably authentic? (If not, provide further comment) Was test data representative? (If not, provide further comment) Did the tests proceed without any problems? (If not, provide further comment) What were the main comments in the feedback questionnaires?
20
5.2 Keeping the Plan Up-to-date Changes within most organizations occur all the time. Products and services change and also their method of delivery. The increase in technological based processes over the past ten years, and particularly within the last five, has significantly increased the level of dependency upon the availability of systems and information for the business to function effectively. These changes are likely to continue and probably the only certainty is that the pace of change will continue to increase. It is necessary for the BCP to keep pace with these changes in order for it to be of use in the event of a disruptive emergency. This chapter deals with updating the plan and the managed process that should be applied to this updating activity. 5.3 Maintaining the BCP It is necessary for the BCP updating process to be properly structured and controlled. Whenever changes are made to the BCP they are to be fully tested and appropriate amendments should be made to the training materials. This will involve the use of formalised change control procedures under the control of the BCP Team Leader. 5.4 Change Controls for Updating the Plan Due to the level of complexity of the BCP, it is necessary for formal change controls to be implemented to cover any changes required to the BCP. The following form should be used for the request and approval of such changes. Following approved changes to the plan, it is important that the relevant BCP Coordinator and Business Recovery Team are kept fully informed. Table 5.4
BCP CHANGE REQUEST FORM Change no. Description of change Justification for change Date to become effective Alternatives considered and eliminated Business process(es) impacted Testing schedule adjusted Training schedule adjusted Requested by: (BCP Team Leader) Name: Date: Signature: Approved by: Name: Job Title/Position Date: Signature:
21