2. What is business continuity? How to stay in business in the event of disaster It provides the strategy and process involved to make sure that the company survive the loss of key individual, data, equipment or facilities. It encompasses disaster recovery, backups and even business succession planning Disaster recovery refers to how companies recover from large scale disaster like earthquake or the terrorist attacks such as on the world trade center It determine how a company will keep functioning after a disruptive event until its normal facilities and capabilities are restored.
3. By the numbers 93% of companies that lost their data for 10 days or more filed for bankruptcy within one year of the disaster and 50% filed for bankruptcy immediately 20 % of small to medium business will suffer a major disaster causing loss of critical data every 5 years About 70 % of business people have experienced data loss due to accidental deletion, disk or system failure, viruses, fire or some other disaster 40% of small to medium businesses that manage their own network and use the internet , will have their network accessed by the hackers, and more than 50 % wont even know they were attacked
4. Contd.. more than 60% of businesses have no plan One of the five IT organizations will suffer a major IT disaster in five year A company experiencing a computer outage lasting longer suffer huge loss Eg: eBay
5. BCM structure INCIDENT EMERGENCIES DISASTER PLANNING METHODOLOGY IT RECOVERY BUSINESS CONTINUITY CRISIS SECURITY PLAN DRP BCP PLANS SECURITY SPECIFIC INCIDENT
6. September 29, 2011 Stages for Implementing Business Continuity and Disaster Recovery Business Continuity and Disaster Recovery Resilience and Fault Tolerance Data Backup and Recovery
7. BC-DR implementation process BC/DR PLAN PROJECT MANAGEMENT PROGRAM MANAGEMENT RISK ANALYSIS & REFVIEW BUSINESS IMPACT ANALYSIS RECOVERY STRATEEGY AWARENESS & TRAINING PLAN DEVELOPMENT TESTING & EXERCISING
8. September 29, 2011 Specific Business Continuity and Disaster Recovery Requirements RTO – Recovery Time Objective How quickly should critical services be restored RPO – Recovery Point Objective From what point before system loss should data be available How much data loss can be accommodated RPO (Recovery Point Objective) – Time Since Last Good Backup RTO (Recovery Time Objective) – Time to Recover System Loss/Failure System Restored Last System Backup/Copy Overall Recovery Time – From Last Backup to System Recovery
9. Components of business continuity Consist of four key components Facilities and infrastructure- the IT infrastructure and data must be resilient and recoverable Processes and procedure-Business continuity /disaster recovery must be incorporated into the standard processes and procedures Operational Business Continuity Plan-there must be an operational and tested plan to recover Business Continuity –there should be a facility from which the recovered system can run.
10. Consideration Understand what we are protecting against -hardware failure or damage -application and data corruption -site failure and denial of access -fires, attacks Define levels of service to be provided Define recovery methods Understand business requirements and align information technology infrastructure to meet them Define cost and benefits of implementing levels of resilience and recoverability
11. Maintaining Business Continuity and Disaster Recovery Once implemented , the effective business continuity must be regarded as a continuous process While this impose an overhead it ensures that business continuity implementation will continue to meet the requirements of the business and meet audit compliances requirement Good solution design will minimize effort