Disaster Recovery Planning & Business Continuity Management - Course Contents

 

 

Introduction

  • Course Overview
  • What is BCM
  • The Business As Usual best-practice model for implementing Business Continuity and Disaster Recovery processes

1. Business Continuity Process Objectives

  • Defining your recovery objectives and standards
  • Choosing an appropriate standard such as BS25999 or HB221
  • Updating and aligning recovery objectives with business strategy

2. Risk Management

  • Identifying, analysing and addressing risk
  • Implementing risk mitigations and controls
  • Keeping risk mitigations and controls updated

3. Business Continuity Teams & Buy-in

  • Determining who needs to be involved
  • Achieving buy-in and commitment
  • Maintaining commitment and enthusiasm

4. Key Business Process Identification

  • Establishing and determining criticality ratings of essential business processes
  • Defining dependencies between processes
  • Identifying activities and resources that are required for critical functions
  • Reviewing criticality ratings and essential resources

5. Operational & Financial Impacts

  • Preparing for likely scenarios which may cause disruptions
  • Assessing operational and financial impacts of possible scenarios
  • Preparing documentation of acceptable outage time and data loss and making it available
  • Reviewing mechanisms for business impact information

6. Implementing & Testing Continuity Provisions

  • Determining and implementing continuity provisions
  • Choosing work-arounds
  • Reviewing continuity treatments
  • Performing initial testing after installation

7. Business Continuity Plan Documentation

  • Documenting suitable procedures for Crisis Management, Emergency Response, Damage Assessment, People Safety, Evacuation and First Aid
  • Maintaining documented procedures
  • Ensuring the plan achieves acceptable continuity levels that are in line with business expectations for recovery of key business processes
  • Establishing people, team and technical recovery procedures and keeping them updated
  • Maintaining crisis notification/communication plans - to inform internal and external parties

8. Exercises, Training & Awareness

  • Conducting recovery tests - including external suppliers
  • Creating post-exercise reports
  • Tracking resolution of issues
  • Achieving process awareness amongst key recovery team members
  • Ensuring training programs are in place - and conducted!