Operational Scenario Analysis Use Case Design

The Business Impact Analysis (BIA) application enables organizations to inventory their customer-facing products or services and their dependencies (internal business processes, systems, people, and locations). The BIA is an analysis tool designed to apply decision criteria to help organizations determine the criticality for each product or service. The BIA can also be used to determine criticality at the business process level per traditional business continuity approach. A BIA should be completed for each product and service, or for each business process, depending on the methodology used by the organization.

The resulting criticality ratings provide the focus needed to prioritize efforts to build resilience into producing and providing the products or services across the related dependencies.

The Resilience Threat Register is used to document known threats and associate them to specific Operational Scenarios or BC/DR plans. As threats are identified through various sources, for example enterprise risk management efforts, or trends, those applicable to a target of BC planning should be included in the Resilience Threat Register.

The Impact Tolerances application enables organizations to define the maximum tolerable period of disruption to important products and services. It identifies the type of impact, such as harm to consumers, market integrity, market participants, threat to financial stability, policyholder protection, and safety and soundness. Impact tolerances must always be expressed as a unit of time - hours, days, or weeks, but can also include other metrics such as financial loss, impact to reputation, regulatory impact, and consumer impact. Impact tolerances can also be defined over time to identify the resilience during each time period.

The Operational Scenario Library application serves as a catalog of Operational Scenario templates. Those templates can be used to generate new Operational Scenario Analysis records without having to create them from scratch. Those scenarios can then be used to test impact tolerances against the defined scenario types.

The Operational Scenario Analysis application enables organizations to test predefined impact tolerances against severe, yet plausible scenarios such as cyber events, pandemics, natural disasters, supply chain disruptions, or data breaches. Scenarios can be linked to key organizational pillars such as cyber resilience, IT resilience, facilities, people, or third parties. Multiple impact tolerances can be tested for each scenario, and the results are rolled up to the parent scenario. For failed impact tolerances, the point of failure among the supporting assets can be identified for reporting purposes.

The Scenario Results application leverages the Scenario Results Creation Feed to merge portions of Impact Tolerance and Operational Scenario Analysis records for testing. A record is created for each impact tolerance being tested as part of a scenario. The actual period of disruption, and quantitative and qualitative results for each scenario are input which are then compared against the predefined impact tolerance. Any metric that exceeds the predefined tolerance will result in a failed Impact Tolerance record. Additionally, users can identify the failed resource among the dependency chain. Scenario Results that fall outside of impact tolerances automatically generate findings and the formal Issues Management process can be followed.

The BIA Campaign application creates new Business Impact Analysis records based on the selected scoping methodology as well as links existing BIA records discovered during the campaign.

This serves as the archive for when Business Impact Analysis records have completed their workflow. Whenever a BIA completes a workflow and has a new approval date, a copy will be moved to this application via the Data Feed Manager. It tracks historical criticality, RTO/RPO, participants, responses, and cross-references.

The Risks application serves as the corporate controlled instantiation of risks used by the entire organization. It allows users to capture data for an instance of a risk from any given risk statement. Risks are associated to processes, objectives, applications, facilities, key risk indicators, financial losses, and controls. Quantitative risks serve as an aggregation point for underlying Risk Events and are separately assigned to quantitative hierarchies for aggregation.

The Third Party Profile application is used to document all the third party relationships used by an organization. In this application, the organizational structure of the third party relationship is established, third party contacts documented, and relationship manager, risk analyst, and procurement / legal officer accountabilities created. This application is the hub for navigation throughout the solution and contains summary metrics and reporting.

The Products and Services application maintains all products and services provided within an organization. For example, a financial services firm provides a variety of products and services, such as banking, brokerage, and lending services.

Note: The Products and Services application is included in the Enterprise Catalog package.

The Service Interruptions application is used to detail and compare the impact of incidents against predefined impact tolerances. After documenting the details of an incident, users can select the products and services affected and the corresponding impact tolerances to test. A data feed then copies details of the incident and impact tolerance into the service interruption results application where the actual period of disruption and impact tolerance are compared. Although users can link records from the Incidents and Loss Events application to the service interruption, those applications are not prerequisites.

The Service Interruption Results application uses the Service Interruption Results Creation data feed to merge portions of Service Interruption and Impact Tolerance records for testing. A record is created for each impact tolerance being tested as part of the Service Interruption. After creation, the actual period of disruption from the Service Interruption and maximum tolerable period of disruption from the Impact Tolerance are compared. If the maximum tolerable period of disruption is exceeded, then the user is prompted to complete a lessons learned section, document why the impact tolerance was exceeded, and generate findings.

The Resilience Scorecard application automatically scores the resilience of each business unit, division, and company across the 5 resilience pillars - cyber, facilities, IT, people, and suppliers. Resilience ratings are calculated by equally weighting results of Operational Scenario Analysis, Operational Resilience Assessments, Metrics, Third Party Metrics, and Third Party Resilience Assessments linked to each business unit. Ratings are only calculated for each business unit that has data points specific to that resilience pillar. Resilience Scorecard ratings are automatically created by the following data feeds for each enterprise level:

• Company Generate Resilience Scorecard Records - Company

• Division Generate Resilience Scorecard Records - Division

• Business Unit Generate Resilience Scorecard Records - Business Unit

The Product and Service Manager is responsible for the day-to-day management of a specific product or service. Along with the Product and Service Owner, they are responsible for mapping the infrastructure that supports delivery of the product and service and defining impact tolerances. The Product and Service Manager creates Business Impact Analysis records for their products and services.

The Product and Service Owner is responsible for the final approval for all decisions related to the specific product or service. They are responsible for ensuring the sustainability of the asset when threatened by adverse conditions. Along with the Product and Service Manager, they map the necessary infrastructure that supports delivery of the product or service and define impact tolerances. The Product and Service Owner is responsible for reviewing Business Impact Analysis records submitted for their product and service.

The Scenario Lead is responsible for defining the conditions and parameters of a Scenario Analysis. This includes the type of scenario to be conducted, the required testing frequency, the method of testing, which impact tolerances to test, and providing all supporting documentation. For failed scenarios they must identify the points of failure and submit the results to the Scenario Owner. The Scenario Lead may be a member of the Business Continuity Management team.

The Operational Resilience Task Driver dashboard contains quick links for frequent tasks and features. It contains metrics relevant to the current user, such as BIAs, Impact Tolerances, and Scenario Analysis. This dashboard uses interactive charts to display data, such as BIAs by criticality rating, Products/Services by Manager, Dependency Mapping Status, and the BIAs Overall Status.

The Operational Resilience Task Driver dashboard is available to all Resilience Management access roles as it is filtered by the current user.

The Operational Resilience Process Manager dashboard displays items relevant to users such as Product and Service Owners and Scenario Leads, to help them determine how processes are functioning and identify areas for improvement. This dashboard features metrics, such as expiring BIAs, products and services without dependency mapping, and scenarios coming due. This dashboard uses interactive charts to show data, such as dependency mapping by business unit and important products and services by category.

The Operational Resilience Process Manager dashboard is available to all users.

The Business Impact Analysis – Business Process Copy Feed is a Web Services Transporter feed that copies the supporting infrastructure from the evaluated business processes into the Business Impact Analysis application. The supporting infrastructure includes child processes, products and services, business unit, information assets, G/L accounts, and loss events. Once a BIA record is enrolled into the advanced workflow, the value of the DFM: BP/PS copy field is set to yes, which initiates the data feed. The data feed leverages the DFM_Copy Content From BP To BIA report contained in the Business Impact Analysis application.

The Business Impact Analysis – Products and Services Copy Feed is a Web Services Transporter feed that copies the supporting infrastructure from the evaluated product and service into the Business Impact Analysis application. The supporting infrastructure includes child products and services, business processes, third parties, facilities, contacts, devices, applications, and information assets. Once a BIA record is enrolled into an advanced workflow, the value of the DFM: BP/PS copy field is set to yes, which initiates the data feed. The data feed leverages the DFM_Copy Content From P&S To BIA report contained in the Business Impact Analysis application.

Business Process Copy Feed is a Web Services Transporter feed that copies the supporting infrastructure from the evaluated business processes into the Business Impact Analysis application. The supporting infrastructure includes child processes, products and services, business unit, information assets, G/L accounts, and loss events. Once a BIA record is enrolled into the advanced workflow, the value of the DFM: BP/PS copy field is set to yes, which initiates the data feed. The data feed leverages the DFM_Copy Content From BP To BIA report contained in the Business Impact Analysis application.

The Copy BIA Supporting Infrastructure to Products or Services Feed is a Web Services Transporter feed that copies the supporting infrastructure from the product and service being evaluated as part of a Business Impact Analysis into the corresponding Product and Service record. The supporting infrastructure includes child products and services, business processes, third parties, facilities, contacts, devices, applications, and information assets. Once the BIA is approved by the Product and Service Owner, the data feed runs to copy the supporting infrastructure.

The Business Impact Analysis – Archive Feed is a Web Services Transporter feed that copies approved Business Impact Analysis records into the BIA Archive application. This preserves historical information such as criticality, RTO/RPO, participants, and responses that may be altered over time in the original record. Once a BIA record is approved, the value of the DFM: Archive Flag field is set to yes, which initiates the data feed. The data feed leverages the DFM Archive report contained in the Business Impact Analysis application.

The Operational Scenario Analysis Data Creation feed is used to automate the creation of Operational Scenario Analysis records. Based on the scenario type an Operational Scenario Analysis record is created for each product and service selected. Additional data points such as the resilience pillars, scenario of stress, threats, risk, and controls are also copied to the new records.

The Scenario Results Creation Feed is a Web Services Transporter feed that copies portions of Operational Scenario Analysis records and the impact tolerances being tested into the Scenario Results application. The data feed leverages the DFM – Create Scenario Results report contained in the Scenario Results application.

The BIA Campaign JS Data feed is a JavaScript transporter data feed that automates the creation of Business Impact Analysis records based on the selected scoping methodology and target records. The scoping method can be a Business Process, Business Unit or Products and Services. Depending on the selected scoping methodology, the data feed generates Business Impact Analysis (BIA) records for the following:

• On business process scoping, 1 BIA record is created for each selected business process record.

• On products and services scoping, 1 BIA record is created for each selected products and services record.

• On business unit scoping, BIA's are created either for business processes or products and services related to the selected business unit.

For more information on the JavaScript data feed, see Configuring the JavaScript Transporter Settings.

The Service Interruption Results Creation feed is an Archer Web Services Transporter feed that copies portions of Service Interruption records and the impact tolerances being tested into the Service Interruption Results application. A Service Interruption Result record is created for each impact tolerance that is linked to the parent Service Interruption application.

The Generate Resilience Scorecard Records - Business Unit feed is an Archer Web Services Transporter feed that automatically generates Resilience Scorecard records for business units. The feed creates a record for each resilience pillar per business unit. If the business unit does not have data points linked to a resilience pillar, a record is not be created for that resilience pillar. If data points are linked to all 5 resilience pillars, a record is created for each resilience pillar as well as the overall resilience rating.

The Generate Resilience Scorecard Records - Division feed is an Archer Web Services Transporter feed that automatically generates Resilience Scorecard records for divisions. The feed creates a record for each resilience pillar per division. If the division does not have data points linked to a resilience pillar, a record is not be created for that resilience pillar. If data points are linked to all 5 resilience pillars, a record is created for each resilience pillar as well as the overall resilience rating.