-
AS9100C - BCMS (Risk Management and
Business Continuity Management System)
[email protected]
081-347-5600
-
Avian Flu Asia, 2004 WTO riots Hong Kong, 2005
SARS Asia, 2002 Blackout New York, 20033
-
Katrina - USA, 2005 Earthquake - China, 2008
Flood - Pakistan, 2010
4
-
5
-
6
-
8
, , , , ,
-
9
-
10
-
12
3.1 (Risk) 3.2 (Special Requirements) 3.3 (Critical Items) ( )
3.4 (Key Characteristics)
, , , , ,
-
13
Aircraft
Configuration selection
Firm concept Authority offer
Start major assembly
Firm configuration
First flightEntry into
serviceEnd of lifeCertification
Configuration selection , RFQ
Firm concept,Proposal
Project management, R&D
PrototypePilot/ Pre-Production
Manufacturing Delivery Post-Delivery End 0f Life
Product Life Cycle
Parts
-
7.1.2 (Organization) (Product)
) ) (, , ))
)
)
7.1.1 ,
14
-
7.4.1 ) ( 7.1.2)8.5.3 Preventive action , , (FMEA),
7.2.2 ( ) ) ) ) ) ) ( , ) ( 7.1.2)
15
-
&
Risk management process (Organization & Product)
Business Continuity Management (BCP) (IMP)
16
-
17
1.
2.
3.
4.
1.
2.
;2546
-
18
/
(Risk Owners)
/
/ (Interdependent risks)
-
19
(Strategic Risk : S)
(Operation Risk : O)
(Financial Risk : F)
/ (Compliance Risk :C)
-
20
(Acceptable Risk)
(Risk Tolerance)
(Inherent Risk)
(Residual Risk)
; Tris
-
21
-
22
( , )
-
/
(1)
(2)
(1X2)
(4Ts)
27
-
28
(Risk Profile/Matrix)
; Tris
-
29
()
1
1-6
6-12
1
5
80%
70-79%
60-69%
50-59%
50%
5
4
3
2
1
; Tris
-
30
10
6
50
60%
3
5
5 -10
4.5 6
40-50
60-70%
3
4
; Tris
-
31
1 - 5
3 4.5
2-3
30-39
71-80%
3
1 - 1
1.5 3
1
20-29
81-90%
2
; Tris
-
32
1
1.5
19
90%
1
; Tris
-
33
5 5 10 15 20 25
4 4 8 12 16 20
3 3 6 9 12 15
2 2 4 6 8 10
1 1 2 3 4 5
1 2 3 4 5
; Tris
-
34
1-3Acceptable or Limited Focus
-
4-9
Tolerable but caution or Management Discretion/
Medium Risk
-
10-16Intolerable or Attention Required /High Risk
-
17-25Intolerable or Immediate Attention Required /High risk
-
; Tris
-
35
Accept
Reduce
Avoid
Share
Transfer
Terminate
Take
Treat
-
(Business Continuity Management)
Business Continuity Management is an holistic management process
that identifies potential impacts that threaten an organization and
provides a framework for building resilience and the capability for
an effective response that safeguards the interests of its key
stakeholders, reputation, brand and value creating activities.
42
-
BCM versus Risk Management
BCM- BIA- Recovery Plan- Continuity Plan- BCM Culture- etc.
R
isk
Ass
essm
en
t
Risk Management - Preventive Measures for every perspectives
43
-
BCM
1. BCM Program Management
BCP Team and Scope
2. Understand your business
Critical Business Functions
Risk Assessment (MTPD , RTO)
Business Impact Assessment
3. BCM Strategy
4. Developing and Implementing BCM response
5. Exercising, Maintaining and Reviewing
44
-
1. BCM Program Management BCM
BCM BCM
2. Understand your business
Critical Business Functions (CBFs)
Critical Business Functions (CBFs) Function Business Process
Risk Assessment Business Impact Analysis (BIA) BCM
3. Continuity Strategy
BIA 45
-
4. Developing and Implementing BCP Response
BCP
5. Exercising, Maintaining and Reviewing
BCP
46
-
BCP BCP
Critical Business Functions (CBFs) (Maximum Tolerable Period
of
Disruption MTPD) CBFs (Recovery Time Objectives RTO) (Vital
Record) (Back-Up)
(Recovery Point Objective RPO) (Alternate Site) (Recovery
procedure)
Scope BCM BCP
, Products ,
47
-
48
t
t0 BCM Cordinator
t0+10 BCM Coordinator BCM Cordinatort0+15 BCM Coordinator BCM
Manager BCM Cordinatort0+15 BCM Manager DAT BCM Managert0+30 DAT MD
DATt0+35 MD BCM Manager BCP MDt0+35 BCM Manager BCM Managert0+35
BCM Manager BCM Managert0+40 - t0+40 - BCM Coordinator BCM
Coordinatort0+40 - Call Tree t0+100 BCM Coordinatort0+85 + Setup
t0+145
