Presentations by speakers at the4th India Business & IT Resilience Summit 7th October, 2016 | Hotel Hilton, Mumbai India

1. 1
Continuity and Resilience (CORE)
ISO 22301 BCM Consulting Firm
Presentations by speakers at the
4th
India Business & IT Resilience Summit
7th
October, 2016 | Hotel Hilton, Mumbai India
Our Contact Details:
INDIA UAE
Continuity and Resilience
Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019
Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535
Email: ms@continuityandresilience.com
Continuity and Resilience
P. O. Box 127557
Abu Dhabi, United Arab Emirates
Mobile:+971 50 8460530
Tel: +971 2 8152831
Fax: +971 2 8152888
Email: info@continuityandresilience.com

2. 2
BCM integration with EHS,
Crisis Management and
Emergency Response
.

3. 3
Speaker’s Profile
•Lead Assessor / Trainer for BS25999, SS540, ISO22301,
ISO31000 and BRA : CBCI, AMBCI
•35 years of industry experience (Unilever, Johnson &
Johnson, Boots and RPG)
• More than 14 years of auditing and training experience
(DNV. BSI and Intertek)
• Industry Personality of the Year 2009 for
1st BCI Continuity & Resilience Awards India
• Lifetime Achievement 2011 in BCM by
BCI Asia Business Continuity Awards Singapore

4. 4
The BCM Standard ISO 22301:2012
ISO 22301 is the first management standard
that fully integrates ISO/Guide 83, "High level
structure and identical text for management
system standards and common core
management system terms and definitions"
ISO 22301 addresses the problem of
management of integrated systems and the
interfaces between different management
systems.

5. 5
ISO 22301 and the PDCA approach
Stakeholders and
Interested Parties
BCM Requirements
and Expectations
Stakeholders and
Interested Parties
Managed Business
Continuity
Continual improvement of BCMS

6. 6
ISO 22301:2012 and PDCA activities
Plan Establish business continuity policy, objectives, targets,
controls, processes and procedures relevant to managing
risk and improving business continuity to deliver results in
accordance with an organization's overall policies and
objectives.
Do Implement and operate the business continuity policy,
controls, processes and procedures.
Check Monitor and review performance against business continuity
objectives and policy, report the results to management for
review, and determine and authorize actions for remediation
and improvement.
Act Maintain and improve the BCMS by taking preventive and
corrective actions, based on the results of management
review and re-appraising the scope of the BCMS and
business continuity policy and objectives.

7. 7
ISO 22301:2012 consistency with other management
standards. Integrated implementation & operation
PDCA approach ensures degree of consistency with:
•ISO 9001:2015 – Quality management systems –
Requirements
•ISO 14001:2015 – Environmental management systems —
Requirements with guidance for use
•DIS ISO 45001- OH&S management systems
•ISO 27001:2013 – Information technology - Security
techniques - Information security management systems –
Requirements
•ISO 22320:2011 - Societal security — Emergency
management — Requirements for incident response
•BS 11200:2014 Crisis Management – Guidance and Good

8. 8
Management System key components
•A policy
•People with defined responsibilities
•Management processes relating to:
• Policy
• Planning
• Implementation and operation
• Performance assessment
• Management review and
• Improvement

9. 9
Incident preparedness and operational (business) continuity
management (IPOCM) - ISO/PAS 22399

10. 10
Within minutes to days:
• Contact staff, customers,
suppliers, etc.
• Recovery of critical business
processes
• Rebuild lost work-in-progress
Within minutes to hours:
• Staff and visitors
accounted for
• Casualties dealt with
• Damage containment/
limitation
• Damage assessment
• Invocation of BCP
Sequence of Events of an Incident
Within weeks to months:
• Damage repair/replacement
• Relocation to permanent
place of work
• Recovery of costs from
insurers
TimelineTimeline
Incident!Incident!
Incident ResponseIncident Response
Business continuityBusiness continuity
Recovery/resumption – back to normalRecovery/resumption – back to normal
Overall recovery objective:
back-to-normal as quickly as possible

11. 11
Chennai Rains & Floods -
Observations and Key
Learnings -
19th
March, 2016

12. 12
Duration of Incident & Impact
• Torrential rains in Chennai ( Major 3 spells) durations;
 15th to 18th Nov'15,
 23rd and 24th Nov'15,
1st to 7th Dec'15 resulting in flooding across the city.
• Major Impacts;
Most of the locations across the city were submerged in water
People and staff had difficulty to commute to & from office / home (people were stuck either
in office or at home due to water logging, lack of transportation, safety & health)
Overflowing of lakes and water bodies added to the damages including some key bridges &
subways
Closure of Airports, Trains and Road ways
Prolonged mobile network failure by multiple telecom providers
Simultaneous failure of both communication network links (primary and Secondary) by
multiple telecom providers
12 12

13. 13
Some BCM Textbook Actions in this situation
On-ground situation assessment
Crisis Management Team (CMT) call activated
Multiple call were taken daily during this period to gauge the situation and take
appropriate steps to ensure safety of staff and continuation of business in BCP Mode.
Ensuring critical staffs are accommodated in nearby hotels and in office.
Additional arrangements for food. Water and other basic amenities.
Deploying of High rise vehicles to ferry / pickup staff from water logged low lying areas.
Stretching of working timing.
Constant monitoring of situation and weather and making preparations accordingly.
Regular Communication sent to Senior Management, Internal and external stake holders
updating them on the ground situation and working capabilities of departments.
13 13

14. 14
Some BCM Textbook Actions in this situation (Cont.)
 Continuing the business in bcp mode using multiple bcp strategies such as;
 Activity transfer to other city / country
 Critical staff present extending their work time
 Staff reaching office closure to their home and working.
 Working form home.
 Alternate / Manual workaround
 Continuous coordination with building management to ensure
 Diesel for generators are replenish regularly as state power was switched off.
 Water logged near office gates was pumped out.
 Transport vendor providing necessary support
 IT coordinating with Telecom vendors to ensure that network link and mobile services which were
disconnected are restored and ensuring that network links which were already up are maintained and not
deactivated.
 Provide use of Wi-Fi for calling .
 Additional care and safety of staff, especially women staff.
 Ensure staff has reached home safely by activating the call tree.
14

15. 15
Potential Learnings from this situation
Staff to keep extra pair of clothes during monsoon
 Keep adequate stock of food, dry snacks, drinking water
 Immediate Booking of nearby hotel rooms.
 Identify Hotels, Service apartments, guest houses around office areas which can be engaged
within short notice.
 Procure adequate number of sleeping bags, bedsheets.
 Facilities for shower, changing etc
 Arrangement with transport vendors to provide high rise vehicles.
 Have a pre-defined template to communicated with stakeholders, staff, media
 Have appropriate notification tool, hotline number for communication with staff.
Ensure electrical power supply rooms and generator rooms are installed on higher levels and not
in basements.
Strategy to work from home if possible.
 Unavailability of staff key staff due to personal exigencies, wanting to stay with family, unable to
travel to work place.
Clarity of weather the staff should come or not in office – flexibility in leave policy.
15 15

16. 16
Potential Learnings from this situation (Cont.)
Call tree list to have land line as alternate numbers where possible.
 Office to have landline which can work even when IP phones are down.
 BIA and BC Plans to have exact strategy on number of staff who can work from home,
staff who can work in split team etc
List of critical staff and back up staff.
16 16

17. 17
Any Questions?
17 17
Thank You