1 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
MATCO - Business
Continuity Management
2 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Agenda
• History/Purpose/ Mandates of BCM
• Taxonomy
• BCM Business Drivers / Stakeholders/ Buyers
• Processes
• MATCO Profile
• How MATCO helps
• Pain Points
• RSA Archer BCM Solution
• RSA Archer Case Study
• Discovery Questions and FAQs
3 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Why is Business Continuity Important
• Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet their objectives.
• Ensuring business continuity involves an analysis of mission-critical processes and infrastructure assets, an assessment of potential threats and risks, and the creation of detailed, actionable contingency plans.
• Companies must also have a central repository of real-time decision support tools that allow personnel to react quickly and effectively when crises occur that impact their employees, customers, operations or brand reputation.
4 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
The Function of Business Continuity Management in Todays Organisations
• Continuing Business Operations in Crisis/Disaster Situation
• Establishing Technical Recovery Plan for Critical Systems
• Implementing Plans for Addressing Crisis Situations
• Developing and Executing Emergency Response Procedures
• Periodically Testing Effectiveness of Plans and Programs
• Educating Employees on Their Responsibilities
5 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
The Big Challenges IN BCM
• Successful Coordination of BC & DR Activities
• Establishing Common Understanding of Business Impacts
• Continuous Plan Testing and Updating
• Tracking Crisis Events in Real Time
• Executing Response Procedures
• Notifying Key Stakeholders and Personnel
• Educating Employees on Responsibilities
6 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
How Can We Help
7 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
A Comprehensive BCM program consists of..
• People
• Process
• Technology
• As important, is the planning and execution
8 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
A program by MATCO & RSA
9 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
MATCO Profile
• Established in Al-Khobar in 1998.
• Covers all regions within Saudi Arabia and Bahrain.
• It provides best-of-bread information infrastructure
solutions and services.
• A prominent partner to market leaders like: EMC,
CISCO, VMware, RSA, and others.
• The only Premier partner of RSA in Saudi Arabia.
10 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
MATCO Profile (cont’d)
• It provides solutions and services for different
information security vendors with a focus on RSA.
• Its solutions cover most of the RSA portfolio
products including: ‒ Archer GRC
‒ Security Analytics
‒ Data Loss Prevention
‒ SecurID
‒ Web Threat Detection
‒ Identity Protection & Verification
11 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
How MATCO Can help?
• MATCO helps – Using its capabilities and experience in providing the best services
in various RSA Archer modules including BCM
– Through its top notch engineers (over 35) having extensive
experience in the field
– Examples/References of our potentials customers: Government,
leaders in Telecom, leaders in oil & gaz, and Banking sectors
• EMC/RSA helps – Through providing the best technology and products
– Through its top consultancy services
12 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
RSA Archer
13 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Pain Points (in a world without a
BCM tool)
How Archer Helps
• Document business continuity and
disaster recovery plans
• Test your business continuity and
disaster recover plans
• Automate plan maintenance with
workflows and notifications
• Analyze processes and assets with the
Business Impact Analysis application
• Manage crisis events with phased
notifications plans
• Report on plan testing, gap analysis
and remediation efforts
Poor visibility into business continuity and disaster recovery plan status,
approvals and testing
Data stored in static documents and difficult to keep up-to-date
No common understanding of the business processes and IT assets
Limited coordination and communication among business
continuity, disaster recovery and crisis teams
Senior management lacks proof that effective plans are in place to ensure
ongoing operations
14 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
RSA Solution for Business Continuity
• A three-in-one Solution that Addresses business continuity, disaster recovery and crisis management
• A user-friendly interface that allows business users to make changes with no custom code
• Integration of business continuity into an organization’s larger GRC program enabling consistent measurement and reporting of risk across the enterprise
15 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
RSA Archer Business Continuity Management Track threats through a centralized early warning system to help prevent attacks before
they affect your enterprise.
“ Business Continuity Management is empowering our BC
and DR teams to unify all the elements of a Business
Resiliency program into a quick-to-deploy, easy-to-use,
flexible, comprehensive solution.
Office of the CISO, Retail Client
Track Crisis Events
Document Disaster
Recovery Plans
Automate Plan Maintenance
Perform Business Impact
Analyses
Test Plans to Ensure Readiness
Document Business
Continuity Plans
”
16 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Perform Business Impact Analysis
• Measure and prioritize
business processes based
on impacts to:
– Revenue
– Brand image
– Stakeholder confidence
– Customer loyalty
• Assess probability of
environmental threats
against your infrastructure
and aggregate BIAs from
risk projects, business
processes, applications,
devices or facilities
17 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Document Business Continuity Plans
• Consolidate business
continuity and disaster
recovery plans, business
processes, impact analyses
and recovery procedures
• Ensure the consistency of plan
documentation across your
organization using fully
configurable web-based forms
• Provide real-time reports on
your business continuity plans
to management
18 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Document Disaster Recovery Plans
• Develop detailed recovery
plans for your IT assets,
utilizing automated
workflow for plan testing
and approval
• Manage plan activation
processes including:
– Authority for plan
declarations
– Recovery contacts
– Recovery procedures
19 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Test Plans
• Test your business continuity
and disaster recovery plans
to identify process gaps
• Estimate recovery task and
procedure completion time
and roll estimates up to the
plan level to determine the
overall testing and plan
execution duration
• Track testing gaps and
remediation efforts
20 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Track Crisis Events
• Report crisis situations that occur
anywhere you do business
• Quickly capture the details of a
crisis, including the time of
occurrence, event location, type
and severity
• Integrate the solution with a call
center or emergency notification
service to automate the collection
of crisis data
• Track and manage emergency
operations assistance based on
the DHS NIMS Framework
21 © Copyright 2011 EMC Corporation. All rights reserved.
Business Continuity Management 101
Automate Plan Maintenance
• Utilize automated
workflow and
notifications for plan
testing, content review
and approval
• Responsible personnel
is automatically notified
when tasks are
assigned to them