À§±â°ü¸® üũ¸®½ºÆ® °¢ °ø°ø±â°ü ¹× ¹Î°£ ±â¾÷¿¡¼ÀÇ À§±â°ü¸®°æ¿µÀº ±â¾÷ÀÇ Á¸Æó¿©ºÎ¿Í ±í¼÷ÇÑ °ü·ÃÀÌ ÀÖ´Ù. ÀÌ¿¡ °¢ ±â¾÷µéÀº À§±â°ü¸®±Øº¹À» À§ÇØ ¾÷¹«¿¬¼Ó¼º (BCP)ÀÇ Á߿伺À» ÀÎÁöÇÏ°í ÀÖ´Ù. ÇÏÁö¸¸ À̸¦ Àû±ØÀûÀ¸·Î ¹Ý¿µÇÏÁö ¸øÇÏ´Â ±â¾÷µµ ¸¹ÀÌ ÀÖ´Ù. ÀÌµé ±â¾÷ÀÇ °øÅëÁ¡Àº ÀÚ½ÅÀÇ ±â¾÷ÀÌ À§±â°ü¸®¿¡ ¾î´À Á¤µµ ´ëóÇÏ°í ÀÖ´ÂÁö ¾ËÁö ¸øÇϱ⠶§¹®ÀÌ´Ù. ‘°æ¿µÀ§±â·Àç³·ÀçÇØ ´ëºñ À§±â°ü¸® üũ¸®½ºÆ®’¸¦ ÅëÇØ ±â¾÷ÀÇ À§±â°ü¸®´ëó´É·ÂÀº ¾î´À Á¤µµÀÎÁö ÆÇ´ÜÇÏ´Â °Íµµ ³ª»ÚÁö ¾ÊÀ» °ÍÀÌ´Ù. <À§±â°ü¸®°æ¿µ(BCP&ERM) - ÆíÁýºÎ >
±â¾÷ÀÇ ‘À§±â·Àç³·ÀçÇØ ´ëºñ À§±â°ü¸® üũ¸®½ºÆ®’ (ÀÌ ÀÚ·á´Â ³×À̹ö infokeeper´ÔÀÇ À§±â°ü¸®¸¦ À§ÇÑ Ã¼Å©¸®½ºÆ®¿¡¼ ¹ßÃëÇÑ ³»¿ëÀÌ´Ù)
±â¾÷ÀÇ ‘À§±â·Àç³·ÀçÇØ ´ëºñ À§±â°ü¸® üũ¸®½ºÆ®’(ÀÌ ÀÚ·á´Â ³×À̹ö infokeeper´ÔÀÇ À§±â°ü¸®¸¦ À§ÇÑ Ã¼Å©¸®½ºÆ®¿¡¼ ¹ßÃëÇÑ ³»¿ëÀÌ´Ù) 1. À§±â°ü¸®¿¡ ´ëÇÑ È¸»çÀÇ ¹Ì¼Ç ¹× ¹æħÀÌ ¸íÈ®ÇÏ°Ô Á¦½ÃµÇ¾î Àִ°¡. 2. À§±â°ü¸®ÀÇ ¸ñÀû ¹× ¸ñÇ¥°¡ ¸íÈ®ÇÏ°Ô Á¦½ÃµÇ¾î Àִ°¡. 3. À§±â°ü¸®°èȹ¼°¡ ÀÛ¼ºµÈ ÀÌÀ¯¿Í µ¿ °èȹ¼°¡ ¾î¶»°Ô »ç¿ëµÉ °ÍÀΰ¡¿¡ ´ëÇÑ ¼³¸íÀÌ Àִ°¡. 4. À§±â¿¡ ´ëÇÑ ´ëÀÀ¹æ¾È °ËÅä½Ã ´ë»óÀÌ µÇ´Â ÇÇÇØ»óȲÀ» Á¤ÀÇÇØ µÎ¾ú´Â°¡. 5. À§±â¹ß»ý¿¡ µû¸¥ ¾Ç¿µÇâÀÌ Ä¿ ¸ðµç »ç¾÷À» Áö¼ÓÇϱ⠾î·Á¿î °æ¿ì, ȸ»ç Â÷¿ø¿¡¼ ÃÖ¼ÒÇÑ ÁøÇà½ÃÄÑ¾ß ÇÒ ¾÷¹«¸¦ ¸íÈ®È÷ ÇØ µÎ¾ú´Â°¡. 6. À§±â°ü¸®¸¦ ÃßÁøÇϴ üÁ¦°¡ ¸íÈ®È÷ ¸¶·ÃµÇ¾î Àִ°¡. 7. ´ëÀÀ°èȹÀ» ÃßÁøÇÏ´Â ½Ã½ºÅÛ ¹× ÀýÂ÷°¡ Á¦½ÃµÇ¾î Àִ°¡. 8. ½Ç½ÃÇÑ Á¤Ã¥ µîÀÇ ±â·ÏÀ» º¸°üÇÏ´Â ½Ã½ºÅÛ ¹× ÀýÂ÷°¡ Á¦½ÃµÇ¾î Àִ°¡. 9. À§±â°ü¸®Á¶Á÷µµ ¹× °¢°¢ÀÇ ¿ªÇÒÀÌ ¸í½ÃµÇ¾î Àִ°¡. 10. »ó±âÀÇ Á¶Á÷ Ã¥ÀÓÀÚÀÇ ´ëÇà¼øÀ§°¡ ¸í½ÃµÇ¾î Àִ°¡. 11. ´ëÃ¥º»ºÎ¸¦ ¼³Ä¡ÇÏ´Â °æ¿ì ¹× ±× ´ëüÀå¼Ò´Â Á¦½ÃµÇ¾î Àִ°¡. 12. ±ä±Þ½Ã üÁ¦·Î ÀÌÇàÇÏ´Â Á¶°ÇÀÌ Á¦½ÃµÇ¾î Àִ°¡. 13. ±ä±Þ½Ã ÁøÇàÇÒ ¾÷¹«¸¦ Á¤¸®ÇÑ À϶÷Ç¥ µîÀ» ÁغñÇØ µÎ¾ú´Â°¡. 14. À§±â°ü¸®¿¡ °üÇÑ Á¾¾÷¿øÀÇ ±³À° ¹× ÈƷÿ¡ ´ëÇØ ½Ç½Ã³»¿ëÀÌ Á¦½ÃµÇ¾î Àִ°¡. 15. À§±â¹ß»ý½Ã ´ë¿ÜÀûÀÎ Á¤º¸°ø°³¿¡ ´ëÇØ È¸»çÀÇ ¹æħÀÌ ¸íÈ®ÇÏ°Ô Á¦½ÃµÇ¾î Àִ°¡. 16. À§±â°ü¸®°èȹÀÇ Àç¼öÁ¤¿¡ ´ëÇÏ¿© ±× ½Ç½Ã¿ä·ÉÀÌ Á¦½ÃµÇ¾î Àִ°¡. 17. À§±â°ü¸®°èȹ¼°¡ °³Á¤µÈ ³¯Â¥°¡ ±â·ÏµÇ¾î Àִ°¡. 18. À§±â°ü¸®°èȹÀ» °¨»çÇÏ´Â Á¶Á÷ÀÌ ±¸¼ºµÇ¾î Àִ°¡. 19. ±ä±Þ½Ã ¿¬¶ô¸ÁÀº ¸íÈ®ÇÏ°Ô Á¦½ÃµÇ¾î Àִ°¡. 20. ±ä±Þ½Ã Á¾¾÷¿øÀÇ Çൿ¿ä·ÉÀº ÀÛ¼ºµÇ¾î Àִ°¡. 21. ¾Ç¿µÇâÀÌ ¹ß»ýÇßÀ» ¶§ °Å·¡Ã³ µî¿¡ ´ëÇÑ ¿¬¶ô¿ä·É ¹× ´ë¿ÜÀûÀÎ ´ëÀÀ¹æ¾ÈÀÌ Á¦½ÃµÇ¾î Àִ°¡. 22. ÇÊ¿äÇÑ ¿¬¶ôó¸¦ À϶÷Ç¥·Î ÀÛ¼ºÇØ µÎ¾ú´Â°¡. 23. ±ä±Þ½Ã ÇÊ¿äÇÑ ¸Å´º¾ó°ú °èȹ ÃßÁø µî¿¡ ÇÊ¿äÇÑ ¸Å´º¾óÀÌ ºÐ·ùµÅ Àִ°¡. 24. ±âÀç³»¿ë º°µµ ÆäÀÌÁö¸¦ ºÐ·ùÇÏ¿© ±¸¼ºÇØ µÎ¾ú´Â°¡. 25. À§±â°ü¸®°èȹ¼ÀÇ º¸°ü¿ä·É¿¡ ´ëÇØ Á¦½ÃÇØ µÎ¾ú´Â°¡.
‘Å×·¯À§ÇèÀÌ ±â¾÷°æ¿µ¿¡ ¹ÌÄ¡´Â ¿µÇâ’ Á¶»ç
ÇÑÆí Áö³ 2004³â ´ëÇÑ»ó°øȸÀǼҿ¡¼´Â, ‘Å×·¯À§ÇèÀÌ ±â¾÷°æ¿µ¿¡ ¹ÌÄ¡´Â ¿µÇâ’ Á¶»ç¸¦ ½Ç½ÃÇÑ ÀûÀÌ ÀÖ¾ú´Ù.´ç½Ã ¼³¹®Á¶»ç¿¡¼ ±¹Á¦ ¹«Àå´ÜüÀÇ Å×·¯À§ÇùÀÌ ¾ÆÁ÷±îÁö´Â ±¹³» ±â¾÷¿¡ ½É°¢ÇÑ ¿µÇâÀ» ÁÖ°í ÀÖÁö´Â ¾ÊÁö¸¸, ½ÇÁ¦ Å×·¯°¡ ¹ß»ýÇÑ´Ù¸é ±â¾÷ ÇÇÇØ´Â Ä¿Áú °ÍÀ̶ó´Â Á¶»ç°á°ú°¡ ³ª¿Ô´Ù. ´ëÇÑ»ó°øȸÀǼҴ ´ç½Ã ¼¿ï ¼ÒÀç 220°³ ¼öÃâ Á¦Á¶¾÷ü¸¦ ´ë»óÀ¸·Î ÇÑ “Å×·¯À§ÇèÀÌ ±â¾÷°æ¿µ¿¡ ¹ÌÄ¡´Â ¿µÇâ”Á¶»ç °á°ú¿¡ µû¸£¸é ÀÀ´ä±â¾÷ÀÇ 21.1%°¡ Å×·¯À§Çù ÀÌÈÄ °æ¿µÈ°µ¿ÀÌ À§Ãà(‘Å©°Ô À§ÃàµÇ¾ú´Ù’ 4.8%, ‘¾à°£ À§ÃàµÇ¾ú´Ù’ 16.3%)µÇ¾ú´Ù°í ÀÀ´äÇØ ¾ÆÁ÷±îÁö´Â Å×·¯À§Çù¿¡ µû¸¥ ÇÇÇØ°¡ Å©Áö ¾ÊÀº °ÍÀ¸·Î ³ªÅ¸³µ´Ù.
±×·¯³ª, ½ÇÁ¦ Å×·¯°¡ ¹ß»ýÇÏ´Â °æ¿ì ÇÇÇØ»óȲÀº ´Þ¶óÁú °ÍÀ¸·Î º¸ÀδÙ. ½ÇÁ¦·Î Å×·¯ ¹ß»ý½Ã ÀÔ´Â ÇÇÇØ¿¡ ´ëÇØ ÀÀ´ä±â¾÷ÀÇ 64.1%°¡ ÇÇÇØ(‘¸Å¿ì Å« ÇÇÇØ ¿¹»ó’ 18.7%, ‘¾à°£ ÇÇÇØ ¿¹»ó’ 45.4%)°¡ ÀÖÀ» °ÍÀ̶ó°í ¿¹»óÇÏ¿´´Ù. ÀÌ´Â ÇöÀç ÀÔ°íÀÖ´Â ÇÇÇØ ÀÀ´äº¸´Ù ¹«·Á 3¹è ÀÌ»ó ³ôÀº(43%p°ÝÂ÷) ¼öÄ¡ÀÌ´Ù. Å×·¯À§Çù ÀÌÈÄ ±¸Ã¼ÀûÀÎ °æ¿µÈ°µ¿ À§Ãà³»¿ëÀ¸·Î´Â 34.9%°¡ ‘¼öÃâ°¨¼Ò’¸¦ °¡Àå ¸¹ÀÌ ²Å¾Ò°í, ´ÙÀ½À¸·Î ‘³»¼ö°¨¼Ò’(16.9%), ‘ÅõÀÚÀ§Ãà’(15.7%), ‘¿øÀÚÀç ¹®Á¦’(14.5%), ‘Àڱݰæ»ö’(9.6%) µîÀÌ µÚ¸¦ À̾ú´Ù. Å×·¯À§ÇùÀÌ ±â¾÷ ÅõÀÚ°èȹ°ú »ó´ã¹®È¿¡µµ ºÎºÐÀûÀÎ ¿µÇâÀ» ÁØ °ÍÀ¸·Î ³ªÅ¸³µ´Ù. ÇâÈÄ ÅõÀÚ°èȹ Áú¹®¿¡ Àüü 28.7%°¡ ÅõÀÚ°¨¼Ò(‘´ëÆø °¨¼Ò ¿¹»ó’ 3.3%, ‘¼ÒÆø °¨¼Ò ¿¹»ó’ 25.4%)°¡ ÀÖÀ» °ÍÀ̶ó°í ÀÀ´äÇß°í, ÇØ¿Ü ÃâÀå¹®È º¯È Áú¹®¿¡ ‘Á÷¿øµéÀÇ À§ÇèÁö¿ª ÃâÀå±âÇÇ’(13.9%), ‘ÃâÀå ÁÙÀÌ°í ÀüÈ·Æѽº »ó´ãÁõ°¡’(11.5%), ‘ÇؿܹÙÀÌ¾î ±¹³»ÀÔ±¹ ´ëü’(2.9%) µî ÀÀ´ä¾÷ü 28.3%¿¡¼ »ó´ã¹æ½Ä¿¡µµ ´Ù¼Ò º¯È°¡ ÀÖ´Â °ÍÀ¸·Î ³ªÅ¸³µ´Ù.
ÇÑÆí, ÀÀ´ä±â¾÷µéÀº ±¹Á¦ ¹«Àå´ÜüÀÇ Å×·¯À§ÇùÀ» ½É°¢ÇÑ ¹®Á¦·Î ÀνÄÇϸ鼵µ ¸¶¶¥ÇÑ ´ëÀÀÃ¥Àº ¸¶·ÃÇÏÁö ¾Ê°í ÀÖ´Â °ÍÀ¸·Î ³ªÅ¸³µ´Ù. Å×·¯À§Çù »çÅÂÀÇ ½É°¢¼º Áú¹®¿¡ 60.3%°¡ ½É°¢ÇÏ´Ù(‘¸Å¿ì ±×·¸´Ù’ 17.2%, ‘¾à°£ ±×·¸´Ù’ 43.1%)°í ´äÇß´Ù. ±¹°¡½ÅÀεµ¿¡ ¹ÌÄ¡´Â ¿µÇâ¿¡ ´ëÇؼ´Â 70.8%°¡ ½ÅÀεµ Ç϶ô(‘½ÅÀεµ Å©°Ô Ç϶ô’ 19.1%, ‘½ÅÀεµ ´Ù¼Ò Ç϶ô’ 51.7%)ÀÌ ¿ì·ÁµÇ¸ç, Å×·¯À§ÇèÀÌ ±¹³» °æ±âħü¸¦ °¡Áß½Ãų °ÍÀ̶ó´Â ¿¹»óÀÌ 71.3%³ª Â÷Áö(‘°æ±âħü ¸Å¿ì °¡Áß ¿¹»ó’ 27.8%, ‘¾à°£ °¡Áß ¿¹»ó’ 43.5%)ÇÏ°í ÀÖ¾ú´Ù.
±×·¯³ª ÀÌ·¯ÇÑ ¿ì¸®±â¾÷µéÀÇ Å×·¯À§Çè¿¡ ´ëÇÑ »óȲ Àνİú´Â ´ëÁ¶ÀûÀ¸·Î À§±â¿¡ ´ëÇÑ ´ëºñÃ¥Àº »ó´çÈ÷ ¼ÒȦÇϰųª Ãë¾àÇÑ °ÍÀ¸·Î ³ªÅ¸³µ´Ù. Å×·¯´ëºñÃ¥ ¸¶·Ã ¿©ºÎ¿¡ ºÒ°ú 1.4%¸¸ ´ëºñÃ¥ÀÌ ¸¶·ÃµÇ¾î ÀÖ°í, 3.4%´Â ¸¶·ÃÇÒ °èȹÀ̶ó°í ´äº¯Çß´Ù. ¹Ý¸é Àüü 95.2%°¡ ¸¶¶¥ÇÑ Å×·¯´ëºñÃ¥À» ÁغñÇÏÁö ¸øÇÏ°í ÀÖ´Â °ÍÀ¸·Î ³ªÅ¸³µ´Ù(‘º°´Ù¸¥ ´ëÀÀÃ¥ ¾øÀÌ °ü¸ÁÁß’ 51.7%, ‘Çʿ伺À» ¸ø ´À³¤´Ù’ 43.5%). À§±â°ü¸®°æ¿µ ÇöȲ Á¶»ç¿¡¼µµ 60.2%°¡ Àü´ãÁ¶Á÷ ¼³Ä¡¿¡ ´ëÇÑ ‘Çʿ伺À» ¸ø ´À³¤´Ù’°í Çß°í, ‘»çÅÂÃßÀ̸¦ º¸¸é¼ °ü¸ÁÁß’À̶ó´Â ´äº¯µµ 34.0%Àε¥ ºñÇØ, ‘Àü´ãÁ¶Á÷ÀÌ ÀÖ´Ù’(2.9%), ‘¼³Ä¡ °èȹÀÌ´Ù’(2.9%)´Â ¼Ò¼ö¿¡ ºÒ°úÇß´Ù. ´ç½Ã ¼³¹®Á¶»ç¸¦ Çß´ø ´ëÇÑ»óÀÇ °ü°èÀÚ´Â “¾ÆÁ÷±îÁö Å×·¯À§ÇùÀ¸·Î ±â¾÷µéÀÇ ÇÇÇØ´Â Å©Áö ¾ÊÁö¸¸ ¾ÕÀ¸·Î ½ÇÁ¦ »óȲ ¹ß»ý½Ã Å« ÇÇÇØ°¡ ¿¹»óµÇ±â ¶§¹®¿¡ Á¤ºÎ, ±â¾÷Â÷¿øÀÇ ´ëÀÀÃ¥ ¸¶·ÃÀÌ ÇÊ¿äÇÏ´Ù”°í ¹àÈ÷¸é¼ “¿ì¸®±â¾÷µéÀÌ Å×·¯¿¡ ´ëÇÑ ½É°¢¼ºÀº Å©°Ô ´À³¢¸é¼ ½ÇÁ¦ ±¸Ã¼ÀûÀÎ ´ëÃ¥ ¸¶·ÃÀ» ÇÏÁö ¾ÊÀº °ÍÀº Áö±Ý±îÁö Çѱ¹ÀÌ Å×·¯ ¾ÈÀüÁö´ë¿´±â ¶§¹®ÀÎ °Í °°´Ù”¶ó°í Ç®ÀÌÇß´Ù.
ij³ª´Ù ÅõÀÚÀÚÇùȸ(IDA, Investment Dealers Association of Canada)¿¡¼´Â ¼Ò¼Ó ¸â¹ö ¸ðµÎ¿¡°Ô °í°´°ú ÀÚº»½ÃÀå Ä«¿îÅÍÆÄÆ®¿¡ ´ëÇÑ Àǹ«·Î½á ºñ»ó»çųª ½É°¢ÇÑ ºñÁö´Ï½º Áߴܽÿ¡ ¼öÇà¿¡ ÇÊ¿äÇÑ ÀýÂ÷¸¦ Á¤ÀÇÇÑ ¾÷¹« ¿¬¼Ó¼º È®º¸ °èȹ(BCP, Business Continuity Planning)À» ¼ö¸³ÇÏ°í À¯ÁöÇϵµ·Ï ÇÏ°í ÀÖ´Ù. (ÀÌ ÀÚ·á´Â ³×À̹ö infokeeper´ÔÀÇ À§±â°ü¸®¸¦ À§ÇÑ Ã¼Å©¸®½ºÆ®¿¡¼ ¹ßÃëÇÑ ³»¿ëÀÌ´Ù)
¾Æ·¡´Â IDA°¡ Á¦°øÇÏ°í ÀÖ´Â 30°¡Áö BCP üũ¸®½ºÆ®ÀÌ´Ù.
1. BCP Policy and Standards: clearly defined, documented and formally approved 2. Accountability for BCP, formally established and resourced 3. BCP recognized as a cost of doing business 4. BCP program focused on critical functions, as defined through a business impact analysis 5. Business impact analysis required in development processes 6. Recovery Time Objectives defined and documented for all critical functions 7. Organizational BCP strategies for IT and business functions defined and documented 8. Strategies for the protection and recovery of data (electronic & paper) 9. Pre-designated alternate sites, located a prudent distance from primary sites 10. Compliance with all relevant regulations and legal obligations 11. Capabilities and plans quality assured through review, testing and auditing 12. Alignment with the organization's change control process 13. Regular review of Insurance policies to ensure adequate coverage and benefit 14. Validation of the BCP capabilities of critical 3rd party service providers 15. BCP awareness included in new employee orientation 16. Emergency Response Procedures 17. A structured process for notification, escalation and plan activation 18. Up-to-date internal and external contact lists, with alternates 19. Key roles, responsibilities and authorities, with alternates, identified 20. HR issues addressed through instructions or guidelines for staff support, EAP Program, etc. 21.A clearly defined crisis management structure (can be a separate plan) 22.Designation of a control and coordination (command) centre 23.Linkages to external organizations (e.g. emergency services) 24.Instructions and guidelines for internal & external communications, including media 25.Minimum resource requirements for critical function recovery 26.Clearly defined back-up procedures for all applications, hardware and data 27.Processes for handling lost work in progress and/or backlog processing 28.Details for manual operations and/or fall-back strategies and solutions 29.Processes for restoring or replacing all data (electronic and paper) 30.An auditable process for tracking and recording the completion of recovery decisions and tasks |