enterprise business continuity management l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Enterprise Business Continuity Management PowerPoint Presentation
Download Presentation
Enterprise Business Continuity Management

Loading in 2 Seconds...

play fullscreen
1 / 26

Enterprise Business Continuity Management - PowerPoint PPT Presentation


  • 314 Views
  • Uploaded on

Enterprise Business Continuity Management Utilizing “Collaboration” in The state of Washington Business Continuity Program Small Agency Presentation August 21, 2006 Judy Sweet, CBCP Washington State Enterprise Business Continuity Program Manager Business Continuity Program Purpose

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Enterprise Business Continuity Management' - emily


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
enterprise business continuity management

EnterpriseBusiness Continuity Management

Utilizing “Collaboration” in

The state of Washington

Business Continuity Program

Small Agency Presentation August 21, 2006

Judy Sweet, CBCP

Washington State Enterprise Business Continuity Program Manager

business continuity program purpose
Business Continuity Program Purpose

The State of Washington must maintain confidence of its constituents, and ensure continued operation of vital government services when an incident has caused, or has the potential to cause, significant consequences.

The Business Continuity Program will provide the framework to develop an enterprise approach and coordinate agency efforts to minimize business interruptions, and create a state of readiness, so that agencies can respond to and recover from events, resuming vital services as quickly as possible.

business continuity milestones
Business Continuity Milestones
  • Enterprise Executive Symposium 6/2005
  • Enterprise BC Software Tool Installed 7/2005
  • Business Continuity Initiative Project Kickoff 8/2005
  • Statewide BC Work-sessions Begin 9/2005
  • Regular BC Work-sessions Concluded 6/2006
  • Statewide BC Program & Sustaining BC Model
    • Statewide BIA
    • Statewide COOP Development
    • Enterprise Solution Development
slide4

Business Continuity Planning Objectives

  • Minimize service interruptions, to acceptable levels
    • Understand your agency services
    • Collaborate with other agencies
    • Incorporate Best Practices
    • Utilize common planning framework
  • Identify high impact areas
    • Based on risk intelligence
  • Execute an Enterprise strategy to prioritize and mitigate risk.
    • Account for dependencies across agencies
    • Capitalize on economies of scale

~80% Business and 20% Technology

business continuity management bcm answers
Business Continuity Management (BCM)Answers . . .
  • What is an incident / disruption / disaster?
  • What are the impacts over time?
  • How much loss can be tolerated?
    • Risk Threshold, Tolerance
  • What can be mitigated?
    • Work-around, Enterprise solutions
  • How to reestablish business services?
    • Activate response plans
  • What is required?
    • Resources, time, people/skill sets, procedures, dollars
  • How much is enough?
    • Balance options “Proactive verses Reactive”
bottom line bcm program umbrella
Bottom Line: BCM Program Umbrella
  • Sustain & Protect
    • People
    • Property
    • Information
    • Operations
    • Gov. Services

BCM provides a balance between acceptable potential losses and acceptable onetime and annual costs.

business continuity
Business Continuity
  • Investments in business continuity should be prioritized based on analysis of risks and impacts over time.
  • Create Value in Operability.
  • Be Positioned to be successful.
slide9

SampleBusiness Impact AnalysisDeliverable

  • A “typical” graph showing impact vs. recovery time, which visually assists with risk mitigation prioritization.

WSP

Computer Dispatch

Prison Control System

Dam Inspection Services

Drinking Water Safety

HAZMAT

State Payroll

Military’s Dispatched Resources

Firearms

Licensing

Impact

State Warrants

3 days

12 hrs or <

5 days

24 hrs

2 days

Time

notional business continuity event life cycle
Notional:Business Continuity Event Life Cycle

Normal Operations

Capability

Time

notional business continuity event life cycle11

Return to

Normal Operations

Recovery Time

Restoration

Contingency

Planning

Minimal Acceptable Level of Capability

Risk Mitigation

Notional:Business Continuity Event Life Cycle

Service Disruption Occurs

Normal Operations

Problem Mgmt & Response

Recovery

Capability

Time

Proactive BC Activities

Reactive BC Activities

Modified U.S. DoD graphic

slide12

NIMS Impact

NIMS Impact

NIMS Impact

NIMS Impact

NIMS Impact

NIMS Impact

NIMS Impact

NIMS Impact

Business Continuity Planning

(Will incorporate NIMS requirements)

types of plans
Types of Plans?

Continuity of Operations (COOP) Plan

Incident Management Plan

Business Continuity Plan

Vital Service Response Plans

Let’s put this into perspective!

Vital Service Response Plan

COOP Plan

Incident Mgmt Plan

Business Continuity Plan

business continuity plan types relationships
Business Continuity Plan Types & Relationships

Continuity of Operations (COOP) Plan

The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.

  • Alternative Facilities
  • Vital Records and Databases
  • Human Capital
  • Tests, Training, & Exercises
  • ID of Essential Functions
  • Delegations of Authority
  • Orders of Succession
  • Interoperable Communications

From More General

  • Address Full Spectrum of Threats & Hazards

to

Incident Management Plan

(Sometimes referred to as “Problem or Crisis Management” Plan)

  • Involves Investigation, Diagnoses
  • Assembly of Incident Command System (ICS)
  • ICS Draws on Response Plan(s)) for Resolution
  • An Agency-wide Perspective
  • Repeatable Process & Practices
  • Incident Alerting, Reporting, Tracking & Status

Business Continuity Plan

  • An Agency-wide Perspective
  • Global Risk Mitigations, Contingencies and Responses for Business Operations

Vital Service Response Plan for ‘B’

Specific

Vital Service

Response Plan for . . . ‘n’

Vital Service Response Plan for ‘A’

  • Specific Action Plan
  • Specific Action Plan
  • Specific Action Plan
business continuity plan types relationships15
Business Continuity Plan Types & Relationships

Continuity of Operations (COOP) Plan

The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.

  • Alternative Facilities
  • Vital Records and Databases
  • Human Capital
  • Tests, Training, & Exercises
  • ID of Essential Functions
  • Delegations of Authority
  • Orders of Succession
  • Interoperable Communications

From More General

  • Address Full Spectrum of Threats & Hazards

to

Incident Management Plan

(Sometimes referred to as “Problem or Crisis Management” Plan)

  • Involves Investigation, Diagnoses
  • Assembly of Incident Command System (ICS)
  • ICS Draws on Response Plan(s) for Resolution
  • An Agency-wide Perspective
  • Repeatable Process & Practices
  • Incident Alerting, Reporting, Tracking & Status

Business Continuity Plan

  • An Agency-wide Perspective
  • Global Risk Mitigations, Contingencies and Responses for Business Operations

Vital Service Response Plan for ‘B’

Specific

Vital Service

Response Plan for . . . ‘n’

Vital Service Response Plan for ‘A’

  • Specific Action Plan
  • Specific Action Plan
  • Specific Action Plan
business continuity plan types relationships16
Business Continuity Plan Types & Relationships

Continuity of Operations (COOP) Plan

The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.

  • Alternative Facilities
  • Vital Records and Databases
  • Human Capital
  • Tests, Training, & Exercises
  • ID of Essential Functions
  • Delegations of Authority
  • Orders of Succession
  • Interoperable Communications

From More General

  • Address Full Spectrum of Threats & Hazards

to

Incident Management Plan

(Sometimes referred to as “Problem or Crisis Management” Plan)

  • Involves Investigation, Diagnoses
  • Assembly of Incident Command System (ICS)
  • ICS Draws on Response Plan(s) for Resolution
  • An Agency-wide Perspective
  • Repeatable Process & Practices
  • Incident Alerting, Reporting, Tracking & Status

Business Continuity Plan

  • An Agency-wide Perspective
  • Global Risk Mitigations, Contingencies and Responses for Business Operations

Vital Service Response Plan for ‘B’

Specific

Vital Service

Response Plan for . . . ‘n’

Vital Service Response Plan for ‘A’

  • Specific Action Plan
  • Specific Action Plan
  • Specific Action Plan
business continuity plan types relationships17
Business Continuity Plan Types & Relationships

Continuity of Operations (COOP) Plan

The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.

  • Alternative Facilities
  • Vital Records and Databases
  • Human Capital
  • Tests, Training, & Exercises
  • ID of Essential Functions
  • Delegations of Authority
  • Orders of Succession
  • Interoperable Communications

From More General

  • Address Full Spectrum of Threats & Hazards

to

Incident Management Plan

(Sometimes referred to as “Problem or Crisis Management” Plan)

  • Involves Investigation, Diagnoses
  • Assembly of Incident Command System (ICS)
  • ICS Draws on Response Plan(s) for Resolution
  • An Agency-wide Perspective
  • Repeatable Process & Practices
  • Incident Alerting, Reporting, Tracking & Status

Business Continuity Plan

  • An Agency-wide Perspective
  • Global Risk Mitigations, Contingencies and Responses for Business Operations

Vital Service Response Plan for ‘B’

Specific

Vital Service

Response Plan for . . . ‘n’

Vital Service Response Plan for ‘A’

  • Specific Action Plan
  • Specific Action Plan
  • Specific Action Plan
business continuity plan types relationships18
Business Continuity Plan Types & Relationships

Continuity of Operations (COOP) Plan

The Continuity of Operations (COOP) Plan is the roadmap for the highest level of planning within an agency.

  • Alternative Facilities
  • Vital Records and Databases
  • Human Capital
  • Tests, Training, & Exercises
  • ID of Essential Functions
  • Delegations of Authority
  • Orders of Succession
  • Interoperable Communications

From More General

  • Address Full Spectrum of Threats & Hazards

to

Incident Management Plan

(Sometimes referred to as “Problem or Crisis Management” Plan)

  • Involves Investigation, Diagnoses
  • Assembly of Incident Command System (ICS)
  • ICS Draws on Response Plan(s) for Resolution
  • An Agency-wide Perspective
  • Repeatable Process & Practices
  • Incident Alerting, Reporting, Tracking & Status

Business Continuity Plan

  • An Agency-wide Perspective
  • Global Risk Mitigations, Contingencies and Responses for Business Operations

Vital Service Response Plan for ‘B’

Specific

Vital Service

Response Plan for . . . ‘n’

Vital Service Response Plan for ‘A’

  • Specific Action Plan
  • Specific Action Plan
  • Specific Action Plan
collaborative roles in enterprise business continuity planning

Vital Service A

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries

Vital Service B

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries

Vital Service D

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries

Vital Service E

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries
Collaborative Roles in Enterprise Business Continuity Planning

Enterprise BC Program Office – State of WA

Subject Matter Expertise

  • Standards & Practices
  • Tools and Templates
  • Planning Assistance
  • Reporting
  • Meeting Compliances

Governance

  • Policies
  • Practices
  • Planning Priorities
  • Decision Packages

Enterprise Risk & Vulnerabilities Status

Enterprise Level Planning

1

Enterprise BC Program Office

Planning for Worst-Case Scenarios @ Enterprise (Shared Command) Level

  • Risk Mitigations, Contingencies, Responses, Recoveries

Agency ‘B’

@Agency ‘A’ Level

  • BC Developed Capabilities
  • Planning For Worst-Case Scenarios @ Agency Perspective
  • CONOPS / COOP = NIMS Rqmts
  • Risk Mitigations, Contingencies, Responses, Recoveries
  • BC Developed Capabilities
  • Planning For Worst-Case Scenarios @ Agency Perspective
  • CONOPS / COOP = NIMS Rqmts
  • Risk Mitigations, Contingencies, Responses, Recoveries

Agency

Level Planning

BC Instilled across Agency in all Business Practices

BC Exercises & Updates (=NIMS Rqmts)

On-going Training

BC Instilled across Agency in all Business Practices

BC Exercises & Updates (=NIMS Rqmts)

On-going Training

150+

Agencies, Boards and Commissions

eBRP BC Tool

Vital Service C

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries

Vital Service F

  • Risk Mitigations
  • Contingencies
  • Responses
  • Recoveries

Estimated

200-500

Vital Services

Vital Service

Level Planning

1 Enterprise BC Software Administrator

eBRP BC Tool & Repository

eBRP BC Tool & Repository

Component Plans

<----------------------------------------------------------------------------------------------------------------------------------------------------------->

inherent benefits of an enterprise business continuity program
Inherent Benefits of an Enterprise Business Continuity Program
  • Maintain Commonality
  • Develop a Repeatable Process
  • Achieve Agency and State Business Objectives
  • Share Best Practices
  • Rank Priorities
  • Mitigate Risk
  • Identify Dependencies
  • Develop Incident Response/Recovery Plans
  • Form Partnerships
  • Identify Enterprise Solutions
  • Implement Cost/Benefit Contingencies
evolution of business continuity management in washington state
Evolution of Business Continuity ManagementIn Washington State

Academy Initiative

Effort

Begin Agency BC Planning

Refine Framework Templates / Tools

ID Agency Risks & Thresholds

ID Service Needs

ID & Resolve Issues

BCMProgram

Foster a Repeatable Approach

ID Agency’s & Enterprise Risk Thresholds

Collaborate & Prioritizing Needs

Implement Enterprise Solutions

Incorporate Incident Management

Time

what s next
What’s Next?
  • Continue development of the BC Framework (templates, tools, best practices) Within the BC Program
  • Apply the BIA across all agencies to:
    • Identify where the State could best invest & reduce risk
    • Ties to “Continuity of Operations” COOP (HLS & NIMS Rqmt)
  • Transition to a new Business Continuity Culture
    • Setup a Business Continuity Management (BCM) Program
    • Establish governance along with Roles and Responsibilities
    • Address Continuity of Operations (COOP) with agencies
    • Join with EMD efforts providing info on NIMS & Emergency Response
    • Promote Agency/Enterprise collaboration to best achieve objectives
participating agencies
Participating Agencies
  • Department of Personnel
  • Department of Corrections
  • Department of Health
  • Department of Licensing
  • Department of Information Services
  • Department of Transportation
  • Retirement Systems
  • Social and Health Services
  • Department of Ecology
  • Health Care Quality Authority
  • Liquor Control Board
  • Labor and Industries
  • Military Department
  • Office of Financial Management
  • State Treasurer
  • Public Disclosure Commission
  • Washington State Patrol
  • Clark County
  • King County
  • City of Seattle
contact information
Contact Information

Judy Sweet, CBCP

Enterprise Business Continuity Management (BCM) Program Manager

Department of Information Services

e-mail: judys@dis.wa.gov | (360) 902-3560