Business Continuity Management (BCM) aims at minimizing the impact and duration of interruptions of business-critical processes in the event of an emergency or any disruption of relevant resources
Organization and Responsibilities
The ECC Management Board holds responsible for the internal BCM system and any changes to it. A dedicated BCM Function performs a definitory, advising, coordinating, supervising, and validating role. Business continuity measures are implemented and tested under the responsibility of the respective organisational unit or function:
Contingency Plans are created and validated on several levels:
- Organization-wide emergency manual
- within mission-critical operational departments,
- for mission-critical IT services and facilities
- at and with mission critical service providers, and
- pre-designed scenario specific Incident & Crisis Management procedures
The BCM Framework of ECC is designed according to the relevant aspects of the ECC Business and Risk Strategy and applicable regulatory requirements. It is expressed in and communicated through various internal documents, including
- a dedicated BCM Policy,
- organisational Guidelines for Incident and Crisis Management, ICT Readiness for Business Continuity, and Critical Service Provider management, and
- Internal procedures for Business Impact Analysis, Contingency Planning and Testing.
Collectively, the BCM Framework and the corresponding contingency plans define procedures and responsibilities to ensure business continuity in the event of an emergency, incident, crisis and any disruption of mission-critical processes defined in the Business Impact Analysis. Information is supplied to employees in the departmental BCM plans as well as operational procedures and work instructions.
Mission-Critical Processes and Resources
Mission-critical processes as well as the underlying critical technical and organisational resources are defined in the Business Impact Analysis (BIA) and reviewed at least annually.
Failure Scenarios and Business Continuity Strategies
The following failure scenarios are considered in the Business Impact Analysis and form the basis for contingency planning.
In order to ensure the high-availability operation of business-critical applications, ECC operates redundant computer centres with a redundant connection of communications and power supply lines. In the event of a failure of a critical component in one computer centre, operation is automatically switched to the other computer centre without loss of data and before the defined critical deadline.
For cases of emergency, a back-up office with fully equipped workstations is available for all mission-critical departments. The backup office has a different infrastructure connection from the primary office. Further, remote access enables to switch all mission-critical processes to home office.
Mission-critical processes can be carried out by several trained persons (e.g. by means of job rotation, education and tuition, dispersed operations and business transfer) to make sure that there is a sufficient degree of redundancy in the event of an emergency. Shift planning ensures that a minimum degree of personnel resources is available at all times. 24/7 availability is ensured by the means of remote access.
Before outsourcing services, ECC examines the performance of new service providers and establishes service levels which are monitored continuously. The supplier have to comply with the defined recovery parameters for ECC business critical processes.
In order to secure the execution of the mission-critical processes in line with the applicable period, the restart time (RTO) must be shorter than the maximum tolerable period of disruption (MTPD). Where possible, preventive measures are taken to ensure timely availability and recoverability.
Business Critical Processes
Business-critical processes are defined in the Business Impact Analysis and reviewed at least annually.
In order to secure the execution of the business-critical processes in line with the applicable period, the restart time must be shorter than the maximum tolerable downtime. Preventive measures are taken to ensure timely availability:
The business-critical departments prepare and continuously update adequate BCM plans for the failure scenarios described above. All employees are informed of the plans and work from the back-up office regularly in order to familiarise with the emergency processes. BCM arrangements are regularly tested and validated.
Training, Testing, and Control
All employees are informed of the plans and work from alternative work-places regularly to familiarise with the emergency processes. BCM arrangements are regularly tested and validated under the supervision of the BCM Function; deficiencies are identified, remediating activities are defined and managed until completion.