際際滷

際際滷Share a Scribd company logo

Business Continuity

D
dlfrench

Business continuity requires executive management commitment, participation across the entire organization, adherence to established standards, and delegated authority to enforce compliance. Without full management support and buy-in, business continuity initiatives are unlikely to succeed and will waste resources. Key components include developing policies, guidelines, and procedures; assessing critical business functions; creating disaster recovery and continuity plans; and designating an executive champion to resolve issues and enforce compliance.

1 of 14
Business Continuity Mt Xia Inc. May 2011 Concepts and Methodology http://www.mtxia.com 615.556.0456
Overview Business Continuity is: an executive management responsibility, not IT. NOT equivalent to Disaster Recovery. a methodology and mentality of conducting day-to-day business. practiced by every member of an organization in the execution of every task they conduct. is championed, supported, and strictly enforced by executive management.
The Problem Personnel resource utilization to maximize productivity. ??? How to best utilize personnel to reduce overall costs. Personnel turnover and loss of knowledge base. Regulatory Compliance Audit Compliance Information availability and integrity Recoverability of business functions Customer confidence
The Solution With the committed support of executive management, implement an enterprise wide initiative that converts existing business functions into a business continuity environment. Time C O S T No business continuity planning Business continuity planning w/o management commitment Business continuity planning w/ management committment
What are the components of Business Continuity? Orienting an organization around a business continuity mentality and methodology is much like building a house and consists of the following components: Foundation Provides a basis upon which to build Pillars Evenly distributes the weight of the structure upon the foundation Walls For storage, security, segmentation, privacy, and public areas Roof Protects the underlying structure from the elements.
The Foundation of Business Continuity In our construction analogy, the foundation consists of the following: Policies those things mandated by management of an organization that will always be performed according to a preset design plan, and supporting all business functions within an organization. Guidelines those things which are recommended to be performed according to a preset design plan. However depending upon the needs and requirements of the target business function, these items may or may not be performed, or may be altered during implementations. Standards consists of the technical specifications for the implementation of all business functions, and are derived from the Policies and Guidelines. Procedures the step-by-step instructions for the implementation of organizational Standards as applied to any business function.
The Pillars of Business Continuity Resource Planning Personnel Equipment Facilities Communications Management Organizational Structure Training Skills inventory Critical skill redundancy Management commitment Long term vision and goals Willingness to delegate compliance authority Authority to require and enforce BC compliance at all organizational levels
The Walls of Business Continuity Business Function Scope Who? What? When? Where? How? Business Impact Analysis Complete Business Function Inventory Determination of Critical Business Functions Determination of RTO and RPO for each business function Service Level Agreements SLA to be created for every business function including production, test, development, and quality assurance. Enterprise Level Disaster Recovery Plan A disaster recovery plan must be derived from an enterprise level down, not from a software application level up. The same is true for a business continuity plan, this must be at the beginning of project planning, not the end.
The Roof of Business Continuity Executive Management Champion of Business Continuity Resolves to a individual or title such as CIO or CEO Enforces BC compliance at all organization levels Final word rests here, ties go to BC compliance Comprehensive Business Continuity Plan Includes all departments, divisions, and locations. Can be implemented in multiple parts Each part must support comprehensive BC view Business Continuity is the rule deviation requires executive management approval and budget adjustments to compensate effected departments. Participation and compliance by all personnel is required this includes sales and marketing!
Where is the IT department so far? Notice the IT department has not been mentioned anywhere thus far! Why? See the first bullet point on slide number MXBC-2 Business Continuity is an executive management responsibility, NOT IT! Everything that has been discuss so far is the responsibility of executive management and is concerned with making business decisions. For example, the IT department MUST NOT be making the following management decisions: Which business functions are critical? How long can a business function be off-line? How much data can be lost without adversely effecting the business? What commitments will be promised to customers by our Service Level Agreement contracts? What business functions will be eliminated if a catastrophic event occurs What jobs will be eliminated if a catastrophic event occurs? ...
What does management commitment mean? What is management commitment? When a sales person or division manager submits a project to be implemented to the IT department: The implementation team has the authority and managements backing to reject the request, if business continuity principles cannot or will not be preserved. When the sales person or division manager goes over the head of the IT department, executive management is committed to preserving the established business continuity principles. When the division manager insists this project must be implemented immediately, and that business continuity principles will have to be retrofitted in later, executive management is committed to a charge back on the project to the division manager of 5 times the cost of a business continuity compatible deployment. The additional charge back revenue is added to the IT department budget to accommodate the non-standard project and to cover the cost of retrofitting at a later date.
Can we do this? Business Continuity as an enterprise wide mentality and methodology of conducting day-to-day business: Executive management must be committed to enforcing this policy, if not, do not even start a business continuity initiative. Without this level of management commitment, a BC initiative will fail, and will only cost the organization time and money. See Chart.
Summary Business Continuity requires: Management commitment Enterprise wide participation Establishment and strict adherence to standards Delegation of authority to enforce compliance Business Continuity is a waste of time, energy and money: Without managements commitment to it's success If the implementers are not confident about their authority to reject non-compliant work. If the implementers are afraid of confrontation If the executive management champion is afraid of confrontation.
Contact Information Mt Xia Inc. http://www.mtxia.com Dana French, President 615.556.0456

More Related Content

Business Continuity

  • 1. Business Continuity Mt Xia Inc. May 2011 Concepts and Methodology http://www.mtxia.com 615.556.0456
  • 2. Overview Business Continuity is: an executive management responsibility, not IT. NOT equivalent to Disaster Recovery. a methodology and mentality of conducting day-to-day business. practiced by every member of an organization in the execution of every task they conduct. is championed, supported, and strictly enforced by executive management.
  • 3. The Problem Personnel resource utilization to maximize productivity. ??? How to best utilize personnel to reduce overall costs. Personnel turnover and loss of knowledge base. Regulatory Compliance Audit Compliance Information availability and integrity Recoverability of business functions Customer confidence
  • 4. The Solution With the committed support of executive management, implement an enterprise wide initiative that converts existing business functions into a business continuity environment. Time C O S T No business continuity planning Business continuity planning w/o management commitment Business continuity planning w/ management committment
  • 5. What are the components of Business Continuity? Orienting an organization around a business continuity mentality and methodology is much like building a house and consists of the following components: Foundation Provides a basis upon which to build Pillars Evenly distributes the weight of the structure upon the foundation Walls For storage, security, segmentation, privacy, and public areas Roof Protects the underlying structure from the elements.
  • 6. The Foundation of Business Continuity In our construction analogy, the foundation consists of the following: Policies those things mandated by management of an organization that will always be performed according to a preset design plan, and supporting all business functions within an organization. Guidelines those things which are recommended to be performed according to a preset design plan. However depending upon the needs and requirements of the target business function, these items may or may not be performed, or may be altered during implementations. Standards consists of the technical specifications for the implementation of all business functions, and are derived from the Policies and Guidelines. Procedures the step-by-step instructions for the implementation of organizational Standards as applied to any business function.
  • 7. The Pillars of Business Continuity Resource Planning Personnel Equipment Facilities Communications Management Organizational Structure Training Skills inventory Critical skill redundancy Management commitment Long term vision and goals Willingness to delegate compliance authority Authority to require and enforce BC compliance at all organizational levels
  • 8. The Walls of Business Continuity Business Function Scope Who? What? When? Where? How? Business Impact Analysis Complete Business Function Inventory Determination of Critical Business Functions Determination of RTO and RPO for each business function Service Level Agreements SLA to be created for every business function including production, test, development, and quality assurance. Enterprise Level Disaster Recovery Plan A disaster recovery plan must be derived from an enterprise level down, not from a software application level up. The same is true for a business continuity plan, this must be at the beginning of project planning, not the end.
  • 9. The Roof of Business Continuity Executive Management Champion of Business Continuity Resolves to a individual or title such as CIO or CEO Enforces BC compliance at all organization levels Final word rests here, ties go to BC compliance Comprehensive Business Continuity Plan Includes all departments, divisions, and locations. Can be implemented in multiple parts Each part must support comprehensive BC view Business Continuity is the rule deviation requires executive management approval and budget adjustments to compensate effected departments. Participation and compliance by all personnel is required this includes sales and marketing!
  • 10. Where is the IT department so far? Notice the IT department has not been mentioned anywhere thus far! Why? See the first bullet point on slide number MXBC-2 Business Continuity is an executive management responsibility, NOT IT! Everything that has been discuss so far is the responsibility of executive management and is concerned with making business decisions. For example, the IT department MUST NOT be making the following management decisions: Which business functions are critical? How long can a business function be off-line? How much data can be lost without adversely effecting the business? What commitments will be promised to customers by our Service Level Agreement contracts? What business functions will be eliminated if a catastrophic event occurs What jobs will be eliminated if a catastrophic event occurs? ...
  • 11. What does management commitment mean? What is management commitment? When a sales person or division manager submits a project to be implemented to the IT department: The implementation team has the authority and managements backing to reject the request, if business continuity principles cannot or will not be preserved. When the sales person or division manager goes over the head of the IT department, executive management is committed to preserving the established business continuity principles. When the division manager insists this project must be implemented immediately, and that business continuity principles will have to be retrofitted in later, executive management is committed to a charge back on the project to the division manager of 5 times the cost of a business continuity compatible deployment. The additional charge back revenue is added to the IT department budget to accommodate the non-standard project and to cover the cost of retrofitting at a later date.
  • 12. Can we do this? Business Continuity as an enterprise wide mentality and methodology of conducting day-to-day business: Executive management must be committed to enforcing this policy, if not, do not even start a business continuity initiative. Without this level of management commitment, a BC initiative will fail, and will only cost the organization time and money. See Chart.
  • 13. Summary Business Continuity requires: Management commitment Enterprise wide participation Establishment and strict adherence to standards Delegation of authority to enforce compliance Business Continuity is a waste of time, energy and money: Without managements commitment to it's success If the implementers are not confident about their authority to reject non-compliant work. If the implementers are afraid of confrontation If the executive management champion is afraid of confrontation.
  • 14. Contact Information Mt Xia Inc. http://www.mtxia.com Dana French, President 615.556.0456