close

Se connecter

Se connecter avec OpenID

Business Impact Analysis IT Capability Assessment

IntégréTéléchargement
Datalink
IT Resiliency Practice
Operational Resilience
DR’s Big Data Dilemma
September 16, 2015
“The significant problems we face today cannot be solved at the same level
of thinking we were at when we created them. ”
- Albert Einstein
Common Business Demands
Common Business Demands
Solutions
We need a cloud strategy
Determine if public or hybrid cloud is a possibility for
the organization by using criteria from best practice
Understand if my infrastructure costs are in-line with a
hybrid or private cloud approach
Develop Total Cost of Ownership Models for Private,
Public and Hybrid Cloud to Determine Best-Fit Hosting
options
Where do I place a new workload?
Develop a Decision Tool for New workload placement
based on business requirements and other criteria
provided by IT consumers
Choosing a specific cloud architecture that suits the needs
of the business
Review various workload models and converged
infrastructure options to determine optimal cloud
architecture for the enterprise
Proper handling and efficient resource utilization of new
and existing workloads
Determine which workloads are fit for Public or Private
Cloud
Difficulties in balancing workloads across various private or
public cloud environments
Develop a decision tool to determine which workloads
are fit for migration to public cloud
Protect the Company’s Data and keep all data secure
Develop criteria to determine for mapping of Company
workloads to strategic providers
Develop a Service Provider Strategy for my Organization
Determine which service providers meet the needs of
the business and IT organizations requirements
Agenda
Reality check
Why?
- The role of Operational Resilience
How?
- Relationships & Governance
What?
- Things to do to set a solid foundation
Why?
The role of
operational resilience
Reality Check
Key Challenges
•
Greater organizational complexity
•
Increasing dependence on technology
•
Growing number of products and channels
•
Increasing transaction volumes
•
Growing competition
•
More stringent regulatory landscape
Performance Demands
•
Maintain operating and net margins
•
Maintain service levels
•
Minimize Business Disruption incidents
•
Minimize loss events
•
Maintain compliance with all regulations
Operational Resilience
Why do we manage it?
Is it to comply with regulatory
requirements?
…to protect from failure?
…to create value?
How…?
Relationships and
Governance
BCM Relationship Model
• Executive Management
• Business Strategy
Direction
• Security
• Contractual
Obligations
(SLA’s)
• ERM
• Market Forces
• Audit
• Industry Trends
BCM
• Regulatory
Landscape
Partnership
Functional Areas
10
What…?
Things to do to set a solid
foundation
Regulatory Demands
– SANS
 The SANS Institute was established in 1989 as a cooperative research and
education organization.
– ISO 27001
 The ISO 27000 family of standards helps organizations keep information assets
secure.
– SAS 70
 Statement on Auditing Standards (SAS) No. 70, Service Organizations, was a
widely recognized auditing standard developed by the American Institute of
Certified Public Accountants
– FFIEC
 The Federal Financial Institutions Examination Council (FFIEC) was established on
March 10, 1979, pursuant to title X of the Financial Institutions Regulatory and
Interest Rate Control Act of 1978 (FIRA), Public Law 95-630. In 1989, title XI of
the Financial Institutions Reform, Recovery and Enforcement Act of 1989
(FIRREA) established The Appraisal Subcommittee (ASC) within the Examination
Council.
Regulatory Demands continued
– National Institute of Standards and Technology
 Founded in 1901 and now part of the U.S. Department of Commerce, NIST is one
of the nation's oldest physical science laboratories.
– FINRA
 FINRA is dedicated to investor protection and market integrity through effective
and efficient regulation of the securities industry.
– SOX
 Sarbanes–Oxley Act of 2002 also known as the "Public Company Accounting Reform and
Investor Protection Act" (in the Senate) and "Corporate and Auditing Accountability and
Responsibility Act"
– HIPPA
 The HIPAA Privacy regulations require health care providers and organizations,
as well as their business associates, develop and follow procedures that ensure
the confidentiality and security of protected health information (PHI) when it is
transferred, received, handled, or shared.
– Consumer Privacy Bill of Rights Act of 2015
• Using this family of standards will help your organization
manage information entrusted to your organization.
Situation
•
Business requirements around data protection are not defined or are out dated
•
Backup architecture is out of date
•
Archival technology (tape) and methodology is not in use today
•
Customer backs up everything in their environment
•
Retention policy is non-existent or limited
•
Back up admins are overloaded managing the environment
– Staff are reactive versus proactive
– BURA reporting is time consuming with limited benefits
•
Back up costs are out of control
Background and Objectives
Customer’s IT organization need to validate their current
Backup environment from a technical and operational
perspective. Highlights would include:
•
Validate “Current” State with opportunities to improve backup governance and
service standardization
•
Envision “Future” State based upon their business/backup/retention
requirements and leverage industry “best practices”
•
Identify Gaps between “Current” and “Future” State
•
Back up, Recovery and Archive (BURA)
•
Establish a Roadmap/Timeline with ROI to Close Gaps
BCM – Program Management Model
16
In summary…
Putting it all together
“Begin with the end in mind”
- Do we know why?
Business
Alignment
Governance
Frameworks should be adapted to your organization’s
needs, NOT the other way around
Do we know how?
KPI’s
Regardless of the chosen framework, develop an
integrated governance model
- Do we know who?
Start where you are and build from there
- Do we have a defined road map?
Foundation for Operational
Resilience
Measure and report
- Have we defined KPI’s?
Questions
Paul Thomann
Manager – IT Resiliency Practice Manager
Paul.thomann@datalink.com
303.883.7034
Thank You!
Auteur
Document
Catégorie
Uncategorized
Affichages
5
Taille du fichier
3 180 KB
Étiquettes
1/--Pages
signaler