Punyam Management Services Pvt. Ltd.
Click to edit Master title style Click to edit Master title style
Punyam
• Click to edit Master text styles • –Click to edit Second level Master text styles • Second level • Third level Fourth level • Third–level » Fifth level • Fourth level • Fifth level
6/1/2018 6/1/2018 GMG
1 1
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
1
Punyam Management Services Pvt. Ltd.
What ISO 22301 Click to editisMaster title style Click to edit Master title style
Punyam
ISO 22301 be summarised as: • Click to editcan Master text styles
• –Click to edit Master text styles Second level A standard to provide the best possible framework for • managing Second level continuity within the organization. • Third business level Fourth level • Third–level A set of “controls” against which an organization can be » Fifth level Business continuity. • assessed Fourth for level effective • Fifth level The ISO 22301 standard provide a framework for allowing business to increase resilience and enables an organization to effectively deal with a disruptive incident.
6/1/2018 6/1/2018 GMG
2 2
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
2
Punyam Management Services Pvt. Ltd.
Click to isedit Master title style What Risk Management? Click to edit Master title style
Punyam
• Click to editRisk Master text styles Management • –Click to edit Second level Master text styles • Second level • Third level What is Risk Management? Fourth level • Third–level » Fifth level • Fourth“ level Process of identifying, controlling and • Fifthminimizing level or eliminating security risks that may affect information systems, for an acceptable cost “
6/1/2018 6/1/2018 GMG
3 3
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
3
Punyam Management Services Pvt. Ltd. Punyam
Click to edit Master style Implementation of ISO title 22301 BCMS
Click to edit Master title style • Click to edit Master text styles POLICY • –Click to edit text styles Second level Master • Second level • Third level Fourth level • Third–level » Fifth level • Fourth level • Fifth level
Improve BCMS - Identify improvements in the BCMS and implement them - Take appropriate corrective and preventive actions - Communicate and consult (management, stakeholders, users etc.)
Establish the context -Need for business continuity as a business need -BCMS scope and policy -Methodology/ Approach to risk management Risk identification and assessment - Identify risks - Analyse risks - Evaluate
Continuous
Improvement
Monitor and review BCMS
6/1/2018 6/1/2018 GMG
Manage the risk - Identify and evaluate options for managing the risks - Select controls and objectives and controls for the treatment and management of risk - Implement selected controls
4 4
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
4
Punyam Management Services Pvt. Ltd.
Risk treatment chart Click to edit Master title style Click to edit Master title style
Punyam
• Click to edit Master text styles • –Click to edit Second level Master text styles • Second level • Third level Fourth level • Third–level » Fifth level • Fourth level • Fifth level
6/1/2018 6/1/2018 GMG
5 5
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
5
Punyam Management Services Pvt. Ltd.
Business Impact Analysis process flow chart
Click to edit Master title style Click to edit Master title style
Punyam
• Click to edit Master text styles • –Click to edit Second level Master text styles • Second level • Third level Fourth level • Third–level » Fifth level • Fourth level • Fifth level
6/1/2018 6/1/2018 GMG
6 6
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
6
Punyam Management Services Pvt. Ltd.
4 TIER ISO 22301 DOCUMENTATION STRUCTURE
Click to edit Master title style Click to edit Master title style
Punyam
BCMS styles • Click to edit Master text • –Click to edit text styles Second level MasterManual • Second level • Third level Fourth level • Third–level Procedures » Fifth level • Fourth level • Fifth level Work Instruction/SOP/Process flow charts/other documents
BCMS Records Marketing 6/1/2018 6/1/2018 GMG
Purchasing
Data Processing
Software Development
Testing
Delivery
7 7
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
Admin 7
Punyam Management Services Pvt. Ltd.
BCMS ISOstyle 22301 Click certification to edit Mastertotitle Click to edit Master title style Business Continuity
Punyam
Continuity Policy • ClickBusiness to edit Master text styles • –Click to edit Master text styles Second level Definition of Scope of the BCMS • Second level • Third level Fourth level • Third–level Risk Analysis » Fifth level • Fourth level Risk Management • Fifth level
Policy Document BCMS Scope
Options Specific Choice
BCMS Goals and Measures Reasoning for Choice
6/1/2018 6/1/2018 GMG
Reasoning
8 8
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
8
Punyam Management Services Pvt. Ltd.
ISO 22301 Auditor’s Quality
Punyam
Click to edit Master title style Click toalertedit titlepeople style 1. Wise & : abilityMaster to adapt to different & situations.
2. Appropriate industrial experience. • 3.Click totoedit Master text facts. styles Ability question to ascertain • –Click to edit text 4. Ability to listen. Not prepare nextstyles question while listening to an Second level Master answer. level • Second • Third level 5. Interested in the explanation. –level Fourth level • Third 6. Knowledge of BCMS system standards & of assessment & audit » Fifth level techniques. • Fourth level 7. Analytical brain. • Fifth level 8. Sensitive to feelings, attitudes & motives so as to understand what people mean when they say something. 9. Maintains eye contact. 10. Ability to discuss without arguing. 11. Neither approves not disapproves. 6/1/2018 6/1/2018 GMG
9 9
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
9
Punyam Management Services Pvt. Ltd. STEPS FOR INSTALLATION OF ISO:22301 BUSINESS CONTINUITY MANAGEMENT SYSTEM Punyam
Click to edit Master title style Click to edit Master title style
Conduct ISO:22301 awareness program (top + middle + bottom level). Form a steering committee and task force for documentation
Identification of All Possible business continuity risks to the company.
Define business continuity Policy, Objectives and Targets. • Click to edit Master text styles •Prepare documents of business continuity management system, Records, Legal Requirements. Click to edit Master text styles – Second level Train all for business continuity Policy and for achieving Objectives & Targets. • Second level • Thirdtolevel Communication all including Suppliers and Interested parties. •Implementation & train all personnel in the use of procedures & formats. Preparation and Fourth level Third–level Implementation of business continuity programme. » Fifth level • Fourth level Train internal auditors. •Assess the system through first internal audit. Fifth level Take corrective actions for non-conformities. Apply for certification.
Conduct management review meeting for BMS system Avail onsite document adequacy of certifying body. Take actions on suggestions given by them. Final audit by certifying body. 6/1/2018 6/1/2018 GMG
1010
Copyrights 2017 @ I Global Manager Group | sales@globalmanagergroup.com |
10