Download - CLT071114 Justifying BCP Neverfail
-
7/27/2019 CLT071114 Justifying BCP Neverfail
1/24
Joe Elliott
Neverfail
Justifying Business Continuity:How it Impacts Risk Management
-
7/27/2019 CLT071114 Justifying BCP Neverfail
2/24
-
7/27/2019 CLT071114 Justifying BCP Neverfail
3/24
3www.neverfailgroup.com
Agenda
Definition of Business Continuity
Road Blocks to Justification
Defining Risk Management
Reduction through the Business Impact Analysis
Questions
-
7/27/2019 CLT071114 Justifying BCP Neverfail
4/24
4www.neverfailgroup.com
Defining Business Continuity
The ability of an organization to continue to function, evenafter a disastrous event.
Enabling employees to continue to execute job functions,regardless of the risk
Accomplished through:
The deployment of a business continuity plan, processes, andcontrols
Technology
Data
Business resumption planning
-
7/27/2019 CLT071114 Justifying BCP Neverfail
5/24
5www.neverfailgroup.com
Agenda
Definition of Business Continuity
Road Blocks to Justification
Defining Risk Management
Reduction through the Business Impact Analysis
Questions
-
7/27/2019 CLT071114 Justifying BCP Neverfail
6/24
6www.neverfailgroup.com
Road Blocks to Justification
Insurance
Internal, IT issue
Lack of knowledge
System dependency
Vulnerability
Reach, etc
Impact can be hard to quantify
Solutions market is very large
Worst case scenario focus
-
7/27/2019 CLT071114 Justifying BCP Neverfail
7/24
7www.neverfailgroup.com
Road Blocks to Justification
Insurance
Internal, IT issue Lack of Knowledge
System dependency
Vulnerability
Reach, etc
Impact can be hard to quantify
Solutions market is very large
Worst case focus
-
7/27/2019 CLT071114 Justifying BCP Neverfail
8/24
8www.neverfailgroup.com
Overcoming Road Blocks
Change the mindset
Identify what is critical
Assess Your Vulnerability
Build the full business case
Make decision based off appropriate information
-
7/27/2019 CLT071114 Justifying BCP Neverfail
9/24
9www.neverfailgroup.com
Change the Mindset
Not a question of if, but how often
Even five 9s has downtime
Expensive undertaking, Still 8+ hours per year
Anything less than five 9s
How much is not as important as when
Close Knowledge gap with systems
Disaster Recovery vs. Business Continuity Often thought of as 1 in the same
Trouble with Recovery
Shift the focus to Continuity
Business Continuity covers all potential outages Not just worst case scenarios
Definition of Risk Management
-
7/27/2019 CLT071114 Justifying BCP Neverfail
10/24
10www.neverfailgroup.com
Agenda
Definition of Business Continuity
Road Blocks to Justification
Defining Risk Management
Reduction through the Business Impact Analysis
Questions
-
7/27/2019 CLT071114 Justifying BCP Neverfail
11/24
Risk:Anything that keeps an organization
from meeting its objectives
-
7/27/2019 CLT071114 Justifying BCP Neverfail
12/24
Risk Management =
Security + Business Continuity
-
7/27/2019 CLT071114 Justifying BCP Neverfail
13/24
13www.neverfailgroup.com
Risk Management Equation
Security
Proactive, front-end response
Focus on mitigating and managing threats
Not 100%
Biggest impact of a breach = Downtime
Business Continuity
Reactive response to breaches
How efficiently & effectively you continue operations
Covers threats that Security does not address (server crash,application failure, power outages, disasters, etc)
Involves data, process, applications, and people
Effective Risk Management has to address both
-
7/27/2019 CLT071114 Justifying BCP Neverfail
14/24
14www.neverfailgroup.com
Mitigating Risk
Prioritization of Risk
By degree of probability and loss
Deal with highest Risk first
Risk Management Options
Avoidance avoid activities that have risk
Retention accept the occurred losses
Transfer have 3rd party accept the risk
Reduction reduce the impact
Reduction is only option for critical processes
Security reduces the frequency of a loss, but not severity BC plans and technology reduce both
Maximum reduction Bridge data with people
Done through applications
-
7/27/2019 CLT071114 Justifying BCP Neverfail
15/24
15www.neverfailgroup.com
Agenda
Definition of Business Continuity
Road Blocks to Justification
Defining Risk Management
Reduction through the Business Impact Analysis
Questions
-
7/27/2019 CLT071114 Justifying BCP Neverfail
16/24
16www.neverfailgroup.com
Identify What is Critical Deeper than 1000 foot level
What is nice to have vs. critical?
Start with processes (sales, acct, cust serv, etc) Which processes are imperative?
Why are they critical?
How far do they reach?
Who owns the process? Who is responsible for the execution?
What percentage of the business is it responsible for?
What applications/technology support the execution?
Link Systems (IT) to Process (Users & Management) IT enables, Users and Mgt are responsible for
Creates inclusion and ownership
-
7/27/2019 CLT071114 Justifying BCP Neverfail
17/24
-
7/27/2019 CLT071114 Justifying BCP Neverfail
18/24
18www.neverfailgroup.com
Assess Your VulnerabilityDeep Dive into Critical Processes Identified
What is the impact of this process being down?
Revenue Relationships
Internal Productivity
External Productivity
What does it cost?
Involves process owner
Financial resources can give insight into hard dollar cost
How easy is it to replace lost data or work product?
How much does it cost to replace it?
How easily can we adapt to the loss of the process? Can we work outside the existence of the process?
Are there critical windows when the process must be available?
Etc
-
7/27/2019 CLT071114 Justifying BCP Neverfail
19/24
19www.neverfailgroup.com
Choosing the Right Option
DataData
ReplicationReplication
ApplicationApplicationFailoverFailover
UserUserContinuityContinuity
BackupBackup
Negative ImpactNegative Impact
Probabilityo
foccurrence
Probabilityo
foccurrence
Risk AnalysisRisk Analysis
-
7/27/2019 CLT071114 Justifying BCP Neverfail
20/24
20www.neverfailgroup.com
Justification - Critical Success Factors
Link IT (systems) with Process (users and mgt) IT enables, Users & Management are responsible
Create Inclusion and ownership
Need Executive Sponsor
Assign costs when possible
Define project: DR or BC? Disaster Recovery: Enable recovery when disaster occurs
Business Continuity: Enable the users to function in anyevent
BIA serves 3 main functions1. Confirm if there is a need or not
2. Process alone will help identify lagging areas
3. Creates and justifies the business case
-
7/27/2019 CLT071114 Justifying BCP Neverfail
21/24
21www.neverfailgroup.com
Thanks!
Questions?
Joe Elliott
(512) 327-5777, ext 1824
Rick Popp
ARGO Strategic Management(804) 400-3842
-
7/27/2019 CLT071114 Justifying BCP Neverfail
22/24
22www.neverfailgroup.com
About NeverfailNeverfail a global software company providing affordable data
protection, high application availability and disaster recoverysoftware solutions for the Windowstechnology platform.
In business over 13 years, with experience in Business Systemsavailability Migrated from Disaster Recovery Consulting Firm to Software Company
Strong Technical Pedigree CTO and lead Development team have decades of experience atTandem/Compaq/HP High Performance Research Center
International Presence North America Headquarter and Partner Network
United Kingdom ROW Headquarter and Partner Network EMEA Distributors Asia/Pac Distributors
-
7/27/2019 CLT071114 Justifying BCP Neverfail
23/24
23www.neverfailgroup.com
User Continuity for Critical Applications
Immediate and non-disruptive failover,
keeping users seamlessly connected toworking applications, regardless of failure
type and physical location.
User ContinuityUser Continuity
-
7/27/2019 CLT071114 Justifying BCP Neverfail
24/24
24www.neverfailgroup.com
User ContinuityKeeping users connected to critical applications
No manual configuration changes
No need to restart applications
No unnecessary switchovers
No visible downtime
Regardless of the cause of failure
Configuration
Data
Server
Application
Network
Performance
Disaster
Reliability (foreseen/predictable problems)
+
Resilience (unforeseen/unpredictable problems)