business continuity
DESCRIPTION
BUSINESS CONTINUITY. BY HUI ZHENG. What’s Business continuity?. Business continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. - PowerPoint PPT PresentationTRANSCRIPT
BUSINESS CONTINUITY
BY HUI ZHENG
What’s Business continuity?
• Business continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions.
Three Important Definition
• High availability Ability to performance the service during
any kind of failure.
Three Important Definition
• High availability Ability to performance the service during
any kind of failure. • Continuous operations A system maintains continuity of service to
internal systems and customers through an uninterrupted delivery of critical service or functions
Three Important Definition
• Disaster Recovery Ability to performance recovery from the
disaster at different locations.
Why Business Continuity?
• Does everything worth?
DOWNTIME: The End-to-End Impact
.
FINANCIAL PERFORMANCE
+ Revenue recognition+ Cash flow+ Lost discounts A/P+ Payment guarantees+ Credit rating+ Stock price
REVENUE+ Direct loss+ Compensatory
payments+ Lost future revenue+ Billing losses+ Investment losses
$Know your
downtime costs
OTHER EXPENSES+ Temporary employees,
equipment rental, overtime costs, extra shipping costs, travel expenses, legal obligations
DAMAGED REPUTATION+ Customers+ Suppliers+ Financial markets+ Banks+ Business partners+ Media/analysts
PRODUCTIVITY+ Number of employees
affected x hours out x hourly rate
Source; Gartner Group, Inc
Information as a Strategic Asset
• The value of your data• Protection of business critical information• A massive increase in data volume and complexity• The reliability of back-up and recovery
DOWNTIME: Perceived Areas of Vulnerability
• In a recent survey CFOs were asked "In which of the following areas do you feel your company is most vulnerable?”
• Their responses were:– Disaster preparedness/recovery 37%– Security of information systems 24%– Protection of intellectual capital 11%– Detection of accounting fraud 10%– Theft by company employees 2%– Other 3%– None/not vulnerable 11%– Don't know/no answer 92%
Source: Robert Half Management Resources
DOWNTIME: Perception vs. Reality
28%21%
15%12%
6%6%
4%4%4%
2%2%2%
3%9%
0% 5% 10% 15% 20% 25% 30%
Terrorism/War
Fire
Power failure/Loss of power
Loss of Business/revenue/Customers
Economic slowdown/Stockmarket crash
Under funding
None
Source: Business Continuity Institute, UK
DOWNTIME: Perception vs. Reality
.REALITYCauses of Unplanned Downtime
20%Environmental
factors, Hardware, Operating system, Power, Disasters
Source: Gartner Group, Inc
40%Application
failure
40%Operator errors
DOWNTIME: The cost• “On average, businesses lose US$108,000 of revenue for every
hour that their IT infrastructure is down.” (Gartner)
• Cost (US dollars) to businesses of unplanned downtime per hour by industry:
• Brokerage Service $6.48 million and much more • Energy $2.8 million and more• Telecom $2 million and more• Manufacturing $1.6 million• Retail $636,000• Health Care $6.48 million• Media $90,000
Business Continuity Management
• A compilation of processes that identifies and evaluates potential risks to an organization and develops the organization's resilience by ensuring critical objectives are met the resources necessary to achieve those objectives are available.
Key Elements
• Executive Management Commitment • Cooperate• Standard or policy• Efficient response
Business Continuity Plan
• Identify Risks – Triage to assess all processed
• Develop Plans for Everything• Test and Exercise the Plans• Layer Business Plan & Disaster Plan
BCP
• Analysis• Solution design• Implementation• Testing and organizational acceptance• Maintenance
BCP Life Cycle
.
Source; wikipedia.org
BCP
• AnalysisBusiness Impact Analysis (BIA)Threat and Risk Analysis (TRA)Impact ScenariosRecovery requirement
External Risks
• Risk present in natural disaster• Labor Strife• The possible failure of business partners• Suppliers• Public utilities• Transportation• Telecommunication, and so on
Prioritize Risk Factors
• Personal Safety Risk• Services Risk• Operational Risk• Revenue Risk• Liability Risk• Good Will (Societal) Risk
Imagine in below Scenarios
• No power• No phone service• No water• No government serviceWhat will you do? Panic?
Develop Scenarios
• How bad will the “big one be” be?Extended Power, water, or telecom outages?Supply chain disruptions?Civil Unrest?
• Develop various scenarios and pick which ones to plan for.
• Plan for the worst but expect for the best situation
Emergency Management Plan
• Work with local and regional disaster agencies
• Assess special problems with disasters• Review and revise existing disaster plan• Look for new areas for disaster plan• Include disaster recovery plan