SlideShare une entreprise Scribd logo

Business Continuity Management - Operational & Cyber Resilience Part 1 (white paper)

R
Richard Brooks

A structured approach to developing, implementing and running a Business Continuity Management (BCM) program is often seen as a tedious and complicated task requiring deep expertise and knowledge. BCM programs built with conventional tools also run the risk of becoming outdated quickly. It is no wonder that many risk departments in the corporate sector often still see BCM as the unwanted step- sibling, despite its importance for contributing to revenue growth. A successful BCM plan will not only maintain operations during times of crisis or disaster, but also minimise cost and reduce damage and recovery time.

Logiciels
1  sur  9
Télécharger pour lire hors ligne
Operational and Cyber Resilience Part 1: Business Continuity Management WHITE PAPER Essential steps and success factors for maturing your BCM capabilities JUNE 2019ALYNE.COM
1 The ability to successfully build Operational and Cyber Resilience is a critical component of any organisation’s need to respond effectively to crises and adapt strategically to change. Resilient organisations are agile, proactive and collaborative. These qualities are especially crucial in a business environment defined by an increasing interconnectedness of people, businesses, processes and technology— where uncertainty, risks and potential points of disruption have increased and where the accompanying size and nature of its impact are growing. In this series of white papers on Operational and Cyber Resilience, the Alyne team will be using our own experience from developing Alyne’s operational resilience capabilities to introduce 6 core and interrelated components of Operational and Cyber Resilience that we believe are essential to the development of a resilient organisation. These 6 components consist of: Business Continuity Management and Disaster Recovery, Incident Management, Risk Management, Vendor Governance and Cyber. Through this series of white papers, we would also like to reemphasise our belief here at Alyne that building resilient organisations requires a organisation-wide approach that integrates technology with the processes and people that use it. Resilience is as much technology as it is the people and the processes. In the first part of our Operational and Cyber Resilience series, we will cover Business Continuity Management. Executive Summary (SERIES) 1. https://www.pwc.com/gx/en/ceo-agenda/pulse/crisis.html 65% 57% 55% 47% CEOs surveyed feel most vulnerable when it comes to: Gathering the right information quickly An out of date business continuity plan Communicating adeqately with internal stakeholders Unclear definition of the crisis
2 Introduction A structured approach to developing, implementing and running a Business Continuity Management (BCM) program is often seen as a tedious and complicated task requiring deep expertise and knowledge. BCM programs built with conventional tools also run the risk of becoming outdated quickly. It is no wonder that many risk departments in the corporate sector often still see BCM as the unwanted step- sibling, despite its importance for contributing to revenue growth. A successful BCM plan will not only maintain operations during times of crisis or disaster, but also minimise cost and reduce damage and recovery time. Nevertheless, the importance and necessity of having an efficient, solid and audit-proof BCM Framework cannot be overstated. A successful BCM Framework is the glue that holds all the 6 components of operational resilience together—it builds overall preparedness and is a vital asset for all businesses no matter the size or type. In this white paper, we will introduce the essential steps for building a successful BCM plan and highlight key success factors for a mature BCM framework that will differentiate yours from the rest. “FAILING TO PLAN IS PLANNING TO FAIL. - ALAN LAKEIN 2. https://www.ibm.com/downloads/cas/NXG1W2VP 3. 2017 Cost of Data Breach Study: Impact of Business Continuity Management, Ponemon Institute LLC, 2017. WITH BCM IDENTIFY: 171 Days CONTAIN: Additional 50 Days TOTAL: 221 Days IDENTIFY: 214 Days CONTAIN: Additional 65 Days TOTAL: 299 Day WITHOUT BCM How long does it take to detect and contain a data breach? 3. Organisations that involve BCM data breach planning and response take 78 days less to identify and contain a data breach than companies without BCM involvement. 2. About 55% of study participants say the top challenge they face is incorporating an increasing number of business-critical systems into their recovery plans. 55% OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
3 Building a Culture of Resilience We cannot talk about developing a successful BCM Framework without first emphasising that resilience is not merely a functional process but also a culture—a way of doing things that spans across the entire organisation. A problematic yet common approach that many organisations take toward BCM is spending obscene amounts of money on buying new technology while disregarding the necessity of building processes and providing correct training for the people utilising this technology. This traditional IT-centric approach has dominated for too long and there is a strong need for modern companies to rethink their BCM approach from a holistic perspective. Your BCM plan needs to be aligned with your overall business strategy. With the right measures in place, business resilience can mature and businesses can become far more resistant to disruptions and be better equipped to preserve its financial, operational and reputational value should a crisis occur. Organisations should focus on developing a culture of resilience in the following key areas: Culture Eats Strategy for Breakfast 1. Alyned Leadership and Clear Governance Structure Successful BCM starts with strong and coherent leadership and clearly defined lines of authority. Do leaders share the same vision for the organisation? Have crisis priorities been established? Is everyone clear about their roles and responsibilities when a crisis occurs? Have lines of authority for a crisis been defined? Yet, simply answering ‘Yes’ to these questions is not enough. Successful BCM also hinges on a commitment by leadership to foster a culture of resilience. It requires continuous investment in risk evaluation, strategy and situation awareness, as well as a focus on nurturing innovation, creativity and problem solving amongst its staff. “BCM IS NOT A PROJECT, IT IS A CULTURE!” DEUTSCHE BANK IT-DIRECTOR OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
4 Forward-Looking and Change Ready Anticipation and planning. A preventative and informational plan to establish that the organisation is change-ready. Ensuring that the strategy is clear across the organisation, and that priorities are understood in the event of a crisis. Testing the preparedness can include stress test simulations. Staff Engagement and Collaboration Successful BCM also requires the right mix of skills and knowledge. Although a central part of resilience planning is in clearly defining who has authority to call out a BCM case, it is also about recognising scenarios where entrusting employees with specialised knowledge to make decisions can greatly aid the company. It also means breaking down silo mentality and encouraging greater internal and external relationship building and networking. An interconnected knowledge base is invaluable during times of crisis. “MAKE BUSINESS CONTINUITY ‘BUSINESS AS USUAL’ AND EMBED IT INTO YOUR MANAGEMENT ROUTINES AS DECISIONS ARE MADE, INSTEAD OF AN AFTERTHOUGHT ‘CHECK OFF THE BOX’ EXERCISE LATER..” - JOE TRAVERS OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER The 4 Key Components for a Successful BCM Plan 5 1. Business Impact Assessment: Defining a scope of what to protect Though simple sounding, the challenge with developing a BCM is usually that these questions are in fact, both wide in scope and have complex answers that can be highly subjective and difficult to manage. After all, what seems critical to one person might not be perceived in the same way to another. The first critical step of a successful BCM is in defining the scope of what to protect and deciding how to prioritise those assets. This can be done through a Business Impact Assessment (BIA) that asks three key questions: 1. How critical are the processes, assets, people and other objects to my business? 2. How long can I maintain operations without these objects? 3. What is the correct level of protection my objects need? In this section, we highlight the key components that you will need to consider when developing a BCM plan. IN THE DEVELOPMENT OF YOUR BCM, FOUR KEY COMPONENTS NEED TO BE CONSIDERED:
6 AT ALYNE, WE OVERCOME THIS BY UTILISING THE FUNNELS FUNCTION IN OUR APP. The Funnels function allows us to determine business impact, define tolerated down-times and establish the level of protection needed for our objects and assets. Most crucially, utilising Alyne’s funnels has 2 major benefits. First, Funnels is highly efficient in gathering data— it is both interactive and simple to use. Second, it is able to provide objectivity. Like all other functions in our app, Funnels is built by experts for other experts and integrates people, processes and technology seamlessly. 2. Defining your Business Continuity Framework Once you have identified the most critical components and objects of your business, the next step is about setting up a suitable framework for your BCM plan. When scoping the relevant controls for your BCM framework, it is highly recommended that you combine both results from your Business Impact Analysis as well as the opinions of any relevant stakeholders in your organisation. As with the development of any organisation-wide policy or document, a major pitfall of developing an effective BCM plan is the danger that it gets formulated in an ivory tower with limited perspective and without any input from people on the ground. What you end up with would then become essentially impractical and unusable when a major incident actually occurs. OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER7 3. Take measures and attach relevant documentation A well-functioning BCM framework relies heavily on documented provisions and measures. It is therefore crucial that you attach any relevant documents which are specific and easy to execute in the midst of a crisis, such as guidance on authority and roles, call sheets or recovery plans. In cases where you have existing policies or documented measures, make sure to attach them to the control framework. The more you document, the easier it becomes for internal and external stakeholders to understand and comprehend your framework. Success factors in Disaster Recovery Management 1. Have clearly defined strategies. These will differ vastly between industries and organisations. Make sure to outline per scenario exactly how you want to react, as sometimes your strategy could even dictate to do nothing. 2. Authority to invoke. Ensure that the authority is given to those who can call out a BCM case and is clearly understood by those who cannot. 3. Two very different sets of rules apply between business as usual, and a business in disaster recovery mode. Understanding the two sets of rules is crucial. 4. Disaster Recovery Management Your disaster recovery management plan should be developed in conjunction with your BCM plan. In the midst of a crisis, good disaster management enables your organisation to prioritise and focus solely on restoring business critical resources, as outlined in your BCM plan. It is not always about the speed that the organisation returns to normalcy, but the prioritisation of your most important assets and understanding the degree of impact. In 2018, a Unitrends survey on DR and Cloud adaptation showed although 75% of respondents report at least annual DR testing, 52% of them still reported poor testing performance. 52% 4. 4. https://www.unitrends.com/resources/2018-survey-results-10-findings-800-pros-handle-disaster-recovery-cloud-adoption
1. Train and test the plans It is very difficult before actually simulating the plans, to anticipate just how different the approaches from various individuals might be. At Alyne, we have regular BCM tests with different scenarios. Every training session we have, we encounter topics where all the responsible people would have reacted differently. At the end of our training sessions, we end up taking away new actions to implement to increase our resiliency. 2. Involve the whole team If your team learns about the organisation’s disaster plans for the first time in a crisis situation, the resiliency of your organisation will be poor. 3. Keep it structured A 500 page manual will not be actionable in time of crisis. There needs to be some easy to grasp governing principles and easy building blocks to enable teams to respond to effectively. Closing Thoughts: The 3 Success Factors At Alyne, we’ve experienced too many inefficient BCM frameworks. Developed in ivory towers, they are usually unimplementable or require excessive effort across the organisation to run. To combat these issues, we developed a comprehensive control library that delivers the possibility of both an advanced and basic BCM capability out of the box. Our control statements have also been developed with a holistic approach to BCM that involves experts across departments from HR to IT and from the Strategy Department to Facility Management. Alyne allows businesses to easily establish a customisable and business- specific framework tailored to its unique threats whilst fostering an organisational culture of resilience. 8 For more information, please contact our customer success team at support@alyne.com or visit our website at: www.alyne.com OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER

Recommandé

The Alignment Health Check™ Value Proposition (V.2)
The Alignment Health Check™ Value Proposition (V.2)The Alignment Health Check™ Value Proposition (V.2)
The Alignment Health Check™ Value Proposition (V.2)
Dragica Grbavac
 
Manufacturing as a competitive advantage
Manufacturing as a competitive advantageManufacturing as a competitive advantage
Manufacturing as a competitive advantage
wtgevents
 
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
UMT
 
Complexity_Challenge_in_Commercial_Lending_NR
Complexity_Challenge_in_Commercial_Lending_NRComplexity_Challenge_in_Commercial_Lending_NR
Complexity_Challenge_in_Commercial_Lending_NR
Chevy Marchosky
 
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Taylo999
 
Enterprise Project and Portfolio Management: Managing the Revolution
Enterprise Project and Portfolio Management: Managing the RevolutionEnterprise Project and Portfolio Management: Managing the Revolution
Enterprise Project and Portfolio Management: Managing the Revolution
UMT
 
Influences on IT strategy
Influences on IT strategyInfluences on IT strategy
Influences on IT strategy
Glen Alleman
 
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Luis Cabrera
 

Recommandé

The Alignment Health Check™ Value Proposition (V.2)
The Alignment Health Check™ Value Proposition (V.2)The Alignment Health Check™ Value Proposition (V.2)
The Alignment Health Check™ Value Proposition (V.2)
Dragica Grbavac
 
Manufacturing as a competitive advantage
Manufacturing as a competitive advantageManufacturing as a competitive advantage
Manufacturing as a competitive advantage
wtgevents
 
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
Portfolio Agility– From Elusive Imperative to Practical Reality: Seven Dimens...
UMT
 
Complexity_Challenge_in_Commercial_Lending_NR
Complexity_Challenge_in_Commercial_Lending_NRComplexity_Challenge_in_Commercial_Lending_NR
Complexity_Challenge_in_Commercial_Lending_NR
Chevy Marchosky
 
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Free Guide for Businesses Concerned about Business Continuity, Crisis Managem...
Taylo999
 
Enterprise Project and Portfolio Management: Managing the Revolution
Enterprise Project and Portfolio Management: Managing the RevolutionEnterprise Project and Portfolio Management: Managing the Revolution
Enterprise Project and Portfolio Management: Managing the Revolution
UMT
 
Influences on IT strategy
Influences on IT strategyInfluences on IT strategy
Influences on IT strategy
Glen Alleman
 
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Managing the Enterprise Supply Chain Industrial Engineering Management xi e-...
Luis Cabrera
 
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
UMT
 
SIT- Chapter 1
SIT- Chapter 1SIT- Chapter 1
SIT- Chapter 1
贤敬 张贤敬
 
Crm Investment In A Down Economy Final
Crm Investment In A Down Economy FinalCrm Investment In A Down Economy Final
Crm Investment In A Down Economy Final
Mark Moreno
 
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Cezar Cursaru
 
Track 4_Dale Uitto_2014 Paper
Track 4_Dale Uitto_2014 PaperTrack 4_Dale Uitto_2014 Paper
Track 4_Dale Uitto_2014 Paper
Dale Uitto, CMRP, REC, PMP
 
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
Shridhar Lolla
 
Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...
Dave Litwiller
 
Strategy value ff
Strategy value ffStrategy value ff
Strategy value ff
Farooq Omar
 
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROIBen Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
UMT
 
Avoiding blind spots in your next joint venture
Avoiding blind spots in your next joint ventureAvoiding blind spots in your next joint venture
Avoiding blind spots in your next joint venture
rob coulson
 
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Sue Antonoplos
 
PMN1115 Org Agility
PMN1115 Org AgilityPMN1115 Org Agility
PMN1115 Org Agility
HSBC Private Bank
 
Contribution to PMI article
Contribution to PMI articleContribution to PMI article
Contribution to PMI article
HSBC Private Bank
 
Performance is the new normal 20120426-preso
Performance is the new normal 20120426-presoPerformance is the new normal 20120426-preso
Performance is the new normal 20120426-preso
PERFORMENSATION
 
Nainesh crm
Nainesh crmNainesh crm
Nainesh crm
Nainesh Patel
 
Ppm wp-10 critical
Ppm wp-10 criticalPpm wp-10 critical
Ppm wp-10 critical
Referendo Org
 
Performance Conference
Performance ConferencePerformance Conference
Performance Conference
jcevelyn
 
vskills facility management expert sample material
vskills facility management expert sample materialvskills facility management expert sample material
vskills facility management expert sample material
Vskills
 
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highresPeppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
Suruli Kannan
 
IDC Energy Insights - Enterprise Risk Management
IDC Energy Insights - Enterprise Risk ManagementIDC Energy Insights - Enterprise Risk Management
IDC Energy Insights - Enterprise Risk Management
FindWhitePapers
 
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft CorporationOffice 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
Mary Marks
 
Chris Gould - BCM case
Chris Gould - BCM caseChris Gould - BCM case
Chris Gould - BCM case
Alexey Chekanov
 

Contenu connexe

Tendances

Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
UMT
 
Crm Investment In A Down Economy Final
Crm Investment In A Down Economy FinalCrm Investment In A Down Economy Final
Crm Investment In A Down Economy Final
Mark Moreno
 
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Cezar Cursaru
 
Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...
Dave Litwiller
 
Avoiding blind spots in your next joint venture
Avoiding blind spots in your next joint ventureAvoiding blind spots in your next joint venture
Avoiding blind spots in your next joint venture
rob coulson
 
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Sue Antonoplos
 
Performance is the new normal 20120426-preso
Performance is the new normal 20120426-presoPerformance is the new normal 20120426-preso
Performance is the new normal 20120426-preso
PERFORMENSATION
 

Tendances (20)

Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
Tricks of the Transformation Trade: Disruptive Disintermediation, Agility Age...
 
SIT- Chapter 1
SIT- Chapter 1SIT- Chapter 1
SIT- Chapter 1
 
Crm Investment In A Down Economy Final
Crm Investment In A Down Economy FinalCrm Investment In A Down Economy Final
Crm Investment In A Down Economy Final
 
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
Business Performance Solutions Clash Of The Titans The Market Remains Vibrant...
 
Track 4_Dale Uitto_2014 Paper
Track 4_Dale Uitto_2014 PaperTrack 4_Dale Uitto_2014 Paper
Track 4_Dale Uitto_2014 Paper
 
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
Ambiguity.Dilemma.Conflicts - The powerful force blocking growth of the orga...
 
Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...Human resources management in early stage technology companies june 2011 - ...
Human resources management in early stage technology companies june 2011 - ...
 
Strategy value ff
Strategy value ffStrategy value ff
Strategy value ff
 
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROIBen Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
Ben Chamberlain, UMT360: PPM + Financial Intelligence = Greater ROI
 
Avoiding blind spots in your next joint venture
Avoiding blind spots in your next joint ventureAvoiding blind spots in your next joint venture
Avoiding blind spots in your next joint venture
 
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
Safety Productivity Multiplier_ How to Turn Workplace Safety into a Competiti...
 
PMN1115 Org Agility
PMN1115 Org AgilityPMN1115 Org Agility
PMN1115 Org Agility
 
Contribution to PMI article
Contribution to PMI articleContribution to PMI article
Contribution to PMI article
 
Performance is the new normal 20120426-preso
Performance is the new normal 20120426-presoPerformance is the new normal 20120426-preso
Performance is the new normal 20120426-preso
 
Nainesh crm
Nainesh crmNainesh crm
Nainesh crm
 
Ppm wp-10 critical
Ppm wp-10 criticalPpm wp-10 critical
Ppm wp-10 critical
 
Performance Conference
Performance ConferencePerformance Conference
Performance Conference
 
vskills facility management expert sample material
vskills facility management expert sample materialvskills facility management expert sample material
vskills facility management expert sample material
 
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highresPeppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
Peppersand rogersgrp whitepaper_ms_dynamicscrm_07_2011_a4_highres
 
IDC Energy Insights - Enterprise Risk Management
IDC Energy Insights - Enterprise Risk ManagementIDC Energy Insights - Enterprise Risk Management
IDC Energy Insights - Enterprise Risk Management
 

Similaire à Business Continuity Management - Operational & Cyber Resilience Part 1 (white paper)

Business Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paperBusiness Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paper
Greg Cybulski, CBCP, ARM
 
Risk Management Software Implementation Guide eBook
Risk Management Software Implementation Guide eBookRisk Management Software Implementation Guide eBook
Risk Management Software Implementation Guide eBook
Glenn Peake
 
Business continuity in small business 1
Business continuity in small business 1Business continuity in small business 1
Business continuity in small business 1
John Johari
 
SMU Solved Assignment MB0052
SMU Solved Assignment MB0052SMU Solved Assignment MB0052
SMU Solved Assignment MB0052
Revlon
 
A laypersons guide to business continuity management richard (2)
A laypersons guide to business continuity management richard (2)A laypersons guide to business continuity management richard (2)
A laypersons guide to business continuity management richard (2)
leemond25
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115
Andrew Smart
 

Similaire à Business Continuity Management - Operational & Cyber Resilience Part 1 (white paper) (20)

Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft CorporationOffice 2007 In Business Continuity Whitepaper: Microsoft Corporation
Office 2007 In Business Continuity Whitepaper: Microsoft Corporation
 
Chris Gould - BCM case
Chris Gould - BCM caseChris Gould - BCM case
Chris Gould - BCM case
 
Business Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paperBusiness Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paper
 
Risk Management Software Implementation Guide eBook
Risk Management Software Implementation Guide eBookRisk Management Software Implementation Guide eBook
Risk Management Software Implementation Guide eBook
 
Risk Intelligence
Risk IntelligenceRisk Intelligence
Risk Intelligence
 
Strategies for Business Continuity_ Navigating Challenges and Ensuring Resili...
Strategies for Business Continuity_ Navigating Challenges and Ensuring Resili...Strategies for Business Continuity_ Navigating Challenges and Ensuring Resili...
Strategies for Business Continuity_ Navigating Challenges and Ensuring Resili...
 
Grooming A BCM Culture
Grooming A BCM Culture Grooming A BCM Culture
Grooming A BCM Culture
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
 
Business continuity in small business 1
Business continuity in small business 1Business continuity in small business 1
Business continuity in small business 1
 
A Proactive Approach to Business Continuity
A Proactive Approach to Business ContinuityA Proactive Approach to Business Continuity
A Proactive Approach to Business Continuity
 
The Ultimate Guide To Business Continuity
The Ultimate Guide To Business ContinuityThe Ultimate Guide To Business Continuity
The Ultimate Guide To Business Continuity
 
SMU Solved Assignment MB0052
SMU Solved Assignment MB0052SMU Solved Assignment MB0052
SMU Solved Assignment MB0052
 
ARMnet Business Intelligence White Paper
ARMnet Business Intelligence White PaperARMnet Business Intelligence White Paper
ARMnet Business Intelligence White Paper
 
Business Intelligence White Paper
Business Intelligence White PaperBusiness Intelligence White Paper
Business Intelligence White Paper
 
Take Control of Business Performance Now
Take Control of Business Performance NowTake Control of Business Performance Now
Take Control of Business Performance Now
 
CRM and National Security: Five Essential Software Capabilities
CRM and National Security: Five Essential Software CapabilitiesCRM and National Security: Five Essential Software Capabilities
CRM and National Security: Five Essential Software Capabilities
 
A laypersons guide to business continuity management richard (2)
A laypersons guide to business continuity management richard (2)A laypersons guide to business continuity management richard (2)
A laypersons guide to business continuity management richard (2)
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115
 
BUSINESS-CONTINUITY-AND-DISASTER-RECOVERY.pptx
BUSINESS-CONTINUITY-AND-DISASTER-RECOVERY.pptxBUSINESS-CONTINUITY-AND-DISASTER-RECOVERY.pptx
BUSINESS-CONTINUITY-AND-DISASTER-RECOVERY.pptx
 
Business Continuity
Business ContinuityBusiness Continuity
Business Continuity
 

Dernier

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 

Dernier (20)

Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Business Continuity Management - Operational & Cyber Resilience Part 1 (white paper)

  • 1. Operational and Cyber Resilience Part 1: Business Continuity Management WHITE PAPER Essential steps and success factors for maturing your BCM capabilities JUNE 2019ALYNE.COM
  • 2. 1 The ability to successfully build Operational and Cyber Resilience is a critical component of any organisation’s need to respond effectively to crises and adapt strategically to change. Resilient organisations are agile, proactive and collaborative. These qualities are especially crucial in a business environment defined by an increasing interconnectedness of people, businesses, processes and technology— where uncertainty, risks and potential points of disruption have increased and where the accompanying size and nature of its impact are growing. In this series of white papers on Operational and Cyber Resilience, the Alyne team will be using our own experience from developing Alyne’s operational resilience capabilities to introduce 6 core and interrelated components of Operational and Cyber Resilience that we believe are essential to the development of a resilient organisation. These 6 components consist of: Business Continuity Management and Disaster Recovery, Incident Management, Risk Management, Vendor Governance and Cyber. Through this series of white papers, we would also like to reemphasise our belief here at Alyne that building resilient organisations requires a organisation-wide approach that integrates technology with the processes and people that use it. Resilience is as much technology as it is the people and the processes. In the first part of our Operational and Cyber Resilience series, we will cover Business Continuity Management. Executive Summary (SERIES) 1. https://www.pwc.com/gx/en/ceo-agenda/pulse/crisis.html 65% 57% 55% 47% CEOs surveyed feel most vulnerable when it comes to: Gathering the right information quickly An out of date business continuity plan Communicating adeqately with internal stakeholders Unclear definition of the crisis
  • 3. 2 Introduction A structured approach to developing, implementing and running a Business Continuity Management (BCM) program is often seen as a tedious and complicated task requiring deep expertise and knowledge. BCM programs built with conventional tools also run the risk of becoming outdated quickly. It is no wonder that many risk departments in the corporate sector often still see BCM as the unwanted step- sibling, despite its importance for contributing to revenue growth. A successful BCM plan will not only maintain operations during times of crisis or disaster, but also minimise cost and reduce damage and recovery time. Nevertheless, the importance and necessity of having an efficient, solid and audit-proof BCM Framework cannot be overstated. A successful BCM Framework is the glue that holds all the 6 components of operational resilience together—it builds overall preparedness and is a vital asset for all businesses no matter the size or type. In this white paper, we will introduce the essential steps for building a successful BCM plan and highlight key success factors for a mature BCM framework that will differentiate yours from the rest. “FAILING TO PLAN IS PLANNING TO FAIL. - ALAN LAKEIN 2. https://www.ibm.com/downloads/cas/NXG1W2VP 3. 2017 Cost of Data Breach Study: Impact of Business Continuity Management, Ponemon Institute LLC, 2017. WITH BCM IDENTIFY: 171 Days CONTAIN: Additional 50 Days TOTAL: 221 Days IDENTIFY: 214 Days CONTAIN: Additional 65 Days TOTAL: 299 Day WITHOUT BCM How long does it take to detect and contain a data breach? 3. Organisations that involve BCM data breach planning and response take 78 days less to identify and contain a data breach than companies without BCM involvement. 2. About 55% of study participants say the top challenge they face is incorporating an increasing number of business-critical systems into their recovery plans. 55% OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
  • 4. 3 Building a Culture of Resilience We cannot talk about developing a successful BCM Framework without first emphasising that resilience is not merely a functional process but also a culture—a way of doing things that spans across the entire organisation. A problematic yet common approach that many organisations take toward BCM is spending obscene amounts of money on buying new technology while disregarding the necessity of building processes and providing correct training for the people utilising this technology. This traditional IT-centric approach has dominated for too long and there is a strong need for modern companies to rethink their BCM approach from a holistic perspective. Your BCM plan needs to be aligned with your overall business strategy. With the right measures in place, business resilience can mature and businesses can become far more resistant to disruptions and be better equipped to preserve its financial, operational and reputational value should a crisis occur. Organisations should focus on developing a culture of resilience in the following key areas: Culture Eats Strategy for Breakfast 1. Alyned Leadership and Clear Governance Structure Successful BCM starts with strong and coherent leadership and clearly defined lines of authority. Do leaders share the same vision for the organisation? Have crisis priorities been established? Is everyone clear about their roles and responsibilities when a crisis occurs? Have lines of authority for a crisis been defined? Yet, simply answering ‘Yes’ to these questions is not enough. Successful BCM also hinges on a commitment by leadership to foster a culture of resilience. It requires continuous investment in risk evaluation, strategy and situation awareness, as well as a focus on nurturing innovation, creativity and problem solving amongst its staff. “BCM IS NOT A PROJECT, IT IS A CULTURE!” DEUTSCHE BANK IT-DIRECTOR OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
  • 5. 4 Forward-Looking and Change Ready Anticipation and planning. A preventative and informational plan to establish that the organisation is change-ready. Ensuring that the strategy is clear across the organisation, and that priorities are understood in the event of a crisis. Testing the preparedness can include stress test simulations. Staff Engagement and Collaboration Successful BCM also requires the right mix of skills and knowledge. Although a central part of resilience planning is in clearly defining who has authority to call out a BCM case, it is also about recognising scenarios where entrusting employees with specialised knowledge to make decisions can greatly aid the company. It also means breaking down silo mentality and encouraging greater internal and external relationship building and networking. An interconnected knowledge base is invaluable during times of crisis. “MAKE BUSINESS CONTINUITY ‘BUSINESS AS USUAL’ AND EMBED IT INTO YOUR MANAGEMENT ROUTINES AS DECISIONS ARE MADE, INSTEAD OF AN AFTERTHOUGHT ‘CHECK OFF THE BOX’ EXERCISE LATER..” - JOE TRAVERS OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
  • 6. OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER The 4 Key Components for a Successful BCM Plan 5 1. Business Impact Assessment: Defining a scope of what to protect Though simple sounding, the challenge with developing a BCM is usually that these questions are in fact, both wide in scope and have complex answers that can be highly subjective and difficult to manage. After all, what seems critical to one person might not be perceived in the same way to another. The first critical step of a successful BCM is in defining the scope of what to protect and deciding how to prioritise those assets. This can be done through a Business Impact Assessment (BIA) that asks three key questions: 1. How critical are the processes, assets, people and other objects to my business? 2. How long can I maintain operations without these objects? 3. What is the correct level of protection my objects need? In this section, we highlight the key components that you will need to consider when developing a BCM plan. IN THE DEVELOPMENT OF YOUR BCM, FOUR KEY COMPONENTS NEED TO BE CONSIDERED:
  • 7. 6 AT ALYNE, WE OVERCOME THIS BY UTILISING THE FUNNELS FUNCTION IN OUR APP. The Funnels function allows us to determine business impact, define tolerated down-times and establish the level of protection needed for our objects and assets. Most crucially, utilising Alyne’s funnels has 2 major benefits. First, Funnels is highly efficient in gathering data— it is both interactive and simple to use. Second, it is able to provide objectivity. Like all other functions in our app, Funnels is built by experts for other experts and integrates people, processes and technology seamlessly. 2. Defining your Business Continuity Framework Once you have identified the most critical components and objects of your business, the next step is about setting up a suitable framework for your BCM plan. When scoping the relevant controls for your BCM framework, it is highly recommended that you combine both results from your Business Impact Analysis as well as the opinions of any relevant stakeholders in your organisation. As with the development of any organisation-wide policy or document, a major pitfall of developing an effective BCM plan is the danger that it gets formulated in an ivory tower with limited perspective and without any input from people on the ground. What you end up with would then become essentially impractical and unusable when a major incident actually occurs. OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER
  • 8. OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER7 3. Take measures and attach relevant documentation A well-functioning BCM framework relies heavily on documented provisions and measures. It is therefore crucial that you attach any relevant documents which are specific and easy to execute in the midst of a crisis, such as guidance on authority and roles, call sheets or recovery plans. In cases where you have existing policies or documented measures, make sure to attach them to the control framework. The more you document, the easier it becomes for internal and external stakeholders to understand and comprehend your framework. Success factors in Disaster Recovery Management 1. Have clearly defined strategies. These will differ vastly between industries and organisations. Make sure to outline per scenario exactly how you want to react, as sometimes your strategy could even dictate to do nothing. 2. Authority to invoke. Ensure that the authority is given to those who can call out a BCM case and is clearly understood by those who cannot. 3. Two very different sets of rules apply between business as usual, and a business in disaster recovery mode. Understanding the two sets of rules is crucial. 4. Disaster Recovery Management Your disaster recovery management plan should be developed in conjunction with your BCM plan. In the midst of a crisis, good disaster management enables your organisation to prioritise and focus solely on restoring business critical resources, as outlined in your BCM plan. It is not always about the speed that the organisation returns to normalcy, but the prioritisation of your most important assets and understanding the degree of impact. In 2018, a Unitrends survey on DR and Cloud adaptation showed although 75% of respondents report at least annual DR testing, 52% of them still reported poor testing performance. 52% 4. 4. https://www.unitrends.com/resources/2018-survey-results-10-findings-800-pros-handle-disaster-recovery-cloud-adoption
  • 9. 1. Train and test the plans It is very difficult before actually simulating the plans, to anticipate just how different the approaches from various individuals might be. At Alyne, we have regular BCM tests with different scenarios. Every training session we have, we encounter topics where all the responsible people would have reacted differently. At the end of our training sessions, we end up taking away new actions to implement to increase our resiliency. 2. Involve the whole team If your team learns about the organisation’s disaster plans for the first time in a crisis situation, the resiliency of your organisation will be poor. 3. Keep it structured A 500 page manual will not be actionable in time of crisis. There needs to be some easy to grasp governing principles and easy building blocks to enable teams to respond to effectively. Closing Thoughts: The 3 Success Factors At Alyne, we’ve experienced too many inefficient BCM frameworks. Developed in ivory towers, they are usually unimplementable or require excessive effort across the organisation to run. To combat these issues, we developed a comprehensive control library that delivers the possibility of both an advanced and basic BCM capability out of the box. Our control statements have also been developed with a holistic approach to BCM that involves experts across departments from HR to IT and from the Strategy Department to Facility Management. Alyne allows businesses to easily establish a customisable and business- specific framework tailored to its unique threats whilst fostering an organisational culture of resilience. 8 For more information, please contact our customer success team at support@alyne.com or visit our website at: www.alyne.com OPERATIONAL & CYBER RESILIENCE: PART 1 - BCM | WHITE PAPER