1 / 18

IT Service Continuity Management

IT Service Continuity Management. Goal – Primary Objective. To support the overall Business Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales. Why Continuity Management.

uri
Télécharger la présentation

IT Service Continuity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT Service Continuity Management

  2. Goal – Primary Objective • To support the overall Business Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales

  3. Why Continuity Management • Ensuring business survival by reducing the impact of a disaster or major failure • Reducing the vulnerability and risk to the business by effective risk analysis and risk management • Preventing the loss of Customer and User confidence • Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business Continuity Plan

  4. Considerations • IT Service Continuity options need to be understood and the most appropriate solution chosen in support of BCM requirements • Roles and responsibilities need to be identified and supported from a senior level • IT recovery plans and Business Continuity plans need to be aligned regularly reviewed, revised and tested

  5. The Business Continuity Life-cycle Overview • Stage 1 – Initiation • Initiate Business Continuity Manager • Stage 2 – Requirements and Strategy • Stage 3 - Implementation • Stage 4 - Operational Management

  6. Stage 2 – Requirements and Strategy Business Impact Analysis Identification of Critical Business Processes and Speed of Recovery Risk Assessment and Methodology Threats to Assets CRAMM – CCTA’s Risk Analysis Management Methodology (Central Computer and Telecommunications Agency) Business Continuity Strategy Based on Top Risks

  7. Risk Analysis (CRAMM) ANALYSIS Assets Threats Vulnerabilities Risks MANAGEMENT Countermeasures

  8. Risk Analysis • Asset Categorise and RANK 1-10 • Hardware • Software • People • Buildings etc. • Threat List and RANK 1-3 • Vulnerability against Assets Matrix RANK 1-3 Risk = Asset * Threats * Vulnerability

  9. IT Recovery Options • Do nothing • Manual back-up – revert to pen and paper • Reciprocal arrangements with another company • Gradual recovery - Cold Standby • Intermediate recovery - Warm Standby • Immediate recovery - Hot Standby

  10. Gradual Recovery – COLD standby • Time to recovery > 72hrs • Empty Computer space • Remote • Portable • Nothing in the rooms • Requires contracts / procedures in place to set up

  11. Intermediate Recovery – WARM standby • Time to recovery 24hrs to 72hrs • Filled Computer space • Remote • Portable • Networked Computers but with NO Data

  12. Immediate Recovery – HOT standby • Time to recovery “within the working day” 0hrs to 8hrs • Filled Computer Space • Remote • Portable • Networked Computers with Data (but not necessarily up to date)

  13. Benefits of Continuity Management • Management of risk and the consequent reduction of the impact of failure • Fulfilment of regulatory requirements • Potentially lower insurance premiums • A more business focussed approach to IT continuity and recovery • Reduced business disruption during an incident • Increased customer confidence and organisational credibility

  14. ISCM Exam Tips • Know the Disaster Recovery options

  15. Exam Questions • In relation to IT Service Continuity Planning, the severity of a disaster depends upon: A The time of day it occurs B How many people are available to assist in recovery C The type of disaster, whether flood, fire etc D The impact (EFFECT) upon customers’ businesses

  16. Exam Questions • Consider the following statements about IT Service Continuity Planning: • The intermediate recovery external option offers a remote installation, fully equipped with all the required hardware, software, communications and environmental control equipment • The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be available due to over-subscription ABoth B Neither C Only 1 D Only 2

  17. Exam Questions • Your organisation has just entered into a Gradual Recovery (Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is INCORRECT for what you could find at the contingency site? A A building, electricity, telecommunications equipment, office space for technical staff B Stand-by generator, telecommunications equipment, system manuals, support staff, water C A building, telecommunications equipment, a computer, support staff, documentation D A building, electricity, water, support staff, system manuals

  18. Exam Questions • Which of the following would you NOT expect to see in an IT Service Continuity Plan? A Contact lists B The version number C Reference to change control procedures D Full Service Level Agreements (SLM)

More Related