BUSINESS CONTINUITY, DISASTER RECOVERY PLANNING & LEADERSHIP

18 - 21 JUNE 2013 FOUR SEASONS HOTEL JAKARTA INDONESIA

IT SERIES

5) book p (worth 7 For early bird embershi Institute Affiliate mCo ty ar ui in Ye 1 nt EE FR siness r further details) with the Bu to page 3 fo
(** refer

AY VE TAKEAW EXCLUSIin -APRIL-2013 gs before 12

COURSE OVERVIEW
Disasters could cripple your organization, suspending mission-critical processes and disrupting service to your customers. These disasters could be man-made or natural in nature. The Business Continuity Plan addresses an organizations ability to continue functioning when normal operations are disrupted. A Disaster Recovery Plan is used to define the resources, action, tasks, and data required to manage the business recovery process in the event of a disaster. In this workshop you learn to identify vulnerabilities and implement appropriate countermeasures to prevent and mitigate threats to your mission-critical processes. You will learn techniques for creating a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation.

YOUR INTERNATIONAL COURSE FACILITATOR

Dr Mark T. Edmead
MBA, CISSP, CISA, CompTIA Security+

IT Security Consultant & Trainer MTE Advisors

Mark T. Edmead is a successful technology entrepreneur with over 28 years of practical experience in computer systems architecture, information security, and project management. Mark excels in managing the tight-deadlines and ever changing tasks related to mission-critical project schedules. He has extensive knowledge in IT security, IT and application audits, Internal Audit, IT governance, including Sarbanes-Oxley, FDIC/FFIEC, and GLBA compliance auditing. Mr. Edmead understands all aspects of information security and protection including access controls, cryptography, security management practices, network and Internet security, computer security law and investigations, and physical security. He has trained Fortune 500 and Fortune 1000 companies in the areas of information, system, and Internet security. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead is a sought after author and lecturer for information security and information technology topics. Mark works as an information security and regulatory compliance consultant. He has:

BENEFITS OF ATTENDING
Using a carefully selected case study, course participants will:

Create, document and test continuity arrangements for an organization Perform a risk assessment and Business Impact Assessment (BIA) to identify
vulnerabilities

Select and deploy an alternate site for continuity of mission-critical activities Identify appropriate strategies to recover the infrastructure and processes Organize and manage recovery teams Test and maintain an effective recovery plan in a rapidly changing technology
environment

Sample Case Studies:

A major Middle Eastern bank has been experiencing tremendous growth and management feels that
their current BCP and DRP plans outdated. In this case study the delegates with perform a business impact analysis, based on interviews with key company stakeholders and subject matter experts, and outline which business areas are the most critical and in need of improved continuity and recovery plans.

Conducted internal IT audits in the areas of critical infrastructure/ systems and applications, Assessed and tested internal controls of critical infrastructure platform systems (Windows, UNIX, IIS, SQL, Oracle) Assessed and tested internal controls of various critical financial applications. Prepared risk assessments and determined risks to critical c financial data systems and infrastructure components. c Created test plans & processes and executed test plans. Conducted reviews of existing systems and
applications, a ensuring appropriate security, management and a data integrity via control processes.

A manufacturing company is considering implementing a disaster recovery plan but does not know
which disaster recovery approach they should implement. In this case study the delegates with study the business enterprise, perform a risk analysis, and determine if a hot site, cold site, warm site, or another disaster recovery method is the best approach.

EXCLUSIVE: :

TEMPLATES & TAKEAWAYS

1. Bring B Bri ring ng your y you our r Business Busi Bu sine nes s Continuity ss C Con onti tinu nuit ity y Pl Plan Plan/Disaster an/D /Dis isas aste ter r Re Reco Recovery cov very Plan (BCP/DRP) for private consultation on review review 2. BCP/DRP Step-by-step Guide 3. BCP/DRP templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop 4. FREE copy of the course material, case studies, and other related items of the training workshop

Prepared written reports to all levels of management Participated in audit review panel sessions to address
results, r conclusions and follow-up actions required.

Tel: +6016 3326360

Fax: +603 9205 7788

kris@360bsigroup kris@360bsigroup.com com

COURSE CONTENT DAY1 BUSINESS CONTINUITY LEADERSHIP WORKSHOP

IT Leadership Workshop is a special one-day course designed to cover the challenges faced with managing the business continuity efforts in an organization. Implementing a full business continuity plan and disaster recovery plan is a major effort. This requires coordination with all departments. It requires interfacing with individuals at all levels from technicians and programmers to managers, directors, and C-level executives. In this workshop you will learn how perform a stakeholder analysis, outline the stakeholders required to accomplish your job, and how to effectively navigate the possible roadblocks preventing you from accomplishing your tasks. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing and implementing information technology in your organization. Managing the Business Continuity Process - Creating a BCP/DRP framework - Determining your critical success factors (CSF) - Determining your key performance indicators (KPI) - Business continuity management strategies Understanding your Corporate Culture - Understanding your organizations trends, strategy and environment - Tips, tricks, and trouble spots - Developing a business continuity management culture - Exercising, maintenance, and audit Understanding your Stakeholders - How to identify your key stakeholders - Performing a stakeholder analysis - Creating a stakeholder engagement communication plan - Getting stakeholder engagement and support

WHY THIS EVENT

The aim of this interactive workshop is to provide you with the skills critical to business continuity, disaster recovery & risk management. After attending this workshop, you will leave fully armed with the knowledge needed to create a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation. The combination of interactive presentations, hands-on exercises and open discussion groups along with real case studies, ensures you will obtain maximum value from attending.

DAY2 BCP/DRP - CONCEPTS & PRINCIPLES

Introduction to Business Continuity and Disaster Recovery Planning - The difference between business continuity and disaster recovery - Why a recovery plan is an integral part of an organizations operational strategy Understanding where the threats come from - Understanding codes of practice and legal/regulatory compliance requirements - The step-by-step process for BCP/DRP Protecting our assets - What are we protecting? - What are our mission-critical processes? - How to prioritize what is important to protect What is risk and how do we deal with it? - Understanding risk assessment methodologies - Matching the response to the threat based on the risk - Enterprise vs. local risk management - Top business continuity planning mistakes The need for business continuation a case study - Introduction of fictitious business case - Understand business continuity/disaster recovery needs - Documenting the continuity requirements

WHO SHOULD ATTEND

Vice Presidents, Directors, General Managers Chief Information Officers Chief Information Security Officers Chief Technology Officers Business Continuity Officers Heads of Departments in Information Security Management Information Systems, IT Infrastructure, IT Architecture, Network Operations, IT Operations, IT Data Center, DataBase Management, IT Deployment IT Business Enterprise, IT Risk Management, IT Quality Assurance, IT Audit, Risk Management, Internal Audit, Disaster Recovery

COURSE CONTENT DAY3 RISK ASSESSMENT & RECOVERY

The Business Impact Assessment (BIA) - What is a Business Impact Assessment? - Assessing the risk to the enterprise - How to identify business critical activities - Impact versus likelihood of occurrence Establishing the Recovery Options - Choosing a recovery site - Specifying equipment - Choosing suppliers - How to select backup and restore strategies Where is the data? - Why you need to classify levels of information - Managing data at rest and in transit - Understanding data access controls - The value of knowing where your data resides Maintaining user connectivity - How to communicate the disaster and recovery efforts to users - How to identify and eliminate single points of failure - Communicating with the media
4

Latest TESTIMONIALS
1

Session well organized organized. The trainer is ver very conversant with the subject matter. Well delivered and would definitely recommend to anyone else.
- Habil Mutende, Manager Information Security & Change Management, Central Bank of Kenya

Excellent presentation, excellent attitude to answer our questions & to share his experience.
- Senior Manager, IT Department, Deloitte

I have used Mark in key roles with high visibility clients. Without hesitation I would highly recommend Mark for any and all IT audit engagements. His professionalism, deep knowledge, and results oriented work style are deeply valued by not only myself, but more importantly by the all those who are lucky enough to use his services. - Russ Aebig, Director at Artesient We have used Mark Edmead on several projects in the past few years including SOX readiness for publicly traded companies and IT vulnerability assessments for major financial institutions. He always delivers professional and detail-oriented workpapers on-time and within budget. Mark is highly recommended and we will continue to use him on other projects. - Brenda Piazza, Director at CBIZ MHM

DAY4 PROJECT MANAGEMENT & REVIEW

BCP/DRP Project Management - Identifying stakeholders - Analyzing stakeholder needs - Obtaining commitment from upper management Review of the BCP/DRP Process - Project initiation - Risk analysis - Business Impact analysis - Develop/choose strategies - Test and validate the plan - Modify/update the plan - Approve and implement the plan Analysis of fictitious business case Applying lessons learned

**Affiliate membership to Business Continuity Institute

Affiliat Affiliate Affili ate e me memb members mber ers s to B Bus Business usin ines ess s Co Cont Continuity ntin inui uity ty I Ins Institute nsti titu tute te g get et a acc access cces ess s to t the he f fol following ollo lowi wing ng m mem membership embe bers rshi hip p benefits: - Continuity magazine 4 per year (digital version) - Monthly BCI ENewsletter - Access to member only section of BCI website - Access to copies of BCI Workshop Reports - Member rates on BCI products and services - Networking opportunities at BCI organised events - Access to BCI mentoring programme - Access to discounted events

COURSE SCHEDULE
8.00 8.30 10.10 - 10.30 12.00 - 13.00 14.40 - 15.00 16.00 Registration & Coffee/Tea Workshop commences Morning coffee/tea Lunch Afternoon coffee/tea End of day

BUSINESS CONTINUITY, DISASTER RECOVERY PLANNING & LEADERSHIP

18 - 21 JUNE 2013 FOUR SEASONS HOTEL JAKARTA INDONESIA

REGISTRATION FORM
Fax: +603 9205 7788 Tel: +603 9205 7772 Mobile: +6016 3326 360 Email: kris@360bsigroup.com

DELEGATES
1

IN-HOUSE TRAINING
360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build personal competencies and organizational capability. You will receive practical training from a professionally qualified educator with over twenty years of teaching and training experience. Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other topics may be available upon request.

Name

Name on tag : Job Title : Email Mobile

2

: : :

Name

Name on tag : Job Title : Email Mobile

3

OTHER RELATED PUBLIC COURSES

IT Strategic Planning Service Oriented Architecture (SOA) IT Risk Management & Leadership Preparing for the CISSP exam Cybercrime & Fraud Investigation IT Change Management IT Project Management

: : :

Name

Name on tag : Job Title : Email Mobile : :

Hotel Contact Details:

For Room Reservation, please contact Reservation Desk. Tel. +62 (21) 252-3456 or Fax. +62 (21) 252-4480 Four Seasons Hotel Jakarta Jalan H.R. Rasuna Said, Jakarta 12920, Indonesia

AUTHORIZATION
(This form is invalid without a signature) Name Job Title Email Tel : Address : : : : ( )

General Information:
1 2 3 4 5

Closing date for registration is 11th June 2013. The fees cover lunch, tea breaks, materials and certificate. Official confirmation will be sent, once registration has been received. Participants will need to arrange their own accommodation. Attire: Smart Casual

Organization :

Cancellations/Substitutions
Substitutions are welcome at any time. Please notify us at least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you.

Signature :

Date:

Thank you for your registration!

FEES

PAYMENT DETAILS
Payment is required within 5 days upon receipt of the invoice. Bank transfer: 360 BSI (M) Sdn Bhd HSBC Bank Malaysia Berhad Bukit Bintang Branch, Kuala Lumpur, Malaysia Account No: 203-371059-725 Swift No: HBMBMYKL All payments must be received prior to the event date

USD 2,995 per delegate USD 2,795 per delegate - register before 12-APRIL-2013 USD 8,085 - Special for Group of 3
The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Compliance with the local tax laws is the responsibility of the client.

* Save up to 50% for In-house Training program

360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia.

www.360bsi.com/IT