Information in this presentation draws upon a variety of sources, including published 
   regulatory and industry presentations, policies, and other regulatory guidance documents, 
   personal and client experiences, documents, and research, all or any of which may or 
   may not have been prepared or conducted by the presenter. 
   The example scenarios reviewed provide possible mechanisms to mitigate  continuity 
   risks; the recommendations included are for organizations to  think about working 
   towards and are not intended to be definitive, comprehensive, or appropriate for every 
   organization
      Agenda
       1. Business Continuity  Planning – Why?
       2. Regulations and Industry Standards
       3. Business Continuity Program and Business Continuity Plan
       4. Differentiation of Business Continuity Plan and Disaster Recovery Plan
       5. Business Continuity Planning
       6. Business Continuity Execution  Process
       7. Case studies
       8. Summary
       9. Q & A
                                                                                                      3
       Business Continuity Planning  - Why?
         Must be able to continue running the critical processes during a crisis and restore operations 
                                                                                                                                4
      Business Continuity 
      Encompasses planning and preparation to ensure that an organization can continue to operate in case of serious incidents or disasters and is 
      able to recover to an operational state within a reasonably short period. 
                                         • Critical business functions and the supporting infrastructure must be designed in such a way that they are 
                                          materially unaffected by relevant disruptions, 
           Resilience                    • For example through the use of redundancy and spare capacity
            Recovery                     • Arrangements have to be made to recover or restore critical  business functions that failed
                                         • The organization establishes a generalized capability and readiness to cope effectively with whatever major 
                                          incidents and disasters occur, including those that were not, and perhaps could not have been, foreseen. 
                                         • Contingency preparations constitute a response if resilience and recovery arrangements should prove 
        Contingency                       inadequate in practice.
                                         • For example alternative Business Process or Suppliers
                                                                                                      5
      Applicable for Critical Operations and Systems
                                           •Disruption to internal sites
                                           •Disruption to partnered sites
              Supply Chain                 •Disruption to Logistics
                                           •Disruptions at  key suppliers
                                           •Natural disasters such as fires, earthquakes and floods
           Physical Premises               •Terrorist  Attack
                                           •System Corruption
                                           •Severe Crashes
        Information Technology             •Cyber Attack/Hacking
                                           •Virus
                                           •Fraudulent activity  resulting Reputation loss
                 Marketing                 •Recall
                                           •Strikes
           Human Resources                 •Critical resource  loss or reduction
                                           •Reorganization
                                                                                                      6