The interest in Business Continuity has gained significant momentum in the last few years, especially with the Y2K non-event, the increasing corporate dependence on computer systems and the growing levels of devastation associated with recent disasters. This book takes an organization interested in continuity planning through the processes needed to develop an effective plan. ´´Jim Barnes has succeeded in providing us a much-needed tool, with which we can condidently face many of the day-to-day challenges of business contingency planning ... With this book, he has taken an important step in removing much of the guesswork and frustration from the business continuity implementation project.´´ From the Foreword by Philip Jan Rothstein, FBCI, President of Rothstein Associates Inc., Publisher of The Rothstein Catalog on Disaster Recovery, 2001
This book comprises selected papers of the International Conferences, ASEA, DRBC and EL 2011, held as Part of the Future Generation Information Technology Conference, FGIT 2011, in Conjunction with GDC 2011, Jeju Island, Korea, in December 2011. The papers presented were carefully reviewed and selected from numerous submissions and focuse on the various aspects of advances in software engineering and its Application, disaster recovery and business continuity, education and learning.
With a pedigree going back over ten years, The Definitive Handbook of Business Continuity Management can rightly claim to be a classic guide to business risk management and contingency planning, with a style that makes it accessible to all business managers. Some of the original underlying principles remain the same - but much has changed. This is reflected in this radically updated third edition, with exciting and helpful new content from new and innovative contributors and new case studies bringing the book right up to the minute. This book combines over 500 years of experience from leading Business Continuity experts of many countries. It is presented in an easy-to-follow format, explaining in detail the core BC activities incorporated in BS 25999, Business Continuity Guidelines, BS 25777 IT Disaster Recovery and other standards and in the body of knowledge common to the key business continuity institutes. Contributors from America, Asia Pacific, Europe, China, India and the Middle East provide a truly global perspective, bringing their own insights and approaches to the subject, sharing best practice from the four corners of the world. We explore and summarize the latest legislation, guidelines and standards impacting BC planning and management and explain their impact. The structured format, with many revealing case studies, examples and checklists, provides a clear roadmap, simplifying and de-mystifying business continuity processes for those new to its disciplines and providing a benchmark of current best practice for those more experienced practitioners. This book makes a massive contribution to the knowledge base of BC and risk management. It is essential reading for all business continuity, risk managers and auditors: none should be without it.
Endorsed by The Business Continuity Institute. - Contains a comprehensive, detailed business continuity audit plan - Includes sample audit report and work papers - An ideal resource for consultants or auditors, as well as internal business continuity planners! - International in scope - includes country-specific guidelines. This book presents a general methodology and a framework for auditing Business Continuity Management (BCM). The main purpose is to provide a single work of reference for auditors, managers working in business continuity and consultants. BCM is a complex field. It covers business issues and technology with a perspective on the entire enterprise. The business continuity manager, and the auditor, require a diversified set of skills and extensive knowledge to assess business continuity as a question of business survival. There has been a lot of confusion about the terms ´´business continuity,´´ ´´disaster recovery,´´ ´´IT security´´ and many other words attempting to describe the continuation of critical business processes under adverse circumstances. However, for the auditor these terms refer to one and the same notion: businesses should take adequate precautions to ensure that no going concern issues arise from crises or disasters. Some companies decide to take a cautious stance with regard to continuing their operations come what may: they prefer to ´´err on the safe side´´ and rely on preventative measures. Other firms, perhaps in an industry where ´´speed to market´´ and competitive pressure require a faster pace, may prefer to reduce investments on prevention, while putting in place a robust crisis and disaster management mechanism. Both types of corporations nevertheless pursue the overall goal of business continuity, by either avoiding risks or disasters (if they can), or by making sure they can deal with these events. In a sense, BCM means ´´reading the future´´ or trying to safeguard an organization against unforeseen events. Management is still forced to address precisely this issue, by carefully evaluating their options and then making an entrepreneurial decision about the acceptable level of remaining risk. To the auditor, it is important to understand how this decision has been reached and whether it can be justified from a financial, operational and managerial point of view. Neither the overly cautious nor the reckless manager will succeed in today´s market - the BCM auditor should provide a sounding board and an objective business partnership to the management of the company being reviewed. BCM audit is therefore an important element of ensuring corporate survival. The audit result incorporates issues of compliance, highlights weaknesses and provides reasonable recommendations to management, whose experience may be enhanced and improved by the auditor´s objective input from other corporations or industries. It is not to be confused with the much narrower field of IT audit. This book has been deliberately restricted to business continuity rather than IT continuity to highlight the all-important differences between the two. The contents have been arranged around the Business Continuity Institute (BCI) / Disaster Recovery Institute International (DRII) Professional Practices for business continuity as well as other standards such as CobIT or ISO / IEC 17799. Some elements may look familiar to the experienced auditor who may still benefit from using this book as a reference manual or as an instructive tool for groups of auditors. This is intentional, as BCM and related audit questions should ´´fit in´´ with tools and models that are recognized and proven in the field.
In todays e-business, system downtime is an unacceptable option since each hour, even minute, of downtime may generate negative financial effects. In many IT-dependent organizations, business must be continuous in order to remain competitive.
Welcome to the proceedings of the 2010 International Conferences on Security Te- nology (SecTech 2010), and Disaster Recovery and Business Continuity (DRBC 2010) two of the partnering events of the Second International Mega-Conference on Future Generation Information Technology (FGIT 2010). SecTech and DRBC bring together researchers from academia and industry as well as practitioners to share ideas, problems and solutions relating to the multifaceted aspects of security and disaster recovery methodologies, including their links to c- putational sciences, mathematics and information technology. In total, 1,630 papers were submitted to FGIT 2010 from 30 countries, which - cludes 250 papers submitted to SecTech/DRBC 2010. The submitted papers went through a rigorous reviewing process: 395 of the 1,630 papers were accepted for FGIT 2010, while 57 papers were accepted for SecTech/DRBC 2010. Of the 250 papers 10 were selected for the special FGIT 2010 volume published by Springer in the LNCS series. 34 papers are published in this volume, and 13 papers were wi- drawn due to technical reasons. We would like to acknowledge the great effort of the SecTech/DRBC 2010 Int- national Advisory Boards and members of the International Program Committees, as well as all the organizations and individuals who supported the idea of publishing this volume of proceedings, including SERSC and Springer. Also, the success of these two conferences would not have been possible without the huge support from our sponsors and the work of the Chairs and Organizing Committee.