Disasters could cripple your organization, suspending mission-critical processes and disrupting service to your customers. These disasters could be man-made or natural in nature.
The Business Continuity Plan addresses an organization’s ability to continue functioning when normal operations are disrupted. A Disaster Recovery Plan is used to define the resources, action, tasks, and data required to manage the business recovery process in the event of a disaster.
In this workshop you learn to identify vulnerabilities and implement appropriate countermeasures to prevent and mitigate threats to your mission-critical processes. You will learn techniques for creating a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation.
Benefits of Attending:
Using a carefully selected case study, course participants will:
- Create, document and test continuity arrangements for an organization
- Perform a risk assessment and Business Impact Assessment (BIA) to identify vulnerabilities
- Select and deploy an alternate site for continuity of mission-critical activities
- Identify appropriate strategies to recover the infrastructure and processes
- Organize and manage recovery teams
- Test and maintain an effective recovery plan in a rapidly changing technology environment
Exclusive:
- Bring your BCP/DRP for private consultation review
- BCP/DRP Step-by-step Guide
- BCP/DRP templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop
- FREE CD containing course material, case studies, and other related items of the training workshop
Who should attend:
- Vice Presidents, Directors, General Managers
- Chief Information Officers
- Chief Security Officers
- Chief Information Security Officers
- Chief Technology Officers
- Heads of Departments in Information Security Management
Contact Kris at kris@360bsi.com to register.
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Business Continuity, Disaster Recovery Planning & Leadership 18 - 21 June 2013 Jakarta Indonesia
1. BUSINESS
CONTINUITY,
DISASTER
RECOVERY
PLANNING &
LEADERSHIP
18 - 21 JUNE 2013 KEAWAY
FOUR SEASONS HOTEL EXCLUSIinE TA fore 12-APRIL-2013
V
gs be
book th £75)
IT JAKARTA For early bird bership (wor te
Affiliate mem Institu
EE 1 Yeare Business Continuitydetails)
SERIES INDONESIA FR
with th to page 3 for further
(** refer
COURSE OVERVIEW YOUR INTERNATIONAL
Disasters could cripple your organization, suspending mission-critical processes and
disrupting service to your customers. These disasters could be man-made or natural
COURSE FACILITATOR
in nature.
The Business Continuity Plan addresses an organization’s ability to continue
Dr Mark T. Edmead
functioning when normal operations are disrupted. MBA, CISSP, CISA, CompTIA Security+
A Disaster Recovery Plan is used to define the resources, action, tasks, and data IT Security
required to manage the business recovery process in the event of a disaster. In this Consultant & Trainer
workshop you learn to identify vulnerabilities and implement appropriate MTE Advisors
countermeasures to prevent and mitigate threats to your mission-critical processes.
Mark T. Edmead is a successful technology entrepreneur
You will learn techniques for creating a business continuity plan (BCP) and the with over 28 years of practical experience in computer
systems architecture, information security, and project
methodology for building an infrastructure that supports its effective management.
implementation.
Mark excels in managing the tight-deadlines and ever
changing tasks related to mission-critical project
BENEFITS OF ATTENDING schedules. He has extensive knowledge in IT security, IT
Using a carefully selected case study, course participants will: and application audits, Internal Audit, IT governance,
including Sarbanes-Oxley, FDIC/FFIEC, and GLBA
• Create, document and test continuity arrangements for an organization compliance auditing.
• Perform a risk assessment and Business Impact Assessment (BIA) to identify Mr. Edmead understands all aspects of information
vulnerabilities security and protection including access controls,
cryptography, security management practices, network
• Select and deploy an alternate site for continuity of mission-critical activities and Internet security, computer security law and
• Identify appropriate strategies to recover the infrastructure and processes investigations, and physical security.
• Organize and manage recovery teams He has trained Fortune 500 and Fortune 1000 companies
in the areas of information, system, and Internet security.
• Test and maintain an effective recovery plan in a rapidly changing technology He has worked with many international firms, and has the
environment unique ability to explain very technical concepts in
simple-to-understand terms. Mr. Edmead is a sought after
Sample Case Studies: author and lecturer for information security and
information technology topics.
• A major Middle Eastern bank has been experiencing tremendous growth and management feels that Mark works as an information security and regulatory
their current BCP and DRP plans outdated. In this case study the delegates with perform a business
compliance consultant. He has:
impact analysis, based on interviews with key company stakeholders and subject matter experts, and
outline which business areas are the most critical and in need of improved continuity and recovery • Conducted internal IT audits in the areas of critical
plans. infrastructure/ systems and applications,
• A manufacturing company is considering implementing a disaster recovery plan but does not know • Assessed and tested internal controls of critical
which disaster recovery approach they should implement. In this case study the delegates with study infrastructure platform systems (Windows, UNIX, IIS, SQL,
Oracle)
the business enterprise, perform a risk analysis, and determine if a hot site, cold site, warm site, or
another disaster recovery method is the best approach. • Assessed and tested internal controls of various critical
financial applications.
EXCLUSIVE:
: TEMPLATES & TAKEAWAYS • Prepared risk assessments and determined risks to
critical financial data systems and infrastructure
c
components.
c
1. Bring your Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) for
Bring your Busines Continuity Plan/Disaster Recov
Bring your Busines Continuity Plan/Disaster Recovery
ss
private consultation review
on review • Created test plans & processes and executed test plans.
2. BCP/DRP Step-by-step Guide • Conducted reviews of existing systems and
3. BCP/DRP templates and worksheets to aid you in applying and putting into applications, ensuring appropriate security, management
a
practice what you have learned from this workshop and data integrity via control processes.
a
4. FREE copy of the course material, case studies, and other related items of the • Prepared written reports to all levels of management
training workshop
• Participated in audit review panel sessions to address
results, conclusions and follow-up actions required.
r
Tel: +6016 3326360 Fax: +603 9205 7788 kris@360bsigroup com
kris@360bsigroup.com 1
2. COURSE
CONTENT
DAY1 BUSINESS CONTINUITY
LEADERSHIP WORKSHOP WHY THIS EVENT
IT Leadership Workshop is a special one-day course designed to cover The aim of this interactive workshop is to provide
the challenges faced with managing the business continuity efforts in an you with the skills critical to business continuity,
organization. Implementing a full business continuity plan and disaster disaster recovery & risk management.
recovery plan is a major effort. This requires coordination with all After attending this workshop, you will leave
departments. It requires interfacing with individuals at all levels from fully armed with the knowledge needed to
technicians and programmers to managers, directors, and C-level create a business continuity plan (BCP) and the
executives. methodology for building an infrastructure that
supports its effective implementation.
In this workshop you will learn how perform a stakeholder analysis, The combination of interactive presentations,
outline the stakeholders required to accomplish your job, and how to hands-on exercises and open discussion groups
effectively navigate the possible roadblocks preventing you from along with real case studies, ensures you will
accomplishing your tasks. In addition, you will learn tips and techniques obtain maximum value from attending.
that will increase your competence and confidence when influencing
and implementing information technology in your organization.
Managing the Business Continuity Process
- Creating a BCP/DRP framework
- Determining your critical success factors (CSF)
- Determining your key performance indicators (KPI)
- Business continuity management strategies
Understanding your Corporate Culture
- Understanding your organization’s trends, strategy and environment
- Tips, tricks, and trouble spots
- Developing a business continuity management culture
- Exercising, maintenance, and audit
Understanding your Stakeholders
- How to identify your key stakeholders
- Performing a stakeholder analysis
- Creating a stakeholder engagement communication plan
- Getting stakeholder engagement and support
DAY2 BCP/DRP - CONCEPTS & PRINCIPLES
Introduction to Business Continuity and Disaster Recovery Planning
- The difference between business continuity and disaster recovery WHO SHOULD ATTEND
- Why a recovery plan is an integral part of an organization’s operational
Vice Presidents, Directors, General Managers
strategy
Understanding where the threats come from Chief Information Officers
- Understanding codes of practice and legal/regulatory compliance Chief Information Security Officers
requirements Chief Technology Officers
- The step-by-step process for BCP/DRP Business Continuity Officers
Heads of Departments in Information Security
Protecting our assets Management Information Systems, IT
- What are we protecting? Infrastructure, IT Architecture, Network
- What are our mission-critical processes? Operations, IT Operations, IT Data Center,
- How to prioritize what is important to protect DataBase Management, IT Deployment
IT Business Enterprise, IT Risk Management,
What is risk and how do we deal with it?
- Understanding risk assessment methodologies IT Quality Assurance, IT Audit, Risk Management,
- Matching the response to the threat based on the risk Internal Audit, Disaster Recovery
- Enterprise vs. local risk management
- Top business continuity planning mistakes
The need for business continuation – a case study
- Introduction of fictitious business case
- Understand business continuity/disaster recovery needs
- Documenting the continuity requirements
2
3. COURSE
CONTENT
DAY3 RISK ASSESSMENT & RECOVERY
The Business Impact Assessment (BIA)
- What is a Business Impact Assessment?
- Assessing the risk to the enterprise Latest TESTIMONIALS
- How to identify business critical activities
- Impact versus likelihood of occurrence 1 “Session well organized The trainer is ver
organized. very
Establishing the Recovery Options conversant with the subject matter. Well delivered
- Choosing a recovery site and would definitely recommend to anyone else.”
- Habil Mutende, Manager Information Security & Change
- Specifying equipment Management, Central Bank of Kenya
- Choosing suppliers
- How to select backup and restore strategies 2 “Excellent presentation, excellent attitude to
answer our questions & to share his experience.”
Where is the data? - Senior Manager, IT Department, Deloitte
- Why you need to classify levels of information
- Managing data at rest and in transit 3 “I have used Mark in key roles with high visibility
- Understanding data access controls clients. Without hesitation I would highly
- The value of knowing where your data resides recommend Mark for any and all IT audit
engagements. His professionalism, deep
Maintaining user connectivity knowledge, and results oriented work style are
- How to communicate the disaster and recovery efforts to users deeply valued by not only myself, but more
- How to identify and eliminate single points of failure importantly by the all those who are lucky enough
- Communicating with the media to use his services.” - Russ Aebig, Director at Artesient
4 “We have used Mark Edmead on several projects in
the past few years including SOX readiness for
DAY4 PROJECT MANAGEMENT & REVIEW publicly traded companies and IT vulnerability
BCP/DRP Project Management assessments for major financial institutions. He
- Identifying stakeholders always delivers professional and detail-oriented
- Analyzing stakeholder needs workpapers on-time and within budget. Mark is
- Obtaining commitment from upper management highly recommended and we will continue to use
him on other projects.” - Brenda Piazza, Director at CBIZ MHM
Review of the BCP/DRP Process
- Project initiation
- Risk analysis
- Business Impact analysis
- Develop/choose strategies
- Test and validate the plan
- Modify/update the plan
- Approve and implement the plan
Analysis of fictitious business case
Applying lessons learned
**Affiliate membership to Business Continuity Institute COURSE SCHEDULE
Affiliate members Business Continuity Institute
Affiliate members Business Continuity Institute get access the following membership
Affiliate members to Business Continuity Institute get access to the following membership
access following membership 8.00 Registration & Coffee/Tea
benefits: 8.30 Workshop commences
- Continuity magazine – 4 per year (digital version) 10.10 - 10.30 Morning coffee/tea
- Monthly BCI ENewsletter 12.00 - 13.00 Lunch
- Access to ‘member only’ section of BCI website
14.40 - 15.00 Afternoon coffee/tea
- Access to copies of BCI Workshop Reports
- Member rates on BCI products and services 16.00 End of day
- Networking opportunities at BCI organised events
- Access to BCI mentoring programme
- Access to discounted events
3