Additional Information
Book Details
Abstract
Successful business continuity requires the creation of and adherence to a logistical plan that ensures an organisation's critical functions are maintained or restored in the event of disruption, eg fires, natural disasters, industrial action. The subject can be made overly complicated, but this book provides a clear and simple template-based approach. The audience for the book is wide and includes CEOs, IT directors, facilities management, operations managers and business unit managers.
Stuart Hotchkiss CISSP, CISA,CISM, ABCP, PMP, is a Business Consultant at Hewlett Packard, based in Geneva. He has 30+ years' experience in IT in various areas from development to marketing and has worked for the last 16 years in security and business continuity.
This is a sound book, which would be a good basic first guide for someone dipping their toe into Business Continuity Management. It is the flat-ended screwdriver in the toolbox of the manager. It may not be the favourite tool, but you would be well advised to make sure it is close at hand when you are tackling any tricky business planning situation.
Wendy Goucher
Successful business continuity requires the creation of and adherence to a logistical plan that ensures an organisation's critical functions are maintained or restored in the event of disruption, eg fires, natural disasters, industrial action. The subject can be made overly complicated, but this book provides a clear and simple template-based approach. Stakeholder involvement is key in BCM so the audience for the book is wide and includes CEOs, IT directors, facilities management, operations managers and business unit managers. It covers all stages and issues from business impact analysis to organisational issues, escalation management and the practical aspects of running a BCM project.
This is an excellent guide to the business continuity process. It is well organised, easy to read and jargon-free. An ideal reference for anyone involved in business continuity - from the office manager to the boardroom.
Susan Rudlin
Table of Contents
| Section Title | Page | Action | Price |
|---|---|---|---|
| Cover | Cover | ||
| Copyright | iv | ||
| Contents | v | ||
| List of Figures and Tables | ix | ||
| About the author | xi | ||
| Abbreviations | xiii | ||
| Glossary | xv | ||
| Preface | xxi | ||
| Preamble | xxiii | ||
| INTRODUCTION AND PURPOSE | 1 | ||
| Why have business continuity? | 1 | ||
| What exactly is a ‘continuity plan’? | 1 | ||
| Business continuity - planning or management? | 2 | ||
| Why does continuity management fail? | 3 | ||
| A real-life continuity plan | 3 | ||
| Outages in practice | 5 | ||
| The BCM lifecycle | 6 | ||
| 1 GENERAL ISSUES IN CONTINUITY MANAGEMENT | 1 | ||
| Some terminology | 10 | ||
| Standards | 13 | ||
| Regulatory issues | 15 | ||
| Availability, uptime and reliable components | 16 | ||
| The downtime myth | 16 | ||
| Application and asset approach | 17 | ||
| It won’t happen to us | 18 | ||
| Disasters | 19 | ||
| The cost of failure | 19 | ||
| The cost of success | 20 | ||
| Customer satisfaction | 21 | ||
| Some industries are different | 21 | ||
| 2 IN PRACTICE – THE FOUNDATIONS | 23 | ||
| Company strategy | 23 | ||
| Continuity strategy | 24 | ||
| Business continuity policy | 25 | ||
| Planning | 26 | ||
| 3 BUSINESS IMPACT ANALYSIS | 28 | ||
| Introduction | 28 | ||
| The objectives of the BIA | 29 | ||
| Level of detail and scope | 30 | ||
| Critical success factors | 31 | ||
| Assessing impact | 32 | ||
| Revenue at risk | 33 | ||
| Questionnaires | 34 | ||
| Tools | 35 | ||
| The process in detail | 36 | ||
| 4 THE BUSINESS IMPACT ANALYSIS REPORT | 38 | ||
| 5 THREATS, RISKS AND RISK ANALYSIS | 42 | ||
| Introduction | 42 | ||
| In practice | 43 | ||
| Risk lifecycle | 44 | ||
| 6 SUPPORTING FUNCTIONS AND DEPARTMENTS | 52 | ||
| The special cases of IT and Facilities | 52 | ||
| General issues with IT recovery architectures | 54 | ||
| IT considerations | 56 | ||
| Procurement considerations | 57 | ||
| Human Resources considerations | 57 | ||
| Facilities considerations | 59 | ||
| Finance considerations | 60 | ||
| 7 SCENARIOS | 61 | ||
| Scenarios and capability | 62 | ||
| 8 PROCEDURES – THE LAST THING TO DO IS THINK | 64 | ||
| IT procedures | 68 | ||
| 9 TESTING AND STAYING FRIENDS | 69 | ||
| In-depth analysis | 69 | ||
| Desk testing | 70 | ||
| Live testing | 71 | ||
| 10 AUDIT | 73 | ||
| Test logs | 74 | ||
| Stakeholder management | 74 | ||
| Auditing yourself | 75 | ||
| 11 IMPLEMENTATION AND GOVERNANCE | 79 | ||
| A governance framework | 79 | ||
| Job descriptions | 80 | ||
| Incident and escalation management | 81 | ||
| Escalation structure | 83 | ||
| 12 COMMUNICATIONS | 86 | ||
| 13 TRAINING | 88 | ||
| 14 ORGANISATIONAL ISSUES | 90 | ||
| Where does BCM fit in an organisation? | 90 | ||
| Keeping the plan up-to-date | 91 | ||
| 15 BUSINESS CONTINUITY AND THE CLOUD | 93 | ||
| 16 LESSONS TO LEARN | 95 | ||
| 17 CONCLUSION | 97 | ||
| APPENDIX 1: REFERENCE DATA | 98 | ||
| APPENDIX 2: TEMPLATES | 102 | ||
| BIA questionnaire template | 102 | ||
| Threat/risk questionnaire template | 104 | ||
| INDEX | 107 | ||
| Back Cover | 110 |