Disasters could cripple your organization, suspending mission-critical processes and disrupting service to your customers. These disasters could be man-made or natural in nature.
The Business Continuity Plan addresses an organization’s ability to continue functioning when normal operations are disrupted. A Disaster Recovery Plan is used to define the resources, action, tasks, and data required to manage the business recovery process in the event of a disaster.
In this workshop you learn to identify vulnerabilities and implement appropriate countermeasures to prevent and mitigate threats to your mission-critical processes. You will learn techniques for creating a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation.
Benefits of Attending:
Using a carefully selected case study, course participants will:
- Create, document and test continuity arrangements for an organization
- Perform a risk assessment and Business Impact Assessment (BIA) to identify vulnerabilities
- Select and deploy an alternate site for continuity of mission-critical activities
- Identify appropriate strategies to recover the infrastructure and processes
- Organize and manage recovery teams
- Test and maintain an effective recovery plan in a rapidly changing technology environment
Exclusive:
- Bring your BCP/DRP for private consultation review
- BCP/DRP Step-by-step Guide
- BCP/DRP templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop
- FREE CD containing course material, case studies, and other related items of the training workshop
Who should attend:
- Vice Presidents, Directors, General Managers
- Chief Information Officers
- Chief Security Officers
- Chief Information Security Officers
- Chief Technology Officers
- Heads of Departments in Information Security Management
Contact Kris at kris@360bsi.com to register.
7.pdf This presentation captures many uses and the significance of the number...
Business Continuity & Disaster Recovery Planning 02 - 04 December 2013 Kuala Lumpur Malaysia
1. 1
YOUR INTERNATIONAL
COURSE FACILITATOR
Dr Mark T. Edmead
MBA, CISSP, CISA, CompTIA Security+
IT Security
Consultant & Trainer
MTE Advisors
Mark T. Edmead is a successful technology entrepreneur
with over 28 years of practical experience in computer
systems architecture, information security, and project
management.
Mark excels in managing the tight-deadlines and ever
changing tasks related to mission-critical project
schedules. He has extensive knowledge in IT security, IT
and application audits, Internal Audit, IT governance,
including Sarbanes-Oxley, FDIC/FFIEC, and GLBA
compliance auditing.
Mr. Edmead understands all aspects of information
security and protection including access controls,
cryptography, security management practices, network
and Internet security, computer security law and
investigations, and physical security.
He has trained Fortune 500 and Fortune 1000 companies
in the areas of information, system, and Internet security.
He has worked with many international firms, and has the
unique ability to explain very technical concepts in
simple-to-understand terms. Mr. Edmead is a sought after
author and lecturer for information security and
information technology topics.
Mark works as an information security and regulatory
compliance consultant. He has:
• Conducted internal IT audits in the areas of critical
infrastructure/ systems and applications,
• Assessed and tested internal controls of critical
infrastructure platform systems (Windows, UNIX, IIS, SQL,
Oracle)
• Assessed and tested internal controls of various critical
financial applications.
• Prepared risk assessments and determined risks to
critical financial data systems and infrastructure
components.
• Created test plans & processes and executed test plans.
• Conducted reviews of existing systems and
applications, ensuring appropriate security, management
and data integrity via control processes.
• Prepared written reports to all levels of management
• Participated in audit review panel sessions to address
results, conclusions and follow-up actions required.
Tel: +6016 3326360 Fax: +603 9205 7779 kris@360bsigroup.com
•
c
c
•
•
a
a
•
•
r
Tel: +6016 3326360 Fax: +603 9205 7779 kris@360bsigroup com
1. Bring your Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) for
private consultation review
2. BCP/DRP Step-by-step Guide
3. BCP/DRP templates and worksheets to aid you in applying and putting into
practice what you have learned from this workshop
4. FREE copy of the course material, case studies, and other related items of the
training workshop
1.1. BBriringng yyouourr BuBusisineness
private consultation rev
EXCLUSIVE:
titinunuitityy PlPlanan/D/Disisasasteterr ReRecocovvery
iew
ssss CConon
on rev
:: TEMPLATES & TAKEAWAYS
Sample Case Studies:
• A major Middle Eastern bank has been experiencing tremendous growth and management feels that
their current BCP and DRP plans outdated. In this case study the delegates with perform a business
impact analysis, based on interviews with key company stakeholders and subject matter experts, and
outline which business areas are the most critical and in need of improved continuity and recovery
plans.
• A manufacturing company is considering implementing a disaster recovery plan but does not know
which disaster recovery approach they should implement. In this case study the delegates with study
the business enterprise, perform a risk analysis, and determine if a hot site, cold site, warm site, or
another disaster recovery method is the best approach.
Using a carefully selected case study, course participants will:
• Create, document and test continuity arrangements for an organization
• Perform a risk assessment and Business Impact Assessment (BIA) to identify
vulnerabilities
• Select and deploy an alternate site for continuity of mission-critical activities
• Identify appropriate strategies to recover the infrastructure and processes
• Organize and manage recovery teams
• Test and maintain an effective recovery plan in a rapidly changing technology
environment
BENEFITS OF ATTENDING
Disasters could cripple your organization, suspending mission-critical processes and
disrupting service to your customers. These disasters could be man-made or natural
in nature.
The Business Continuity Plan addresses an organization’s ability to continue
functioning when normal operations are disrupted.
A Disaster Recovery Plan is used to define the resources, action, tasks, and data
required to manage the business recovery process in the event of a disaster. In this
workshop you learn to identify vulnerabilities and implement appropriate
countermeasures to prevent and mitigate threats to your mission-critical processes.
You will learn techniques for creating a business continuity plan (BCP) and the
methodology for building an infrastructure that supports its effective
implementation.
COURSE OVERVIEW
IT
SERIES
02 - 04 DECEMBER 2013
GRAND MILLENNIUM
KUALA LUMPUR
MALAYSIA
BUSINESS
CONTINUITY &
DISASTER
RECOVERY
PLANNING
EXCLUSIVE TAKEAWAY
For early bird bookings before 18-OCT-2013
FREE 1 Year Affiliate membership (worth £75)
with the Business Continuity Institute
(** refer to page 3 for further details)
2. 2
WHO SHOULD ATTEND
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Information Security Officers
Chief Technology Officers
Business Continuity Officers
Heads of Departments in Information Security
Management Information Systems, IT
Infrastructure, IT Architecture, Network
Operations, IT Operations, IT Data Center,
DataBase Management, IT Deployment
IT Business Enterprise, IT Risk Management,
IT Quality Assurance, IT Audit, Risk Management,
Internal Audit, Disaster Recovery
WHY THIS EVENT
The aim of this interactive workshop is to provide
you with the skills critical to business continuity,
disaster recovery & risk management.
After attending this workshop, you will leave
fully armed with the knowledge needed to
create a business continuity plan (BCP) and the
methodology for building an infrastructure that
supports its effective implementation.
The combination of interactive presentations,
hands-on exercises and open discussion groups
along with real case studies, ensures you will
obtain maximum value from attending.
DAY2 RISK ASSESSMENT & RECOVERY
The Business Impact Assessment (BIA)
- What is a Business Impact Assessment?
- Assessing the risk to the enterprise
- How to identify business critical activities
- Impact versus likelihood of occurrence
Establishing the Recovery Options
- Choosing a recovery site
- Specifying equipment
- Choosing suppliers
- How to select backup and restore strategies
Where is the data?
- Why you need to classify levels of information
- Managing data at rest and in transit
- Understanding data access controls
- The value of knowing where your data resides
Maintaining user connectivity
- How to communicate the disaster and recovery efforts to users
- How to identify and eliminate single points of failure
- Communicating with the media
DAY1 BCP/DRP - CONCEPTS & PRINCIPLES
Introduction to Business Continuity and Disaster Recovery Planning
- The difference between business continuity and disaster recovery
- Why a recovery plan is an integral part of an organization’s operational
strategy
Understanding where the threats come from
- Understanding codes of practice and legal/regulatory compliance
requirements
- The step-by-step process for BCP/DRP
Protecting our assets
- What are we protecting?
- What are our mission-critical processes?
- How to prioritize what is important to protect
What is risk and how do we deal with it?
- Understanding risk assessment methodologies
- Matching the response to the threat based on the risk
- Enterprise vs. local risk management
- Top business continuity planning mistakes
The need for business continuation – a case study
- Introduction of fictitious business case
- Understand business continuity/disaster recovery needs
- Documenting the continuity requirements
COURSE
CONTENT
3. 3
COURSE SCHEDULE
8.00
8.30
10.10 - 10.30
12.00 - 13.00
14.40 - 15.00
16.00
Registration & Coffee/Tea
Workshop commences
Morning coffee/tea
Lunch
Afternoon coffee/tea
End of day
“Session well organized. The trainer is very
conversant with the subject matter. Well delivered
and would definitely recommend to anyone else.”
- Habil Mutende, Manager Information Security & Change
Management, Central Bank of Kenya
“Excellent presentation, excellent attitude to
answer our questions & to share his experience.”
- Senior Manager, IT Department, Deloitte
“I have used Mark in key roles with high visibility
clients. Without hesitation I would highly
recommend Mark for any and all IT audit
engagements. His professionalism, deep
knowledge, and results oriented work style are
deeply valued by not only myself, but more
importantly by the all those who are lucky enough
to use his services.”- Russ Aebig, Director at Artesient
“We have used Mark Edmead on several projects in
the past few years including SOX readiness for
publicly traded companies and IT vulnerability
assessments for major financial institutions. He
always delivers professional and detail-oriented
workpapers on-time and within budget. Mark is
highly recommended and we will continue to use
him on other projects.”- Brenda Piazza, Director at CBIZ MHM
1
3
2
4
“Session well organized The trainer is ver1
Latest TESTIMONIALS
Affiliate members to Business Continuity Institute get access to the following membership
benefits:
- Continuity magazine – 4 per year (digital version)
- Monthly BCI ENewsletter
- Access to‘member only’section of BCI website
- Access to copies of BCI Workshop Reports
- Member rates on BCI products and services
- Networking opportunities at BCI organised events
- Access to BCI mentoring programme
- Access to discounted events
AffiAffililiatatee memembmbererss toto BBususininesesss CoContntininuiuityty IInsnstititututete ggetet aaccccesesss toto tthehe ffolollolowiwingng mmemembebersrshihipp
benefits:
**Affiliate membership to Business Continuity Institute
DAY3 PROJECT MANAGEMENT & REVIEW
BCP/DRP Project Management
- Identifying stakeholders
- Analyzing stakeholder needs
- Obtaining commitment from upper management
Review of the BCP/DRP Process
- Project initiation
- Risk analysis
- Business Impact analysis
- Develop/choose strategies
- Test and validate the plan
- Modify/update the plan
- Approve and implement the plan
Analysis of fictitious business case
Applying lessons learned
COURSE
CONTENT