13 It Service Continuity Management
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View 13 It Service Continuity Management as PDF for free.
More details
- Words: 719
- Pages: 18
IT Service Continuity Management
1
Goal – Primary Objective • To support the overall Business
Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales
2
Why Continuity Management • Ensuring business survival by reducing the impact • • •
of a disaster or major failure Reducing the vulnerability and risk to the business by effective risk analysis and risk management Preventing the loss of Customer and User confidence Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business Continuity Plan
3
Considerations • IT Service Continuity options need to be understood • •
and the most appropriate solution chosen in support of BCM requirements Roles and responsibilities need to be identified and supported from a senior level IT recovery plans and Business Continuity plans need to be aligned regularly reviewed, revised and tested
4
The Business Continuity Lifecycle Overview • Stage 1 – Initiation – Initiate Business Continuity Manager
• Stage 2 – Requirements and Strategy • Stage 3 - Implementation • Stage 4 - Operational Management
5
Stage 2 – Requirements and Strategy Business Impact Analysis Identification of Critical Business Processes and Speed of Recovery Risk Assessment and Methodology Threats to Assets CRAMM – CCTA’s Risk Analysis Management Methodology (Central Computer and Telecommunications Agency) Business Continuity Strategy
6
Risk Analysis (CRAMM) ANALYSIS Assets
Threats
Vulnerabilities
Risks
MANAGEMENT
Countermeasures
7
Risk Analysis • Asset Categorise and RANK 1-10 – – – –
Hardware Software People Buildings etc.
• Threat List and RANK 1-3 • Vulnerability against Assets Matrix RANK 1-3 Risk = Asset * Threats * Vulnerability 8
IT Recovery Options • • • • • •
Do nothing Manual back-up – revert to pen and paper Reciprocal arrangements with another company Gradual recovery - Cold Standby Intermediate recovery - Warm Standby Immediate recovery - Hot Standby
9
Gradual Recovery – COLD standby • Time to recovery > 72hrs • Empty Computer space • •
– Remote – Portable Nothing in the rooms Requires contracts / procedures in place to set up
10
Intermediate Recovery – WARM standby • Time to recovery 24hrs to 72hrs • Filled Computer space •
– Remote – Portable Networked Computers but with NO Data
11
Immediate Recovery – HOT standby • Time to recovery “within the working day” 0hrs to • •
8hrs Filled Computer Space – Remote – Portable Networked Computers with Data (but not necessarily up to date)
12
Benefits of Continuity Management • Management of risk and the consequent reduction of • • • • •
the impact of failure Fulfilment of regulatory requirements Potentially lower insurance premiums A more business focussed approach to IT continuity and recovery Reduced business disruption during an incident Increased customer confidence and organisational credibility
13
ISCM
Exam Tips • Know the Disaster Recovery options
14
Exam Questions • In relation to IT Service Continuity Planning, the severity of a disaster depends upon:
A The time of day it occurs B How many people are available to assist in recovery C The type of disaster, whether flood, fire etc D The impact (EFFECT) upon customers’ businesses
15
Exam Questions • Consider the following statements about IT Service Continuity Planning:
• The intermediate recovery external option offers a remote •
installation, fully equipped with all the required hardware, software, communications and environmental control equipment The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be available due to over-subscription
A B C D
Both Neither Only 1 Only 2 16
Exam Questions • Your organisation has just entered into a Gradual Recovery
(Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is INCORRECT for what you could find at the contingency site?
A A building, electricity, telecommunications equipment, office space for technical staff B Stand-by generator, telecommunications equipment, system manuals, support staff, water C A building, telecommunications equipment, a computer, support staff, documentation D A building, electricity, water, support staff, system manuals 17
Exam Questions • Which of the following would you NOT expect to see in an IT Service Continuity Plan?
A B C D
Contact lists The version number Reference to change control procedures Full Service Level Agreements (SLM)
18
1
Goal – Primary Objective • To support the overall Business
Continuity management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales
2
Why Continuity Management • Ensuring business survival by reducing the impact • • •
of a disaster or major failure Reducing the vulnerability and risk to the business by effective risk analysis and risk management Preventing the loss of Customer and User confidence Producing IT recovery plans that are integrated with and fully support the organisation’s overall Business Continuity Plan
3
Considerations • IT Service Continuity options need to be understood • •
and the most appropriate solution chosen in support of BCM requirements Roles and responsibilities need to be identified and supported from a senior level IT recovery plans and Business Continuity plans need to be aligned regularly reviewed, revised and tested
4
The Business Continuity Lifecycle Overview • Stage 1 – Initiation – Initiate Business Continuity Manager
• Stage 2 – Requirements and Strategy • Stage 3 - Implementation • Stage 4 - Operational Management
5
Stage 2 – Requirements and Strategy Business Impact Analysis Identification of Critical Business Processes and Speed of Recovery Risk Assessment and Methodology Threats to Assets CRAMM – CCTA’s Risk Analysis Management Methodology (Central Computer and Telecommunications Agency) Business Continuity Strategy
6
Risk Analysis (CRAMM) ANALYSIS Assets
Threats
Vulnerabilities
Risks
MANAGEMENT
Countermeasures
7
Risk Analysis • Asset Categorise and RANK 1-10 – – – –
Hardware Software People Buildings etc.
• Threat List and RANK 1-3 • Vulnerability against Assets Matrix RANK 1-3 Risk = Asset * Threats * Vulnerability 8
IT Recovery Options • • • • • •
Do nothing Manual back-up – revert to pen and paper Reciprocal arrangements with another company Gradual recovery - Cold Standby Intermediate recovery - Warm Standby Immediate recovery - Hot Standby
9
Gradual Recovery – COLD standby • Time to recovery > 72hrs • Empty Computer space • •
– Remote – Portable Nothing in the rooms Requires contracts / procedures in place to set up
10
Intermediate Recovery – WARM standby • Time to recovery 24hrs to 72hrs • Filled Computer space •
– Remote – Portable Networked Computers but with NO Data
11
Immediate Recovery – HOT standby • Time to recovery “within the working day” 0hrs to • •
8hrs Filled Computer Space – Remote – Portable Networked Computers with Data (but not necessarily up to date)
12
Benefits of Continuity Management • Management of risk and the consequent reduction of • • • • •
the impact of failure Fulfilment of regulatory requirements Potentially lower insurance premiums A more business focussed approach to IT continuity and recovery Reduced business disruption during an incident Increased customer confidence and organisational credibility
13
ISCM
Exam Tips • Know the Disaster Recovery options
14
Exam Questions • In relation to IT Service Continuity Planning, the severity of a disaster depends upon:
A The time of day it occurs B How many people are available to assist in recovery C The type of disaster, whether flood, fire etc D The impact (EFFECT) upon customers’ businesses
15
Exam Questions • Consider the following statements about IT Service Continuity Planning:
• The intermediate recovery external option offers a remote •
installation, fully equipped with all the required hardware, software, communications and environmental control equipment The intermediate recovery external option is often shared between multiple customers and in the event of a disaster may not be available due to over-subscription
A B C D
Both Neither Only 1 Only 2 16
Exam Questions • Your organisation has just entered into a Gradual Recovery
(Cold Standby) IT service Continuity Agreement. Within the ITIL definition, which of the following lists is INCORRECT for what you could find at the contingency site?
A A building, electricity, telecommunications equipment, office space for technical staff B Stand-by generator, telecommunications equipment, system manuals, support staff, water C A building, telecommunications equipment, a computer, support staff, documentation D A building, electricity, water, support staff, system manuals 17
Exam Questions • Which of the following would you NOT expect to see in an IT Service Continuity Plan?
A B C D
Contact lists The version number Reference to change control procedures Full Service Level Agreements (SLM)
18
Related Documents
13 It Service Continuity Management
April 2020 13
It Service Management
May 2020 18
Itil - It Service Management-vs2.1b
May 2020 28
It Service Management Implementation Overview
June 2020 6
Service Management
December 2019 32
Continuity
October 2019 38More Documents from ""
Artificial Intelligence And Expert Systems
November 2019 40
Sm7 Incident Management-tables,metadata,objects
May 2020 26
10 Financial Mgt
April 2020 26
03 Aabha Mandal Ka Rakh-rakhav-h
June 2020 19
9 Service Level Mgt
April 2020 18