NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
Managing and Sustaining a Global Business Continuity Management Programme
1. Managing and Sustaining a
Global Business Continuity Management Programme
Presenter Name : Arunabh Mitra
Company : Genpact
www.worldcontinuitycongress.com
4. The New enterprise
Pressure to outsource noncore processes through successive bursts of downsizing.
Requirement to interoperate within these outsourcing communities has never been greater.
Looking outward beyond enterprise - Value Webs beginning to redefine boundaries of
businesses.
Dynamic Buying Platforms & modern Supply chains are eroding classical definitions of a
business relationship.
New era of e-business partnerships is fluid, and these partnerships are reconstituted almost
"on the fly."
Connected enterprises are being built and then dynamically re-formed from the ground up.
Globalization and push for real-time enterprise is on.
Architecture needs to encourage new levels of information exchange.
Cloud Computing - Next major computing trend that will match our enterprise and business
needs as well as personal lifestyle to computing capacity.
www.worldcontinuitycongress.com
5. BCP Spends & Market Trends
Volcanic Ash $ 365 bill
& power
outage, IT
Man-Made disasters & Security
Hurricane , Information & breach
data security , power
outage
>300 %
$109 bill $
EMEA
America
$
$
>100 %
Acid mine rain, fire &
Earthquake , $41.3 bill $
floods , information
Tsunami, oil $
& data security
spills
$ $
APAC
Africa $ $
$ $
$ $ $
$ $ $
Global economic damage
6 % of the overall IT operating & capital budget is $ $ $
due to absence of or
spent on BCP worldwide across all industries* Forrester $ $
ineffective BCP /DRP
$
Research
2009 2010 2011
IDC Survey on BCP spend across 3 Industries
Financial services Industry Manufacturing Industry Spend Healthcare Industry Spend
Spend $500 MM $100 MM $80 MM
6. GENPACT : Growing Global Footprint
16 Countries* | 57 Delivery Centers | 25 Languages | 58,000+ Employees
Genpact Delivery Footprint
2008 2008 2010 2011 2012 • Unparalleled diversity & depth of services –
over 600 customers managed representing
Countries of 40+ industries
operation 12 13 14 16 16
Operating • A leader in managing business processes
Centres 35 39 42 51 57
Significantly Enhanced Capabilities to Serve Clients across the Globe
* Presence in 21 countries | Delivery centers in 16 countries www.worldcontinuitycongress.com
7. End-to-End Service Offerings Ranging From
Simple to Complex
FINANCE & ACCOUNTING PROCUREMENT & SUPPLY CHAIN COLLECTIONS & CUSTOMER SERVICE
• Accounts Payable • Indirect Sourcing & Procurement • Early & Late Stage Collections
• Order to Cash • Inventory Optimization • Analytics/Skip Tracing
• General Accounting • Order Management • Bankruptcy Originations
• Closing & Reporting • Direct Procurement Support • Customer Care
• Treasury & Tax • Fleet & Logistics Services • Technical/Product Support
• Financial Planning/Analysis • Service Operations • Customer Acquisition & Sales
HUMAN RESOURCE SERVICES RISK MANAGEMENT SERVICES IT INFRASTRUCTURE SERVICES
• Talent Management • Internal Audit • End-user Services/Help Desk
• Core HR Processes • SOX Advisory • Enterprise Computing
• Workforce Analytics • Regulatory Compliance • Network Services
• HR Information Services • Enterprise & IT Risk Management • Security Services
• Fraud Risk Services
Banking & Financial Services Healthcare Automotive
Insurance Pharmaceutical Retail / CPG
Transportation Hospitality Manufacturing
Reengineering
Targeted Analytics
Focused IT
www.worldcontinuitycongress.com
8. Risks in IT/ITES Organizations
Governance &
measurement
Risk Management
Planning and Compliance to
Process Organization Regulation
Adherence to
policy &
Key focus should be to guidelines Non
Inadequate
ensure that there is a future State Compliance with
Regulation or
vision
formal (enterprise level) Staffing & contracts
Reprisal from Continuity &
risk management Inoperable or
employees Higher Churn Availability
process implemented rate & unavailable
Business processes
Inadequate
which leads to: skills Risk
Culture Inadequate
Escalating IT
Risk Identification costs or Poor Knowledge for
Decisions
ESM Quality
Risk Analysis and Diagnostic service Fraud
Treatment Awareness Management
Ineffective
Acceptance of Residual Security
policy or Infra
related to
Info security
Security
risks Un
authorized testing ,
Monitoring
or Information access to
IT Infra
Internal
systems
Risk transference by Security Risk Security
Management Awareness &
enabling outsourcing Training
Data privacy IT security
actions testing
and Data loss
prevention Scanning and
Monitoring
www.worldcontinuitycongress.com
9. Operational Environment - Forces at work
Changing
Regulatory / Legal
Requirements
Client's ever
changing Operations, Organization's
Environment/ GRC & BCM Global
requirements Processes Presence
Compliance to
multiple business/
Global requirements
www.worldcontinuitycongress.com
10. Critical Success factors for a Robust BCMS
Is the BCM Is the current
aligned to BCM scalable to
leading Industry global
Practices ? requirements
Does current BCM Is the current
cater to all enable BCM awareness
faliures and levels and testing
of complexity program
embedded in the
Org culture
BCMS at Genpact
Is current BCM
meeting client
industry
government and Is there a BCM
regulatory Maturity
compliances Roadmap ?
across How well is the
geographies BCM integrated Is the Current
with the BCM scalable
Enterprise Risk and flexible to
manage organic
Management & inorganic
Program? growth
www.worldcontinuitycongress.com
12. Layered Approach to BCMS
Organization Organization wide BCP
Country 1 Country 2 Country wide BCP
City 1 City 2 City 3 City wide BCP
Process 1
Process Level BCP
Process 2
www.worldcontinuitycongress.com
13. Elements of BCM Program
Onsite Tracking & Reporting
Tactical
[Metrics/Plan/Gap Closure]
Onsite Participation Onsite Assessment
[Discussions/Testing/Drills] [FMR/RA/Command Centre]
Resource Management Program Communication
Change Management
Program Automation
Knowledge Management
Strategic
Quality Governance
Risk & Compliance
New Initiatives
Management
Metrics & Reporting Strategic Planning & Roadmap
Program Governance
Genpact Corporate BCP Program
DR & Crisis Management SLAs, MSAs & Compliance Audit & Training
www.worldcontinuitycongress.com
15. Program Maturity Model
1. Staged Requirements (Elementary , Mature , Advanced)
2. Risk based assessment process
3. Focus on Ongoing operations & External Audits
3. Org Maturity = f (x) ( Values , Performance )
4. High Maturity Higher Rewards
www.worldcontinuitycongress.com
16. Challenges in BCM
Company objectives are not aligned with business continuity objectives
BCMS Recently acquired Company Personnel not included in BCM Structure
Framework
BCMS Policy and Procedures are not updated on a regular basis
Vendors / outsourced operations are not included in the BCMS framework
BIA results are subjective and not based on a framework and does not include
qualitative /quantitative analysis
Business BIAs are not updated along-with changing business model and interdependencies
Impact Analysis BIA for IT systems and applications are not undertaken
Business continuity objectives are not identified for support functions
Threat / Risk assessment is not linked to companies ERM Threat / Risk
assessment not undertaken for infrastructure enablers
Risk Risk assessment results have not been closed on a timely manner
Assessment Mitigation action plan was not undertaken to treat / tolerate / terminate /
transfer risks
Country / city / facility and process level BCPs are not integrated
Business Business Continuity Plan not available with critical resources responsible
for recovery and teams not trained on the plans
Continuity Plans
Redundant information in multiple plans
Bulky, non readable business continuity plan document
BCM calendar is not comprehensive and does not cover entire
organization
BCM Testing
BCM plans not tested / exercised on a regular basis
maintenance and Only table top simulations are undertaken, actual drill/test not
awareness performed
www.worldcontinuitycongress.com