This presentation, and accompanying White Paper were created to assist organizations combine recovery disciplines into a corporate-wide Enterprise Resiliency organization, consisting of: Emergency Management, Business Continuity Management, and Workplace Violence Prevention. Its aim is to develop a common language and set of tools to support recovery operations. The goal of this process is to improve recovery operations and gain a Corporate Certification stating that the firm meets or exceeds industry best practices in recovery management.
Achieving Enterprise Resiliency and Corporate Certification
1.
2.
3.
4.
5.
6.
7. Business Continuity Management consists of: Contingency Planning; Disaster Recovery; Business Recovery; and Risk Management (whose responsibilities are listed above). Contingency Recovery Planning requires the cooperation of many, if not all, departments within a corporation. Once teams are established, Recovery Plans can be created, tested, and implemented. Personnel must be trained and recovery plans supported and maintained going forward.
8. Recovery Planning became a regulation when OCC-177 was issued. It was part of the Foreign Corrupt Practices Act that came about when Boeing said its financial records for a Korean deal were destroyed. Further regulations came about to protect financial and compliance data from being destroyed via Information Technology and Paper Document storage techniques. With current financial situation, new laws and regulations are expected.
9.
10. The costs of Workplace Violence escalates as you neglect to implement Evacuation and Crisis Management Plans that safeguard personnel. Costs can be reduced by simply implementing Physical Security Guards to protect perimeter and access controls to locations. With economic problems and layoffs increasing, Workplace Violence is expected to rise in direct proportion to the number of people who have lost jobs. This is a very important problem to address and needs immediate attention to safeguard personnel, clients, and the continued operation of the business.
11. Reducing threats, business interruptions, and adhering to compliance requirements is the goal of Enterprise Resilience. Achieving this goal requires the full cooperation of all existing Recovery disciplines and ensuring that all national and local regulations are adhered to. Refer to Homeland Security and the Office of Emergency Management to learn about National Response Plans, while First Responders (Fire / Police) can provide essential local assistance in developing Recovery Plans that will best protect people, customers, suppliers, and business operations.
12.
13.
14.
15. Emergency Management Planning is comprised of the above groups and is responsible for developing recovery plans that protect the organization from disaster events and threats. Additionally, community outreach and emergency response development are main concerns for Emergency Management.
16. Incidents are investigated locally by the Incident Manager and his associates. They report their findings to the Emergency Director, who determines the appropriate response to the incident. If the time needed to assess, salvage, and restore the damaged site (or if First Responders will not allow access to the facility) is greater than recovery guidelines, then recovery plans must be activated in order to stay within Service Level Agreements and Compliance issues. Recovery Time Objectives and Recovery Point Objectives are used to define recovery time initiatives.