BCM Forum Introduction to Government.pptx [Read-Only] Documents...Microsoft PowerPoint - BCM Forum...

z

z

National Business Continuity & Resilience Forum 1

BCM NATIONAL CONTINUITY AND SERVICE RESILIENCE

National CommitteeTreasury Oversight

Practitioners

Regulation

Technical Assistance

National Forum Committee - Constituted in2014 at National Treasury – Concept whitepaperCurrently the BCM Committee and NationalForum works with the Accountant General’soffice to Nationalise BCM and ResilienceConceptsThe Practitioners are ISO 22301 or at leastCBCI Certified. Not all risk practitioners havebeen trained on the BCM standards, this posesa risk in itself.Draft Treasury regulation has been amendedto include BCM in the ambit of Riskmanagement.Technical Assistance is supplied by committeemembers through templates and knowledgetransfer.


Patrick MathoboTotyelwa NoncoPitso LinyeloShilavi FurumeleMandla MalindisaDr Clifford FergusonDelana De JonghTshepile MoganediMokapi SelowaRamabele Magoma-NthiteLinda FlemingShilavi FurumeleTshepile MoganediKim LombardTotyelwa NoncoJulia Mdzikwa

STRATEGY 2019-2021Regulate BCM in public sectorEnable The Committee mandateGovernment curriculum for BCMBCM on Board and EXCO agendasInclusive Government wide BCM programme


Three Areas of Capacity Building

PFMATreasury Regulations

PFMATreasury Regulations

MMFATreasury Directives and Practice notes

NATIONAL DEPARTMENTSAND SOE’SPROVINCIAL LEGISLATURES MUNICIPALITIES


10 National Forum Workshops

240 individuals benefitingNationally per event

Information Sharing to BCM and Risk PractitionersAttracting Chief Risk Officers

STATISTICS01 September 2016 Risk Management Forum for Public Entities, 60 delegates in attendance8 September 2016 Risk Management Forum National, Provincial and Local Government, with approximately 70 delegates 09 March 2017 Risk Management Forum for Public Entities, with approximately 65 delegates in attendance24 March 2017 Risk Management Forum National, Provincial and Local Government, 80 delegates4 July 2017 - Government Continuity Concepts, Guideline & Governance, Recovery sites and a Panel Discussion from our esteemed forum members, there were about 60 delegates10 October 2017 - full aspects of a Business Impact Analysis (BIA), there were about 115 delegates23 April 2018 Progress made on the implementation of the BIA, BCM Strategy, BCM Policy, with round 130 delegatesBreakfast 28 September 2018 BC Strategy and Policy23 April 2018, Business Continuity Plan, Disaster Recovery ,DR Shared site (WAR), 124 Delegates15 February 2019, feedback and reflection on the previous forum and practical discussion of the BCP. 150 delegates 11th of September 2019 where we will discuss option available from Microsoft.


PEOPLE

TECHN

OLOGY

PROCESS

OCUPATIONAL HEALTH AND SAFTEY ACT

ENTERPRISE BUSINESS MANDATEAND FOUNDING ACTENTERPRISE BUSINESS MANDATEAND FOUNDING ACT

DISATER RECOVERY ACT

THREE AREAS TO COVER BY BCM


BCM

Risk CommitteeBusiness Continuity Committee

Business Recovery Committee(Process)

DR and Systems Recovery Committee(Technology)

SHEQCommittee(People & Facilities)


1BUSINESSRECOVERYCore functionsService DeliveryClients, Customers and Stakeholders.Supply Chain

2PEOPLE MANAGEMENTEvacuationFire drillFirst AidTrauma management

3FACILITIES MANAGEMENTFacilitiesWaterElectricityWasteTransportPhysical Security

4SYSTEMS RECOVERYApplicationsSystemsNetworksTelephonyMediaHardwareAccess ControlCyber Security

FOUR PILLARS OF BCM


PDCA ModelContinuous Improvement

P D

C A

PLANAccording to Stakeholder requirements and BIA.

ACTAct out the BC Plan in Practice or Emergency.

DODo the BC Strategy

CHECKCheck and Monitor that BC Plan and Strategy deliver on requirements


HOW TO (GPG 2018)PP1

PP2

PP3PP4

PP5

PP6PP1 Policy & ProgrammePP2 Awareness & CulturePP3 Business Impact AnalysisPP4 StrategyPP5 BC PlanPP6 Monitoring & Audit


BUSINESS CONTINUITY PLANS

Simple and self explanatory

Consistent and flowing Prove efficacy and efficiency through exercise

The Business Continuity Plan (End to End)

BEFORE EMERGENCY RESPONSE PLAN

PROTECTION AND MITIGATION PLAN

INVOCATION

CRISIS MANAGEMENT PLAN

Risks identified and mitigation actions, OHS compliance,

detection systems, reducing impact of incidents on

business

Incident management, emergency actions such as

evacuation, first aid and Fire fighting

Roles, responsibilities and authority

Emergency procedures(BC) Crisis CommitteeCrisis Communication

Assessment, Invocation notification and mobilisation of

Systems Recovery, SHERQ, and Business Recovery

teams. Linked to RPO and RTO.

Invocation

RPO and RTO charter on Human movement, Physical & Cyber Security, IT Systems and networks, suppliers, telecommunications, back-up and restore, office space and seating arrangements, products and services versus actual production

RECOVERY PLAN

The plan on the returning to the original or rebuilt site off the recovery site/s.

RETURN TO NORMAL PLAN

Data collected for analysis in a close out report that explains how the invocation saved business versus the actual cost of such.

LESSONS LEARNT

CommunicationsPolicy

& Plan

Contents of the different BC plans

Emergency Response Plan1) Roles and

Responsibilities2) Evacuation Procedure3) Emergency Reporting

Procedure4) Immediate Measures to

limit impact5) Facility and systems

shutdown procedures6) Preventative and

Detective Measures7) Awareness and Training8) Communication

Common Elements

Crisis Management Plan

Roles, Accountability, Responsibility and

authority

1) Emergency Procedures

2)Notification,

Invocation and Escalation.

3)BC Committee

Agenda for Crisis Meeting.

4)Crisis

Communication Plan5)

Pandemic Plan

Definition of a Pandemic

1) Quarantined and non-quarantined Pandemics

2) Social containment Plan

3) Regional Footprint of the disease

4) Impacted areas of business

5) Business region transfer Plan

Systems Recovery Plan

1. Activation of the recovery Site

2. Transfer logistics to the recovery facility

3. Equipment supply or transfer

4. Core Business Process identification and recovery

5. Call Centre and email recovery

6. Data recovery or switching of data centres

7. Recovery of systems priority list

8. Ghost images for Desktop on work Area recovery

Components

Communication Plan

3) Credible4) Informative

1) Responsive2) Appropriate

Truthful Clarification

Dr Cliff FergusonFor and on behalf of the National Continuity Forum

012 319 [email protected]

THANK YOU


BCM Forum Introduction to Government.pptx [Read-Only] Documents...Microsoft PowerPoint - BCM Forum...

Documents

Transcript of BCM Forum Introduction to Government.pptx [Read-Only] Documents...Microsoft PowerPoint - BCM Forum...