Business Continuity Management
Business Continuity Management (BCM) aims at minimising the impact and duration of interruptions of business-critical processes in the event of an emergency or any disruption of relevant resources
Organisation and Responsibilities
The ECC Management Board is responsible for the internal BCM system and any changes to it. The BCM Function performs a definitory, advising, coordinating, supervising, and validating role. Business continuity measures are implemented and tested under the responsibility of the respective organisational unit or function.
Contingency plans are created and validated at several levels:
- in the organisation-wide emergency manual
- within mission-critical operating departments,
- for mission-critical IT services and facilities
- at and together with mission critical service providers, and
- in pre-designed scenario specific incident & crisis management procedures
The ECC BCM Framework is designed according to the relevant aspects of the ECC Business and Risk Strategy as well as the applicable regulatory requirements. It is reflected in and communicated through various internal documents, including
- a dedicated BCM policy,
- organisational guidelines for incident and crisis management, ICT readiness for business continuity, and critical service provider management, and
- internal business impact analysis, contingency planning and testing procedures.
Collectively, the BCM Framework and the corresponding contingency plans define procedures and responsibilities to ensure business continuity in the event of an emergency, incident, crisis or any disruption of mission-critical processes defined in the business impact analysis. Information is supplied to employees in the departmental BCM plans as well as operating procedures and work instructions.
Mission-Critical Processes and Resources
Mission-critical processes as well as the underlying critical technical and organisational resources are defined in the business impact Analysis (BIA) and reviewed, at least, annually.
Failure Scenarios and Business Continuity Strategies
The following failure scenarios are considered in the business impact analysis and form the basis for contingency planning.
IT Unavailability
In order to ensure the high availability of business-critical applications, ECC operates redundant computer centres with multiple communications and power supply lines. In the event of a failure of a critical component in one computer centre, operation is automatically switched to the other computer centre without any loss of data and before the defined critical deadline.
Workspace Unavailability
In case of an emergency, a back-up office with fully equipped workstations is available for all mission-critical departments. The backup office has a different infrastructure connection from the primary office. Furthermore, remote access means that all mission-critical processes can be switched to work-from-home options.
Staff Unavailability
Mission-critical processes can be carried out by several trained persons (e.g. through job rotation, education and training, dispersed operations and business transfer) to safeguard a sufficient degree of redundancy in the event of an emergency. Shift planning ensures that a minimum number of personnel is available at all times. 24/7 availability is ensured through remote access.
Supplier Unavailability
Before outsourcing any services, ECC examines the performance of new service providers and establishes service levels which are monitored continuously. The suppliers have to comply with the defined recovery parameters for ECC business-critical processes.
In order to ensure the execution of mission-critical processes in line with the applicable period, the restart time (RTO) must be shorter than the maximum tolerable period of disruption (MTPD). Where possible, preventive measures are taken to safeguard timely availability and recoverability.
Business-Critical Processes
Business-critical processes are defined in the business impact analysis and reviewed, at least, annually.
In order to ensure the execution of business-critical processes in line with the applicable period, the restart time must be shorter than the maximum tolerable downtime. Preventive measures are taken to ensure timely availability:
The Business-critical departments prepare and continuously update adequate BCM plans for the failure scenarios described above. All employees are informed of the plans and regularly work from the back-up office to familiarise with the emergency processes. BCM arrangements are regularly tested and validated.
Training, Testing, and Control
All employees are informed of the plans and regularly work from alternative work-places to familiarise with the emergency processes. BCM arrangements are regularly tested and validated under the supervision of the BCM Function; weakness are identified, remediating measures are defined and managed until completion.