Introduction to

Business Continuity Planning

Business Continuity and

Disaster Resilience Forum

May 10, 2012

Rizal Ballroom A, Makati Shangri-la

Manila, Philippines

Dr Goh Moh Heng

President

BCM Institute certified BS25999 and SS540

Dr Goh Moh Heng

• President – Business Continuity Management (BCM)

Institute – www.bcm-institute.org

• Managing Director – GMH Continuity Architects – Asia Pacific BCM Consulting Firm – www.GMHasia.com

• Professional BCM Appointments – Technical Advisor for TR19:2005 &

SS540:2008 BCM Standard (Management Council and Technical Committee) www.ss540.org

– Project Director, Technical Working Group for SS507:2004 • ISO/IEC 24762 Guidelines for BC-DR

Services

http://www.bcmpedia.org/wiki/Dr_Goh_Moh_Heng

Prior Appointments

• Government of Singapore Investment Corporation (GIC)

• Standard Chartered Bank

– Global Head for BCM

• PriceWaterhouseCoopers

• Past Certification Broad Member for DRI International’s Certification Board

• Past Executive Director for DRI Asia

• Senior Technical Advisor, China Business Continuity Management Forum

• Published Books: – 7-book BCM Series

– 5-book BCM Specialist Series

http://www.bcmpedia.org/wiki/Dr_Goh_Moh_Heng

Dr Goh Moh Heng

Agenda

• Global Business Continuity Trends

• Things to Consider when Implementing BC plan:

– Executive Expectation

– Speaking the Same Language

– Common Planning Methodology

– BCM Competency

– Updating your BCM System

• BCM Framework

Global Trends in Business Continuity

Trends for 2012

• Supply Chain Resiliency

• BCMS Certification – ISO 22301

• Regional Disasters

7

Trends for 2012

• Cloud Business Continuity and Disaster Recovery

• Crisis Management

• Crisis Communication

8

Recent Disasters

Lessons Learnt

Thailand Flooding

Japan Tsunami

Lessons from Recent Disasters

• Planning scenario

– Single site, regional and multiple disasters

• Focus on Threats :

– “High-Likelihood High-Impact” to “Low-Likelihood High-Impact”

• Definition of “BCP”

– Crisis management

– Business continuity

• Supply chain considerations

• Coordination between private sector and public authority

• Welfare of staff and family members

Things to Consider When Implementing BC Plan

Executive Expectations

• Appoint senior executive responsible

• Have a high-level of awareness on BCM, DR and CM

• Align to key business drivers

• Building “resiliency” into the people

CRISIS IT

RECOVERY SECURITY

BUSINESS CONTINUITY

Plan

SPECIFIC CRISIS MANAGEMENT

PLAN IT DR PLAN

SPECIFIC PLANS

SECURITY PLAN BC PLAN

Incidents, Emergencies,

Events, Disasters

Speak A Common Language

Online Dictionary

www.bcmpedia.org

Common Planning Methodology

http://www.bcmpedia.org/wiki/ BCM_Planning_Process_or_Methodology

International BCM Standards

BS 25999

NFPA 1600 ANZ 5050

SS 540 ISO

22301

Competency

Development

BCM-5000

BCM for Organisation BCM Coordinator

BCM-8590

Audit

DRP-5000

IT DRP

BCM-820

BCM for BU Coordinator

Building Organizational Competency

BCM-100

Executive Management

BCM-8590 DRP-5000 BCM-5000 BCM-820 BCM-100 Click Button for Course Content

Updating Your BCMS

Develop Reports

BCM Competency at BU Level

Internal Audit

Testing and Exercising Your Plan

ISO22301

BCM Framework

• Policy

– Strong governance

– Alignment with business mission

– Consistency in communication

• People

– Senior Management

– Key executive assign to the project or programme

– Involved by business heads and units

– BCM competency

• Process

– Common methodology for BCM, DR, CM, ER, etc

– Integration of plans within organization

0

People

Process

Policy

THANK YOU

Dr Goh Moh Heng President Mobile: +65 96711022 Tel: +65 63231500 Email: moh_heng@bcm-institute.org

Profile of BCM Institute

• The institute provides a global convergence of thought leadership in Business Continuity, Disaster Recovery and Crisis Management

• Global Professional Development and Qualification developed by Technical Experts and Thought Leaders

• Largest Continuity Training and Certification Organization in Asia Pacific

• Governed by Education, Examination and Certification Committees

• Delivered by Industry Practitioners, Professionals and Peers

• Learned by Professionals, Practitioners, Consultants, Auditors, Officials from all industry sectors of over 850 Organisations and Multi National Corporations (MNC) across 40 countries

Education Certification & Professional Development

Thought Leadership

Conducting and administering

courses and exams.

Provide a career path and a common body of knowledge for business continuity and disaster

recovery professionals

Organizing conferences and seminar events. Publishing

technical and research papers

Profile of GMH Pte Ltd

• A leading consultancy focusing on business continuity management, disaster recovery and crisis management in Asia Pacific since 1999.

• Our core business is in safeguarding our clients’ businesses through the sound application of proven, business-oriented approach.

• The sample list of organizations that GMH had assisted in achieving their organization SS540 and/or BS25999 BCM certification during 2011/2012.

24

Implement Business

Continuity Management

Conduct Risk Assessment

Identify and Analyze Business

Impact

Develop and implement the

plans

Exercise and Maintain the plans

Conduct Review, Audit and Quality

Assurance of Program

Improve Training and Awareness

program

Conduct Disaster Recovery and

Crisis Management