Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – How to create a Business Continuity Plan
[Beginning of transcript]
Hello. My name is Roger and today I’d talk about creating a Business Continuity Plan.
Now, Business Continuity Plan is really important for any business going forward but it has a 5-point life cycle and that life cycle is used to make sure that you are always up-to-date with your business continuity. So the first thing that we have to look at is what risks are in the business and what risks will impact the business to stop it from going forward and continuing to do business.
We don’t have to design a solution around what those risks are and then we have to implement those designed systems to make sure that we are looking at how things are going to run and how things are going to be at a business continuing level.
From there, we need to test it. Now, testing can be one of two things. One of the two things is you can do a hypothetic ‘what happens if this happens?’ Will these things be in place and that’s great. Or you can do it physically – turn off something. What happens if I turn off this? Oh no, that’s broken.
And then from there, we can maintain it. And that maintenance they looks at all of the new additional components that we bring into the business as we go forward as a business. So, new technology – better business continuity.
But going back to the analysis, we have to look at business impact statement – what systems impact the business the most? What is the most critical part of the business? What is the biggest threat and how do we analyze that threat to make sure it is all right. And then, once we’re done with that, we need to go, well, if we’ll lose this, what requirements are we required to recover from that problem?
We need to have a business continuity plan for security for ourselves and we also need to put into account as an individual business what components could go well to that plan. And with every organization, it will be different. You might have two problems but they might have different requirements to make sure that they have business continuity and their business continues no matter what.
Thank you very much.
[End of transcript]