Business Continuity Planning

African Regional conference 2015

Kurt Ryelandt / Nils Maronier

Cape Town, 5 -7 May 2015

ARC Services Update – May 2015 – Confidentiality: External

Interface

Network

MV-SIPN

Messaging

Services

FIN

InterAct

FileAct

Browse

Business

Applications

Market

Infrastructures

Service

Providers

Correspondents

Effective BCP is integrated everywhere

Customer

ARC Services Update – May 2015 – Confidentiality: External

Why BCP?

Crisis

External Threats

Utilities

People

Infrastructure

Security

Natural disasters

ARC Services Update – May 2015 – Confidentiality: External

ARC Services Update – May 2015 – Confidentiality: External

What about you?

Business continuity framework

Business Continuity Framework

Business Continuity best practices

ISO22301 Actions Status

BC Program Mgt Well established BC framework ?

Understanding the Organization & Determining BCP Strategy

Risk Management

Business Impact Analysis

Documented recovery objectives

?

?

?

Developing the BC Response

Resiliency principles

Business Continuity Plans

Crisis management framework

?

?

?

Exercising, auditing BC capability

2+ exercises per year

Annual review of BC Plans

Internal & external BC audits

?

?

?

BC culture Embedded FNAO culture ?

Business Continuity Framework

Controllable impact

Substantial impact

DANGER Zone

Business impact analysis

Financial

Business

Reputational

Large scale

External exposure

e.g. Media attention

Crucial point

Imp

act

Business Continuity Framework

Recovery Objectives

Recovery Time Objective (RTO): Maximum service unavailability time in single

site disruption. It includes ‘lead time’ and

‘system restoration time’ RTO & RPO

Recovery Objectives drive investment decision

(incl reputation)

Recovery Point Objective (RPO): Maximum amount of time in which service

data may be lost following a site outage. It

represents the required off-site backup

frequency.

Business Continuity Framework

Business Continuity Plan - Structure

• Critical Services and Functions

• Roles & Responsibilities

• Recovery Process

• Key phone numbers

Business Continuity Framework

Practicing our readiness…

Business

Continuity

Testing

Regular resilience

testing at the

system/network

levels

Service Continuity

exercises

Business Continuity

exercises

Simulation Support

exercises

More complex system

and network recovery

tests

Training-like events

to assess Business

Continuity Plans and

Crisis Mgmt process

Infrastructure and plans

The practice and how could you benefit?

Layers of resilience

Multiple connections, protected sites, built-in backup within Operating Centers

Transfer operations to alternate site within 20-30 minutes in the unlikely event layer 1 fails - zone failures don’t impact other zones

Disaster Recovery Infrastructure for the extreme case where layer 2 is not enough - can be activated for single zone with no impact to other zones

Layer 1

Intra-Site

Layer 2

Inter-Site

Layer 3

Disaster

Recovery

Layers of resilience

Multiple connections, protected sites, built-in backup within Operating Centers

Transfer operations to alternate site within 20-30 minutes in the unlikely event layer 1 fails - zone failures don’t impact other zones

Disaster Recovery Infrastructure for the extreme case where layer 2 is not enough - can be activated for single zone with no impact to other zones

Layer 1

Intra-Site

Layer 2

Inter-Site

Layer 3

Disaster

Recovery

Alliance Connect Network connectivity products including resilience

Alliance Lite2

Alliance Connect Everywhere

Leverage evolution & investment in

mobile technolgy

1SS: Single Interface to the

customer

Global coverage

E2E one stop shopping solution: all you need to connect & operate

your SWIFT environment in one package for low volume users

Managed low cost solution for low

volume users

Private VPN, non internet based

Alliance connect Everywhere

Alliance Connect: who is it for?

• Prime connectivity in

combination with Lite 2.

• Alternative to internet

connectivity

• Business continuity

• Connectivity when everything

else fails

Alliance

Remote

Gateway

• Also possible as prime

connectivity for ARG

• 3G recommended

Alliance connect Everywhere

Alliance Connect Everywhere:

Pricing details

• Phased roll out-legal checks necessary

• A country list will be made available on swift.com

• A banded monthly subscription fee in

function of messages send/received:

• A one time fee for the wireless box (spare

box optional): 500 EUR

Daily # of units sent and received Price

(EUR)

1 Between 0 and 25 110 2 Between 25 and 100 150 3 Between 100 and 500 170 4 Between 500 and 2000 200

1 unit= 1 MT, or 1 MX or 10 kChar of a file

Alliance Connect Everywhere: summary

Peace of mind: SWIFT is

your single point of

contact

Plug & Play installation

Low cost entry point

For Lite 2/ARG/Lifeline

users

Secure solution

Steven.maerschalck@swift.com

Layers of resilience

Multiple connections, protected sites, built-in backup within Operating Centers

Transfer operations to alternate site within 20-30 minutes in the unlikely event layer 1 fails - zone failures don’t impact other zones

Disaster Recovery Infrastructure for the extreme case where layer 2 is not enough - can be activated for single zone with no impact to other zones

Layer 1

Intra-Site

Layer 2

Inter-Site

Layer 3

Disaster

Recovery

Operational & resilience best practices

Correct sizing

of Leased Line

bandwidth

Window Size in

line with Traffic

Requirements

Load Sharing

between

Leased lines

Fin Delivery Subset sharing

Monitor that no message

queuing occurs in CBT (In

& Out)

Each CBT primarily

connected to local

Connectivity Interface

Real Time Traffic Distribution

to multiple SNLs (IA & FA) Same SnF queue acquired by

multiple SNLs (IA)

End User Message

investigation and

reporting done in

Middleware

Multiple LTs on each CBT

instances (different on each

CBT) Monitoring of the cross site connectivity

R7

Database resilience

Alliance DB Recovery

Back office

resiliency

Virtualisation

Leverage Technology

Simplify connectivity

Alliance Remote

Gateway

Layers of resilience

Multiple connections, protected sites, built-in backup within Operating Centers

Transfer operations to alternate site within 20-30 minutes in the unlikely event layer 1 fails - zone failures don’t impact other zones

Disaster Recovery Infrastructure for the extreme case where layer 2 is not enough - can be activated for single zone with no impact to other zones

Layer 1

Intra-Site

Layer 2

Inter-Site

Layer 3

Disaster

Recovery

What is Alliance Lifeline?

Internet Optional:

Alliance Connect

Alliance

Lifeline

HSM Interface

MV-SIPN

Connect to SWIFT via

Alliance Lifeline

Browsers

@

AutoClient

Primary / backup / DR infrastructure

at customer site

Alliance Lifeline

light ‘footprint’

at customer site

Application

When your main SWIFT

Sites become

unavailable

Technical Assessment

Content • Architecture: SWIFT components, Middleware & BO integration

• Capacity – keeping in mind future business outlook

• Resilience: review recovery solutions for hw&sw malfunctions

• Procedures: gap analysis with regards to operational

procedures

• Monitoring: problem detection mechanism and highlevel

escalation

• Security: security set-up and access control on SWIFT

applications

• Configuration: high level configuration assessment

• RACI: roles and responsibilities for main SWIFT activities

Background Within the financial industry, the SWIFT infrastructure is

typically defined as business critical. As a result, IT Managers

are bound to run risk-free operations but are at the same time

challenged by technology evolution, cost pressure, strict

security requirements, technical implications from mergers &

acquisitions, etc.

Building on strong knowledge and expertise, SWIFT can

provide a neutral assessment of the SWIFT infrastructure and

its operations. The outcome will be a number of quick wins as

well as strategic recommendations.

Also internal audit teams or post-incident tiger teams could

call upon SWIFT assistance when the SWIFT infra is in scope

SWIFTNet

SNL

Alliance Gateway

Alliance Access Alliance Access

SNL

Alliance Gateway

BO application / middleware layer

Business Continuity Exercises

Practicing our readiness…

Business

Continuity

Testing

Regular resilience

testing at the

system/network

levels

Service Continuity

exercises

Business Continuity

exercises

Simulation Support

exercises

300+ per year

More complex system

and network recovery

tests

6 weekends per year

Training-like events

to assess Business

Continuity Plans and

Crisis Mgmt process

50+ per year

Practicing our readiness… Example Service Continuity Testing

Business

Continuity

Testing

Regular resilience

testing at the

system/network

levels

Service Continuity

exercises

Business Continuity

exercises

Simulation Support

exercises

300+ per year

More complex system

And network recovery

tests

6 weekends per year

Training-like events

to assess Business

Continuity Plans and

Crisis Mgmt process

50+ per year

Active

Standby

Layer-1

Intra-site test

Site 1

Active Standby Standby Active

Site 2

Layer-2

Inter-site test

Practicing our readiness… Example Simulation Support Testing

Local Emergency Support

Govt Emergency Support

Local Command

Team

Command

Centre

SWIFT members

Practicing our readiness… Example Business Continuity Testing

EU zone TA zone

OPC Recovery Test - October

SWIFT cold start community test – April

Testing strategy

OPC-US OPC-CH OPC-NL

OPC-US OPC-CH OPC-NL DRI DRI

In Summary

Rehearse the recovery procedures

Test system, people & process resilience

Walkthrough, desktop, role-play simulations

Involve SWIFT staff at all levels, local authorities and

customers

Incident and crisis management @SWIFT

Serious problem with

business impact

Local disruption to a

service

Severe impact to

financial community

Problem

Incident

Crisis

Focus on people and customer

SWIFT Consulting Services – Operational Excellence - SOFE 2014 43

Summary

Business Continuity Framework