Business Continuity Management or Risk Management? Aligning Expectations for Business Strategies by Dr Goh Moh Heng
•Transferir como PPTX, PDF•
3 gostaram•2,541 visualizações
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Business Continuity Management or Risk Management? Aligning Expectations for Business Strategies by Dr Goh Moh Heng
Semelhante a Business Continuity Management or Risk Management? Aligning Expectations for Business Strategies by Dr Goh Moh Heng (20)
Mais de BCM Institute
Mais de BCM Institute (20)
Último
Último (20)
Business Continuity Management or Risk Management? Aligning Expectations for Business Strategies by Dr Goh Moh Heng
- 1. Welcome
- 2. Navigating Through Uncertainties of Risk Dr Goh Moh Heng PhD BCCE DRCE BCCLA President 2
- 3. BCM Institute Started in January 2005. Provide competency based BC-DR training to all levels. Certify BC-DR professionals globally. Started Certification programme in April 2007. More than 1500 professionals from 850 organizations and 40 countries.
- 4. Professional Certification Business Continuity IT Disaster Recovery BCM Audit Membership
- 5. Business Continuity Management or Risk Management? Aligning Expectations for Business Strategies Dr. Goh Moh Heng PhD BCCE DRCE BCCLAPresident, BCM Institute and Managing Director, GMH Continuity Architects
- 6. Agenda BC Planning Methodology Risk Analysis and Review Risk Assessment Process Step-by-stepAchieving Certification
- 7. BCM Planning Methodology Source: Goh, Moh Heng (2008): Analyzing and Review the Risk for Business Continuity Planning ISBN: 978-981-05-9215-8
- 8. Risk Analysis & Review
- 11. Identify Threats Man-Made Toxic and radioactive contamination Sabotage (both external and internal) Riot, civil disorder and coup Fraud and embezzlement Accidental explosion (on and offsite) Water leak and plumbing failure Workplace violence Terrorism Aircraft crash Vandalism Arson Physical asset theft Misuse of resources Building and physical security weakness Fire Natural Tornado (wind storm) Thunderstorm and hail storm Lightning and electrical storm Snow and winter ice storm Typhoon and hurricane Flood and other water-based incident Earthquake Mudslide Volcanic eruption and ash fallout Tsunami Large natural fire Epidemic and pandemic
- 12. Identify Threats Business Power outage Labor dispute Employee turnover and single point of failure Unavailability of key personnel Human error Gas outage Water outage Loss of transportation Single source suppliers Information Technology Voice and data telecommunication failure IT equipment failure Human error from programmers and users Security vulnerability Data and software sabotage In-house developed application failure HVAC failure Defective software
- 13. Analyse Risks Estimate the risk likelihood of occurrence Identify risk impact of the threat materializing Determine risk (rating) level
- 14. Descriptor: Risk Likelihood of Event
- 15. Descriptor: Risk Impact of Event
- 16. Risk Analysis Process Controls What is cost for the Controls to be implemented? What Controls are in place? Risk Rating What is the potential loss exposures to business? How does the threat affect business operations? What is the likelihood that the threat will adversely affect business operations? Threats Risk Likelihood What is the effects on people, infrastructure, facilities, and systems? Risk Impact What are the adverse events that can occur?
- 17. Risk Evaluation Assess Risk Rating and prioritized for further treatment
- 18. Risk Rating andLevel Matrix
- 19. Risk Evaluation: Risk Rating
- 20. Evaluation Criteria Criteria Examples: People Processes Infrastructure Weighting for different criteria
- 21. Risk Treatment Explore Risk Treatment Strategies for risks deemed unacceptable Document reasons for selection of strategy for each risk treatment
- 22. Risk Analysis Process Controls What is cost for the Controls to be implemented? What Controls are in place? What risk treatment? Risk Rating What is the potential loss exposures to business? How does the threat affect business operations? What is the likelihood that the threat will adversely affect business operations? Threats Risk Likelihood What is the effects on people, infrastructure, facilities, and systems? Risk Impact What are the adverse events that can occur?
- 23. Risk Treatment Strategies Risk Acceptance Risk Avoidance Risk Transfer Risk Reduction
- 24. Risk Treatment Strategies Transfer Avoid Reduce / Active Control Reduce (if Cost Justifiable) Accept
- 25. Risk Reduction Fire Pandemic Business Continuity Plan (BCP)
- 26. Risk Analysis and Business Continuity Planning Process Risk Treatment Strategies Treatment for risks that could potentially interrupt business operations
- 27. Risk Treatment 27 04-
- 28. Implement & Monitor Present Recommendations to management for approval Implement recommendations Monitor results Adjust as necessary
- 31. THANK YOU Dr Goh Moh Heng President Mobile: +65 96711022 Tel: +65 63231500 Fax: +65 63230933 Email: moh_heng@bcm-institute.org
Notas do Editor
- BCM Institute Leading global Business Continuity (BC) & Disaster Recovery (D R) Institute. Established in 2005. Offers a wide range of quality BC and DR courses. Certified over 1,250 professionals from 36 countries.
- This table is a guide on the severity of the impact caused by the threat that occurred.