Disclaimer Ground Rules
|
|
- Geraldine Black
- 5 years ago
- Views:
Transcription
1 Critical Success Factors in a Complex BCP Development Environment Don Groth Disclaimer Ground Rules The views and opinions expressed today do not necessarily reflect the position of Froedtert and Community Health or Jefferson Wells International, Inc. Any copyrights/trademarks belong to owners... Comments about vendor products or services are intended for illustrative purposes only. BCP Critical Success Factors Case Study What was done How was it done Lessons Learned Success Factors 1
2 BCP Critical Success Factors Success Ability to survive an actual incident Ability to survive a review Internal Audit Regulators Management Case Study The success was due to: Hard work and dedication of hospital staff Simple key factors The factors may be called simple because they are easy to describe; putting these factors in practice may not necessarily be simple. Easy to say tough to do? Business Continuity Planning at Froedtert & Community Health Froedtert & Community Health Milwaukee-based regional hospital system Combination Froedtert Hospital Milwaukee Community Memorial Hospital Menomonee Falls 2
3 Case Study Continuity plan development for Froedtert & Community Health Development of continuity plans for over 60 key clinical, facility, support, and business departments throughout the two hospitals. Linkages to existing Emergency Management / Incident Command Structure and to an IT Disaster Recovery plan. Froedtert Hospital 414 Bed Academic Medical Center Staffed by Medical College of Wisconsin Physicians > 4,500 staff and > 10,000 people on campus The Only Adult Level I Trauma Center in Eastern Wisconsin 3
4 Froedtert Campus Partners Joint Ventures Staffing Medical College Staff Departments Off-campus facilities Community Memorial Hospital 205 bed community hospital >2,000 Staff Staffed by independent physicians Community Memorial Two large clinics Cooperative Ventures Free Standing Ambulatory Surgery Center Independent community physicians Off-campus facilities 4
5 F&CH Environment Recently combined hospitals as F&CH Healthcare considerations Joint Commission on Accreditation of Healthcare Organizations JCAHO Health Insurance Portability and Accountability Act (HIPAA) Existing Memorandum of Understanding HEICS / HICS Environment - continued Emergency management structures Regional disaster drills Downtime procedures IT Environment Many initiatives including data center relocation A number of high availability systems A number of systems managed by clinical and support departments Hot site plan in development Downtime procedures 5
6 Overall Business Environment Everybody is Busy! Why BCP at Froedtert & Community Health? Why? August 2003: Power Failure 6
7 Source - U.S./Canada Power Outage Task Force report F&CH Business Continuity Project Began early 2004 Board directive It s not a question of if we do this. The only question is how should we do it. Mandate - Not just an IT plan F&CH Business Continuity Project Coordinate Business Continuity Planning Emergency Management IT Disaster Recovery Consider Prior Threat Assessments, Risk Assessments, and Hazard Analyses 7
8 Project Organization Chart Timeline Au Oc De Ma Au Oc Ma Ju J Se No De Ja Fe Ma Ap Ju J Se No Ja Fe INITIAL PROJECT SCOPING BIA THREAT ASSESSMENT RECOVERY STRATEGIES BUSINESS CONTINUITY PLAN DEVELOPMENT MAINTENANCE AND EXERCISING Scoping Set project scope Determined departments to include / exclude Grouped departments Selected department staff 8
9 Scoping Lessons Departments Combining departments About staff BIA Facilitated working sessions Groups of departments Identified critical IT systems Resources Tangible Intangible assessment Detailed calculations RTO & RPO BIA Multiple steps Made detailed estimates only for systems and resources with High / Medium Impacts Consolidation 9
10 Step 1 Identification of Key Systems / Resources Step 2 Detailed Estimates Scales 10
11 BIA Consolidation To provide management with estimated impacts To provide IT with system RTOs To identify the most significant resources Avoid double counting Recognize significance of department / process impacted Judgment required BIA Lessons Grouping of departments People will respond differently Time Intangible vs. Tangible Impact Surprises about systems Work sessions Threat Assessment Timing Critical Global Resources Electric Power (utility & emergency), Fire Detection Systems, Medical Gas, Natural Gas, Steam, Telecom, Water Supply, Waste Water Identified Threats Impacts, Probability, Vulnerability 11
12 Threat Assessment Lessons Actual incidents Water Assumptions Strategy Selection Mitigation Strategies Global resources with vulnerabilities identified in Threat Assessment Hardening Strategies Work Around strategies Other Resources (Not Global) In-place Strategies Published Recommended Strategies Budget process Strategy Selection Lessons Ownership of solutions Tie strategies to budget process Executive Support And then 12
13 Reality Check # 1: July 2005 Brief power failure at Community Memorial Renewed enthusiasm Department Plan Development Working sessions to create department plans Remember that everybody is busy allow plenty of time Department Plan Development Two sets of working sessions Provided sample plan and templates Contact information BIA Strategies Vendors Forms Recovery procedures, and then 13
14 Reality Check # 2: December hour power failure at Froedtert Renewed enthusiasm Department Plan Development Lessons Time Stories Use what you have but it is probably not enough Executive support And then Reality Check # 3: Thursday March 9, ,000,000 gallons of water flood the power plant and steam tunnels at the Milwaukee County Grounds. It appears to have been a pretty catastrophic blowout, says George Torres, County Public Works Director. 14
15 Reality Check # 3: Initial report The basement of the electric power plant that supplies power and steam to the hospital and clinics is filling with water The walls may buckle There is a substantial leak in the water main Water pressure is declining affecting: drinking water sanitation water central vacuum pressure steam Reality Check # 3: Continued Maintenance crews have not been able to isolate the leak May have to take the plant out of service for an extended period of time Could have to evacuate approximately 400 inpatients hundreds of outpatients all staff It could be weeks for the problem to be identified and repaired. 15
16 Lessons Learned Threat Assessment conclusions - reinforced Water is a critical resource Other organizations were eager to assist Hospitals Ambulance companies Lessons Learned Communications Staff used extensively and was effective, however Media Incident Command Center ICC established quickly Department Command Centers Plan Exercises Individual departments Tabletop exercise / plan review Participants Department staff (1 10) Safety Facilitators Scenario Action Plans 16
17 Lessons Learned Be flexible Training opportunity Challenge / validate Raise the bar Stories Have participants tell their stories Use the stories with others Current State Transitioning from project to program Incident command integration Strategies for critical resources Program expansion Transition From Project to Program BCP Plan Development BCP Program Business Impact Analysis Threat Assessment Plan Development Light the Fire Integrate with Incident Command Exercise Maintain Plans Ongoing funding and resources Keep it Fueled 17
18 Success Factors Executive Mandate and Executive Support Existing Emergency Management Experience Steering Committee Culture Patient Care Terminology Leveraging NIMS Alert - Compliance and day-to-day operations NIMS Alert - Compliance and dayto-day operations From the August 17, 2005, NIMS Alert The requirement to adopt and implement NIMS and ICS means NIMS and ICS for incident management every day. Those who don t are not NIMS compliant. Success Factors Pilot Real incidents Leverage actual Incidents Lessons Learned Sessions for staff Reinforce the need to plan They will tell us what to do We will do whatever it takes 18
19 Success Factors - Linkages Emergency Management Plans IT Disaster Recovery Regional Partners BCP Success Factors GETS Government Emergency Telecommunications Service (GETS) Participant profile / skills Familiar with department processes Department decision maker And computer skills Success Factors Persistence We can do anything we want as long as we stick to it long enough. - Helen Keller Even if you are on the right track, you will be run over if you just sit there. - Will Rodgers 19
20 Success Factors Always Serve Good Food! Final Thoughts Just because you re paranoid, it doesn t mean that people aren t out to get you. - Unknown The reason for time is to avoid doing everything at once. - Albert Einstein Questions Jefferson Wells or don.groth@jeffersonwells.com 20
21 Jefferson Wells Headquartered in Milwaukee, WI Founded in 1995 More than 45 offices Over 2,500 employees Subsidiary of Manpower Inc. Provides services in the areas of: Internal Audit and Controls Technology Risk Management Finance and Accounting Tax Don Groth Jefferson Wells - Technology Risk Management Services CBCP, CISA, CIA Member of BRPASW, IIA, ISACA, Infragard or Don.Groth@jefffersonwells.com 21
Introduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationA Practical Guide to Avoiding Disasters in Mission-Critical Facilities. What is a Disaster? Associated Business Issues.
A Practical Guide to Avoiding Disasters in Mission-Critical Facilities Todd Bermont What is a Disaster? An event that can unexpectedly impact the continuity of your business Anything that injures or has
More informationBusiness Continuity Planning
Business Continuity Planning The Unexpected Happens Be Ready Copyright -Business Survival Partners, llc. 2011 - All Rights Reserved www.survivalpartners.biz RISK 2 Risks to National Security A secure and
More informationDisaster Recovery and Business Continuity Planning (Mile2)
Disaster Recovery and Business Continuity Planning (Mile2) Course Number: DRBCP Length: 4 Day(s) Certification Exam This course will help you prepare for the following exams: ABCP: Associate Business Continuity
More informationBusiness Continuity Management Standards A Side-by-Side Comparison
Business Continuity Standards A Side-by-Side Comparison By Brian Zawada (CBCP) & Jared Schwartz (CBCP) Whether your organization has begun a grassroots initiative to develop a business continuity plan
More informationBusiness Continuity - An Inside Perspective
Business Continuity - An Inside Perspective Tom McIlvaine Business Continuity Manager May 24, 2011 Agenda Where It All Begins Private Sector & Government Applicability Business Continuity Planning A Corporate
More informationIntroduction. Overview. Every Crisis Management Team Needs a Critical Decision Checklist. Presented by Roseanne Rostron, CBCP President Raido Response
Every Crisis Management Team Needs a Critical Decision Checklist Presented by Roseanne Rostron, CBCP President Raido Response Tuesday, May 9, 2006 Introduction Roseanne Rostron, CBCP - President Raido
More informationINFORMATION SECURITY- DISASTER RECOVERY
Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy
More informationEmergency Management & Disaster Planning
Emergency Management & Disaster Planning What we re going to talk about What is Emergency Management and Disaster Planning? What are the key elements of an EM Plan? Where does the University Architect
More informationFlorida State University
Florida State University Disaster Recovery & Business Continuity Planning Overview October 24, 2017 1 Key Readiness Questions Has your department identified the business functions and infrastructure that
More information9/18/2017 PLANS STRATEGIES AND TOOLS. SAHRA: The 5 Ways to Improve Emergency Management and Business Continuity Plans 9/20/17 3 PRESENTATION AGENDA
PLANS The 5 Ways to Improve STRATEGIES AND TOOLS Emergency Management and Business Continuity Plans PRESENTATION AGENDA Ice Breaker What steps would you take after a flood? 5 Ways to improve emergency
More informationEMERGENCY MANAGEMENT
CSU The California State University Office of Audit and Advisory Services EMERGENCY MANAGEMENT California State University, Dominguez Hills Audit Report 16-43 August 30, 2016 EXECUTIVE SUMMARY OBJECTIVE
More informationTSA/FTA Security and Emergency Management Action Items for Transit Agencies
TSA/FTA Security and Emergency Management Action Items for Transit Agencies AACTION ITEM LIST Management and Accountability 1. Establish Written System Security Programs and Emergency Management Plans:
More informationa publication of the health care compliance association MARCH 2018
hcca-info.org Compliance TODAY a publication of the health care compliance association MARCH 2018 On improv and improving communication an interview with Alan Alda This article, published in Compliance
More informationThe simplified guide to. HIPAA compliance
The simplified guide to HIPAA compliance Introduction HIPAA, the Health Insurance Portability and Accountability Act, sets the legal requirements for protecting sensitive patient data. It s also an act
More informationMassMutual Business Continuity Disclosure Statement
MassMutual Business Continuity Disclosure Statement Overview Resiliency is a high priority at Massachusetts Mutual Life Insurance Company ( MassMutual or the Company ). To that end, significant investments
More informationINTERNAL AUDIT DIVISION REPORT 2017/138
INTERNAL AUDIT DIVISION REPORT 2017/138 Audit of business continuity in the United Nations Organization Stabilization Mission in the Democratic Republic of the Congo There was a need to implement the business
More informationBuilding the Business Case for Emergency Notification
Building the Business Case for Emergency Notification Presented by Michelle Gjerde, Marketing Director Amcom Software The Big Picture The fast growing BCM software market includes four components: Business
More informationCritical Infrastructure Assessment
Critical Infrastructure Assessment Everyday the products and services that support our standard of living flow, almost seamlessly, to and from our homes, communities, and government. Making this possible
More informationContinuity of Operations During Disasters: Electronic Systems and Medical Records
Idaho Health Care Association Continuity of Operations During Disasters: Electronic Systems and Medical Records Philip Niemer, MBA, MS, HEM Director Operational Continuity & Emergency Management Children
More informationUF CEMP Support Group Annex: Public Safety
UF CEMP Support Group Annex: Public Safety Lead Representatives University of Supporting Departments External Partners Enrollment Management Shands Hospital Safety & Security Alachua County Emergency Management
More informationTSC Business Continuity & Disaster Recovery Session
TSC Business Continuity & Disaster Recovery Session Mohamed Ashmawy Infrastructure Consulting Pursuit Hewlett-Packard Enterprise Saudi Arabia Mohamed.ashmawy@hpe.com Session Objectives and Outcomes Objectives
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More information2015 HFMA What Healthcare Can Learn from the Banking Industry
2015 HFMA What Healthcare Can Learn from the Banking Industry Agenda Introduction- Background and Experience Healthcare vs. Banking The Results OCR Audit Results Healthcare vs. Banking The Theories Practical
More informationSTRATEGIC PLAN. USF Emergency Management
2016-2020 STRATEGIC PLAN USF Emergency Management This page intentionally left blank. Organization Overview The Department of Emergency Management (EM) is a USF System-wide function based out of the Tampa
More informationSouth East Region THIRA
South East Region THIRA The THIRA follows a four-step process, as described in Comprehensive Preparedness Guide 201, Second Edition: 1. Identify the Threats and Hazards of Concern. Based on a combination
More informationImplementing a Global Business
GLOBAL OPERATIONS Implementing a Global Business Continuity Management Program Disaster Recovery Journal Spring World 2010 Conference Pfizer Inc. Managing Business Continuity on a Global Scale This presentation
More informationEmergency Preparedness Planning. The Office
Emergency Preparedness Planning The Office Terms COOP = Continuity of Operations (gov t speak for BCP) BCP = Business Continuity Plan or Planning BCM = Business Continuity Management Business = Any organization
More information2 ESF 2 Communications
2 ESF 2 Communications THIS PAGE LEFT BLANK INTENTIONALLY Table of Contents 1 Introduction... 1 1.1 Purpose and Scope... 1 1.2 Relationship to Other ESF Annexes... 1 1.3 Policies and Agreements... 1 2
More informationFY Janette Pell Department Director. Information and Communications Technology. Administration and Finance
FY 2018 19 Janette Pell Department Director Administration and Finance Capital Projects Facilities and Real Estate Management Fleet Operations Information and Communications Technology Purchasing, Surplus
More informationCorporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates
Corporate Security & Emergency Management Summary of Submitted 2015 From Rates Service Expense 2014 2015 Revised Non Tax Revenue Net Tax Supported Expense Draft Non Tax Revenue Net Tax Supported Increase
More informationThe Windstream Enterprise Advantage for Healthcare
The Windstream Enterprise Advantage for Healthcare Creating personalized healthcare experiences with secure and reliable cloud-optimized IT communications so you can focus on providing a connected, interoperable
More informationBCP At Bangkok Bank, Thailand
BCP At Bangkok Bank, Thailand Bhakorn Vanuptikul, BCCE Executive Vice President Bangkok Bank Public Company Limited 10 May 2012 1 Agenda Business Continuity Management at Bangkok Bank Success Factors in
More informationBundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.
Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved FlyntGroup.com Flynt Group White Paper Bundling Arrows: Making a Business
More informationFLOOD VULNERABILITY ASSESSMENT FOR CRITICAL FACILITIES
FLOOD VULNERABILITY ASSESSMENT FOR CRITICAL FACILITIES Lisa Graff GIS Team Manager Prairie Research Institute Illinois State Water Survey University of Illinois OUTLINE Motivation Project details Partners
More informationNovember 14, Emergency Management and Hurricane Irma. Florida Human Resources People and Strategy (FLHRPS)
November 14, 2017 Emergency Management and Hurricane Irma Florida Human Resources People and Strategy (FLHRPS) 1 Agenda Hurricane Irma recap Dianne Merrill Emergency Management Process Susan Mueller Lessons
More informationDirective on Security of Network and Information Systems
European Commission - Fact Sheet Directive on Security of Network and Information Systems Brussels, 6 July 2016 Questions and Answers The European Parliament's plenary adopted today the Directive on Security
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationEMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY
EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY PRIMARY AGENCY: SUPPORT AGENCIES: Savannah-Chatham Metropolitan Police Department Armstrong-Atlantic Campus Police Department Bloomingdale
More informationMANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors
Page 1 of 6 Applies to: faculty staff students student employees visitors contractors Effective Date of This Revision: June 1, 2018 Contact for More Information: HIPAA Privacy Officer Board Policy Administrative
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationContinuity of Business
White Paper Continuity of Business SAS Continuity of Business initiative reflects our commitment to our employees, to our customers, and to all of the stakeholders in our global business community to be
More informationBusiness Continuity An Integral Part of Risk Management At Constellation Energy
Business Continuity An Integral Part of Risk Management At Constellation Energy World Disaster Management Conference Toronto, Canada June 19, 2006 Robert W. Cornelius Director Business Continuity Operating
More informationContracting for an IT General Controls Audit
Contracting for an IT General Controls Audit Lori Schubert, C.P.A. Internal Audit Manager age Waukesha County (WI) lschubert@waukeshacounty.gov Overview of Presentation Description of Waukesha County Information
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationNational Level Exercise 2018 After-Action Findings
National Level Exercise 2018 After-Action Findings National Level Exercise (NLE) 2018 examined the ability of all levels of government, private industry, and nongovernmental organizations to protect against,
More informationThe Role of IT in HIPAA Security & Compliance
The Role of IT in HIPAA Security & Compliance Mario Cruz OFMQ Chief Information Officer For audio, you must use your phone: Step 1: Call (866) 906-0123. Step 2: Enter code 2071585#. Mario Cruz Mario Cruz
More informationOperationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationEmergencies: Protecting Staff & Assets. Presented By: Tom Heebner, CSP, ARM, ABCP AVP / Risk Consultant HUB International Limited
Emergencies: Protecting Staff & Assets Presented By: Tom Heebner, CSP, ARM, ABCP AVP / Risk Consultant HUB International Limited Agenda Why is Planning Important? Lessons Learned From Recent Events The
More informationPREPARING FOR SOC CHANGES. AN ARMANINO WHITE PAPER By Liam Collins, Partner-In-Charge, SOC Audit Practice
PREPARING FOR SOC CHANGES AN ARMANINO WHITE PAPER By Liam Collins, Partner-In-Charge, SOC Audit Practice On May 1, 2017, SSAE 18 went into effect and superseded SSAE 16. The following information is here
More informationRequest for Proposal. I. Introduction. II. Scope of Work. IT Managed Services Support. IT Environment. Main Facility
Request for Proposal IT Managed Services Support I. Introduction The Hoh Indian Tribe ( Tribe or Hoh Tribe ) is located in western Washington State in Jefferson County, 28 miles South of Forks, Washington.
More informationBirmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018
1.0 Executive Summary Birmingham Community Healthcare NHS Foundation Trust 2017/17 Data Security and Protection Requirements March 2018 The Trust has received a request from NHS Improvement (NHSI) to self-assess
More informationSAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx
SAMPLE REPORT Business Continuity Gap Analysis Report Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx COMMERCIAL-IN-CONFIDENCE PAGE 1 OF 11 Contact Details CSC Contacts CSC
More informationPOWERING NETWORK RESILIENCY WITH UPS LIFECYCLE MANAGEMENT
POWERING NETWORK RESILIENCY WITH UPS LIFECYCLE MANAGEMENT Network downtime is a business disrupter, cutting off communication between employees and customers, bringing service delivery to a halt. Yet all
More informationPublic Safety Canada. Audit of the Business Continuity Planning Program
Public Safety Canada Audit of the Business Continuity Planning Program October 2016 Her Majesty the Queen in Right of Canada, 2016 Cat: PS4-208/2016E-PDF ISBN: 978-0-660-06766-7 This material may be freely
More informationBusiness Continuity: How to Keep City Departments in Business after a Disaster
Business Continuity: How to Keep City Departments in Business after a Disaster Shannon Spence, PE Red Oak Consulting, an ARCADIS group Agenda Security, Resilience and All Hazards The Hazards Cycle and
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationUL and Business Continuity
UL and Business Continuity David Stowe, CBCP Business Continuity Manager APEC EPWG Workshop: Private Sector Emergency Preparedness Hotel Monterey Sendai 3 rd August 2011 2011 Underwriters Laboratories
More informationExploring the Maturity of Risk Management Process in Government: An Integrated ERM Model at the U.S. Department of Education
Exploring the Maturity of Risk Management Process in Government: An Integrated ERM Model at the U.S. Department of Education FEDERAL STUDENT AID ENTERPRISE RISK MANAGEMENT GROUP Cynthia Vitters 1. ERM
More informationBackup, Disaster Recovery: Defining & Managing Your Risk. Dave Kinsey - 5/9/17
Backup, Disaster Recovery: Defining & Managing Your Risk Dave Kinsey - 5/9/17 Smart Business... also, generally a Compliance Requirement Shareholders generally do and absolutely should care that backup
More informationISO 22301: An Overview of BCM Implementation Process. Presenter: Dejan Kosutic
ISO 22301: An Overview of BCM Implementation Process Presenter: Dejan Kosutic GoToWebinar Control Panel Open and close your Panel View, Select, and Test your audio Submit text questions they will be addressed
More informationKansas City s Metropolitan Emergency Information System (MEIS)
Information- Sharing Interagency Cooperation Resources Management Law Enforcement Fire Emergency Medical Services Public Health Private Sector Kansas City s Metropolitan Emergency Information System (MEIS)
More informationIntegration of Business Continuity, Emergency Preparedness, and Emergency Response
Integration of Business Continuity, Emergency Preparedness, and Emergency Response Continuity Insights Conference 2014 Julia Halsne Manager of Business Continuity East Bay Municipal Utility District Contents
More informationISO 22301: An Overview of BCM Implementation Process. Presenter: Dejan Kosutic
ISO 22301: An Overview of BCM Implementation Process Presenter: Dejan Kosutic GoToWebinar Control Panel Open and close your Panel View, Select, and Test your audio Submit text questions they will be addressed
More informationDisaster Recovery and HIPAA Compliance
Disaster Recovery and HIPAA Compliance Marti Arvin, JD, CHC-F, CCEP-F, CHPC, CHRC VP Audit Strategies CynergisTek won the 2017 Best in KLAS Award for Cyber Security Advisory Services CynergisTek was recognized
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationFor ACP-South Texas chapter program meeting in October 2012 only. Do not cite, copy or distribute without the author's consent. 1
Agenda Company and Program Overview The 4Ps of DR Planning People Property Process Performance Application Lifecycle Management Angela Mestre, MPH, MBA, CBCP, CISA, PMP Education Director, ACP - South
More informationCOMMUNICATIONS EMERGENCY SUPPORT FUNCTION (ESF #2) FORMERLLY COMMUNICATIONS AND WARNING
ICS Category: Operations ESF # 2 Responsible for the EOC message center, providing working radio & telephone equipment, and providing warning to vulnerable facilities Reports to the emergency management
More informationAuditing and Monitoring for HIPAA Compliance. HCCA COMPLIANCE INSTITUTE 2003 April, Presented by: Suzie Draper Sheryl Vacca, CHC
Auditing and Monitoring for HIPAA Compliance HCCA COMPLIANCE INSTITUTE 2003 April, 2003 Presented by: Suzie Draper Sheryl Vacca, CHC 1 The Elements of Corporate Compliance Program There are seven key elements
More informationThe J100 RAMCAP Method
The J100 RAMCAP Method 2012 ORWARN Conference Kevin M. Morley, PhD Security & Preparedness Program Manager AWWA--Washington, DC Water is Key to Daily Life Potable drinking water Sanitation Public Health
More informationREPORT 2015/149 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results
More informationSOLUTION BRIEF Virtual CISO
SOLUTION BRIEF Virtual CISO programs that prepare you for tomorrow s threats today Organizations often find themselves in a vise between ever-evolving cyber threats and regulatory requirements that tighten
More informationDrinking Water Emergency Management Ministry of the Environment 2012 Drinking Water Leadership Summit October 25, 2012
Drinking Water Emergency Management Ministry of the Environment 2012 Drinking Water Leadership Summit October 25, 2012 Christine Campbell Team Leader, Drinking Water Emergency Planning Ministry of the
More informationThe Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft
The Project Charter Project Title: VDI Data Center Design and Build Project Sponsor: South Alberta Data Centers Inc. (SADC Inc.) Project Customer: The City of Calgary Project Manager: Moe Yousof Document
More informationNORTH CAROLINA NC MRITE. Nominating Category: Enterprise IT Management Initiatives
NORTH CAROLINA MANAGING RISK IN THE INFORMATION TECHNOLOGY ENTERPRISE NC MRITE Nominating Category: Nominator: Ann V. Garrett Chief Security and Risk Officer State of North Carolina Office of Information
More informationNHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy
NHS Gloucestershire Clinical Commissioning Group 1 Document Control Title of Document Gloucestershire CCG Author A Ewens (Emergency Planning and Business Continuity Officer) Review Date February 2017 Classification
More informationBUSINESS CONTINUITY. Topics covered in this checklist include: General Planning
BUSINESS CONTINUITY Natural and manmade disasters are happening with alarming regularity. If your organization doesn t have a great business continuity plan the repercussions will range from guaranteed
More information2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification
2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification Presenters Jared Hamilton CISSP CCSK, CCSFP, MCSE:S Healthcare Cybersecurity Leader, Crowe Horwath Erika Del Giudice CISA, CRISC,
More informationRailroad Infrastructure Security
TRB Annual Meeting January 14, 2002 Session 107 - Railroad Security William C. Thompson william.thompson@jacobs.com 402-697-5011 Thanks to: Bob Ulrich Dr. William Harris Byron Ratcliff Frank Thigpen John
More informationCommunity-Based Water Resiliency
Community-Based Water Resiliency Helping Water Utilities Build Stronger Communities Presentation to the Mid-Atlantic APWA Chapter Conference Virginia Beach, VA May 10, 2013 What is Community-Based Water
More informationHow to Derive Value from Business Continuity Planning
How to Derive Value from Continuity Planning Presented by Randall J. Till, Principal Till Continuity Group Spring World 2011 Disaster Recovery Journal March 28, 2011 1 BCM Challenges BCM funding is limited
More informationTable of Contents. Sample
TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION... 4 1.1 GOALS AND OBJECTIVES... 5 1.2 REQUIRED REVIEW... 5 1.3 APPLICABILITY... 5 1.4 ROLES AND RESPONSIBILITIES SENIOR MANAGEMENT AND BOARD OF DIRECTORS...
More informationA Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist
A Survival Guide to Continuity of Operations David B. Little Senior Principal Product Specialist Customer Perspective: Recovery Time & Objective Asynchronous Replication Synchronous Replication WAN Clustering
More informationASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat
ASEAN COOPERATION ON DISASTER MANAGEMENT Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat AADMER - FOR A MORE UNITED AND COORDINATED RESPONSE TOWARD DISASTERS WITHIN THE REGION
More informationPlanning for Power Failures
David Stymiest, P.E., CHFM, FASHE Senior Consultant Compliance and Facilities Management Smith Seckman Reid, Inc. DStymiest@ssr-inc.com This paper was originally delivered at the ASHE 44 th Annual Conference,
More informationDeveloping a Holistic Strategy To Achieve Community Health Resilience
Developing a Holistic Strategy To Achieve Community Health Resilience Paula Scalingi, Director Pacific Northwest Center for Regional Disaster Resilience Pacific Northwest Border Health Alliance Seventh
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationHow Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq.
How Secure Do You Feel About Your HIPAA Compliance Plan? Daniel F. Shay, Esq. Word Count: 2,268 Physician practices have lived with the reality of HIPAA for over twenty years. In that time, it has likely
More information4) Organization NPI (Can be retrieved from the NPPES NPI Registry here: https://npiregistry.cms.hhs.gov/):
Mass HIway Connection Requirement Attestation Form Year 2 Atestation Mass HIway Form Connection Year 1 Requirement Mass HIway Connection Requirement Purpose: This Attestation Form shall be completed by
More informationPublic and Private Interdependencies Filling a Gap in Most Continuity Plans
Public and Private Interdependencies Filling a Gap in Most Continuity Plans John A Jackson Executive Vice President Fusion Risk Management, Inc. The evolution of the continuity industrytechnology advancement
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationSection 1 Metrics: Community Adoption
FY07 NIMS Compliance Metrics: Local/Tribal Section 1 Metrics: Community Adoption Compliance Requirement: Adopt NIMS at the community level for all government departments and agencies; as well as promote
More informationSE Engineering, PC strives to be a leader in the power system engineering field by providing our customers with the highest level of quality,
SE Engineering, PC strives to be a leader in the power system engineering field by providing our customers with the highest level of quality, integrity, and innovation. Our mission is to offer the safest,
More informationChecklist for Applying ISO 27000, PCI DSS v2 & NIST to Address HIPAA & HITECH Mandates. Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP)
Checklist for Applying ISO 27000, PCI DSS v2 & NIST to Address HIPAA & HITECH Mandates Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP) ecfirst, chief executive Member, InfraGard Compliance Mandates Key Regulations
More informationWashington Metropolitan Area Transit Authority Board Action/Information Summary
Washington Metropolitan Area Transit Authority Board Action/Information Summary Action Information MEAD Number: 201697 Resolution: Yes No TITLE: MTPD Security Updates PRESENTATION SUMMARY: The Metro Transit
More informationCommissioning In Healthcare
Commissioning In Healthcare Joseph Lorino, PE, LEED AP, NewYork-Presbyterian Hospital Evan Wyner, PE, CCP, Strategic Building Solutions 21 st National Conference on Building Commissioning AIA Quality Assurance
More informationConsensus Report: EMAC and EMS Resources for National Disaster Response. (from the June 20, 2007 EMS Stakeholders Meeting in Arlington, VA)
NASEMSO February 26, 2008 Consensus Report: EMAC and EMS Resources for National Disaster Response (from the June 20, 2007 EMS Stakeholders Meeting in Arlington, VA) National Association of State Emergency
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationCanadian Association of Fire Chiefs Partnerships Toward Safer Communities PROGRAM OVERVIEW
Canadian Association of Fire Chiefs Partnerships Toward Safer Communities PROGRAM OVERVIEW Partnerships Toward Safer Communities Working Group / Chris Anderson October, 2003 Presentation Outline PTSC Program
More information