Business Continuity Management
It is not just natural disasters that cause business disruption but increasingly more social, political and economic un-rest such as the events of 'Arab Spring' places severe pressure on business continuity.
It is critical to determine in advance the impact on the business and not only have plans that are known but tested to ensure workable solutions are in place.
The terms Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) are often used interchangeably and though having slightly different individual focuses, ultimately share the same goal: preparing businesses for potential disasters or disruptions by ensuring they are able to recover quickly whilst sustaining minimal losses.
GSA provides BCP templates to enable the organisation to continually deliver critical products, services to their clients instead of focusing on resuming a business after critical operations have ceased, or recovering after a disaster.
Business Continuity & Disaster Recovery Plans
A structured methodology required to be followed to determine Business Impact Analysis, which will lead to the appropriate composition of both Business Continuity and Disaster Recovery Plans
GSA helps organisations identify and document each business critical system and each resource that is necessary to support these systems to ensure recovery from any loss of information assets due to disruptions or disasters.
Information Security Management
Information security covers all information processes, physical and electronic, regardless whether they involve people and technology or relationships with trading partners, customers and third parties. Information security addresses information protection, confidentiality, availability and integrity throughout the life cycle of the information and its use within the organization.
Management should set a clear policy direction in line with business objectives and demonstrate support for, and commitment to, information security through the issue and maintenance of an information security policy across the Bank. An information security policy document should be approved by management, and published and communicated to employees and to relevant external parties.
Management should identify through appropriate risk assessment, the value of information assets, understand their vulnerabilities and threats that may expose them to risk, and manage risks to an acceptable level.
Information Security Policy
GSA to assist organizations in establishing Information Security Policy that complies with legal and regulatory requirements, industry mandates, and accepted best practices.