To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed...

8
Ian Charters FBCI To BIA or not to BIA? BCM The Key Questions “Securing our Digital City” Presentation at CSM-ACE 2010 26 th October 2010

Transcript of To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed...

Page 1: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

Ian Charters FBCI

To BIA

or not to

BIA?

BCM

The Key Questions

“Securing our Digital City”

Presentation at CSM-ACE 2010 – 26th October 2010

Page 2: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

Why do a BIA?

What is a BIA?

When do we do a BIA?

How do we measure disruption cost?

Do we update the BIA every year?

So is it worth it?

Page 3: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

Time

Successful recovery

Limited recovery

Failure

RTO MTPD

What is a BIA?

The process of analysing business functions and the

effect that a business disruption might have upon them (BS 25999 & BCI Good Practice Guidelines 2010)

Maximum Tolerable Period of Disruption Of Products and Services => of business activities => of support services

Provides the required timescales that have to be

achieved by our recovery strategies and plans

BIA is about: Services & Activities, Impacts and TIME

Page 4: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

When do we do a BIA?

AS/NZS 5050:2010 "Detailed risk analysis….” NO!

Risk analysis assumptions do not hold for BC events

Risk analysis should not limit the scope of BIA

Successful Business Recovery after an incident

depends on the speed of the resumption of delivery of

services not the cause of the incident

Prevention is better than cure – but is costly –

controlled failure may be more cost-effective

BIA must come first – before threats, strategies and plans

Page 5: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

How do we measure of disruption cost?

Impacts grow over time and:

Are Cumulative

Some are intangible

MTPD is approximate – but so are strategies

Page 6: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

An annual update of the BIA?

Work towards BIA as a process rather than an annual project

Page 7: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

Why do a BIA?

Ensures recovery plans meet customer’s service

(minimum) expectations

Delivers effective plans

Can save money!

A forward-looking BIA can identify opportunities (or

dangers) of proposed changes

Builds resilience over time

Understanding the business may lead to operational

improvements and threat reductions

A thorough BIA should repay the effort many times over

Page 8: To BIA or not to BIA? - CSM-ACE · 2015. 7. 14. · When do we do a BIA? AS/NZS 5050:2010 "Detailed risk analysis….” NO! Risk analysis assumptions do not hold for BC events Risk

Ian Charters [email protected]

www.continuity.co.uk

To BIA

or not

to BIA?BCM

A BIA:• Identifies impacts over time• finds the point of no return• is not an annual chore• … but a vital business tool for:

• Effective recovery plans• Business planning

Key points


Basel II Pillar 3 Disclosure for 2018 CIMB Islamic …...market risk and BIA for operational risk. Pillar 2 focuses on how sound risk management practices should be implemented from

Basel II Pillar 3 Disclosure for 2018 CIMB Islamic …...market risk and BIA for operational risk. Pillar 2 focuses on how sound risk management practices should be implemented from

Biodiversidade bia

Biodiversidade bia

A avaliação da Provinha Brasil dentro do Bloco Inicial de Alfabetização/BIA

A avaliação da Provinha Brasil dentro do Bloco Inicial de Alfabetização/BIA

Business Impact Analysis (BIA) Business … · Web viewAs an essential part of Continuity Risk Management Activities, the Business Owners must conduct a business impact analysis (BIA)

Business Impact Analysis (BIA) Business … · Web viewAs an essential part of Continuity Risk Management Activities, the Business Owners must conduct a business impact analysis (BIA)

Do Kyung Lee, A089 047 352 (BIA Nov. 5, 2013)

Do Kyung Lee, A089 047 352 (BIA Nov. 5, 2013)

BIA Report

BIA Report

AniversáRio Bia

AniversáRio Bia

Respeito bia

Respeito bia

TEL2813/IS2621 Security Management · Business Impact Analysis (BIA) BIA Provides information about systems/threats and detailed scenarios for each potential attack Not risk management

TEL2813/IS2621 Security Management · Business Impact Analysis (BIA) BIA Provides information about systems/threats and detailed scenarios for each potential attack Not risk management

Tiet 15 nấu bia và lên men bia

Tiet 15 nấu bia và lên men bia

CONTEXTUALIZAÇÃO DO DOENTE CRÍTICO SOB UMA … · BCM - Massa Corporal Celular (BCMBody, Cel l Mass), BIA-Análise da Bioimpedância (BIA, ... QR - Quociente Respiratório R -

CONTEXTUALIZAÇÃO DO DOENTE CRÍTICO SOB UMA … · BCM - Massa Corporal Celular (BCMBody, Cel l Mass), BIA-Análise da Bioimpedância (BIA, ... QR - Quociente Respiratório R -

BIA begginers

BIA begginers

Guidance on Operational Risk BIA and TSA on Operational Risk... · ! 3! OPERATIONAL!RISK!CAPITAL!REQUIREMENT! 1.0! INTRODUCTION! Incalculatingthecapital!requirements!to!cover!operational!risk,banksarerequiredto

Guidance on Operational Risk BIA and TSA on Operational Risk... · ! 3! OPERATIONAL!RISK!CAPITAL!REQUIREMENT! 1.0! INTRODUCTION! Incalculatingthecapital!requirements!to!cover!operational!risk,banksarerequiredto

BIA 101 - USDA · 2. Tribal members do not pay federal taxesTribal members do not pay federal taxes 3. BIA provides contract oversight on programs BIA provides contract oversight

BIA 101 - USDA · 2. Tribal members do not pay federal taxesTribal members do not pay federal taxes 3. BIA provides contract oversight on programs BIA provides contract oversight

CUA / GH˚ RAM ME - Cam Bình Resortcambinhresort.com/ckfinder/userfiles/files/Menu_alacart...BIA HENIKEN BIA SÀI GÒN XANH BIA HENIKEN BIA TIGER LON BIA TIGER CHAI BIA TIGER BIA

CUA / GH˚ RAM ME - Cam Bình Resortcambinhresort.com/ckfinder/userfiles/files/Menu_alacart...BIA HENIKEN BIA SÀI GÒN XANH BIA HENIKEN BIA TIGER LON BIA TIGER CHAI BIA TIGER BIA

Vias Públicas BIA POSTE Estacionamentos - Tairis€¦ · 1 1 ovaci 220vac 11 ovaci 220vac bia - bia bia - bia - bia bia - pos - pos pos - pos - pos - pos - 1050 900 750 600 450 300

Vias Públicas BIA POSTE Estacionamentos - Tairis€¦ · 1 1 ovaci 220vac 11 ovaci 220vac bia - bia bia - bia - bia bia - pos - pos pos - pos - pos - pos - 1050 900 750 600 450 300

Bia Santos

Bia Santos

BIA - lab4

BIA - lab4

Lẩm cẩm về Lịch Sử, Bia Đá, Bia Miệng

Lẩm cẩm về Lịch Sử, Bia Đá, Bia Miệng

astinomiki bia

astinomiki bia