Page 24 - Insurance Times February 2023
P. 24

transportation or due to natural events leading to serious
          effects inside or outside the installation likely to cause loss of
          life  and  property  including  adverse  effects  on  the
          environment.

          Emergency  :  Emergency is  an  unplanned  event that
          significantly: Disrupts normal operations, poses serious threat
          to persons or property,  cannot be managed by routine
          response, requires a quick and coordinated response across
          multiple departments or divisions.

          Threats that  can lead to emergency /

          disaster / catastrophe
          1.  Environmental Disasters: Tornado, Hurricane, Flood,
                                                              predetermined time after a disaster or extended disruption.
             Snowstorm, Drought, Earthquake, Electrical storms, Fire,
                                                              The logistical plan is called Business Continuity Plan. In plain
             Subsidence and  Landslides,  Freezing conditions,
                                                              language BCP is how an organization prepared for future
             Contamination and environmental hazards, Epidemic.
                                                              incidents that could jeopardize the organization's core mission
          2.  Organized and/or Deliberate Disruption: Act  of  and its long term health. It is aimed at reducing operational
             terrorism, act of sabotage, act of war, theft, arson, labor  risk associated with information management controls. Most
             disputes / industrial action.                    organizations implement a phased methodology to analyze
                                                              potential areas of vulnerability, define viable strategies, and
          3.  Loss of Utilities and Services: Electrical power failure,
                                                              implement business continuity plans.
             loss of gas supply, loss of water supply, petroleum and oil
             shortage, communications services breakdown, loss of
                                                              Phase I - Initiation: In phase one, an organization sets to the
             drainage / waste removal
                                                              fullest extent practicable." forth the overall goal for the BCP
          4.  Equipment or System Failure: Internal power failure,
                                                              effort - validating the scope of the plan, and taking an
             air conditioning failure, production line failure, cooling
                                                              inventory of the processes or business units needed for the
             plant failure, equipment failure (excluding IT hardware)
                                                              project. It identifies key stakeholders in the process including
          5.  Serious Information Security Incidents: Cybercrime,  executive sponsors, steering committee,  and  any other
             Loss  of  records  or  data,  Disclosure  of  sensitive  subject matter experts. This phase sets the parameters, and
             information, IT system failure.                  trains the team in the project objectives and methodology.
          6.  Other Emergency situation: Workplace violence, Public
                                                              Phase II - Business Impact Analysis and Risk Assessment:
             transportation disruption, Neighborhood hazard, Health
                                                              The business impact analysis is the next step in creating a
             and safety regulations, Employee morale, Mergers and
                                                              business continuity plan. This part of the process serves as
             acquisitions, Negative publicity, legal problems.
                                                              the foundation of any viable recovery planning effort. It
                                                              includes all the critical business functions and processes, along
          Plan for Business continuity (Business
                                                              with their potential threats. Here risks are identified,
          Continuity Plan (BCP):                              prioritized, and managed; the various single points of failure
          A business continuity plan is a comprehensive statement of  for the business including external dependencies are
          consistent actions to be taken before, during and after a  identified; and the overall business impact of these risks and
          disaster. The plan should be documented and tested to ensure  SPOF are calculated. Recovery Time Objectives, Recovery
          continuity of operations and availability of critical resources  Point Objectives and Recovery Communication Objectives are
          in the event of a disaster.                         also identified for each critical business process. This phase is
                                                              also utilized to identify regulatory requirements and best
          Business Continuing Plan is an interdisciplinary peer monitoring  practices or standards that need to be followed; and the
          methodology used to create and validate a practiced logistical  time and effort required in implementation of the BCP.
          plan for how an organization will recover and restore partially
          or completely interrupted critical function(s) within a  Phase  III  -  Strategy  Development:  Leveraging  the

            22     January 2023  The Insurance Times
   19   20   21   22   23   24   25   26   27   28   29