Scribd Logo
Upload

Welcome to Scribd!

  • HDFC - It-Bcp Case Study v1.0

    Uploaded by

    Love Aute
    119 views18 pages
    core bank case study

    Original Title

    Hdfc_it-bcp Case Study v1.0

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    core bank case study

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    119 views18 pages

    HDFC - It-Bcp Case Study v1.0

    Uploaded by

    Love Aute
    core bank case study

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 18

    IT DR Enagement Case Study HDFC Bank

    2009 Wipro Ltd - Confidential

    Index
    o HDFC Bank IT-DR Challenges & Requirements o Engagement Overview o Engagement Approach & Methodology o Engagement Benefits

    2009 Wipro Ltd - Confidential

    Challenges & Requirements

    2009 Wipro Ltd - Confidential

    IT Environment Challenges
    o Heterogeneous IT environment encompassing various types of databases, storage solutions and OS environment o Windows AD is not implemented across all branches o Majority of the applications have hard coded IP addresses o Applications criticality and interdependencies is not clearly documented

    2009 Wipro Ltd - Confidential

    Banks DR Requirements
    o Replication and seamless failover solutions for critical business applications and supporting Infrastructure spread across Primary Data

    Center, DR Site, Head Office and depository locations.


    o Solution should support interconnectivity with core applications both in case of partial and full scale disaster scenarios.

    o Solution should take care of connectivity with third parties and


    interconnecting vendors without any changes at vendor end o Solution should require minimum configuration changes in the network

    and provide for easy fail-over option to DR site with during a disaster
    event. o Solution should be scalable, upgradeable, and easy to configure,
    5

    manage and maintain

    2009 Wipro Ltd - Confidential

    Engagement Overview

    2009 Wipro Ltd - Confidential

    IT-DR Engagement Scope


    o To establish a structured framework for planning and implementation of a Disaster Recovery program for the Bank. o To protect critical business operations by providing alternative IT continuity plans to sustain a disaster event. o To provide technically viable solutions for failover and fallback of

    core banking applications (31) during unfavourable events


    o To develop an effective IT-Business Continuity Plan & Procedures to facilitate recovery & resumption

    o To ensure compliance with the RBI regulations on BCP/DR

    2009 Wipro Ltd - Confidential

    Engagement Approach & Methodology

    2009 Wipro Ltd - Confidential

    Understanding Current State


    o Core team meet Business Stakeholders to gain a functional understanding of the application & IT owners to understand

    the technical architecture & setup at primary and DR site. Key


    deliverables prepared during this phase were:
    o o o Application-wise Understanding Documents including application & business inter-dependency diagrams Application-wise Asset Registers capturing details and criticality of each application component Application DR Gap Assessment Report covering gaps in each applications existing recovery capability

    10

    2009 Wipro Ltd - Confidential

    Understanding Business Impact & Risk Environment


    o Core team conducted Business Impact Analysis (BIA) Exercise to identify the impact of disruption of each

    application services on banks operations and Risk


    Assessment Exercise to identify threats to existing application setup with supporting mitigation strategies. This

    was done using a structured questionnaire & risk database.


    Key deliverables prepared during this phase were:
    o Business Impact Analysis Model o Application-wise business impact analysis report capturing application RTO & RPO details with recovery priorities
    o o Application-wise Risk Assessment Report with supporting risk mitigation plans Datacenter P&E Risk Assessment Report

    11

    2009 Wipro Ltd - Confidential

    Developing Recovery Strategies


    o Multiple recovery option were presented covering
    o o o Network level recovery & resumption strategies Application recovery options at primary site Application replication options covering storage infrastructure setup

    o Following solution aspects were covered for each application recovery strategy
    o o o o o o Overview Prerequisites, Assumptions & Limitations Recovery Architecture for both full and partial disaster scenarios Data Replication Strategy Fall back and Resumption Strategy Advantages with Implementation Strategy

    o Detailed Run-books were prepared for each application which provided step by step actions to undertake during a recovery/resumption process
    12 2009 Wipro Ltd - Confidential

    Designing DR Plan & Framework


    o A detailed DR Plan document was prepared which provided the DR organization structure of the bank with team roles and

    responsibilities. Key aspects covered in the DR Plan are:


    o o o o o o o o o o
    13

    Plan scope, objectives & assumptions DR Recovery Organization with roles & responsibilities Disaster Classification & Activation Guidelines Incident Management Process Plan administration and maintenance guidelines Plan testing strategy and test guidelines Training Emergency procedures Evacuation Plans Supporting Recovery & Maintenance Templates
    2009 Wipro Ltd - Confidential

    Testing & Training


    o After Finalization of recovery strategies, different levels of testing exercise from Table-top to live fail-over scenarios were undertaken.

    o Engagement concluded with training workshops to DR team


    members which included areas like
    o IT-DR Framework

    o
    o o

    Team & Individuals Roles & Responsibilities


    Disaster Classification & Plan Activation Guidelines Recovery & Resumption process

    o
    o

    Sustenance activities to be conducted


    Dos & Donts

    14

    2009 Wipro Ltd - Confidential

    Current IT-DR Sustenance Activities

    15

    2009 Wipro Ltd - Confidential

    Benefits

    16

    2009 Wipro Ltd - Confidential

    Benefits
    o Clear recommendations with respect to workable DR failover and fallback strategies in line with the aggressive growth plans of the

    bank
    o Data replications options for different types of storage devices o Prioritization of critical applications for recovery at DR site in case of

    full scale disaster scenario


    o Established technical capability to recover its critical banking operations in an event of a disaster or

    contingency.

    17

    2009 Wipro Ltd - Confidential

    Benefits
    o Documented procedures to recover from disaster, thus eliminating people dependency

    o Bank has a comprehensive IT-BCP Framework, which is in


    compliance with RBI regulatory requirements and COBIT framework.

    o Tested Crisis Management Plan to respond to unforeseen events


    and ensure employee safety. o IT recovery strategy helps bank meet its primary goals of market

    leadership, customer services, and business excellence

    18

    2009 Wipro Ltd - Confidential

    Thank You
    Deepak K Mudalgikar
    Vice President IT, HDFC Bank Ltd E-mail: deepak.mudalgikar@hdfcbank.com

    2009 Wipro Ltd - Confidential

    You might also like