Home > Products & Services
   
     
 
Consultancy  
 
Information Security >
Business Continuity >
Risk Management >
Information Assurance >
Quality Assurance >
Corporate Governance >
Information Governance >
   
Products  
 
Mission Possible >
Capability Based Information Assurance

>
Policies and Procedures >
Exercise Planning Templates and Scripts >
   
Training  
 
Needs Analysis >
Designing Training and Programs >
Delivery of Training and Training Programs >
Validation of Training >
 

Capability Based Information Assurance

"Its not so much a tool but a way of thinking and working".

Capability based Information Assurance acknowledges that if you need protection and you only have a limited time which to achieve it - then you need an approach that will give you high level protection in the time you have available.

Objective of Capability Based Information Assurance (CBIA)

To provide organisations with a model that will enable them to develop a strategic business continuity plan or information security managment system (ISMS) that will provide immediate levels of protection but will be compatible with traditional business continuity, information security or risk management planning methodologies.

CONCEPT

CBIA is a simple activity based model, based on the identification of a managable scope and the critical capabilities that must be delivered by that scope. A spreadsheet template that is straightforward and easy to use drives the activity and manages the information produced.

The model focuses on providing a strategic layer of protection for those parts of the organisation that fall within the scope. If necessary, detailed planning can then be conducted in those specific areas that require it.

The model combines focused business analysis with generic incident response plans and decision support activity to ensure that organisations achieve fast and flexible protection.

The model is flexible and fast enough to be run at any level or combination of levels within an organisation, and can be used to contingency plan at a project level.

BUSINESS BENEFITS

CBIA is designed to support those organisations that need a business continuity plan but do not have the time or resource to conduct formal business continuity projects.

- CBIA provides extremely fast benefit for work done. The layered design of the model also supports those wishing to protect a project.

- CBIA maps directly to traditional BCP and Information Security Management models. It can be evolved into a traditional plan or management system at any stage, should resource and time become available.

- CBIA can be used as an initial step to provide strategic cover and protection to enable an organisation the time and freedom to conduct a more detailed formal process.

- CBIA is flexible and can easily be evolved to suit the precise needs of the scope being protected.

- CBIA is a simple model and uses standard applications, reducing the training overhead and costs, allowing you to focus on the planning.

- CBIA provides quick return on effort with typical projects producing basic high level plans for most scopes within approximately 4 - 8 hours.

WHO WAS CBCP DESIGNED FOR?

CBIA was designed in response to direct requests from busy managers who needed a straightforward solution that they could get on with and implement straight away with minimum effort and preparation. The model is deployed in a number of contexts:

- Project managers wishing to protect a Projectorganisation.

- Small businesses needing high level protection and plans.

- Business Managers needing a high level plan to manage strategic response or security issues during change projects.

- Departmental managers needing additional protection for a department or specific business area.

- Business Continuity, Risk and Information Security managers needing "top cover" for a more detailed formal planning process.

DELIVERY

CBIA is extremely flexible. We find it is normally deployed most effectively as follows:

- Single day workshop for approximately 15 delegates - The group go through the day learning the theory and building a generic plan that is applicable to them. At the end of each day, the delegates will have a working knowledge of the subject area and will have built a skeleton plan for the group. This plan can then be quickly evolved to fit immediate needs.

- Onsite Consultancy - A consultant will deploy on site and assist with the development of a high level plan. This will normally take 1, 2 or 3 days depending on the scope of the organisation. At the end of this, the client has a strong understanding of the model and its deployment.

ADDITIONAL SERVICES

We provide a number of support services to ensure that you can achieve ongoing support when you need it.

- Support Package - currently supporting the Business continuity module, The CBCP support package provides ongoing support mechanism to support delegates and clients at no cost.

- Follow on services - Currently supporting the Business continuity module, the follow on services provide an opportunity for clients or delegates to enhance or validate their plans or management systems.

WHAT THE DELEGATES SAY….

The following comments were made by delegates and have been taken from course feedback forms:

- "Outstanding!"

- "I now feel much more confident in updating and upkeeping a Business Continuity Plan"

- "A very comprehensive framework, clearly explained and illustrated"

- "Handouts and promise of an e-mailed copy of the solution extremely beneficial to all!"

- "Accompanying documentation very good!"

 
                                 
  A Toad Interactive Site