Domain Lead - Business Continuity & Disaster Recovery

This function has a twofold purpose:

- Ensuring the business continuity of YPTO as an organization and an SNCB ICT department in case of a calamity impacting its people (pandemic), processes or facilities.

- Ensuring the IT Resilience of SNCB in case of a calamity, such as the destruction of a datacenter (fire or flood) in Belgium or abroad, the loss of electricity in a region from where SNCB contracts ICT services, a ransomware attack, etc.

Key Activities

Ensuring the resilience of YPTO in case of a calamity

Develop, test and continuously improve a comprehensive business continuity plan (BCP) that outlines strategies and procedures for ensuring that YPTO critical functions can continue in the event of a disruption.

Performing a Business Impact Assessment to determine the critical business functions and processes that need to be prioritized for continuity planning. This involves assessing the potential financial, operational, and reputational impacts of disruptions.

Developing and maintaining comprehensive business continuity plans that outline strategies and procedures for ensuring the organization's critical functions can continue in the event of a disruption. The Domain Lead BC/DR is responsible for creating, updating, and testing these plans.

Define and monitor an adequate IT disaster recovery strategy for SNCB and its subsidiaries

Define an adequate disaster recovery strategy for SNCB, taking into account the Business Impact Assessments, made by SNCB Risk Office (Corporate SNCB function) and best practices in calamity risk assessment and risk modelling.

The Domain Lead BC/DR takes into account hazards and comes up with a best practice and balanced DR strategy for the choice and location of data centers world-wide, the choice of technologies and providers.

Collaborate with other CISO Domain Leads and Enterprise Architecture to build and implement a common taxonomy

Develop, test and continuously improve an IT disaster recovery plan for SNCB and its subsidiaries

Develop, test and continuously improve an IT disaster recovery plan to guide the SNCB’s actions when a calamity occurs and ensure a swift recovery.

Develop, test and continuously improve a crisis management plan to ensure SNCB has able to timely react when facing calamities.

Ensure that SNCB complies with relevant legal, regulatory and contractual requirements and industry standards related to security and business continuity. This includes staying updated on changing regulations and adapting the BCP and security measures accordingly.

• Identify the threats that affect the IT and business environment and its countermeasures.

• Have a thorough understanding of the DR Planning Methodology.

• Conduct an application impact analysis for a business process.

• Develop and implement business (scope YPTO) and IT (scope SNCB) recovery strategies.

• Conduct cost benefit analysis for strategies and alternate site selection.

• Consolidate and implement a comprehensive IT DR plan.

• Create and develop IT DR awareness and training program in alignment and under the guidance of the Domain Lead Awareness

• Conduct exercises and tests.

• Integrate business continuity with the IT DR initiatives in alignment with and under the guidance of SNCB Risk Office who has the ultimate governance responsibility on business continuity for SNCB and subsidiaries.

• Sustain an effective organization-wide IT DR program, as the Domain Lead BC/DR has the governance responsibility for IT Disaster recovery in SNCB and its subsidiaries under the guidance and accountability of CISO for SNCB and its subsidiaries.

Oversee the Testing and Exercises

Oversee the conducting of regular drills, exercises, and simulations to test the effectiveness of the business continuity and disaster recovery plans. This helps identify weaknesses and areas for improvement.

The scope of these drills is YPTO wide for Business Continuity and SNCB-wide for IT Disaster recovery and can range from small table-top exercises to larger drills over a weekend, involving the planned disruption of a full chain of applications.

Documentation and Reporting

Maintaining documentation of security and business continuity plans, incident reports, and compliance records. Generating regular reports for senior management and stakeholders to provide visibility into the organization's security and continuity efforts.