it service continuity management n.
Skip this Video
Loading SlideShow in 5 Seconds..
IT Service Continuity Management PowerPoint Presentation
Download Presentation
IT Service Continuity Management

IT Service Continuity Management

549 Views Download Presentation
Download Presentation

IT Service Continuity Management

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. IT Service Continuity Management

  2. Goal – Primary Objective • To support the overall Business Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales

  3. Why Continuity Management • Ensuring business survival by reducing the impact of a disaster or major failure • Reducing the vulnerability and risk to the business by effective risk analysis and risk management • Preventing the loss of Customer and User confidence • Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business Continuity Plan

  4. Considerations • IT Service Continuity options need to be understood and the most appropriate solution chosen in support of BCM requirements • Roles and responsibilities need to be identified and supported from a senior level • IT recovery plans and Business Continuity plans need to be aligned regularly reviewed, revised and tested

  5. The Business Continuity Life-cycle Overview • Stage 1 – Initiation • Initiate Business Continuity Manager • Stage 2 – Requirements and Strategy • Stage 3 - Implementation • Stage 4 - Operational Management

  6. Stage 2 – Requirements and Strategy Business Impact Analysis Identification of Critical Business Processes and Speed of Recovery Risk Assessment and Methodology Threats to Assets CRAMM – CCTA’s Risk Analysis Management Methodology (Central Computer and Telecommunications Agency) Business Continuity Strategy Based on Top Risks

  7. Risk Analysis (CRAMM) ANALYSIS Assets Threats Vulnerabilities Risks MANAGEMENT Countermeasures

  8. Risk Analysis • Asset Categorise and RANK 1-10 • Hardware • Software • People • Buildings etc. • Threat List and RANK 1-3 • Vulnerability against Assets Matrix RANK 1-3 Risk = Asset * Threats * Vulnerability

  9. IT Recovery Options • Do nothing • Manual back-up – revert to pen and paper • Reciprocal arrangements with another company • Gradual recovery - Cold Standby • Intermediate recovery - Warm Standby • Immediate recovery - Hot Standby

  10. Gradual Recovery – COLD standby • Time to recovery > 72hrs • Empty Computer space • Remote • Portable • Nothing in the rooms • Requires contracts / procedures in place to set up

  11. Intermediate Recovery – WARM standby • Time to recovery 24hrs to 72hrs • Filled Computer space • Remote • Portable • Networked Computers but with NO Data

  12. Immediate Recovery – HOT standby • Time to recovery “within the working day” 0hrs to 8hrs • Filled Computer Space • Remote • Portable • Networked Computers with Data (but not necessarily up to date)

  13. Benefits of Continuity Management • Management of risk and the consequent reduction of the impact of failure • Fulfilment of regulatory requirements • Potentially lower insurance premiums • A more business focussed approach to IT continuity and recovery • Reduced business disruption during an incident • Increased customer confidence and organisational credibility

  14. ISCM Exam Tips • Know the Disaster Recovery options

  15. Exam Questions • In relation to IT Service Continuity Planning, the severity of a disaster depends upon: A The time of day it occurs B How many people are available to assist in recovery C The type of disaster, whether flood, fire etc D The impact (EFFECT) upon customers’ businesses

  16. Exam Questions • Consider the following statements about IT Service Continuity Planning: • The intermediate recovery external option offers a remote installation, fully equipped with all the required hardware, software, communications and environmental control equipment • The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be available due to over-subscription ABoth B Neither C Only 1 D Only 2

  17. Exam Questions • Your organisation has just entered into a Gradual Recovery (Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is INCORRECT for what you could find at the contingency site? A A building, electricity, telecommunications equipment, office space for technical staff B Stand-by generator, telecommunications equipment, system manuals, support staff, water C A building, telecommunications equipment, a computer, support staff, documentation D A building, electricity, water, support staff, system manuals

  18. Exam Questions • Which of the following would you NOT expect to see in an IT Service Continuity Plan? A Contact lists B The version number C Reference to change control procedures D Full Service Level Agreements (SLM)