1 / 33

continuityforum

www.continuityforum.org. Continuity Forum acts as a bridge between organisations who have interest in promoting, delivering and utilising Business Continuity and Risk Management. By our actions, Continuity Forum encourages a uniform approach to the delivery of these critical disciplines.

leandra-buchanan
Download Presentation

continuityforum

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.continuityforum.org Continuity Forum acts as a bridge betweenorganisations who have interest in promoting, deliveringand utilisingBusiness Continuity and Risk Management. By ouractions, Continuity Forum encourages a uniform approach to the delivery of these critical disciplines. We provide an unbiased, non-commercial input to regulators, legislators, standards bodies, auditors, & the media.

  2. The Importance of Business Continuity Management & Resilience Russell Price Chairman Continuity Forum

  3. So why is Business Continuity so important ? • What would you do tomorrow if your building was on fire today? • What would your customers do? • What would your competitors do? • What would your bank and shareholders do? www.Continuityforum.org - +44 (0) 208 993 1599

  4. Risk Management – A changing framework Knowledge Reputation Management Image Traditional Asset Protection Value of Intangible assets 1970’s 2000+ Production based economy Mainly National/Local Founded on Plant, Labour etc Knowledge based economy A riskier world? Value of Tangible assets www.Continuityforum.org - +44 (0) 208 993 1599

  5. Technical Economic IT/Systems Breakdown Contamination IndustrialAccident Industrial Accidents Government Crisis Utilities failure On-site product tampering Malicious acts Organisational failure Sabotage Terrorism Labour strikes Off-site product tampering People Social Risk Model Example ‘PEST’ model www.Continuityforum.org - +44 (0) 208 993 1599

  6. The impact on shareholder value After initial reflex (10 days),market begins to assesscompany’s response. Cumulative abnormal returns (%) i.e., change in market cap adjusted for market movement Effective crisis response Ineffective crisis responses 25 50 75 100 125 150 175 200 225 250 Trading days after the event Source: “The Impact of Catastrophes on Shareholder Value,” Rory F. Knight & Deborah J. Pretty, Templeton College, University of Oxford, p. 3. • The chances are that all chief executives are likely to face a crisis. • The ability to managea crisis is a vital standard of good corporate governance because it has: • Major immediate impacton shareholder value (private sector) • Long-term impact on reputation (public & private sector) Source: ‘The Impact of Catastrophes on Shareholder Value’, Rory F. Knight & Deborah J. Pretty, Templeton College, University of Oxford www.Continuityforum.org - +44 (0) 208 993 1599

  7. Building a Secure Business “Building a secure business is not just about supply and demand. It is about the protection and prevention measures that you can put in place against crime, the consequences of a natural disaster, electronic attack, acts of terrorism and other events that would have a negative impact on your organisation” Rt Hon Hazel Blears MP. Secretary of State Secure in the Knowledge (2005) www.Continuityforum.org - +44 (0) 208 993 1599

  8. A word about people, analysis & decision making • The difference between Wisdom, Knowledge and Experience www.Continuityforum.org - +44 (0) 208 993 1599

  9. “Perceptions are truths because people believe them” Epictetus www.Continuityforum.org - +44 (0) 208 993 1599

  10. Audience Participation www.Continuityforum.org - +44 (0) 208 993 1599

  11. BCM - Not just an IT issue! www.Continuityforum.org - +44 (0) 208 993 1599

  12. What can disrupt your business ? Terrorism Flood Fire Power IT Hackers www.Continuityforum.org - +44 (0) 208 993 1599

  13. It will never happen to me ! • For a company, a mission critical incident can be expected once every 1.8 years … some large organisations have hundreds each year! • 88% experience ‘disaster’ on non contract systems or in unplanned areas • 92% substantially upgrade their ‘capability’ after an event • 43% stated that in took them 2 months or longer to recover from the event • An effective Plan can reduce the total loss by 90% plus www.Continuityforum.org - +44 (0) 208 993 1599

  14. Is This An Effective Management Strategy In the Face of the KNOWN Risks! YES! NO!

  15. “Minds (and organisations!) are like parachutes,They work best when open” Lord Thomas Dewar www.Continuityforum.org - +44 (0) 208 993 1599

  16. Business Continuity Management Definition: “Business Continuity Management is a holistic management process that identifies potential impacts that threaten an organisation and provides a framework for building resilience and the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities”. The Business Continuity Institute 2001 www.Continuityforum.org - +44 (0) 208 993 1599

  17. Resilience “at every relevant level (the ability) to detect, prevent and if necessary, to handle and recover from disruptive challenges” Dealing with Disasters 3rd Edition Cabinet Office www.Continuityforum.org - +44 (0) 208 993 1599

  18. Fully tested effective BCM A Success, recovery or failure? B Level of business No BCM – lucky escape C No BCM – usual outcome Critical recovery point Time www.Continuityforum.org - +44 (0) 208 993 1599

  19. THE BUSINESS CONTINUITY MANAGEMENT CYCLE Business Continuity Institute 2002

  20. Current Drivers www.Continuityforum.org - +44 (0) 208 993 1599

  21. Current Regulations/Standards • US - Securities and Exchange Commission - NASD Rules 3510 & 3520 and the NYSE Rule 446 • Basel II & E-banking • UK Civil Contingencies Act • Sarbanes Oxley • UK FSA – BCM Guidance • PAS 56 and from Summer 2006 BSI • King II in South Africa • Singapore - MAS BCM Standard • Australian Standard for BCM • US - NFPA 1600 • Europe - Netherlands, Luxemburg, Belgium, et al www.Continuityforum.org - +44 (0) 208 993 1599

  22. A Changing World Corporate Governance CCA, Comp Act ISO 17799-01 GDPdU & GoBS BS7799-02 NF Z 42-013 COBIT AIPA ITIL King II MAS IT Baseline China APO Basel II Sarbanes Oxley Act www.Continuityforum.org - +44 (0) 208 993 1599

  23. Other Drivers • Investors • Banks • Media • Trade Bodies • Professional Associations • Emergency Services • Local Authorities • Public

  24. The Current Position… • In all sectors there are still serious weaknesses in overall planning for Business Continuity • People and Infrastructure is CRITICAL! • Companies are not planning on a broad enough basis and are failing to maintain current plans • Business Continuity and Risk Management is rapidly developing into a Business essential! www.Continuityforum.org - +44 (0) 208 993 1599

  25. Building Resilience • Continuity is vital for every organisation • Organisations are reliant on Extended Supply Chains • The unexpected will always happen • Adopt a ‘best practice’ approach • Embed Business Continuity Management and Security within theorganisation • Test regularly www.Continuityforum.org - +44 (0) 208 993 1599

  26. Benefits of BCM • Reduces impact and likelihood of failure • Demonstrates professional management • Improves processes • Enhances customer service • Creates competitive advantage • Frees management time spent fire-fighting • Increases confidence in the future • Can reduce cost of capital www.Continuityforum.org - +44 (0) 208 993 1599

  27. And that’s before the Event Strikes ! After an Event the benefits can be calculated in Millions! www.Continuityforum.org - +44 (0) 208 993 1599

  28. EFFECTIVE BCM IS BUILT ON 7 P’s Programme - the total BCM strategy People - Roles and responsibilities, H&S, awareness and education Processes - all organisational processes including ICT Premises - buildings & facilities Providers - supply chain inc. outsourcing Profile - brand, image and reputation Performance - benchmarking, evaluation & audit

  29. ESSENTIAL ELEMENTS OF BCM • Take a holistic approach • ‘End to End’ • Effects, not causes • Prevention, not just cure • Culture of BCM • Need to measurement

  30. Getting Started on BCM • Identify critical activities • Determine what supports these activities • Determine the resilience of the support • Identify and eliminate ‘single points of failure’ • Challenge suppliers about resilience statements • Work with ‘trusted’ suppliers • Include ‘transparency’ in SLAs and contracts • ACT NOW! www.Continuityforum.org - +44 (0) 208 993 1599

  31. Summary • Current trends are toward an environment of professional management of risk though Business Continuity Management • Future trends indicate that there will be a requirement on all organisations to demonstrate adequate planning • BCM is the clear way to demonstrate to stake holders that the company has prepared, and can effectively manage any failure • Industry data proves that failure is inevitable for all organisations • The cost of failure far exceeds the cost of planning • Minimising the effects of loss is only achievable through effective planning • To fail to plan is … to plan to fail! www.Continuityforum.org - +44 (0) 208 993 1599

  32. Thank youAny Questions? Russell PriceChairman Continuity Forumwww.continuityforum.org www.Continuityforum.org - +44 (0) 208 993 1599

  33. www.continuityforum.org Continuity Forum acts as a bridge betweenorganisations who have interest in promoting, deliveringand utilisingBusiness Continuity and Risk Management.By ouractions, Continuity Forum encourages a uniform approach to the delivery of these critical disciplines. We provide an unbiased, non-commercial input to regulators, legislators, standards bodies, auditors, academicbodies & the media.

More Related