iSquare Consulting

links

iSquaresys Business Continuity Plan (BCP) Consulting

BCP  is a system or methodology used to create a plan on how an organization will resume its partially or completely interrupted critical functions within a predetermined time after the occurrence of a disaster or disruption. The aim is to keep critical functions operational.

Organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization

To ensure its ability to continue essential business operations during the period of a disaster

Business Continuity Plan  (BCP ) Components:

  • Disaster Recovery Plan
  • Continuity of operations plan
  • Business resumption plan
  • Continuity of support plan
  • Crisis communications plan
  • Incident response plan
  • Transportation plan
  • Evacuation and emergency relocation plan

Methods of BCP Testing:

  • Paper tests
  • Preparedness tests
  • Full operation tests

  •  

    What is Disasters?

     

    "Disasters are disruptions that cause critical information resources to be inoperative for a period of time, adversely impacting organizational operations."

     

     

    Business Impact Analysis:

    BIA goal is to distinguish which are the most crucial and require  to continue operations if a disaster occurs

    To  evaluate the critical processes  to  determine time frames, priorities, resources and interdependencies

    To develop the business continuity strategy

    Business Impact Analysis Steps: 

    • Determine data gathering techniques.
    • Gather business impact analysis data.
    • Identify critical business functions and resources.
    • Verify completeness of data.
    • Establish recovery time for operations.
    • Define recovery alternatives and costs

     

    Recovery point objective (RPO)—The RPO defines how current the data must be or how much data an organization can afford to lose. The greater the RPO, the more tolerant the process is to interruption.

    Recovery time objective (RTO)—The RTO specifies the maximum elapsed time to
    recover an application at an alternate site. The greater the RTO, the longer the
    process can take to be restored

    Recovery Strategy


    "A way to recover systems and processes in case of interruption"

    How to Select the Recovery Strategy?

    • Criticality of the business process
    • Applications supporting the processes
    • Cost
    • Time required to recover
    • Security

     

    ISO 22301:2012 ( Formerly BS 25999) Business Continuity

    To provide the skills and knowledge to conduct and lead effective business continuity management system audits in accordance with the requirements of ISO 22301:2012

    Explains the principles and practices of independent auditing for a business continuity management system and guides

    iSquaresys ISO 22301:2012 Audit Consulting:

    • Lead an audit of a business continuity management system
    • Develop an internal audit program
    • Carry out an audit of a business continuity management system
    • Analysis the  requirements  and the purpose of Business Continuity Management  
    • Mapping the Business Continuity Management Code of Practice
    • Articulate and present audit findings
    • Manage successful audit communication

     

    Information Security Consulting

     

    Risk Management

     

    Risk management is the process of assessing risks and taking steps to either eliminate or to reduce them by introducing control measures.


    Risk Mitigation:

    • Avoid risk
    • Reduce risk
    • Accept risk
    • Transfer risk

     

    Details

    _________________________

    DRP Testing

    • Develop Testing Strategy
    • Develop Testing Schedule
    • Implement Tests and Document Results
    • Design and implement Change Management System
    • Perform Scheduled Plan Maintenance

     

    _________________________

    Difference Between BCP and DR


    “DR is the technological aspect of Business continuity planning”

     

    Active – Active Datacenter:

     

    • Active/Active Web hosting
    • Active/ Active Application Processing
    • Active/Standby database processing

     

    _________________________

    Zero Downtime

     

    Transform standby DR system into a reliable, productive asset”

     Why disaster recovery (DR) systems those sit idle waiting for a disaster to occur?

    How to convert DR system in to active mode?

      • Maximize the utilization of DR  infrastructure Avoid single point of failure

      _________________________

      Crisis Management:

      Crisis - "A highly unpredictable dangerous situation requiring urgent attentions"

      • Volatile
      • Unexpected
      • Unpredictable
      • Unstable
      • Undesirable outcomes
      • Required efforts to resume

       

      Emergency Response Team

       

      Team  prepare and respond to any emergency incident

      _________________________

      iSquaresys BCP Consultancy

       

      • BCP & DR design
      • DRP Testing
      • BIA Analysis
      • Recovery Selections
      • Document, track, monitor and control events
      • Effectively manage crisis communications
      • Familiarize and prepare staff to react quickly, decisively and appropriately
      • Develop a emergency response plan

       

      _________________________

       

      Contact us @

      techsupport@isquareassure.com

      _________________________