Insert sponsor logo here

Business Continuity Establishing a Successful Program

2011 ISACA Webinar Program

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Clyde Hague, CISM, CISSP, CRISC Information Security Officer I f ti S it Offi First Merchants Corporation

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Discussion Topics

Breaking Down the Parts C t a S lid B Create Solid Base f B i for Business Continuity Additional Parts that Enhance Sustainability

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Defining Basic Parts of Business Continuity Incident Response Plan

Handles unexpected events that hopefully will be contained and not need the BCP or DR Does not necessarily require BCP activation nor a disaster declaration Sh ld i l d well-defined severity and d l ti Should include ll d fi d it d declaration criteria, escalation and notification processes Detect, Diagnose, Manage, Contain/Minimize Effects, Restore, Determine Cause, Implement Improvements

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Defining Basic Parts of Business Continuity Business Impact Analysis/Risk Assessment

Identifies the resources critical to an organizations continued existence, identifies threats posed to those resources, assess the likelihood of those threats occurring, and the impact of each of those threats on the organization. (Risky Thinking; www.riskythinking.com) Everyone knows what order everything will be recovered in. Perform a gap analysis with existing BCP and DR Forms the basis for and is part of your BCP and DR

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Defining Basic Parts of Business Continuity Business Continuity Plan

A guide for moving through events to continue your business, especially critical services, not just IT N t all i l i Not ll inclusive Some combine BCP and Disaster Recovery; some keep separate p p Based on a Business Impact Analysis Includes:
S Specific steps all are t f ll ifi t ll to follow and who i responsible d h is ibl Contact information/call trees Unique documents for different disciplines

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Defining Basic Parts of Business Continuity Disaster Recovery

Again, some combine with BCP while others separate Based on Business Impact Analysis An incident can become a disaster either by mishandling or by natural progression of the incident Directs the recovery of systems and services by people while a BCP directs people Not just IT

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Create a Solid Base

Supporting documentation must be in place T i all appropriate personnel Train ll i t l Ensure communication channels are established and functioning Everyone reports incidentsthe timing y p g and reaction can make all the difference

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Additional Parts
Remote Access for employees Citrix is an example
Allows for higher productivity during an event If recovery site is far away, remote access saves money by limiting travel to necessary employees Employees are happier as they stay at or near their homes Put in place before an event Incorporate in normal work processes - Train and Practice Consider pairing it with Out of Band Authentication or other log on security

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Additional Parts
A Mature Vendor Management Program
Do your contracts and agreements provide for your needs during an event? Uptime guarantees are not enough. Are your critical vendors contact info in your BCP? D your critical vendors h Do iti l d have t t d BCP/DR i tested BCP/DRs in place? Do they participate in your DR test? What about Cloud Computing? Remember Amazon EC2

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Additional Parts
An involved emergency response team Paper plans at home or car and at work A user b base th t communicates events that i t t Consider Addendums to Your BCP for Specific Situations
Pandemic Plan Severe Weather Procedure

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Additional Parts
Update and Testing
Plans should be updated periodically at set times Test for disaster restoration of critical infrastructure and business applications Test the applicability and usability of the business continuity plan ti it l Act on lessons learned

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Additional Parts
Different Forms of Testing
Penetration Test Social Engineering Test

Post Event Review

Take the time Figure out what went wrong AND what went right i ht

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.

Questions? Questions?
Thank you for your time!
Clyde Hague, CISM CISSP CRISC Cl d H CISM, CISSP, Information Security Officer First M h t Corporation Fi t Merchants C ti

2011 ISACA Webinar Program. 2011 ISACA. All rights reserved.