International Trends in Business Continuity & Emergency Response

Similar documents
BCP Certification for the Public Sector Professional

The Value of Certification with DRI International Presented by Chloe Demrovsky Director of Global Operations, DRI International

DRI Professional Practices: What Has Changed and What It Means For You THE WEBINAR WILL BEGIN IN SHORTLY. PLEASE STAND BY.

Global Statement of Business Continuity

Resilience is a competitive advantage: How to be a reliable supplier

An Introduction for the ACP LA Chapter August 11, 2015

Preparedness & BCP Resources: Strategies for Spreading BCP

MassMutual Business Continuity Disclosure Statement

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Table of Contents. Sample

Business Continuity: How to Keep City Departments in Business after a Disaster

Business Continuity Planning

Risk Management. Continuity Management

UL and Business Continuity

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Building a BC/DR Control Library and Regulatory Response Program

Driving Global Resilience

Global Security Consulting Services, compliancy and risk asessment services

Deciphering Overlapping Standards and Requirements, Using the BCP Genome

The UNISDR Private Sector Alliance for Disaster Resilient Societies

Business Continuity - An Inside Perspective

What Why Value Methods

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

Current Issues and Careers in BCP. Al Berman, President DRI International

TABLE OF CONTENTS ONLY IT Resiliency Benchmarking Report

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Disaster Recovery and Business Continuity Planning (Mile2)

Parkroyalon Kitchener Road 5th December 2007

Introduction to Business Continuity Management

Cybersecurity and Data Protection Developments

ASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Security Guideline for the Electricity Sector: Business Processes and Operations Continuity

Plan of action for Implementation of the Sendai Framework for Disaster Risk Reduction in Central Asia and South Caucasus Region

Kansas City s Metropolitan Emergency Information System (MEIS)

BENEFITS of MEMBERSHIP FOR YOUR INSTITUTION

Promoting the Art and Science of Business Continuity Management Worldwide. Partner of the DRJ

Discussion on MS contribution to the WP2018

Florida State University

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

How to Build Resilience through Effective & Practical Partnerships. Partnerships in Resilience

Developing a Holistic Strategy To Achieve Community Health Resilience

Global Crisis Management at Target

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

All-Hazards Approach to Water Sector Security & Preparedness ANSI-HSSP Arlington, VA November 9, 2011

Statement for the Record

Building resilience. Delivering assurance.

DISASTER RISK REDUCTION (DRR) AMBASSADOR CURRICULUM

Verso ilnuovostandard ISO (BS25999) sullabusiness Continuity Scenari e opportunità

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

Global Crisis Management at Target

The U.S. Manufacturing Extension Partnership - MEP

EMERGENCY MANAGEMENT

How Organizations Are Effectively Leveraging BCM Benchmarking Data. October 7, 2014

Department of Homeland Security Updates

Mitigation Framework Leadership Group (MitFLG) Charter DRAFT

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

Cybersecurity Overview

Are Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments

Grid Security & NERC

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Laws Influence Business Continuity and Disaster Recovery Planning Among Industries

Welcome to the AEMA Regional Outreach

Hazard Management Cayman Islands

Resolution adopted by the General Assembly on 14 December [without reference to a Main Committee (A/61/L.44 and Add.1)]

Emergency Management & Disaster Planning

June 5, 2018 Independence, Ohio

HENRY EE, FBCI, CBCP

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

THE AUSTRALIA INDONESIA DISASTER REDUCTION FACILITY

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

The J100 RAMCAP Method

Business Resilience & Incident Response Are You Ready?

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Walmart Resiliency NCEM ECU Hurricane Conference May 2016

Safe and Reliable Service at Just and Reasonable Rates: The Economics of Storm Hardening

Business Continuity Management

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

New York City Emergency Management Public/Private Collaboration and Support

When Recognition Matters WHITEPAPER ISO SUPPLY CHAIN SECURITY MANAGEMENT SYSTEMS.

Forward. 1. Purpose. Page 1 of 5 Revision Date

Alternative Fuel Vehicles in State Energy Assurance Planning

Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery

Data Recovery Policy

Cybersecurity for the Electric Grid

Public and Private Interdependencies Filling a Gap in Most Continuity Plans

HFA Implementation Review Simplified Version for ACDR2010

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

Chapter 1. Chapter 2. Chapter 3

UPU UNIVERSAL POSTAL UNION. CA C 4 SDPG AHG DRM Doc 3. Original: English COUNCIL OF ADMINISTRATION. Committee 4 Development Cooperation

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018

Private sector s engagement in the implementation of the Sendai Framework

MALAYSIA. Norhisham Kamarudin National Security Council Prime Minister s Department. HFA Implementation Progress in Malaysia

Security Program Design:

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

The Office of Infrastructure Protection

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

EXECUTIVE ORDER Chemical Facility Safety and Security: Providing ProtecFon Reduces Risk

Transcription:

International Trends in Business Continuity & Emergency Response Presented by Director of Global Operations Chloe Demrovsky of DRI International For Continuity Insights November 13, 2012

DRI International A Global Non-Profit Organization founded in 1988 The Industry s Premier Education & Certification Program Body Committed to: - Promoting a base of common knowledge for the continuity management industry - Certifying qualified individuals in the discipline of Business Continuity - Promoting the credibility and professionalism of certified individuals - 2 -

DRI International Truly International DRI has Certified INDIVIDUALS in over 100 Countries DRI conducts training courses in over 45 countries Since 2009, DRI taught more students outside the US than within the US More individuals are certified by DRI International than all other organizations in our industry combined (Over 9,600 active individuals as of October 2011) Since 1988, more than 25,000 individuals have held a DRI certification DRI Certifies individuals in English, Spanish, French, Italian, Japanese, Mandarin and Russian DRI International teaches in English, French, Spanish, Portuguese, Mandarin, Japanese, Italian and Russian - 3 -

Europe: Presented at the Interparliamentary Center for Parliamentary Studies (Belgium) and IV BSI Conferencia de BS25999 (Spain) DRI International Truly International UAE: Member of Standards Committee Advisory Team APEC: Only Business Continuity Certification Recognized by the Asian Pacific Economic Cooperation DRI Canada is a member of the Technical Committee for the CSA Z1600 Standard for Emergency Management & Business Continuity Japan: Signatory to Japanese Joint Aid Agreement DRI International Standard cited by Financial Industry Regulatory Agency (FINRA) & NFPA1600 Malaysia: Annual DRI conference in collaboration with the Ministry of Science, Technology and Innovation s Cyber Security Malaysia to promote BCM Singapore: Official BCM education partner for the governmentsponsored Singapore Business Federation

Government Organization Collaboration United States Chaired the Alfred P. Sloan Committee that drafted the Framework for Preparedness that has been the foundation for the Title IX Implementation Meeting with Special Assistant to The President for Homeland Security Standards Policy Member of: U.S. Chamber of Commerce Homeland Security Task Force Council of Experts for ANSI-ANAB who will set the credentialing standard for certifying bodies for PS-Prep FEMA National Advisory Council Private Sector Subcommittee Advisory Committee for Congressionally funded Project for National Security Reform National Preparedness Month Coalition - 5 -

DRI International Non-Governmental Organization Collaboration Non-Government Collaboration Other Partnerships Member of the NFPA 1600 Technical Committee Member of the BS25999 ASIS Technical Committee Participant RIMS (Risk Insurance Managers Society) PERK (Professional Exchange of Risk Knowledge) Program Cooperative Education Credit Sharing with ISACA (Information Systems Audit and Control Association) Cooperative Education Credit Sharing with IC2 ASFHS Education and Sponsorship CPE Sponsorship ACP Sponsorship CPM Joint Sponsorship Safe America Habitat for Humanity Second Harvest The Mahila Partnership Audit Course Development and Training for Auditors with NFPA (National Fire Prevention Association) - 6 -

BCM Programs led by DRI Certified Professionals Deloitte & Touche Booz Allen PricewaterhouseCoopers Ernst & Young KPMG Marsh Accenture Navigant Computer Sciences Corporation IBM Johnson Consulting Jefferson Wells EDS Protiviti SAIC Perot EDS SunGard AIG Morgan Stanley American Express AG Edwards Citigroup Wells Fargo Bank of America Wachovia Washington Mutual JPMorgan Chase Nationwide Fidelity Vanguard Merrill Lynch Franklin Templeton VISA NY Life Pfizer Goodyear Genetech Georgia Pacific Nokia Hitachi Verizon Shering Plough Fujitsu AT&T BP Sprint Chevron Texaco Ericsson Raytheon Siemens Starbucks Coffee Company Nestle Toyota Target Corning ConocoPhillips Starwood Hotels & Resorts American Airlines Pitney Bowes Northrop Grumman General Dynamics Unilever Coca-Cola Caterpillar Inc. Pepsi-Cola Anheuser Busch Inc. Monsanto Sun Microsystems NC State Ace Hardware Corporation Blockbuster Inc. The University of Texas Penn State Columbia Yale Northwestern University of Illinois University of Miami Vanderbilt DePaul University of Oklahoma Carnegie Mellon LSU Michigan State Drexel University George Washington University University of Connecticut NC State University of South Carolina Ohio State US Senate State of Oklahoma City Of Austin Texas NYC Housing Authority US Army Department Of Energy Oregon State Treasury State Of California Dept. of the Air Force City of Philadelphia Federal Reserve State Of Ohio US Navy FBI IRS Department of Veterans Affairs Port Authority of NY & NJ State of Minnesota U.S. Nuclear Regulatory Commission U.S. Treasury - 7 -

DRI International Outreach International Publication International Glossary Create with International Committee of Volunteers Publish in multiple languages New for 2012 Invite National Standards Committees to contribute Conferences Charitable Giving - 8 -

Reasons for Business Continuity

Impressions from Hurricane Sandy Evacuation Response Risk Resistance Hurricane Irene The tolerance that individuals and groups have developed over time for specific risks influences the way they assess and respond to them. Living with a risk leads individuals and communities to take it for granted and discount it, whereas unfamiliar risks are viewed with far greater concern Learning from Catastrophes, Howard Kunreuther Social Media Activity Fastest news source Scares Applications Volunteer organization - 10 -

Reasons for Business Continuity Business continuity director: The Sept. 11 attacks, major natural disasters, the SARS outbreak, and the threat of a pandemic have made more companies take seriously the need for "preparedness planning. Continuity planner In the wake of 9/11, Hurricane Katrina, the 2004 Asian Tsunami, and the 2007 California wildfires, creating a business backup plan has become more crucial than ever. Continuity planners -- individuals trained to help prevent and manage emergency disaster situations -- are increasingly in demand across both government offices and private companies. "Companies learned a hard lesson after 9/11, that they have to plan for disasters not only in their own ` locality," says Dr. Matthew Liotine, director of the emergency management and continuity planning certificate program at the University of Illinois-Chicago. Professionals trained in the field can find positions within both large and midsize companies as well as in government agencies, the Department of Homeland Security being one of the largest employers of continuity planners. Along with a bigger job market for continuity planners is also a bigger paycheck, says Liotine. According to a survey conducted by BC Management, a California-based firm that specializes in recruiting and placing continuity and disaster relief personnel, certified business continuity planners earn an average compensation package (including benefits and bonuses) of over $100,000 per year. - 11 -

Reasons for Business Continuity - 12 -

2011 The Worst of Years - 13 -

2011 A Year of Proving Our Mettle DRI International Had A Record Year for Certification Overall Growth of 34% vs. 2010 Domestic Growth of 20% vs. 2010 International Growth of 74% vs. 2010 2012 Certification is Up vs. 2011-14 -

Reasons for Business Continuity External Drivers Impacts Pressure from audit committees Pressure from financial institutions Pandemic concern New threats & risks since 9/11 Demands from customers Increased regulatory and self-regulated requirements Loss of customers or inability to attract new customers Loss of revenue Decrease in stock value Increase of insurance premiums Loss of assets and employees Regulatory sanctions - 15 -

Business Continuity and Risk Management Cause vs. Effect Risk Management Identifies Threats (Facility, Environmental, Climatic, Geopolitical, Personnel, Business, Technology, etc) Recommends Mitigation Probability Cost of Mitigation BCM What are the Implications of failing to mitigate or prevent Preparation Structure, planning, resources, testing Execution Relocation, operating under duress - 16 -

Combining Disciplines Under the banner of Business Continuity Management Business Continuity (Relocation) Disaster Recovery (IT Recovery and Continuity) Integrated Solution Emergency Response Crisis Management - 17 -

Customer-Involved - 18 -

What drives business continuity? 1 Unique competitive advantage - 19 -

The Regulatory Landscape

Pre-9/11 Post-9/11 Consumer Credit Protection Act OMB Circular A-130 FEMA Guidance Document Paperwork Reduction Act ISO 27002 (Previously ISO17799) FFIEC BCP Handbook Computer Security Act 12 CFR Part 18 Presidential Decision Directive 67 FDA Guidance on Computerized Systems used in Clinical Trials ANSI/NFPA Standard 1600 Turnbull Report (UK) ANAO Best Practice Guide (Australia) SEC Rule 17 a-4 FEMA FPC 65 CAR JHACO Sarbanes-Oxley Safety Act of 2002 HIPAA, Final Security Rule FFIEC BCP Handbook -2003/ 2008 Fair Credit Reporting Act NASD Rule 3510 NERC Security Guidelines FERC Security Standards NAIC Standard on BCP NIST Contingency Planning Guide FRB-OCC-SEC Guidelines for Strengthening the Resilience of US Financial System NYSE Rule 446 California SB 1386 Australia Standards BCM Handbook GAO Potential Terrorist Attacks Guideline Federal and Legislative BC Requirements for IRS Basel Capital Accord MAS Proposed BCP Guidelines (Singapore) NFA Compliance Rule 2-38 FSA Handbook (UK) BCI Standard, PAS 56 (UK) Civil Contingencies Bill (UK)% FCD-1/2 NYS Circular Letter 7 ASIS State of NY FIRM White Paper on CP NISCC Good Practices (Telecomm) Australian Prudential Standard on BCM Bank Act and the Trust and Loan Companies Act - Canada HB221, HB292 BS25999 SS507 SS540 TR19 CA Z1600 ISO/PAS 22399 HiTech Act of 2009 NZ 5050 ISO22301 FINRA 4370 SEC - Compliance Programs Dodd-Frank Wall Street Reform Act NFPA:2010-2013 DRI s 10 Professional Practices Title IX 110-53 1991-2001 2002-Present

The DRI Standard The Ten Professional Practices for Business Continuity Professionals Project Initiation and Management Risk Evaluation and Control Business Impact Analysis Developing Business Continuity Strategies Emergency Response and Operations Developing and Implementing Business Continuity Plans Awareness and Training Programs Maintaining and Exercising Plans Crisis Communications Coordination with External Agencies DRI International is an ANSI-Accredited Standards Development Organization Download the full text for free on our website: www.drii.org - 22 -

- 23 - Property of DRI International

Critical Infocomm Technology Resource Programme (CITREP), a program of the Infocomm Development Authority, creates $30 million grant Objective: accelerate the development of emerging, critical and specialized ICT skills to meet Singapore's IT manpower needs. can apply for CITREP Expanded funding support for endorsed courses and certifications.

ISO 22301 Percentage of respondents to our survey who state that they are considering conforming to ISO 22301-25 -

Public/Private Collaboration

Convergence Why is public/private convergence important? In the US, 85% of all government resources are provided by the private sector Richard Reed Special Assistant to the President for Homeland Security Policy Effective response requires a coordinated effort We must adapt an end-to-end resource model - 27 -

Roles During Business Recovery Recovery - Relocation Public Sector Provide Secured Access to Affected Areas Provide Traffic Control Control Volunteer & Goods Contributions Private & Public Sectors Update Access Control Maintain Communications Status Communicate Command & Control Issues Transition to Private Sector Control Private Sector Initiate Recovery Activities Interface to Vendors & Suppliers Control Staff Usage Communications Restore Operations Notify Insurance Company - 28 -

Convergence Toward More Integrated Public Private Sector Response Communications Reverse 911 (voice and/or text) Subscription Local Government Notification of Incidents Weather Alerts Accident Alerts Testing Activities Web Sites Social Media Government Advisories Government Preparedness Bulletins Government Training Resources - 29 -

Government Outreach - US - 30 -

Government Outreach - UK - 31 -

Government Outreach - China - 32 -

Government Outreach - UAE - 33 -

Public/Private Partnership Activities Toward More Integrated Public Private Sector Response: Drills Natural Disasters Earthquakes Floods Hurricane Sand Storms Industrial Toxic Leaks Oil Explosion - 34 -

Public Private Sector Drills - Canada E A R T H Q U A K E - 35 -

Public Private Sector Drills - US E A R T H Q U A K E - 36 -

Public Private Sector Drills - Japan E A R T H Q U A K E - 37 -

Public Private Sector Drills Singapore/Indonesia F L O O D - 38 -

Public Private Sector Drills US H U R R I C A N E - 39 -

Public Private Sector Drills India I N D U S T R I A L - 40 -

Private Sector Initiatives Government Observing Private Sector: Craig Fugate says he realized the need to work with businesses when he oversaw emergency management in Florida. After hurricanes he watched retailers bring in generators and resume business faster than his own teams could provide substantial help to many residents. We couldn t get where we needed to go, Fugate says. The private sector was better at it than we were. - 41 -

Forums Public / Private Sector Forums: Create Open Dialogue Exchange Ideas Understand Each Others Point of View Ultimate Goal: Better Preparedness Better Response - 42 -

Thank you and For more information visit: http://driconference.org/ Or email: cdemrovsky@drii.org

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback