12810612 business continuity planning
TRANSCRIPT
-
8/6/2019 12810612 Business Continuity Planning
1/87
_______________________________________________________________
Symbiosis Institute of Telecom Management, Pune 1
TABLE OF CONTENTS
Chapter Contents Page
1.0 INTRODUCTION 1
2.0 BUSINESS CONTINUITY PLANNING 32.1 Real Time Enterprise & BCP 32.2 BC Components 42.3 Evolution of BCP 42.4 Creating Business Continuity Plans 52.5 The Business Continuity Organisation & Policy 6
3.0 PHASES OF BUSINESS CONTINUITYPLANNING
8
3.1 Stages of BCP 83.2 BC Models 83.3 BCM & Strategic Planning 93.4 Business Continuity Management &
Organisational Culture19
3.5 Key Drivers for BCM Cultural Change 22
3.6 BC Maintenance Process 26
3.7 BC Audit Process 263.8 Excercising BCM 273.9 Maintenance of BCM 283.10 Audit of BCM 283.11 Deliverables
4.0 DISASTER RECOVERY PLANNING 334.1 Organising and Executing DR projects 344.2 Business Impact Analysis & Goals 344.3 Disaster Recovery Team 364.4 Standardized sections of DR Plan 374.5 Implementing Recovery Processes and
Technologies38
4.6 Disaster Recovery Components 394.7 Ensuring Continued Effectiveness of DR Plan 41
5.0 BUSINESS CONTINUITY MANAGEMENT 425.1 The BCP Process 445.2 Crisis Classifications 505.3 Crisis management Teams 525.3 Availability of Specialist Support 555.6 Conclusions 56
LIVE PROJECT FOR LAWRENCE &
-
8/6/2019 12810612 Business Continuity Planning
2/87
_______________________________________________________________
Symbiosis Institute of Telecom Management, Pune 2
6.0 ASSOCIATES 586.1 Company Profile 586.2 Objective 586.3 Methodology 58
6.4 Findings 596.5 Recommendations 59
7.0 Future Trends 60
Annexure 1 Sample Questionnaire 62Annexure 2 Glossary 65
-
8/6/2019 12810612 Business Continuity Planning
3/87
_______________________________________________________________
Symbiosis Institute of Telecom Management, Pune 3
CHAPTER 1
INTRODUCTION
According to some experts, Disaster Recovery and Business Continuity are twoterms of advanced versions of old data backup and recovery tricks practised by ITManagers for many years. However, the solutions built around modern data storagetechnologies have transformed these basic data storage products into high-endsophisticated systems.
According to a recent survey done by KPMG to gauge the preparedness of IndianIndustry on Business continuity management, Majority of Indian companies including
those in the information and telecommunication sector do not have any BCM plan inplace.
Industry experts feel that the recent scare of war in the subcontinent and the recentGulf War and the War against terrorism has renewed the security concerns ofoverseas companies particularly after the September 11 episode. The companiesthat are already outsourcing to India or are planning to outsource in the future, arenow quite sensitive about the security related issues. Indian software and servicescompanies are facing immense pressure from the overseas clients to invest inbusiness continuity and disaster recovery plans.
Sanjay Dhawan, Executive Director, Information Risk management, KPMGconfirmed, the companies will be under pressure to comfort their clients. In fact,BCP has become a critical part of the delivery model and you cannot do businesswithout it.
According to the KPMG Survey, 79% of the companies did not have a documentedand tested BCM Plan and 64% of the companies that are highly dependant on IT donot have any plans in place to address business disruption risks. The survey alsorevealed that 64%of the organisations that responded, have not envisaged any kindof alternate facility to ensure continuity of business in case of a major disaster and21% of the organisations were storing their entire backup data on site locations only.
Ernst & Young Director of Information Systems Assurance and Advisory ServicesSunil Chandiramani also agrees in this regard. Companies will have to take upsecurity concerns more seriously to reassure their clients, hesaid..
-
8/6/2019 12810612 Business Continuity Planning
4/87
_______________________________________________________________
Symbiosis Institute of Telecom Management, Pune 4
This report analyses various issues related to the Business Continuity Planning andDisaster Recovery Systems. Chapter 2 deals in detail about the Business ContinuityPlanning. It also covers BCP Lifecycle, the SLA Management, and BusinessContinuity Components along with various issues in implementation. Asia Pacific
Market trends are also included. BCP phases are covered in detail in Chapter 3.
Chapter 4 deals with the Disaster Recovery Planning including the DisasterRecovery Architecture, Business Impact Analysis, Risk assessment, DR Strategiesand various phases in DR.
Chapter 5 deals with the Business Continuity management. Chapter 6 include a livebusiness case implemented for a Software Services company based in Chennai byour research team. Findings and recommendations of the case are presented.
Chapter 7 includes the conclusion and the future trends of the BCP solutions market
in India and Asia Pacific Region.
Annexure includes the pre-assessment form for the case included in Chapter 6 andthe Glossary.
-
8/6/2019 12810612 Business Continuity Planning
5/87
Symbiosis Institute of Telecom Management, Pune 5
CHAPTER 2
BUSINESS CONTINUITY PLANNING
Business Continuity Planning means ensuring the continuity or uninterruptedprovision of operations and services. Business Continuity Management is anon-going process with several different but complementary elements. Planningfor business continuity is a comprehensive process that includes disasterrecovery, business recovery, business resumption, and contingency planning.
Business Continuity Planning, therefore, is a comprehensive process to ensurethe continuation and improvement of business in the face of whateverchallenges a firm may face. Continuity planning requires that these manyprocesses be used together, to create a complete continuity plan. The planmust be maintained and updated as business processes change.
2.1 Real Time Enterprise and BCP
Real time enterprises cannot afford to accept the risks associated with businesscontinuity vulnerabilities because the consequences can be fatal. Business is movingfaster than ever before with real time enterprises concentrating on the businessprocess integration. There has been a significant reliance on partners in the valuechain with faster flows and immediate responses. Yet, less than 25% of the Global2000 enterprises have invested in Business continuity Planning and only 50% havefully tested disaster recovery plans. (Source: Gartner Symposium IT Expo 2002).
In this tough environment, it is tempting to cut resources in business continuityplanning. Many enterprises mistakenly view BCP as an insurance policy they willever need. Yet thousands of enterprises have invoked their recovery plans withSunGuard and IBM BCRS over the past 10 years.
Historically, BC was focussed on protection against unlikely but large events fire,flood, and natural disasters. With Real time enterprises, however even the smallestof interruption in service from a critical supplier or outside provider, or a potentialbusiness impact caused by the economy can have serious business consequences.Those enterprises which have BCP are confident in their ability to adapt and survive,
whether the incident or situation facing them.
-
8/6/2019 12810612 Business Continuity Planning
6/87
Symbiosis Institute of Telecom Management, Pune 6
2.2 BC Components
The five components of Business Continuity Planning are disaster recovery,business recovery, business redemption, contingency planning and crisismanagement. The crisis management component addresses the management of theevent, and the plans to protect the employees, and maintain the confidence in thebusiness regardless of the type of business interruption.
Real time enterprises do not change the five components of BCP. However, it places
more emphasis on the enterprises contingency and crisis management plansbecause of the public nature of outages and the increasing reliance on externalservice providers for processing. It also shortens recovery point and time objectivestowards real time-24 x 7 continuous availability.
2.3 Evolution of BCP
Business Continuity Planning had evolved significantly during the past 20 years. Inearly 90s,BCP was IT disaster recovery, which provided protection from naturaldisasters and critical component failure by enabling recovery in another data centerin about 72 hours. In the mid 90s,enterprises added business process protection,
and recovery plans were developed. In late 90s,as enterprises re-engineered theirbusiness processes from the year 2000 remediation perspective, it became apparentthat traditional recovery plans with 72 hour recovery periods were not good enough.Thus, enterprises significantly increased the spending to gain recovery times ofbetween 4 and 24 hours.The evolution toward e-commerce resulted in yet another discontinuity affectingBCP. For many real time enterprises; a 4 to 24 hour site outage would causeirreparable damage to the enterprise. Consequently, many enterprises are
DisasterRecovery
BusinessRecovery
BusinessRedemption
ContingencyPlanning
Objective Mission criticalOperations
Mission CriticalBusiness Proces
BusinessProcessworkarounds
External Event
Focus Site or
Component Outage(External)
Site Outage
(External)
Application
Outage(internal)
External Behavior
forcing change tointernal
Deliverable Disaster RecoveryPlan
BusinessRecovery Plan
AlternativeProcessingPlan
BusinessContingency Plan
Sample Events Critical server
failure
Electrical
outage ina building
Credit
Authorizationsystem down
Main supplier cannot
Ship due to its ownproblem
Sample Solutions Recovery site indifferent location
Recovery siteIn a different
power grid
Manual Proced 25% Backup of vitalproducts;
Backup supplierCrisis management
-
8/6/2019 12810612 Business Continuity Planning
7/87
Symbiosis Institute of Telecom Management, Pune 7
incorporating BCP into their business process, application and technologyarchitecture designs and building in continuous 24 x 7 availability. Businesscontinuity plan must now address new scenarios and BC processes must integratewith a greater number of enterprise processes. One of the most important lessonslearned is that people issues need to take center stage in planning safety,
communication and resiliency in workspace and process issues. As a result, crisismanagement plans and call trees are being created or updated, as are contingencyplans regarding availability of outside service providers and partners.
2.4 Creating Business Continuity Plans
PROCESS
Change Manageme Education Testing ReviewTesting
Group plans anprocedures
Risk reduction Implement Standfacilities
Create Planning organisationRecovery Strategy
Risk AnalysisBusiness Impact Analysis
Source: Gartner
The foundation of BCP success is senior management sponsorship andparticipation. Another critical success factor is building BC into enterprise culture byweaving BC processes into the life cycle of every project and change managementprocess. In the requirements phase, the Business Impact Analysis(BIA) identifies what the enterprise has at risk and which business process are mostcritical, thereby prioritising risk management and recovery investments.
The direct/indirect impact of business interruptions is assessed over time, resulting inrequirements for recovery time and point objectives. Risk analysis identifies theenterprises vulnerability to risks so that they can be mitigated in the project designphase. In the architecture and design phase, recovery strategies and processes are
developed. When cost of recovery is outside the project budget, enterprises mostoften go back to the business requirements to re-justify the investment or change therequirements. During construction, detailed plans and procedures are created bythose responsible for daily operation of the processes. The recovery process mustbe tested prior to implementation to ensure that requirements can be met. A processis then established to keep the plan current by initiating a review of every change tobusiness process or systems.
Business Continuity Planning Initiation
Policy Organisation Resources Scope
-
8/6/2019 12810612 Business Continuity Planning
8/87
Symbiosis Institute of Telecom Management, Pune 8
2.6 The BC Organisation and Policy
BCP is an important cross-enterprise process, yet many enterprises do it poorly orinconsistently. Although it is clearly in the interests of enterprises to apply bestpractices to BCP Processes, most struggle to marshall resources, support and focus.
From a pragmatic perspective, there needs to be a formal organisation, ideallyreporting to the head of risk management or the Chief Operating Officer.
The BC organisation is responsible for setting policy and structure, compliancemonitoring and status reporting. The BC manager however does not developdetailed recovery plans
All process are dependent on each other, so there must be a coordination processand resources to make sure dependencies are dealt with, but also to shareknowledge, best practice and resources. Most organisations organising businesscontinuity management within IT fail to develop effective enterprise wide BC Plans
because of lack of credibility, funding or governance.
BC Organisation
BCP Policy
Objective
Ensure that critical business activities are maintained or restored as quickly aspossible following a major disaster/failure affecting essential services/facilities.
Maintain confidence in the business, internally and externally following a disaster.
Executive Sponsor
BC Steering Council
BC Manager
BC Team
Crisis Management
Damage Assess
IT DR Team
Bus. Process Team
Audit
-
8/6/2019 12810612 Business Continuity Planning
9/87
Symbiosis Institute of Telecom Management, Pune 9
Scope
All work processes, computing systems, information and third party businesspartners, regardless of location.
Responsibilities
Information owners must ensure that
Critical processes are identified and prioritized. The potential impact of various types of disasters is regularly assessed.
Responsibilities and emergencies arrangements are defined. All procedures and responsibilities are documented.
The BC Plan is communicated to all necessary individuals. The business continuity plan is regularly tested.
The business continuity plan is correct, complete and up to date.
Compliance
Internal audit and the BCM will regularly monitor for compliance, includingpublication of test results.
-
8/6/2019 12810612 Business Continuity Planning
10/87
Symbiosis Institute of Telecom Management, Pune 10
CHAPTER 3
PHASES OF BUSINESS CONTINUITY PLANNING
3.1 Stages of BCP
Stage 1: Business Continuity Management Strategies
Strategy is a broad and all encompassing term. It usually refers to formation of a
vision and direction of an organization; setting mission statements, identifying
markets and objectives so that the raison detre of the organization can be achieved.
In the context of BCM, it concerns the determination and selection of alternative
operating strategies to be used to maintain the organisations mission critical
activities. Experience and good practice clearly identifies that the early provision of
an organizational (corporate) BCM strategy will ensure BCM activities are aligned
with and support the organisations overall Business strategy.
3.2 BC Models
There are three basic Business Continuity Management modules:
Active/ Backup model: This traditional BCM model is based on an
/active operating site with a corresponding backup site. This
includes both data processing and operations. The model relies on
relocating the staff from active top the backup site and maintaining
backup copies of technology and data.
-
8/6/2019 12810612 Business Continuity Planning
11/87
Symbiosis Institute of Telecom Management, Pune 11
Active/ Active (Split Operations) Model: This emerging BCM
model relies upon two or more widely \separated (geographically)
active operational sites for mission critical activities that inherently
backup for one another
Alternate site model: This BCM model provides a variation of the
Active Backup and Active/Active models where a backup site
periodically functions as a primary site for a period of time.
3.3 BCM & Strategic Planning
When developing an organisations (corporate) BCM strategy there are three levels
of strategic planning that need to be considered:
Organisation corporate BCM strategy
Process level BCM strategy
Resource recovery BCM strategy
The current business trend of developing a virtual organization raises a number of
specific issues that concern the intra-organisation sourcing and outsourcing of
mission critical activities. In particular the dependencies and single points of failure;
also the ability to provide alternative sources in the event of a catastrophic failure of
sourcing mission critical activity (IES) provider. This trend reinforces the need for
three level of strategic planning or Business Continuity management.
Organisation Business Continuity Management strategy:
It defines the highest level within which the BCM activities are aligned.
Experience identifies that it is usually developed as a afterthought by most
organizations when a no. of BCM approaches are already in existence andrequire to be incorporated in a cohesive and integrated BCM framework. The
parameters regarding work area recovery must also be defined and agreed
with this level; of strategy. If the very future of an organization depends on
timely provision of shared or subscription office accommodation then these
risks must be understood and agreed at the highest level.
-
8/6/2019 12810612 Business Continuity Planning
12/87
Symbiosis Institute of Telecom Management, Pune 12
Process Level business continuity Management Strategy:
Most organizations have adopted the concept of defining their mission critical
activities in the context of products and services. This applies equally to Missioncritical activities of industrial or commercial industries e.g. financial sector. As a
result, mission critical activities are not only products/ services in their own right but
also represent key systematic processes that sense they perform a dual role. This
differentiation is not only important to BCM but also provides a clear statement of
significance to other areas and also an industrial or commercial industry on a global
basis.
Due to their nature, these mission critical activities are so important that they justify
their own BCM strategy and planning. An example of a need for process level BCM
strategy is the Clearing House Automated payment system (CHAPS) that provides
for same-day, high-value, financial payments processing within the financial service
sector. In consequence of complexity and settlement coupling of CHAPS, there is a
specific detailed BCM strategy for the payments clearing system alone. A generic
BCM system is simply not strong enough for a process where failure would cause
severe liquidity problems and shake consumer confidence in the financial services
industry.
Resource recovery Business continuity management strategy:
It defines the strategy to employed for deploying appropriate resources as a
part of Business continuity plan (BCP0. This type of strategy provides the practical
link between Business impact analysis (BIA) and the development of Business
continuity Plans.
When developing any level of BCM strategy, there are a number of strategic options
that must be considered. These include:
Do nothing: A low risk criticality and a do nothing BCM strategy may be acceptable
within an organizations risk appetite.
-
8/6/2019 12810612 Business Continuity Planning
13/87
Symbiosis Institute of Telecom Management, Pune 13
Processing transfer: The diversion of mission critical activity to another
organization or alternative part of the host organization e.g. the high value/priority
Bank Automatic Clearing Service(BACS) payments via CHAPS. Reciprocalagreements can work in some selected services but due diligence must be taken
while establishing this type of arrangement. Such arrangements must be enforceable
and subject to testing via Service level Agreements (SLAs) or formal contracts.
Changing or Ending the service, product function or process: deciding to
change or end a service, product function or process must be considered a part of
the process strategy within the BCM process. This approach is cost likely to be seen
when where a product has a limited life span.
Insurance: Provides financial recompense/support in the event o\f a loss of
reputation, market share and/or shareholder value and/or damage to the brand
image. The organistions brand in\mage ort reputation are generally recognized and
frequently quotes as being of considerably higher value than all of the other
organization/ business asset but are often overlooked in favor of short-term financial
loss. Most organisations will have and increased cost of working policy that will
usually cover invocation costs of BCM solutions. In addition, business Interruption
insurance can be provided but this requires a detailed business impact Analysis to
be performed in order to evaluate correctly the level of insurance cover purchased.
Loss Mitigation: The provision of risk control management (threats, impact and
vulnerability) and action plans.
Business continuity Management: The improvement of an organizations business
resilience to loss, disruption or interruption of its Mission critical activities, their
dependencies and single points of failure by providing for their continuation at an
acceptable minimum level within the recovery time and recovery point of the
-
8/6/2019 12810612 Business Continuity Planning
14/87
Symbiosis Institute of Telecom Management, Pune 14
objectives. This approaches the three continuity strategies to enable an effective and
fit-for-purpose BCM acceptability.
Organisation (Corporate) Business Continuity Management Strategy
Introduction
An organizational (corporate) BCM strategy is key to positioning and advancingbusiness continuity. Most organisations require BCM to be designed and
implemented within organization design and structure I.e. a top-down framework
where BCM policy and strategy provide vision and direction.
AN organizational (corporate) BCM strategy is a living document that encompasses
and unifies other BCM related activities.
In developing the process Level and resource recovery BCM strategies, the
reference should be made to the organizational (corporate) BCM strategy as there
are clear dependencies and a direct transition between invocation of one progression
toi other(s).
Purpose
The purpose of an organizational (corporate) Business continuity Management
strategy is to provide a clearly defined and documented policy, framework and
operational direction to ensure the resilience and continuance of an organizations
mission critical activities , their dependencies and single points of failure.
-
8/6/2019 12810612 Business Continuity Planning
15/87
Symbiosis Institute of Telecom Management, Pune 15
Process Level Business Continuity Management Strategy:
Introduction
Every organization should, as a matter of good business practice have defined and
identifies its Mission critical activities via a Business Impact Analysis. This maxim
applies equally to systematic mission critical activities of industrial or commercial
industries e.g. financial markets. Consequently, mission critical activities are not only
products/services in their own right but can also represent key systematic processes
of an industry that are critical to customer service and stability of a particular industry
itself. In this sense, they perform a dual role. The global nature of modern business;
their (automated) processes, high reliance on technology, together with their
coupling and complexity, illustrates the catastrophic potential and scale of the
business impact consequent upon the failure of systematic mission critical activities.
This differentiation is not only important to business continuity management but also
provides a clear statement of significance to other areas of an organization e.g.
audit, operation, risk, information technology security and also an industrial or
commercial sector e.g. regulators and federal banks.
Examples of mission critical Activities at an organization level (service/products)
and/or a systematic nature of both a national international level include:
Financial payments processing and cleaning.
Just in time (JIT) supply chain
Data centers
Call centers
-
8/6/2019 12810612 Business Continuity Planning
16/87
Symbiosis Institute of Telecom Management, Pune 16
Due to the very nature and significance of these mission critical activities (processes)
each must have its own recovery strategy. This provides a clear statement of how
the organization/industry will provide protection and BCM that reflects both types of
Mission critical Activity.
In determining the process; level BCM strategies, reference must be made to the
organisation (corporate) BCM strategy as they have a direct relationship.
Resource Recovery Business Continuity Management Strategy
The resource recovery business continuity management strategy will of necessity
have a major influence on the business continuity plan for each mission critical
activity its dependencies and single point of failure. It is directly linked to the
Business Impact Analysis (BIA) e.g. if work area recovery is necessary, then the
strategy must evaluate and document specific parameters for :
Dedicated work area-scale, location and nature (in-house to third party)
Syndicated or subscription work area- scale, subscription ratio, exclusion
zone, etc.
Business response/ cold work area- scale, subscription ratio, exclusion zone,
etc.
Mobile recovery solutions- builds time, scale, subscription ratio, exclusion
zone, etc.
-
8/6/2019 12810612 Business Continuity Planning
17/87
Symbiosis Institute of Telecom Management, Pune 17
In determining the resource recovery BCM strategy reference must be made to both
the process level BCM strategy (ies) and the organisation(corporate) BCM
strategies.
Purpose
Purpose of a resource recovery Business continuity management strategy is to
provide a predetermined level of resources within a Business Continuity Plan (BCP
to enable the implementation of organization (corporate) BCM strategy and Process
level BCM strategy.
Stage 2:Develop And Implement A Business Continuity Management
Response.
Introduction
Crises and Business Continuity Management (BCM) events have historically
centered upon physical threats to geographic sites, buildings, people, mission critical
activities and their dependencies regardless of size or location. However as
organizations, business and communications dynamics change so do the type of
threats facing the organizations. Whilst still exposed to physical threats, an
organization is even more exposed to reputation threats attacks on its brand image.
Consequently, an organizations reputation, image and brand is judged by media,
market, stakeholders and regulators upon its ability to effectively manage a crisis or
business continuity event and continue to provide business as usual services and
-
8/6/2019 12810612 Business Continuity Planning
18/87
Symbiosis Institute of Telecom Management, Pune 18
products. The inability to fulfill these aims., or a badly positioned or a wrongly
perceived media response can result in a negative image and increased negative
media profile. These in turn may lead to regulatory, stakeholder or market pressures
through concerns over the effectiveness of the organisations crisis and/or BCMcompetence and capability.
As far as is reasonably possible, the different types of BCM and crisis management
plan(s) predefine the actions that are necessary and the resources needed to
achieve the objectives if the plan. The steps outlined in the plan are not intended to
provide an exhaustive list or cover even eventually, as by their nature all events and
crises are different. Consequently, the predefined procedures are not to be
interpreted as the only course of action as it is recognized, there may be an
exceptional case where they may need to be modified to meet the needs of a
specific business continuity or crisis event.
There are primarily three types of Business Continuity Management plan that may
also be divided into a number of sub plans, e.g., Communications.
Business Continuity Plan
Business Continuity Resource Recovery and Solutions Plan
Crisis Management Plan.
The content and level of detail within each type of plan is dependent upon the nature,
scale and complexity of the organization and based upon its risk profile, appetite and
the environment in which it operates.
A Business Continuity Management and Crisis Management Plan include a number
of key constructs that include:
Databases
Documents
-
8/6/2019 12810612 Business Continuity Planning
19/87
Symbiosis Institute of Telecom Management, Pune 19
Solutions
Time based Objectives
Tasks and activities required to achieve time-based objectives.
Procedures/Processes. Information
Structure
Teams
There are two main components to delivering an effective and fit-for-purpose
Business Continuity plan and Crisis Management Plan and their supporting
capability:
The formulation of business continuity/crisis solutions, logistics and structure
that support the plan.
The development and documentation of the plan itself.
A further critical factor in development of all different types of BCM plans is their
exercising, rehearsal and testing. In particular, no plan should be considered
complete until it has been exercised, rehearsed, tested and signed-off as effective
and fit-for-purpose by the plan owner and the organisations executive/senior
management. This latter aspect further highlights the critical element of competency
of human resources that enables the effective capability of the whole process.
Business Continuity Plan: addresses business disruption, interruption and loss from
the initial response of the point at which normal business operations are
resumed.They are based on the agreed business Continuity strategies and provide
procedures and processes for both business continuity and resource recovery
teams. In particular, the plans allocate the roles and their accountability,
responsibility and authority. The plans must also detail the interfaces and principles
for dealing with a number of key issues e.g. internal/external communications, key
suppliers, external bodies, emergency services and the media.
-
8/6/2019 12810612 Business Continuity Planning
20/87
Symbiosis Institute of Telecom Management, Pune 20
Business Continuity Recovery Solutions and Plan: concerns a number of BCM
resources, solutions and approaches available to the BCM practitioner e.g. technical
IT recovery (Server, WAN, LAN, etc.) work area recovery, offsite storage.
Crisis Management Plan: is usually developed by large corporate organizations. It
defines how the strategic issues of a crisis affecting the organization would be
addressed and managed. This component is vital in large and corporate
organizations to ensure there is a robust and cohesive response to any crisis. This
same crisis management response process and structure can be applied to any type
of crisis and is not restricted to natural crisis situations. E.g. earthquake, tornado, fire
or flood but man-made business and industrial crisis e.g. hostile take-over, credit
risk, reputation risk, environmental pollution, criminal activity and health.
Stage 3: Building and Embedding E-Business Continuity Management Culture
Introduction
The successful embedding of a Business Continuity Management (BCM) culture
within an organization is primarily dependent upon it becoming an integral part of the
strategic and day to day management ethos in contrast to its traditional organisation
(corporate) culture concerns the deep seated and embedded beliefs and values held
by members of an organisation and its strength should not be overlooked or
dismissed lightly. Organisational culture promotes shared values, operating norms,
styles and regularly pursued patterns of behavior and is frequently described as the
-
8/6/2019 12810612 Business Continuity Planning
21/87
Symbiosis Institute of Telecom Management, Pune 21
way to do things around here or what we have to do to get
on..
.
3.4 Business Continuity Management & Organisational Culture
Achieving cultural change is a difficult and lengthy process. It needs to be fully
understood and can encounter a level resistance that should not be underestimated.The use of education, awareness training and participation have all been used to
effect cultural change.
The documentation of a BCM strategy(ies) and plan(s) represents a narrow and
limited method of developing a BCM culture. The overall success depends upon
number of approaches.
A key element in developing a sustainable BCM culture within an organisation is the
preparation and delivery of a programme to create corporate awareness and
enhance the skills knowledge and experience required to implement, maintain,
manage and execute Business Continuity Management.
-
8/6/2019 12810612 Business Continuity Planning
22/87
Symbiosis Institute of Telecom Management, Pune 22
Equally important in establishing a BCM culture and operating environment is the
vision statement and visible proactive support of the organizations executive, senior
and middle management. Whilst commitment from the top is an essential condition
for developing a BCM culture, it is not sufficient. The key requirement is to win overthe middle managers and operational staff who have to implement Business
Continuity Management.
A further key consideration is that BCM should not be presented as solely a facilities
or IT specialist or otherwise ownership is actually and culturally seen as being within
these areas in contrast to the various parts of the organization where the operational
risk originates and should continue to reside.
It is also essential to commit to periodically maintaining and reviewing the
organisations BCM policy, strategies, plans, framework and solutions or the
investment made in its preparations will have been wasted. Similarly, training and
awareness must be undertaken to ensure that the entire organisation is confident,
competent and capable. All individuals must appreciate and recognize the
importance of BCM in an organisation and
their role within it.
This awareness should extend to those shareholders and third parties (sourced
service providers upon which the organisation depends in normal and crisis
situations. In adopting this change management approach, all those associated with
the organisation can have confidence in its ability to manage a crisis, and the
embedding of a successful culture will begin.
PurposeThe purpose of building and embedding a sustainable Business continuity
management culture within an organisation is to ensure that BCM becomes and
integral part of strategic and day-to-day business and usual operational
management.
-
8/6/2019 12810612 Business Continuity Planning
23/87
Symbiosis Institute of Telecom Management, Pune 23
Outcomes
The outcomes from a training, awareness and cultural development programme
include:
The acceptance and implementation of BCM as a professional management
discipline.
An organizational culture that ensures BCM activities and considerations are
integral to the business as usual activities throughout the organisation at all
levels.
The proactive hands-on promotion of BCM by the organisations executive,
senior and middle management.
An organizational, managerial and staff BCM competence to execute the
organisations BCM strategy.
An awareness and understanding by the organisations management and staff
of the importance of BCM and their roles, accountabilities and authorities
within it.
An ongoing BCM education and awareness programme.
A performance management and appraisal system that explicitly recognizes
and reinforces the importance of BCM.
Job descriptions and associated skills that include BCM at all levels within the
organisation.
A rewards and recognition system that explicitly recognizes and reinforces the
importance of Business Continuity Management.
An ongoing programme of BCM training for those directly involved in the
implementation, maintenance and execution of organisations BCM capability.
A clearly defined and documented management information system to monitor
and evaluate the BCM awareness and competency of the organisations staff
and managers.
-
8/6/2019 12810612 Business Continuity Planning
24/87
Symbiosis Institute of Telecom Management, Pune 24
3.5 Key Drivers for BCM Cultural Change
The key components in developing and embedding a Business Continuity
Management culture include:
A clearly defined and documented BCM vision and policy statement agreed
and signed off by organisations executive/senior management.
A clearly defined, documented and published BCM vision implementation
(change management) project plan agreed and signed off by organisations
executive/senior management.
Financial and other resources to implement the BCM vision project plan.
Financial and other resources to enable professional BCM training and
associated education.
A clearly defined and documented BCM education and awareness
programme agreed and signed off by the organisations executive./senior
management. This should facilitate and enable the organisation-wide
understanding of the organisations BCM strategy, in particular awareness of
why BCM is important and their individual roles, accountability responsibility
and authority within the BCM process. The awareness programme should
include all organizational staff and key external stakeholders e.g. key
customers and suppliers.
Rewards and recognition is one of the methods that can exert influence upon
what is seen as an important and how it is done. In particular, it makes explicit
to individuals and groups what the organization sees as important.
Performance management and appraisal system are a further process that
can exert influence on what is seen as important by the organization. The way
that individual and group performance is measured is of particular importance.
When performance measurement is linked to performance appraisal, it
acquires a systematic and hierarchical perspective. When performance and its
measurements are aligned to rewards and recognition, it provides a strong
incentive. This process ensures the active involvement of managers and staff
-
8/6/2019 12810612 Business Continuity Planning
25/87
Symbiosis Institute of Telecom Management, Pune 25
at all levels of the organization, especially the operational middle management
who have to implement and maintain Business Continuity Management.
A clearly defined and documented BCM awareness programme agreed and
signed-off by the organizations executive/senior management. A clearly defined and documented internal and external awareness and
education communication and public relations programme agreed and signed-
off by the organisations executive/senior management.
A clearly defined and documented BCM exercising programme agreed and
signed-off by the organizations executive/senior management.
A clearly defined and documented BCM maintenance programme agreed and
signed-off by the organizations executive/senior management.
A clearly defined and documented BCM audit programme agreed and signed-
off by the organizations executive/senior management.
Professional BCM trainers.
Professional change management facilitators/team.
Frequency And Triggers
An organizations Business continuity Management awareness, training and
cultural development programme is an ongoing process. However, there are
specific events that should determine its frequency or trigger its review. These
include:
The performance and appraisal process.
The BCM maintenance and review process.
The BCM audit process.
Formal induction process for all new staff and managers.
The exercising, rehearsal or testing of the BCM competence and
capability.
Live invocation of the BCM process.
-
8/6/2019 12810612 Business Continuity Planning
26/87
Symbiosis Institute of Telecom Management, Pune 26
Where the pace of business change is particularly aggressive.
Deliverables
The deliverables of Business Continuity Management training, awareness and
cultural development process include:
A clearly defined and documented BCM vision and policy statement
agreed and signed-off the organisations senior/executive management.
Business Continuity Management awareness aide-memoirs.
A clearly defined and documented management information report
concerning the monitoring and evaluation of the BCM awareness of
organisations staff and managers.
Stage 4: Exercising, Maintenance And Audit.
Exercising
An effective fit-for-purpose Business continuity Management (BCM) competence and
capability cannot be considered reliable until it has been exercised and proven as
workable, especially since false confidence may be placed in its integrity.
Consequently, exercising the Business continuity Plan assumes considerable
importance in establishing the BCM competence and capability of an organization.
Exercising can take various forms for the technical test of the communication
system, a desktop walkthrough to a full live exercise. No matter how well designed
and through-out a BCM strategy or Business continuity Plan; a series of robust and
realistic exercises will identify issues that require attention. In addition to suggesting
-
8/6/2019 12810612 Business Continuity Planning
27/87
Symbiosis Institute of Telecom Management, Pune 27
a perfect plan flawless exercising also suggests the adequacy and realism of
exercising he needs to be challenged and reviewed.
Time and resources spent in exercising BCM strategies and Business continuityPlans are crucial parts of BCM as they enable competence, instill confidence and
knowledge that lead to fit-for-purpose BCM capability that is essential at times of
crisis and uncertainty.
Highly automated systems require high reliability and should be designed to test
routinely in the course of normal operations. These tests may be invisible to
customers and operations staff alike. Testing such systems may entail switching off
items if equipment to monitor any service effects or transferring service to another
location without any or very limited service impact. There should be no sense of
crisis or diverting of resources to testing. It should all be catered for the design of
business as usual.
3.6 BC Maintenance Process
Most organizations exist in a dynamic environment and are subject to change in
people, process, market, risk environment, geography, and business strategy.
In essence to retain its effectiveness, it must be vigorously maintained. In particular it
ensures the continuity of competent and capable key people who clearly understand
their BCM roles and responsibilities to implement the BCM strategies and Business
Continuity Plan in the event of an incident occurring.
A clearly defined and documented BCM Maintenance programme and process must
be established further, effective documented change control procedures
implemented to ensure relevant stakeholders have the current and relevant parts of
the Business Continuity Plan. Business continuity Management maintenance
activities should be agreed and proactively supported by senior management, and
undertaken at all levels at which it is managed within an organization.
-
8/6/2019 12810612 Business Continuity Planning
28/87
Symbiosis Institute of Telecom Management, Pune 28
3.7 BC Audit Process
The BCM audit process also plays a key role in ensuring that an organization has
robust, effective and fit-for-purpose BCM competence and capability. It has five key
functions:
1. To independently verify and validate compliance with the organisations BCM
and crisis Management policy, strategies, framework and good practices
guidelines and/or standard adopted by the organization.
2. To independently review the organisations BCM solutions.
3. To independently verify and validate the organisations BCM and crisis
management.
4. To independently verify and validate the key exercising and maintenance
activities are taking place, in line with the relevant programs, processes and
the organisation BCM and crisis management framework and good practice
guidelines and/or standards adopted by the organization.
5. To highlight key material deficiencies and issues and ensure their resolution.
3.8 Exercising BCM
The development of a BCM competency and capabilities achieved through a
structured and consistently applied exercising programme. To be successful, an
exercising programme must begin simply and escalate gradually. It is also important
that only the resources that are planned to be available during the actual business
continuity event and/or available during the exercise. The adoption and application of
-
8/6/2019 12810612 Business Continuity Planning
29/87
Symbiosis Institute of Telecom Management, Pune 29
a structure and application of a structured and systematic approach to the
development and implementation of an exercising programme will promote a greater
understanding of the functioning of the BCM processes by all individuals associated
with it.
Exercise
An act of employing or putting into use.
Training
Rehearsal
A practice or drill
Test
A means of examination, a trial or proof.
A pass or fail situation. Failure in the testing context must not be seen as a
negative result. It is designed to ensure learning and continuous improvement.
As a result, failure is considered a positive or beneficial outcome.
3.9 Maintenance of BCM
In contrast to many narrow plan based Business Continuity management models, the
BCM maintenance process is about maintaining the whole of an organisations BCM
competence and capability and not just the Business Continuity plan. This critical
distinction is frequently overlooked by the organizations that consider BCM to be a
Business Continuity Plan.
-
8/6/2019 12810612 Business Continuity Planning
30/87
Symbiosis Institute of Telecom Management, Pune 30
The Business Continuity management Maintenance programme is concerned with a
complex BCM process and requires interaction with a wide range of managerial and
operational roles from both a business and technical perspective.
3.10 Audit of BCM
A key focus and maxim in the auditing of an organisations Business Continuity
Management capability is the audit of BCM process and consequently the BCM
competence and capability This approach recognizes and assumes that if the
process is correct and properly applied, then the outcome should provide an effective
and fit-for-purpose BCM competence and capability.
The business continuity management audit like BCM planning, implementation andmaintenance is concerned with a complex process and requires interaction with a
wide range of managerial and operational roles from both a business and technical
perspective.
A key issue is the role and perspective of the auditor and audit function; it is one of
the impartial reviews against defined standards. Whilst the audit (or) may be fully
aware and/or identify the reason for BCM shortcomings and organizational difficulties
and audit has no option but to clearly identify the BCM competence and capability
gaps; this is an integral part of the objective of auditing and non-compliance is
unacceptable. An integral part of the audit is to provide remedial recommendations.
-
8/6/2019 12810612 Business Continuity Planning
31/87
Symbiosis Institute of Telecom Management, Pune 31
A further key consideration is that each stage of BCM life cycle may require a
different audit approach. This audit approach is solely dependent on the maturity of
each stage of the BCM life cycle i.e. none, novice, intermediate, advanced and
mature.
Consequently the traditional proactive audit process should be seen as an enabling
process to achieve a particular management objective(s).
Purpose
The purpose of BCM audit is to scrutinize an organisations existing BCM
competence and capability; verify them against predefined standards and criteria and
deliver a structured audit opinion report.
Stage 5: Business Continuity Management: Programme Management
To be truly effective, business continuity management must be a business as usual
management process driven from the top of the organisation. It has to be clearly set
out in an organisation vision statement that is fully endorsed and actively promoted
by the Board of the Executive committee.
A member of the board or the executive should be given overall accountability for the
effectiveness of the BCM competence and capability. This ensures that a BCM
programme is given correct level of importance within the organisation and a greater
chance to effective implementation. The Financial Services Authority (FSA)
considers that BCM is a cost of doing business and needs to be funded properly.
-
8/6/2019 12810612 Business Continuity Planning
32/87
Symbiosis Institute of Telecom Management, Pune 32
Dependent upon the size of the organisation, a number of professional BCM
practitioners and staff from other management disciplines and departments may be
required to support and manage the program albeit this may use a virtual
management structure. A further consideration is the recognition and need tomanage the BCM programme at both operational and organisational levels.
It is also critical at the genesis of the organizations BCM programme to design and
fully integrate the management process and structure to assure the various elements
identified and described with the BCM lifecycle and Business continuity institute
Good practices guidelines.
A key to successful management of a BCM programme is the early appointment of
clearly defined and documented roles, accountabilities, responsibilities and
authorities within an organisation and is done because it adds value not just because
it is required by regulation or legislation.
3.4 Purpose
The purpose of management process is to provide effective and efficient ongoing
(virtual) management and assurance (performance management) of the
organisation's BCM (including crisis management) programme.
3.5 Outcomes
The outcomes of BCM (including crisis management) programme management
include"
The assurance of provision and maintenance of an effective, up-to-date and fit-
for-purpose BCM competence and capability.
-
8/6/2019 12810612 Business Continuity Planning
33/87
Symbiosis Institute of Telecom Management, Pune 33
The overall management of organisation's BCM programme is effective, efficient
and fit-for-purpose.
A management process that is an integral part of the organisation's BCM
programme and life-cycle. Business managers within the organisation are fully aware that BCM is a part of
their business as usual management accountability of BCM remains firmly within
a business line i.e. it cannot be outsourced.
The robust and ongoing challenge and review of organisation's risk profile and
appetite.
The provision of annual BCM budget bid/audit.
Assurance that BCM is undertaken and based on value based management
principles.
A management information system that provides details of the current state of the
organisation' BCM programme.
The focus of BCM upon organisation's mission critical activities, their
dependencies and single points of failure at a product and service level.
The BCM is based on end to end (E2E) approach in the context of product and
service delivery.
The optimizing of BCM companies efficiencies e.g. common infrastructures,
industry collaboration and standard work area recovery solutions.
The optimizing of business process, product and service resilience availability.
Assurance that organisation's BCM policy, strategies and operational framework
are up-to-date and fit-for-purpose.
Assurances that the suppliers of the organisations mission critical activities
and/or their dependencies have an effective, up-to-date and fit-for-purpose BCM
capability.
Assurance that all new projects are not signed-of without a business impact
analysis and BCM strategy being in place.
3.11 Deliverables
-
8/6/2019 12810612 Business Continuity Planning
34/87
Symbiosis Institute of Telecom Management, Pune 34
The deliverables of the management of the organisation's business continuity
management programme include:
A clearly defined and documented management programme respect of the
organisation's BCP programme that is agreed and signed-off by theorganisation's executive/senior management.
Business continuity management assurance reports at a predetermined
frequency that are agreed and/or signed-off by organisation's executive/senior
management.
The BCM programme annual budget bid and audit reports that are agreed and
signed-off by organisation's executive/senior management.
-
8/6/2019 12810612 Business Continuity Planning
35/87
Symbiosis Institute of Telecom Management, Pune 35
CHAPTER 4
DISASTER RECOVERYPLANNING
Change
ManagementEducation Testing Review
Backup/Recov
ery ProcessesDocumentation Standby
Facilities
Downtime
Impact
Critical
Applications
Recovery
Times
Recovery Strategy/Technology
Implementation
Test
Maintain
Ongoing
Process
P
R
O
-
8/6/2019 12810612 Business Continuity Planning
36/87
Symbiosis Institute of Telecom Management, Pune 36
RiskAssessment
BusinessImpactAnalysis(BIA)
IT RecoveryStrategyDevelopment
IT DisasterRecoveryPlan(DRP)
BusinessContinuityPlan(BCP)
PlanMaintenance
Is ourBusinessContinuityProgramSound?
What isEssential toThe survivalOf theBusiness?
Does the ITRecoveryStrategySupportwhat'sEssential?
Is the ITDisasterRecoveryplancomplete &Executable?
How doweContinuetoDeliveryProducts &
Servicesafterdisruption?
How do wekeep ourplans up-to-date andexecutable?
4.1 Organising and Executing Disaster Recovery Projects
Establish baseline by determining "as-is" position
-
8/6/2019 12810612 Business Continuity Planning
37/87
Symbiosis Institute of Telecom Management, Pune 37
Identify business recovery time objectives
Identify strengths and weaknesses Conduct gap analysis for risk mitigation
Identify process improvement alternatives Develop short-term and long-term risk-mitigation strategies
Develop "to-be" position Develop implementation plans
The first steps of a disaster recovery project are executed as part of a broaderbusiness continuity effort. The business continuity planning initiation phasedefines the project scope and goals, defines initial organizationalresponsibilities and assigns the resources required to undertake a businessimpact analysis. The BIA quantifies the risks and costs of various types ofoutages and provides the information needed for subsequent project steps. TheBIA identifies critical applications, recovery time objectives and recovery pointobjectives. Once these a re known the project work to determine a recoverystrategy and the appropriate technology can be completed.
The implementation phase focuses on the deployment of the backup processesneeded to support the recovery strategy and building and documenting theadministrative processes that will support business continuity. The next stage isiterative testing and improvement. This is followed by a maintenance phase thatrequires good change management processes, process integration with theapplication development cycle and periodic testing.
4.2 Business Impact Analysis Goals
There are three major goals for the business impact analysis phase: 1)Identification of the processes that are critical to the profitability and continuedviability of the business , 2) quantification of the financial and operational impactof an outage over time and 3) a determination of the recovery priority, recoverytime and recovery point for each application that supports a critical businessprocess. The business impact analysis is extremely important because itestablishes a business context for disaster recovery. An effective BIA can movedisaster recovery from a back office IT expense to a strategic project requiredto ensure the long-term viability of an enterprise. All too often, the ISorganization is given a disaster recovery budget and is left to make most of the
decisions. The BIA puts funding and priority decisions in the right place withthe business process owners. It can also generate the project support andfunding needed to implement and maintain an effective disaster recoveryprogram.
A comprehensive BIA examines all implications of an outage. The cost of anoutage will vary depending on the processes involved, the competitiveenvironment and the length of the outage. Costs can be incurred from lost sales
-
8/6/2019 12810612 Business Continuity Planning
38/87
Symbiosis Institute of Telecom Management, Pune 38
productivity and cancelled orders. Regulatory, legal, insurance and contractualexposures also need to be considered.
Many industries are facing an increased burden of regulatory requirements inthis area. The Gramm- Leach- Bliley Act, the expedited funds act and SAS70
audits all require effective business continuity plans for the financial servicesand banking industries.
Enterprises seeking business disruption insurance must submit the evaluationsand audits of the insurance industry. A BIA can highlight a downward spiral oflost revenue, shrinking cash flow, increased expenses and a loss ofshareholder confidence that could threaten the viability of the business.
Once the impacts of a business disruption are modeled, the next steps are to:1) identify the applications that support critical business processes, 2)determine a recovery time objective for each critical application and 3)
determine the recovery point objective. Once this information is organized,applications can be assigned to recovery tiers that bracket recovery timerequirements. This exercise is important because it enables an enterprise tofocus spending and effort on the most critical business processes. Enterprisesthat do not develop recovery tiers may find that the disaster recovery program iseither too expensive or does not deliver the required level of service to someapplications or business areas.
It is very important to express the business impact assessment simply, insummary form, and in terms that are meaningful to business areas. This is asample of a high level summary by application that expresses financial
impact, service impact, legal/ contractual impact and the resulting recoverypriority. It is useful to define three or four recovery properties. For example,priority 1 applications must be recovered in the first 24 hours, priority 2applications within four days and priority 3 applications within 10 days.
The key to effective risk- mitigation strategy development is knowing where weare today, knowing what our exposures are, understanding what the businessimpact is, knowing what the business requirements are from a recovery pointand time position, knowing that the recovery strategies that have beendeveloped truly support these business requirements, understanding where ourgaps are and what needs to be done in order to position our company to being
able to effectively recover all mission critical processes and functions requiredfor business resumption. Effective recovery strategy development can beaccomplished utilizing numerous technical strategies to achieve recovery timeobjectives ( RTOs) and recovery point objectives ( RPOs) that can beimplemented in a cost effective manner. Many companies that do not performthis function well end up spending more money than they should and more thanlikely still have gaps in their processes.
-
8/6/2019 12810612 Business Continuity Planning
39/87
Symbiosis Institute of Telecom Management, Pune 39
4.3 Disaster Recovery Team
A broad team is needed to develop and implement a disaster recovery plan.The application users and business process owners need to be involved andinformed, because they are the major stakeholders and because they have the
risks that need to be mitigated. The customer team needs to be involved indisaster recovery planning and testing, since the end user is the ultimate judgeof application function and data integrity. Application development and supportareas need to help with high- availability architectures and the development ofapplication recovery strategies. The system software group is responsible fordeveloping backup and recovery processes for operating systems.
Disaster Recovery Director
Customer
Team
IT
TeamManagement
Team
Security Application
DevelopmentIT
OperationsSystems
SoftwareSystem
Administration
Telecom Hardware Facili ties
-
8/6/2019 12810612 Business Continuity Planning
40/87
Symbiosis Institute of Telecom Management, Pune 40
Systems administration ensures that systems can be customized for specificuse and that the requisite user definitions are recoverable. It operations plays amajor role in both the development and ongoing execution of the system anapplication backup and recovery strategy. Network, hardware and facilitiesengineering groups are also needed to ensure the recovery of necessary IT
infrastructure components. We also think that it is a good idea to make thedisaster recovery position a 12 to 18 month assignment. The advantage is abuild up of trained disaster recovery managers within the organization overtime.
It is imperative that the plan development be generated utilizing a software tooldesigned for disaster recovery and business continuity plan generation in orderto simplify the plan maintenance and updating. There are numerous softwarepackages in the industry today that perform this task quite well and offerrelational database technologies for porting and exporting of information viaautomation techniques. The most important element of a successful plan is that
the recovery steps are documented in such detail that that technical knowledgeand special expertise are not required during execution of the documentedsteps. A common problem area that exists today in many companies is thatthey simply create a plan to satisfy an audit item and never truly validate or testthe plan to see if it is executable. A lesson learnt from September 11th is that itis not wise to learn that our plans dont support the business recovery effortsduring or following a disaster event. Test and validate our plans as part of ourrecovery strategies.
4.4 Standardized sections of DR Plan
Policy
Overview
Recovery Actions
Team Procedures
Command Post Guidelines
Organization
Notification List
Recovery Strategy
Offsite Data
-
8/6/2019 12810612 Business Continuity Planning
41/87
Symbiosis Institute of Telecom Management, Pune 41
Hardware Configuration
Software Configuration
Network Configuration
Damage Assessment
Vendors / Phones
Although the goal of DRP is to recover critical applications, the scope of theproject must encompass every It infrastructure element on which the applicationdepends. Recovery facilities are needed at an appropriate distance from theprimary site. The facility needs to be independent of the risks that are beingmitigated, and the appropriate distance will vary based on a number of factors.Arrangements must be made to provide required common systems servicessuch as directories, Domain Naming Systems (DNS), messaging andmiddleware. Network connectivity must be provided with the recovery site andthe location of end users that have not been affected by the disaster, as well asthose that may be relocated to user recovery areas.
4.5 Implementing Recovery Processes and Technologies
An application by- application approach to disaster recovery projects providesthe most flexibility and supports a tiered recovery strategy. An effective strategyrequires understanding and documentation of all dependencies. Dependencies
exist at the network, hardware, operating system, application software, data,user administration and process levels. There may also be cross- applicationdependencies; One application might create data that is required by anotherapplication. This creates a requirement for synchronized backup and recoveryof both applications.
In many cases, application recovery is really the recovery of related sets ofapplications. The best method for data synchronization is inserting sync-pointtransactions enabling application/ data consistency. It is also important to testvarious application recovery scenarios, including out of order transactions,application server and integration broker recovery and user impacts.
-
8/6/2019 12810612 Business Continuity Planning
42/87
Symbiosis Institute of Telecom Management, Pune 42
4.6 Disaster Recovery Components
As UNIX and NT systems proliferate, many IS organizations are finding that thespeed of disaster recovery is constrained by the ability to recover the underlyingsystem infrastructure. System level recovery has become increasingly difficultas critical applications are deployed on less-scalable systems , because of thesheer number of system images involved. The recovery of a system is really therecovery of four distinct data types 1) standard system image the base OS,2) system software, 3) administrative data, including user definitions and
security information and 4)hardware configuration data parameters andconfiguration data that establish a unique OS and program product software. Itis possible to use products that automate the system creation process and toorganise system information and automate system level recovery in thecontext of disaster recovery.
Off-site tape provides cost effective disaster recovery for applications that donot require near real time recovery. The general approach to tape baseddisaster recovery is to duplicate local backup tapes and send them to an offsitevault. Enterprises should include tape duplication and off site mediamanagement capabilities in the backup product selection criteria. Enterprises
should review tape creation and vaulting processes to ensure that off-site tapestorage meets recovery time and recovery point objectives.
Although recovery times are typically measured in days, it is possible to achievefaster recoveries when parallelism is designed into the backup and recoveryprocesses. The general approach is to organize the data onto the backup tapessuch that a maximum number of tape devices can be employed simultaneouslyfor recovery. This usually requires a backup process that generates the same
SYSTEMS
COMMON SERVICES1. Directions
2. Messaging3. DNS4. Middleware
FACILITIES
APPLICATION DATA
APPLICATIONS
-
8/6/2019 12810612 Business Continuity Planning
43/87
Symbiosis Institute of Telecom Management, Pune 43
number of data streams that will be used for the recovery. It may also requirewasting tape media capacity or reorganizing off-site tapes contents toorganize tape data for fast recovery.
Disk remote copy uses back-end connections between a local and a remote
disk subsystem to replicate every local write to the remote disk subsystem. Thesecondary copy is not directly accessible as long as replication is active. Todate, most implementations have been synchronous. Enterprises should expecttheir DBMSs to restart in the event of a disaster and should provide normalrecovery at the disaster site, including database rollback to the last committedtransaction.
Journaling and shadowing products enable replication of databases by readingthe re-do logs, shipping the transactions to a target/secondary system andapplying the transactions to a replica database. The replicas can be used forhorizontal application scaling by moving query and reporting activity off the
production system. The requirement to employ a different replication method foreach database type and for non database information can result in higheroperational complexity than what is seen when a generic hardware solution isemployed across all systems.
Examples
Platform Product
OS/390 IMS and DB2 ENET RRDFOracle Database Oracle Standby DatabaseOracle Table space Quest Software Share PlexWindows SQL Server SQL Server EE- Log ShippingDB2/400 Data Mirror High Availability Suite
Host software replication products install functions that intercept write activity onthe primary system, ship the write over a network session to the secondarysystem and apply the write to a remote copy of the file system or logicalvolume. The primary advantage of this approach is lower cost when compared
to hardware-based replication with specific high-availability clusteringproduction.
4.7 Ensuring the Continued Effectiveness of a Disaster Recovery Plan
For disaster recovery plans to remain viable, configurations and capacities needto change at about the same rate as the primary environment. A static DRP will
-
8/6/2019 12810612 Business Continuity Planning
44/87
Symbiosis Institute of Telecom Management, Pune 44
no longer provide meaningful protection to an enterprise. Therefore, it isimperative that processes are developed to maintain the plan. There are twoprimary areas that need to be addressed: the deployment of new applications,and changes to existing applications. Disaster recovery requirements should bediscussed when operations and IT service requirements are initially determined.
This approach will most likely result in the funding of disaster recoverycapabilities out of the application project budget. The DR impact of changesshould be evaluated as part of a general change management program. Thechange management program should also evaluate the disaster recoveryapplications of changes to storage, server and network resources. In addition todiscovering changes that affect the DR plan, enterprises need to developprocesses that drive changes to the recovery site and provide timely updates torecovery processes and documentation. Periodic testing is needed to uncoverand address the changes that inevitably creep up undetected.
A disaster recovery plan must be documented at a detailed level toeliminate dependency on people from the primary site. A disaster recovery planmust be indexed by a database and should be readily accessible to all thatneed to update or reference it. A strong disaster recovery planning effortrequires strong management support and the active participation of manybusinesses and IT areas throughout a corporation. The effort begins with anassessment of business risks and a quantification of the cost of downtime byapplication. The risk assessment is used to set application recovery time andrecovery point objectives. These recovery point objectives in combination withthe cost of downtime can be used to determine the appropriate recovery or
high-availability technology. A DRP needs to be documented at a level of detailthat enables execution by non-experts. The plan needs to test on a regularbasis. Disaster recovery needs to become ingrained in the corporate cultureand imbedded in an enterprises change control and application developmentprocesses.
-
8/6/2019 12810612 Business Continuity Planning
45/87
Symbiosis Institute of Telecom Management, Pune 45
CHAPTER 5
BUSINESS CONTINUITY MANAGEMENT
There is an increasing awareness that any company wishing to remaincompetitive and successful must be protected, through the ability of theorganization itself, to continue profitably in the event of any serious businessinterruption.
This is where Business Continuity Management (BCM) can be effective intaking reasonable steps in response to unreasonable risks. This in turn leads toan ability to prevent chaos in a crisis where some or all of the following phasesunfold: -
Often, when a disaster recovery plan does exist, it has never been tested: these
tend to be paper plans only and their thickness and the 'confidential' stamp donot ensure they are relevant.
A Business Continuity Plan (BCP) should be an operational tool. Not just areference whose purpose is to reassure everyone when things are calm.
-
8/6/2019 12810612 Business Continuity Planning
46/87
Symbiosis Institute of Telecom Management, Pune 46
It should be the result of a continuous process, of which the document marked'plan' is only the written presentation of management competence to beadhered to in the event of a likely crisis.
Organizations sometimes fail when faced with the 'abrupt audit' of a crisis when
they could have actually prospered. This may have been a consequence of anyof the following: -
Key business functions and managers being unconnected within adisaster recovery or BCP.
Early signals that things were going wrong, or were about to go wrong,were not interpreted correctly.
The interdependency of key business functions was not fullyappreciated. Crisis in one area can have an immediate knock-on effect.
No recovery plan had been prepared and tested to respond to a suddenloss of IT systems and databases.
No training & awareness of the need for effective media handling in acrisis existed. Consequently organisations have been poorly portrayedand reputations suffered unnecessarily.
No one had been prepared to form a crisis team, to look at the totalsituation, and consequently time was lost. Crises induce chaos, resultingin disasters, even though the cause might not have been consideredserious to start with.
Following a disaster organisations have sometimes been unrealistic about thevalue of an insurance policy, or have concentrated solely on IT recovery. Whilstinsurance is especially important the fact remains that uninsured costs (fines,
loss of experience, adverse publicity, re-training etc.) frequently exceed insuredcosts after a crisis.
This is one reason why risk awareness should be integrated into the overallmanagement process so that it gets the proper amount of attention in relation toall the other business demands.
Similarly, being able to recover IT systems and databases is crucial for mostcompanies, but this should not risk ignoring the continuance of other keybusiness functions in a catastrophe. In particular, the ability of a CrisisManagement Team to act swiftly, with confidence and according to a tested
plan can, on its own, determine failure or success.
That is not to say that insurance cover is in any way unnecessary. It is veryimportant indeed, but it should be seen, similar to IT recovery strategies, onlyas part of the solution within effective Risk Management and, with a view tocrisis management, BCM.
-
8/6/2019 12810612 Business Continuity Planning
47/87
Symbiosis Institute of Telecom Management, Pune 47
When a crisis happens management is placed in the spotlight. This can, onoccasions, lead to a comparative increase in share value - where management,often acting as a Crisis Team, has demonstrably been efficient.
BCM is an ongoing process designed to link some special tasks all aimed at
keeping the business afloat should crisis strike.
BCM is a comparatively new approach to looking at our business risks andconsidering where it is exposed to the effects of disasters. Making judgmentsabout what is critical and planning to maintain the business beyond the event -should a catastrophe happen. Major international companies now do this as amatter of course.
Small and medium companies as well to ensure that the business will continueduring and after the crisis can use the lessons they have learned.
In an age where the unthinkable has become possible and the unlikelycommonplace, perhaps the question is not whether a business can afford toimplement BCM strategies but whether it can afford not to?
5.1 The BCM process
There are several variations in building up a BCM process. An alternative tostarting with BCM is first writing an actual Business Continuity Plan (BCP - seebelow) and then developing a BCM structure to ensure the BCP is ready foraction at all times. Wherever BCM starts it must have this as a keyresponsibility.
-
8/6/2019 12810612 Business Continuity Planning
48/87
Symbiosis Institute of Telecom Management, Pune 48
The diagram above shows typical BCM stages underpinning a BCP
1. Top level Commitment Secured2. Initiate the Management Process3. Identify the Threats and Risks4. Manage the Risks as part of Risk Management5. Business Impact Analysis (BIA)6. Develop Strategies7. Developing and implementing the Plan8. Test, exercise & maintain the plan
When connected they form a sequential process where the plan becomes awritten guide to be followed in the event of potential catastrophe.
1. Top level Commitment SecuredBoard level commitment is important. Without top down direction, support andownership, success in both the BCM process and activating BCP will bedifficult, if not impossible.
2. Initiate the Management Process
The next step is to initiate or develop the management process. This will bemore effective with top level support. It is a good idea to identify the team whowill see this through as a continuing process, rather than a one-off event. It willbe useful to agree some, or all, of the following :-
Time scale for key deliverables. Budget. Regulatory / Statutory / Contractual obligations. Where specialist help will be needed (see section 'Where to go for help'
). Who will form a Crisis Management Team.
-
8/6/2019 12810612 Business Continuity Planning
49/87
Symbiosis Institute of Telecom Management, Pune 49
Drawing up a 'belt and braces' BCP now, should catastrophe strikebefore the desired one has been fully prepared.
3. Identify the Threats and RisksRoutine and effective Risk Management, relating to all types of risk, is very
important to understanding this guide. BCM is more concerned with thosethreats and risks that can cause corporate catastrophes.
One way to record where basic risks or threats may arise is to first plot them ona framework ranging from People / Organisational to Technical / Economic,against Internal or External. The following diagram is an example showing justsome of the crisis types: -
4. Manage the Risks as part of Risk Management
If risks can be described sufficiently accurately for a calculation to be made ofthe probability of them happening, on the basis of past records, these arenormally called insurable risks. If the risk is met so infrequently that no accurateway of calculating the probability exists, no underwriter will insure against it andit becomes an uninsurable risk. Either risk, poorly handled, can result indisaster, if only through catastrophic damage to reputation.
Once threats and risks have been identified they can be plotted under the
headings of Severity, and Frequency:-
-
8/6/2019 12810612 Business Continuity Planning
50/87
Symbiosis Institute of Telecom Management, Pune 50
BCM, although firmly linked to Risk Management does not distinguish betweenthe two, although it can be especially effective in cases of high severity / lowfrequency incidents.
A simple way to assess the more physical risks, in this case to premises, is theABC method.
A. Area B. Building C. Contents
A - Area. The risk to our premises may result from something outside the actualbuilding. Perhaps another company, close by, may be thought of ascontroversial and may attract protestors, extremists groups or even terrorists.Also, within the immediate area, could be a compound storing, for example,toxic / hazardous chemicals, or an adjacent river is likely to swell in heavy rain.Neighbouring premises could have a history of suspicious fires? It is necessaryto think in terms of 360 degrees.
B - Building. The structure we work in may be vulnerable to, fire, sabotage, airconditioning failure (which could jeopardise IT systems) or may otherwise be
insecure. We might also share it with other occupiers about whom we knownothing. The power supply may be through one entrance point. Shared waterpipes could be susceptible to rupture etc. Telephone and/or ISDN lines may bealso exposed to damage.
C - Contents. What items or assets under our control might cause a problem?This could be as a result of theft, sabotage, overheating, contamination,pollution, flooding, equipment failure etc.
-
8/6/2019 12810612 Business Continuity Planning
51/87
Symbiosis Institute of Telecom Management, Pune 51
5. Business Impact Analysis (BIA)
The BIA is intended to identify the impacts resulting from disruptions to bothprimary and secondary business functions. Primary means those tasks criticalto the company (e.g. revenue generation) and may include supporting functions
to ensure primary tasks are completed. Secondary tasks are otherwise veryimportant but not so vital to recover as an extremely urgent need (e.g.personnel dept.) .Tasks that fall into neither category may form a third groupthat is valuable to the organisation in routine operations, but can be suspendedfor several days in a crisis.
Collecting accurate data on all business functions is very important. This isnormally by questionnaires and interviews and often requires specialist help(see section 'Where to go for help' ). This is the cornerstone to the BIA process.It is important to predict the likely sequence of business units 'collapsing' if oneor more primary functions cannot operate. That is why the BIA stage is crucial
to BCM and will underpin the effectiveness of the subsequent BCP.
The BIA helps to predict the disastrous impacts and to define the single pointsof dependency that could initiate these impacts.
6. Develop Strategies
This stage has several facets. At this part in the process variable recovery ideasor strategies can be looked at, including how to communicate with :-
Staff
Suppliers Shareholders The media Customers Regulators
It will also be necessary to calculate:-
Off-site recovery requirements (recommended).
The viability of Internal or external solutions (e.g. 3rd party IT recoverysites)
Which business units / functions should prepare individual recoveryplans (i.e. Primary & Secondary) as a sub-set of the BCP.
-
8/6/2019 12810612 Business Continuity Planning
52/87
Symbiosis Institute of Telecom Management, Pune 52
The most effective representatives (managers) from the various businessfunctions tasked with preparing local plans.
The most effective way to deal with inevitable media interest in a crisis.Avoid a reactive or 'grudge' style. Perception is influential - it is possibleto make a virtue of our situation and gain rather than lose. This cannotbe overstated.
Training, testing and exercising schedules. Testing determines theeffectiveness of the plan, to include all 3rd party crisis support.Exercising rehearses staff in their crisis roles.
Where to locate an Emergency Control Centre. This should be nearenough to the crisis site to allow the Incident Control Team (see below)to use, yet not risk being enveloped in the incident. Get the views of thePolice in advance. It should have:-
1. A location in a secure area under local control.2. Good communications. Dedicated telephone lines in and out
(confidential), fax/email.3. Adequate stationery, including purchase order forms, maps of the
premises, white boards, local routes etc.
4. Workstations for all team members with, ideally, network access.5. 24 hour access & parking.6. Refreshment & toilet facilities7. At least one meeting room.8. A quiet room or area with a telephone.
It will be a good idea to select alternative business recovery operating ideas forrecovering business and, most importantly, IT systems and databases. Theseshould be withi