Sunteți pe pagina 1din 4

BUSINESS CONTINUITY & DISASTER RECOVERY PLANNING

IT SERIES

02 - 04 DECEMBER 2013 THE RITZ-CARLTON KUALA LUMPUR MALAYSIA

5) book p (worth 7 For early bird embershi Institute Affiliate mCo ty ar ui in Ye 1 nt EE FR siness r further details) with the Bu to page 3 fo
(** refer

AY E TAKEAW -OCT-2013 EXCLUSIV 18 re fo be gs in

COURSE OVERVIEW
Disasters could cripple your organization, suspending mission-critical processes and disrupting service to your customers. These disasters could be man-made or natural in nature. The Business Continuity Plan addresses an organizations ability to continue functioning when normal operations are disrupted. A Disaster Recovery Plan is used to define the resources, action, tasks, and data required to manage the business recovery process in the event of a disaster. In this workshop you learn to identify vulnerabilities and implement appropriate countermeasures to prevent and mitigate threats to your mission-critical processes. You will learn techniques for creating a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation.

YOUR INTERNATIONAL COURSE FACILITATOR


Dr Mark T. Edmead
MBA, CISSP, CISA, CompTIA Security+

IT Security Consultant & Trainer MTE Advisors


Mark T. Edmead is a successful technology entrepreneur with over 28 years of practical experience in computer systems architecture, information security, and project management. Mark excels in managing the tight-deadlines and ever changing tasks related to mission-critical project schedules. He has extensive knowledge in IT security, IT and application audits, Internal Audit, IT governance, including Sarbanes-Oxley, FDIC/FFIEC, and GLBA compliance auditing. Mr. Edmead understands all aspects of information security and protection including access controls, cryptography, security management practices, network and Internet security, computer security law and investigations, and physical security. He has trained Fortune 500 and Fortune 1000 companies in the areas of information, system, and Internet security. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead is a sought after author and lecturer for information security and information technology topics. Mark works as an information security and regulatory compliance consultant. He has:

BENEFITS OF ATTENDING
Using a carefully selected case study, course participants will:

Create, document and test continuity arrangements for an organization Perform a risk assessment and Business Impact Assessment (BIA) to identify
vulnerabilities

Select and deploy an alternate site for continuity of mission-critical activities Identify appropriate strategies to recover the infrastructure and processes Organize and manage recovery teams Test and maintain an effective recovery plan in a rapidly changing technology
environment

Sample Case Studies:

A major Middle Eastern bank has been experiencing tremendous growth and management feels that
their current BCP and DRP plans outdated. In this case study the delegates with perform a business impact analysis, based on interviews with key company stakeholders and subject matter experts, and outline which business areas are the most critical and in need of improved continuity and recovery plans.

Conducted internal IT audits in the areas of critical infrastructure/ systems and applications, Assessed and tested internal controls of critical infrastructure platform systems (Windows, UNIX, IIS, SQL, Oracle) Assessed and tested internal controls of various critical financial applications. Prepared risk assessments and determined risks to critical c financial data systems and infrastructure components. c Created test plans & processes and executed test plans. Conducted reviews of existing systems and
applications, a ensuring appropriate security, management and a data integrity via control processes.

A manufacturing company is considering implementing a disaster recovery plan but does not know
which disaster recovery approach they should implement. In this case study the delegates with study the business enterprise, perform a risk analysis, and determine if a hot site, cold site, warm site, or another disaster recovery method is the best approach.

EXCLUSIVE: :

TEMPLATES & TAKEAWAYS

1. Bring B Bri ring ng your y you our r Business Busi Bu sine nes s Continuity ss C Con onti tinu nuit ity y Pl Plan Plan/Disaster an/D /Dis isas aste ter r Re Reco Recovery cov very Plan (BCP/DRP) for private consultation on review review 2. BCP/DRP Step-by-step Guide 3. BCP/DRP templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop 4. FREE copy of the course material, case studies, and other related items of the training workshop

Prepared written reports to all levels of management Participated in audit review panel sessions to address
results, r conclusions and follow-up actions required.

Tel: +6016 3326360

Fax: +603 9205 7779

kris@360bsigroup kris@360bsigroup.com com

COURSE CONTENT DAY1 BCP/DRP - CONCEPTS & PRINCIPLES


Introduction to Business Continuity and Disaster Recovery Planning - The difference between business continuity and disaster recovery - Why a recovery plan is an integral part of an organizations operational strategy Understanding where the threats come from - Understanding codes of practice and legal/regulatory compliance requirements - The step-by-step process for BCP/DRP Protecting our assets - What are we protecting? - What are our mission-critical processes? - How to prioritize what is important to protect What is risk and how do we deal with it? - Understanding risk assessment methodologies - Matching the response to the threat based on the risk - Enterprise vs. local risk management - Top business continuity planning mistakes The need for business continuation a case study - Introduction of fictitious business case - Understand business continuity/disaster recovery needs - Documenting the continuity requirements

WHY THIS EVENT


The aim of this interactive workshop is to provide you with the skills critical to business continuity, disaster recovery & risk management. After attending this workshop, you will leave fully armed with the knowledge needed to create a business continuity plan (BCP) and the methodology for building an infrastructure that supports its effective implementation. The combination of interactive presentations, hands-on exercises and open discussion groups along with real case studies, ensures you will obtain maximum value from attending.

DAY2 RISK ASSESSMENT & RECOVERY


The Business Impact Assessment (BIA) - What is a Business Impact Assessment? - Assessing the risk to the enterprise - How to identify business critical activities - Impact versus likelihood of occurrence Establishing the Recovery Options - Choosing a recovery site - Specifying equipment - Choosing suppliers - How to select backup and restore strategies Where is the data? - Why you need to classify levels of information - Managing data at rest and in transit - Understanding data access controls - The value of knowing where your data resides Maintaining user connectivity - How to communicate the disaster and recovery efforts to users - How to identify and eliminate single points of failure - Communicating with the media

WHO SHOULD ATTEND


Vice Presidents, Directors, General Managers Chief Information Officers Chief Information Security Officers Chief Technology Officers Business Continuity Officers Heads of Departments in Information Security Management Information Systems, IT Infrastructure, IT Architecture, Network Operations, IT Operations, IT Data Center, DataBase Management, IT Deployment IT Business Enterprise, IT Risk Management, IT Quality Assurance, IT Audit, Risk Management, Internal Audit, Disaster Recovery

COURSE CONTENT DAY3 PROJECT MANAGEMENT & REVIEW


BCP/DRP Project Management - Identifying stakeholders - Analyzing stakeholder needs - Obtaining commitment from upper management Review of the BCP/DRP Process - Project initiation - Risk analysis - Business Impact analysis - Develop/choose strategies - Test and validate the plan - Modify/update the plan - Approve and implement the plan Analysis of fictitious business case Applying lessons learned

Latest TESTIMONIALS
1

Session well organized organized. The trainer is ver very conversant with the subject matter. Well delivered and would definitely recommend to anyone else.
- Habil Mutende, Manager Information Security & Change Management, Central Bank of Kenya

Excellent presentation, excellent attitude to answer our questions & to share his experience.
- Senior Manager, IT Department, Deloitte

I have used Mark in key roles with high visibility clients. Without hesitation I would highly recommend Mark for any and all IT audit engagements. His professionalism, deep knowledge, and results oriented work style are deeply valued by not only myself, but more importantly by the all those who are lucky enough to use his services. - Russ Aebig, Director at Artesient We have used Mark Edmead on several projects in the past few years including SOX readiness for publicly traded companies and IT vulnerability assessments for major financial institutions. He always delivers professional and detail-oriented workpapers on-time and within budget. Mark is highly recommended and we will continue to use him on other projects. - Brenda Piazza, Director at CBIZ MHM

**Affiliate membership to Business Continuity Institute


Affiliat Affiliate Affili ate e me memb members mber ers s to B Bus Business usin ines ess s Co Cont Continuity ntin inui uity ty I Ins Institute nsti titu tute te g get et a acc access cces ess s to t the he f fol following ollo lowi wing ng m mem membership embe bers rshi hip p benefits: - Continuity magazine 4 per year (digital version) - Monthly BCI ENewsletter - Access to member only section of BCI website - Access to copies of BCI Workshop Reports - Member rates on BCI products and services - Networking opportunities at BCI organised events - Access to BCI mentoring programme - Access to discounted events

COURSE SCHEDULE
8.00 8.30 10.10 - 10.30 12.00 - 13.00 14.40 - 15.00 16.00 Registration & Coffee/Tea Workshop commences Morning coffee/tea Lunch Afternoon coffee/tea End of day

BUSINESS CONTINUITY & DISASTER RECOVERY PLANNING

REGISTRATION FORM
Fax: +603 9205 7779 Tel: +603 9205 7772

02 - 04 DECEMBER 2013 THE RITZ-CARLTON KUALA LUMPUR MALAYSIA

Mobile: +6016 3326 360 Email: kris@360bsigroup.com

DELEGATES
1

IN-HOUSE TRAINING
360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build personal competencies and organizational capability. You will receive practical training from a professionally qualified educator with over twenty years of teaching and training experience. Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other topics may be available upon request.

Name

Name on tag : Job Title : Email Mobile


2

: : :

Name

Name on tag : Job Title : Email Mobile


3

OTHER RELATED PUBLIC COURSES


IT Strategic Planning Service Oriented Architecture (SOA) IT Risk Management & Leadership Preparing for the CISSP exam Cybercrime & Fraud Investigation IT Change Management IT Project Management

: : :

Name

Name on tag : Job Title : Email Mobile : :

Hotel Contact Details:


For Room Reservation, please contact Reservation Desk. Tel: +603 2142 8000 The Ritz-Carlton Kuala Lumpur 168, Jalan Imbi, 55100 Kuala Lumpur, Malaysia.

AUTHORIZATION
Name Job Title Email Tel : Address : : : : ( )

(This form is invalid without a signature)

General Information:
1 2 3 4 5

Registrations close ONE (1) week before the training dates. The fees cover lunch, tea breaks, materials and certificate. Official confirmation will be sent, once registration has been received. Participants will need to arrange their own accommodation. Attire: Smart Casual

Organization :

Cancellations/Substitutions
Substitutions are welcome at any time. Please notify us at least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you.

Signature :

Date:

Thank you for your registration!

FEES

PAYMENT DETAILS
Payment is required within 5 days upon receipt of the invoice.
Bank transfer: 360 BSI MIDDLE EAST LIMITED Abu Dhabi Commercial Bank Dubai Mall Branch, P.O.Box 49124 Dubai, U.A.E Account No: 10065721319001 Swift No: ADCBAEAAXXX IBAN No: AE780030010065721319001

USD 2,695 per delegate USD 2,495 per delegate - register before 18-OCT-2013 USD 6,600 - Special for Group of 3
The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Compliance with the local tax laws is the responsibility of the client.

* Save up to 50% for In-house Training program

All payments must be received prior to the event date

360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia.

www.360bsi.com/IT