GlobalCONTINUITY described from a practical point of view

100 %
0 %
Information about GlobalCONTINUITY described from a practical point of view
How-to & DIY

Published on February 27, 2014

Author: audisec

Source: slideshare.net

Description

GlobalCONTINUITY is software for the implementation, deployment and maintenance of business continuity management systems (Business Continuity Plans) based on ISO 22301.

GlobalCONTINUITY only implements the standard ISO 22301?

No, GlobalCONTINUITY is much more valuable because it can be used for any aspect related with Business Continuity and Disaster Recovery, Risks, BIAs, Continuity Control Panels, Crisis Management, etc.

What we understand by business continuity?
Those activities are taken in preparation a company for surviving disasters and for preventing them.

What type of disasters?

- Natural Disasters (floods, earthquakes, fire…)
- Industrial Disasters.
- Strikes and pandemic diseases.
- Cyberattacks.
- Falls of Information systems.
- Internal attacks by employees.
- Etc…

OVERVIEW:

1. Main characteristics:

Continuity objectives
Meeting minutes
Document Management
Control Panel
Users management
Project Management
Tasks and obligations
Employees management

2.Business Impact Analysis

Guided questionnaires for BIAs
Automatic BIAs
Consolidation of BIAs
Calculation of MTPD, RTO and RPO

3.Risk Analysis & Risk Management

Asset inventory
Risk analysis
Risk management
Historical versions and reports
Catalogs of risks
High return on investment
Risk simulation

4. Continuity Plans & Disaster Recovery

Disaster scenarios
Continuity plans and disaster recovery
Crisis management in real time
Automatic deployment of the plans
Planning and implementation of tests of the plans
Control Panel and follow-up of the deployment

In summary:

We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard
It’s flexible in methodologies.
It reduces time for performing the impact analysis and risk analysis.
It allows you to add the entire structure of the BCP and DRP with a high level of detail (or easier).
It manages the crisis in the event of a real incident.
Control panels for knowing how the system works.
User-friendly software and very quick putting into operation.

Additionally, the software has more options such as:
Project management
Document management system
Management by roles of the users.
Reports management.
Etc.

Therefore, it’s not only a platform for business continuity and disaster recovery, GlobalCONTINUITY® gives an added value.

WHAT IT IS? GlobalCONTINUITY® explained from a practical point of view

• AUDISEC is a consultant company with huge experience in more than 300 companies and public administrations worldwide: Information Security, Continuity, Risks, Control Panels… • GlobalSUITE®: software developed according to the experience for the implementation of risk management systems, business continuity plans, information security, etc. Moreover, it allows you to implement other standards such as ISO 27001, ISO 31000, ISO 20000, …

GlobalSUITE®: Integral Solution of Management Systems GlobalSUITE® is the unique software worldwide that manages INTEGRALLY the implementation, maintenance, automation & monitoring of any management system. GlobalSUITE® allows the integrated management of the entire certifications & management systems that the company have implemented previously.

GlobalSUITE®: Integral Solution of Management Systems GlobalSUITE® is an application which encloses multiple solutions for managing and maintaining Management Systems in an integrated way.  GlobalSGSI® Information Security Management Systems (ISMS) (ISO/IEC 27001)  GlobalCONTINUITY® Business Continuity Plans (BS25999/ISO 22301 )  Global20000® IT Service Management (ITSM) (ISO/IEC 20000)  GlobalSGPIC® Systems for the Critical Infrastructures Protection  GlobalRISK® Advanced Risks Analysis & Management (ISO31000)  GlobalENS® National Security Framework. (ENS in Spain)  GlobalBSC® Integral Control Panel – Balanced ScoreCard (BSC)  GlobalCOMPLIANCE® Legal Compliance  GlobalLOPD® Personal Data protection systems  GlobalSG® Quality Management Systems (ISO 9001)  GlobalSG® Environmental management systems (ISO 14001)  GlobalSG® Occupational health and Safety Management (OSHAS 18001)  Etc.

• Large Banks in Spain and LATAM. • Several public administrations and ministries departments • Utilities companies and Tech companies • Industrial organizations: Power, pharmaceuticals, logistics, etc.

It’s software for the implementation, deployment and maintenance of business continuity management systems (Business Continuity Plans) based on ISO 22301.

GlobalCONTINUITY only implements the standard ISO 22301?

GlobalCONTINUITY only implements the standard ISO 22301? No, GlobalCONTINUITY is much more valuable because it can be used for any aspect related with Business Continuity and Disaster Recovery, Risks, BIAs, Continuity Control Panels, Crisis Management, etc.

What we understand by business continuity? Those activities are taken in preparation a company for surviving disasters and for preventing them. What type of disasters?  Natural Disasters (floods, earthquakes, fire…)  Industrial Disasters.  Strikes and pandemic diseases.  Cyberattacks.  Falls of Information systems.  Internal attacks by employees.  Etc…

Overview  Main Characteristics      Users management Project Management Tasks and obligations Employees management Guided questionnaires for BIAs Automatic BIAs Consolidation of BIAs Calculation of MTPD, RTO and RPO Risk Analysis & Risk Management          Business Impact Analysis      Continuity objectives Meeting minutes Document Management Control Panel Asset inventory Risk analysis Risk management Historical versions and reports  Catalogs of risks  High return on investment  Risk simulation Continuity Plans & Disaster Recovery       Disaster scenarios Continuity plans and disaster recovery Crisis management in real time Automatic deployment of the plans Planning and implementation of tests of the plans Control Panel and follow-up of the deployment

I’m implementing a business continuity project… How GlobalCONTINUITY may help me?

It solves common problems of this type of projects In the initial phase, it allows you to define perfectly the scope and objectives, committees and people involved, to carry out the first GAP for viewing the levels of maturity in continuity, etc.

It solves common problems of this type of projects. BIA (Business Impact Analysis).  How develop the BIA; surveys which must be provided to several departments and people; consolidate that information, all the information must be implemented according to a reliable methodology, it must be performed in a reasonable time.

BIA in GlobalCONTINUITY®  Configuration of impacts, valuation levels, time scales and criteria by each impact.  It’s possible to send customizable surveys to the user from the own platform or by e-mail.  Consolidation of BIA for obtaining data of each process according to multiple answers.  Calculation of MTPD/MAO, RTO, RPO, MBCO…

BIA in GlobalCONTINUITY® BIAs BIAs BIAs BIAs BIAs Consolidated BIA BIAs BIAs BIAs

And the risk analysis…. May I implement it in GlobalCONTINUITY®?  We can perform the risk analysis; customize the definition of its methodologies, identify threats, elaborate action plans, carry out the follow-up, relate them with BCP or DRP, etc.

How manage the risks in GlobalCONTINUITY®  Qualitative and quantitative methodologies or mixed. Customized definition of calculation methods.  Libraries of threats which can be customized by the user. Levels Formulas Typologies

Moreover, there are additional functionalities for better management of the risks: Analyze the cost of the risks through different types of cost. Perform simulations of how will be the new scenario of risks in the event of implementing the treatment plan. • Carrying out a study of the return on investment of the risk treatment plans.

Here ends the phase of analysis and planning, Which type of value provides GlobalCONTINUITY®?  Process optimization in time, costs and results  Way of work contrasted in hundred of companies and organizations  Methodological flexibility

We have already completed the first phase of the project…

‘DO’ phase, the implementation

‘DO’ phase: the implementation. Mainly it focuses in the implementation activities of the business continuity plans (BCP), disaster recovery plans (DRP) and crisis management plans or incident management.

‘DO’ phase: In which contributes GlobalCONTINUITY®? It divides the project in a flexible way:  One BCP and several DRP  One BCP  One BCP y one DRP BCMS  Several BCP and several DRP BCP1  Several DRP BCP2  Several BCP  … DRP1 DRP2 DRP3 There is not imposed any specific structure, but it’s possible to follow the recommendations of the platform. DRP1

What level of detail has? The level of detail of GlobalCONTINUITY® runs from the definition of ‘high level’ of the disaster scenarios and the BCP objectives to the last technical instruction.

It can only be used for IT continuity? No, the BCP and DRP can be focused to any area of the organization and they includes every aspect of the business continuity. Human Resources Organizational Technical/Systems Logistics Back to normality etc…

GlobalCONTINUITY supports continuity plans for several facilities or countries? Yes, thanks to its structure of entities and subentities, GlobalCONTINUITY can define different levels, from a corporal level to other specific facility and having a global vision of the group.

The continuity plans can be tested? There is a specific module for planning and implementing the test; carrying out a deep control to view how the test is evolving in real time.

What will happen if a real incident occur? GlobalCONTINUITY® supports the crisis management and gives a vision of how the real deployment is evolving. And moreover: o Convene and coordinate the table of the crisis. o Deploy the crisis management plan. o Send automatically all the tasks inside the BCP and DRP to each person who has any responsibility, manuals, technical instructions, dependent tasks, etc. o See the remaining time according to our RTO, RPO and MTDP.

How can I review or improve the system? GlobalCONTINUITY® provides the necessary functionality for: o Carry out Business Continuity Audits. o Manage corrective, preventive actions and non-conformities. o Manage day-to-day incidents. o Establish a control panel with objectives, metrics and indicators.

BUSINESS OBJECTIVES CSF INDICATORS METRICS Obj. Cont. Obj. Plan1 Indicator Cont.1 Indicator Cont.2 Obj. Plan2 Indicator Cont.3 MetricA MetricB

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard.

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies.

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies. o It reduces time for performing the impact analysis and risk analysis.

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies. o It reduces time for performing the impact analysis and risk analysis. o It allows you to add the entire structure of the BCP and DRP with a high level of detail (or easier).

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies. o It reduces time for performing the impact analysis and risk analysis. o It allows you to add the entire structure of the BCP and DRP with a high level of detail (or easier). o It manages the crisis in the event of a real incident.

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies. o It reduces time for performing the impact analysis and risk analysis. o It allows you to add the entire structure of the BCP and DRP with a high level of detail (or easier). o It manages the crisis in the event of a real incident. o Control panels for knowing how the system works.

In summary: o We have a platform which covers the complete cycle of the standard ISO 22301, but it can implement Continuity Plans and Disaster Recovery Plans without following requirements specified by the standard o It’s flexible in methodologies. o It reduces time for performing the impact analysis and risk analysis. o It allows you to add the entire structure of the BCP and DRP with a high level of detail (or easier). o It manages the crisis in the event of a real incident. o Control panels for knowing how the system works. o User-friendly software and very quick putting into operation.

Additionally, the software has more options such as: o Project management o Document management system o Management by roles of the users. o Reports management. o Etc. Therefore, it’s not only a platform for business continuity and disaster recovery, GlobalCONTINUITY® gives an added value.

Integration with other systems: o Ticketing tools. o Active directory. o Alarm Centers. o Communication tools. o Knowledge base. o Document managers. o Etc.

Thank you for your attention!

Add a comment

Related presentations

Related pages

Guy Bejerano: A practical view of cloud security - Documents

Guy Bejerano: A practical view of cloud security; of 8
Read more

Guy Bejerano: A practical view of cloud security - Documents

Guy Bejerano: A practical view of cloud security Jun 08, 2015 Documents csaisrael. of 8
Read more

Anthropology From a Pragmatic Point of View - Documents

Share Anthropology From a Pragmatic Point of View.
Read more

C4C Introduction from a technical point of view - Education

Introduction to Korea ~ From a Western Point of View Fact filled document about the current business situation in South Korea.
Read more

IMPLEMENTING DQR A Practical View - Documents

IMPLEMENTING DQR A Practical View 19 February 2013 Danijela Maksimovic CAD Republic of Serbia DQR Specification
Read more

Repair Centers, from a Bonder’s point of view - Documents

Repair Centers, from a Bonder’s point of view. Reported by: Salvatore Costa Universit à di Catania and INFN – Sezione di Catania. General remarks.
Read more

Kabbalistic Judaism from a Shaivite Point of view - Documents

Share Kabbalistic Judaism from a Shaivite Point of view. Embed ...
Read more

Secondary Containment: From A Contractors Point of View ...

Secondary Containment: From A Contractors Point of View ; Slide 2 ; Secondary Containment: Advances in Technology Last 10 years ; Slide 3 ;
Read more

Point of View | Narrator's Perspective | Reading Worksheets

Learn about point of view and how to ... view point in a variety of ... speaker’s point of view influences how events are described.
Read more