As presented at DRJ Spring World 2015.
Presenter: Robert Edson, Vice President, MissionMode
While business continuity management as a discipline continues to develop rapidly, it’s clear that many companies worldwide are failing in terms of disaster readiness. There’s no doubt that business continuity management is complex, but there are things every company can do to speed up their BCM maturity curve.
In this presentation, Edson takes an in-depth look at common pitfalls as well as solutions to improve program effectiveness that any company can implement. He shares results from MissionMode’s Readiness Survey and experience gained working with MissionMode clients including Gap, Inc., Xcel Energy and others to illustrate how the right combination of teamwork, templates, testing and tools helps organizations enhance their business continuity programs.
This document provides an overview of business continuity management systems (BCMS). It discusses the benefits of BCMS, including reducing costs and protecting reputation. It also outlines the key components of establishing a BCMS, such as business impact analysis, risk assessment, developing continuity strategies, and performance evaluation. Finally, the document presents two case studies that illustrate how organizations implemented effective BCMS to respond to a terrorist attack and earthquake.
This chapter introduces risk management and business continuity management as part of good governance. It develops the link between risk management and business continuity management as part of a risk management framework. Business continuity management is presented as an alternative mechanism for risk mitigation and a contributor to organizational resilience. It is defined as a holistic and proactive management process that identifies potential impacts that threaten an organization and provides a framework for building resilience and an effective response to protect stakeholders and business activities.
The document discusses business continuity planning (BCP) and disaster recovery planning (DRP). It describes the five phases of creating a BCP: project management and initiation, business impact analysis, recovery strategies, plan design and development, and testing, maintenance, awareness and training. The goal of a BCP is to allow timely recovery of critical business operations following a disaster, and to minimize loss. Key aspects include identifying time-critical business functions, defining maximum tolerable downtimes, selecting appropriate technical and organizational recovery strategies, developing a detailed recovery plan, and ongoing testing and maintenance of the plan.
BCM is a structured approach that helps organizations continue operating during disruptions by ensuring critical operations can still function. An effective BCM framework includes understanding the organization, conducting risk assessments, developing response plans, and testing plans through exercises. Regularly reviewing and updating plans is important to account for organizational changes. Implementing a strong BCM program provides benefits like reduced financial impacts, protected reputation, and compliance.
The document outlines a framework for business continuity management (BCM) that includes several interconnected components: event monitoring and response management, emergency response management, incident command, crisis management, business continuity planning, disaster recovery planning, and change management. It describes the process of monitoring for events, declaring emergency responses, convening crisis management teams, initiating business continuity and disaster recovery plans, recovering critical services, and returning to normal operations. The framework is meant to help organizations gradually adopt BCM and ensure an effective response to unplanned events.
This document discusses business continuity planning (BCP) and disaster recovery planning (DRP). It defines BCP as planning for preserving and recovering business operations during outages, and DRP as planning for recovering damaged facilities. The document outlines the relationship between BCP and DRP, and describes the key phases of developing a BCP, including business impact analysis, recovery strategy, plan design, implementation, testing, and maintenance. It also discusses different types of disaster recovery sites and the goals of recovery time and recovery point objectives.
This document provides an overview of business continuity management systems (BCMS). It discusses the benefits of BCMS, including reducing costs and protecting reputation. It also outlines the key components of establishing a BCMS, such as business impact analysis, risk assessment, developing continuity strategies, and performance evaluation. Finally, the document presents two case studies that illustrate how organizations implemented effective BCMS to respond to a terrorist attack and earthquake.
This chapter introduces risk management and business continuity management as part of good governance. It develops the link between risk management and business continuity management as part of a risk management framework. Business continuity management is presented as an alternative mechanism for risk mitigation and a contributor to organizational resilience. It is defined as a holistic and proactive management process that identifies potential impacts that threaten an organization and provides a framework for building resilience and an effective response to protect stakeholders and business activities.
The document discusses business continuity planning (BCP) and disaster recovery planning (DRP). It describes the five phases of creating a BCP: project management and initiation, business impact analysis, recovery strategies, plan design and development, and testing, maintenance, awareness and training. The goal of a BCP is to allow timely recovery of critical business operations following a disaster, and to minimize loss. Key aspects include identifying time-critical business functions, defining maximum tolerable downtimes, selecting appropriate technical and organizational recovery strategies, developing a detailed recovery plan, and ongoing testing and maintenance of the plan.
BCM is a structured approach that helps organizations continue operating during disruptions by ensuring critical operations can still function. An effective BCM framework includes understanding the organization, conducting risk assessments, developing response plans, and testing plans through exercises. Regularly reviewing and updating plans is important to account for organizational changes. Implementing a strong BCM program provides benefits like reduced financial impacts, protected reputation, and compliance.
The document outlines a framework for business continuity management (BCM) that includes several interconnected components: event monitoring and response management, emergency response management, incident command, crisis management, business continuity planning, disaster recovery planning, and change management. It describes the process of monitoring for events, declaring emergency responses, convening crisis management teams, initiating business continuity and disaster recovery plans, recovering critical services, and returning to normal operations. The framework is meant to help organizations gradually adopt BCM and ensure an effective response to unplanned events.
This document discusses business continuity planning (BCP) and disaster recovery planning (DRP). It defines BCP as planning for preserving and recovering business operations during outages, and DRP as planning for recovering damaged facilities. The document outlines the relationship between BCP and DRP, and describes the key phases of developing a BCP, including business impact analysis, recovery strategy, plan design, implementation, testing, and maintenance. It also discusses different types of disaster recovery sites and the goals of recovery time and recovery point objectives.
Business continuity & Disaster recovery planingHanaysha
Disaster recovery (DR) and business continuity planning (BCP) are important for organizations to plan for disasters and disruptions. A DR plan provides procedures to recover IT capabilities at an alternate site after a disaster. A BCP addresses risks to business processes and prepares an organization to continue essential operations. Both plans aim to minimize downtime and losses. Key components of DR plans include establishing recovery teams, developing procedures, training, and arranging alternate IT resources. BCP components involve identifying critical resources, conducting risk and impact analyses, and developing prevention, mitigation and recovery strategies. Maintaining and testing plans is important to ensure preparedness for disasters.
Business continuity planning involves creating a logistical plan for how an organization will recover from a disaster in a predetermined time. Disaster recovery planning addresses procedures for recovering critical business functions after an interruption. The document discusses business continuity planning lifecycles, objectives of business continuity and disaster recovery plans, developing and testing plans, differentiating business continuity and disaster recovery plans, types of backups and disaster recovery plans, recovery time objectives and recovery point objectives, threats to organizations, and risk analysis and planning considerations.
The document discusses the importance of business continuity and disaster recovery planning. It outlines key concepts like business continuity, disaster recovery, recovery point objective (RPO), and recovery time objective (RTO). Statistics are provided showing that 40-60% of businesses that close due to a disaster never reopen, and the average cost of downtime is $366,363 per year. The new global standard, ISO 22301, is also summarized, outlining its key clauses related to leadership, planning, support, operation, and improvement of business continuity management systems.
Business Continuity Management PowerPoint Presentation SlidesSlideTeam
Presenting this set of slides with name - Business Continuity Management PowerPoint Presentation Slides. This complete deck is oriented to make sure you do not lag in your presentations. Our creatively crafted slides come with apt research and planning. This exclusive deck with fifty-two slides is here to help you to strategize, plan, analyze, or segment the topic with clear understanding and apprehension. Utilize ready to use presentation slides on Business Continuity Management PowerPoint Presentation Slides with all sorts of editable templates, charts and graphs, overviews, analysis templates. It is usable for marking important decisions and covering critical issues. Display and present all possible kinds of underlying nuances, progress factors for an all inclusive presentation for the teams. This presentation deck can be used by all professionals, managers, individuals, internal external teams involved in any company organization.
Willem A. Hoekstra Business Continuity Management in Banking Industry World C...BCM Institute
This document discusses business continuity management (BCM) in the banking industry. It begins with key BCM concepts like having crisis management teams, conducting business impact analyses to determine priorities, creating business continuity plans, building alternative facilities, testing plans through exercises, and embedding BCM into the organization. It then discusses Nomura's BCM methodology in more detail, including establishing a crisis management team and emergency response plan. The document emphasizes that while BCM aims to prepare for consequences of disruptions, the causes themselves may be unpredictable. It also notes that disruptions can impact a bank's buildings, people, IT systems, suppliers, capital, and clients.
Business continuity and disaster recovery are not the same but complement each other. Planning on BCP and DRP is necessary for all business. This slide contains information on how to achieve and maintain them.
Business continuity planning (BCP) seeks to mitigate interruptions to core business systems. A BCP identifies critical business functions, assesses risks like power outages or cyberattacks, and develops reduction, readiness, response and recovery plans. It is tested through simulations. Developing a comprehensive BCP is complex for healthcare given systems' criticality and risk to patient care, but consistency in the literature can guide appropriate plan development. Testing assesses a plan's achievability and timely, cost-effective response while ongoing review ensures applicability amid changing systems.
IT-Centric Disaster Recovery & Business ContinuitySteve Susina
IT-centric business continuity planning aims to align IT recovery with business needs. It recognizes that while disaster recovery focuses on restoring IT systems, business continuity prioritizes maintaining business processes. The approach involves business leaders and IT leaders collaboratively assessing risks, mapping processes, developing strategies to restore critical systems based on business priorities, and creating plans to guide response and recovery. Regular testing and updates are needed to ensure plans remain effective over time.
Business continuity and recovery planning for manufacturingARC Advisory Group
The document discusses the importance of business continuity and recovery planning (BCRP) for manufacturers. It outlines a systematic approach to developing a BCRP, including conducting a business impact analysis to identify critical operations, developing recovery strategies and procedures, and making recommendations to balance investment costs with protection needs. The key objectives of a BCRP are to minimize downtime and losses from a disaster through preparedness and planning.
Streamline the traditional approach to make BCP development manageable and repeatable.
Your Challenge
Ineffective business continuity planning (BCP) leads to:
Regulators and customers demanding a functional BCP.
Progress is limited or stalled – no effective approach to make this a manageable project that can actually be completed.
No clear sense of appropriate recovery objectives or how to get there.
Do-It-Yourself Implementation
The slides in this our Best Practice Blueprint will walk you step-by-step through every phase of your project with supporting tools and templates ready for you to use.
Project Accelerator Workshop
You can also use this Best Practice Blueprint to facilitate your own project accelerator workshop within your organization using the workshop slides and facilitation instructions provided in the Appendix.
Let us help you plan your project
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops.
Onsite Expert Advice
Our expert analysts will come onsite to help you work through our project methodology in a 2-5 day workshop. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully. In some cases, we can even help you to complete the project while we are onsite!
This document provides an overview of business continuity management (BCM) and disaster recovery planning (DRP). It discusses what BCM and DRP are, their benefits, governance structure, creation process, policies, and auditing. BCM aims to ensure essential business functions continue during and after disasters through documented processes and procedures. DRP focuses on restoring operations, applications, etc. to their original state after a disaster. Key aspects of BCM include business impact analysis, risk assessment, crisis communication plans, and training employees.
The document outlines a framework for business continuity management (BCM) consisting of several interconnected components: event monitoring and response management, emergency response management, incident command, response management, business continuity planning, disaster recovery planning, and change management. It describes the process of monitoring for events, declaring emergency response plans, convening a crisis management team, initiating business continuity and disaster recovery plans, recovering critical services, and returning to normal operations. Governance is provided by a crisis management plan outlining roles and responsibilities.
This handout was provided at the OCNC Business Emergency Preparedness Series workshop hosted by the Orange County Emergency Services and The Chamber on April 11, 2019.
Building a Business Continuity CapabilityRod Davis
A detailed overview of the business continuity / disaster recovery planning process. Gives numerous tips for effective execution of plan development. Emphasizes development of a true recovery capability through exercises which reveal weaknesses in the plan or technology leading to improvements.
This document discusses business continuity planning and crisis management. It begins by outlining the pre-crisis, crisis, and post-crisis situations an organization may face. It then discusses managing both the crisis event itself as well as the organization's reputation during a crisis. The rest of the document provides guidance on developing a business continuity plan, including conducting risk assessments, developing contingency plans, and establishing roles and responsibilities to manage crises effectively.
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
This document outlines a presentation on developing a Disaster Recovery Plan (DRP) and Enterprise Continuity Plan (ECP). It discusses defining roles and teams for responding to incidents, assessing risks across six resilience layers of strategy, organization, processes, data, technology, and facilities. It also covers training the response team, engaging outside experts, and creating awareness campaigns to implement the DRP/ECP.
This document outlines a disaster recovery plan (DRP). It begins by discussing different approaches firms can take toward disasters, with the realistic approach of investing in reducing risks being the best. It then defines a DRP as a documented process for recovering IT infrastructure during a disaster. The benefits of a DRP are minimizing delays and risks while guaranteeing reliable backup systems. Key questions a DRP addresses are its objectives, responsibilities, and response procedures. The document provides tips on considering common disaster types and communicating the full DRP. It concludes that investing in a DRP is worthwhile for new firms.
This document provides a business continuity plan for a small business that provides consulting services. It identifies key business functions and processes, potential impacts of disruptive events, resilience strategies, and recovery actions. The plan addresses how the business would continue operating and recover if it lost its IT infrastructure, office, or other assets due to events like fire or flood. It outlines backup procedures for important digital and physical assets and identifies alternative options and vendors that could be used to quickly restore operations.
Leveraging Your CMMS - From Selection to Daily Usejohnnyg14
This document discusses leveraging a computerized maintenance management system (CMMS) from selection through daily use. It begins by outlining the business benefits of a 1% improvement in key maintenance metrics. Selection criteria for a CMMS include defining requirements, benchmarking current performance, and selecting a system that integrates with other applications. Proper implementation requires training, documentation, and continuous improvement. Leading practices involve mobile and analytical capabilities to turn maintenance data into actionable insights. Key performance indicators allow measuring progress toward maintenance goals.
Business continuity & Disaster recovery planingHanaysha
Disaster recovery (DR) and business continuity planning (BCP) are important for organizations to plan for disasters and disruptions. A DR plan provides procedures to recover IT capabilities at an alternate site after a disaster. A BCP addresses risks to business processes and prepares an organization to continue essential operations. Both plans aim to minimize downtime and losses. Key components of DR plans include establishing recovery teams, developing procedures, training, and arranging alternate IT resources. BCP components involve identifying critical resources, conducting risk and impact analyses, and developing prevention, mitigation and recovery strategies. Maintaining and testing plans is important to ensure preparedness for disasters.
Business continuity planning involves creating a logistical plan for how an organization will recover from a disaster in a predetermined time. Disaster recovery planning addresses procedures for recovering critical business functions after an interruption. The document discusses business continuity planning lifecycles, objectives of business continuity and disaster recovery plans, developing and testing plans, differentiating business continuity and disaster recovery plans, types of backups and disaster recovery plans, recovery time objectives and recovery point objectives, threats to organizations, and risk analysis and planning considerations.
The document discusses the importance of business continuity and disaster recovery planning. It outlines key concepts like business continuity, disaster recovery, recovery point objective (RPO), and recovery time objective (RTO). Statistics are provided showing that 40-60% of businesses that close due to a disaster never reopen, and the average cost of downtime is $366,363 per year. The new global standard, ISO 22301, is also summarized, outlining its key clauses related to leadership, planning, support, operation, and improvement of business continuity management systems.
Business Continuity Management PowerPoint Presentation SlidesSlideTeam
Presenting this set of slides with name - Business Continuity Management PowerPoint Presentation Slides. This complete deck is oriented to make sure you do not lag in your presentations. Our creatively crafted slides come with apt research and planning. This exclusive deck with fifty-two slides is here to help you to strategize, plan, analyze, or segment the topic with clear understanding and apprehension. Utilize ready to use presentation slides on Business Continuity Management PowerPoint Presentation Slides with all sorts of editable templates, charts and graphs, overviews, analysis templates. It is usable for marking important decisions and covering critical issues. Display and present all possible kinds of underlying nuances, progress factors for an all inclusive presentation for the teams. This presentation deck can be used by all professionals, managers, individuals, internal external teams involved in any company organization.
Willem A. Hoekstra Business Continuity Management in Banking Industry World C...BCM Institute
This document discusses business continuity management (BCM) in the banking industry. It begins with key BCM concepts like having crisis management teams, conducting business impact analyses to determine priorities, creating business continuity plans, building alternative facilities, testing plans through exercises, and embedding BCM into the organization. It then discusses Nomura's BCM methodology in more detail, including establishing a crisis management team and emergency response plan. The document emphasizes that while BCM aims to prepare for consequences of disruptions, the causes themselves may be unpredictable. It also notes that disruptions can impact a bank's buildings, people, IT systems, suppliers, capital, and clients.
Business continuity and disaster recovery are not the same but complement each other. Planning on BCP and DRP is necessary for all business. This slide contains information on how to achieve and maintain them.
Business continuity planning (BCP) seeks to mitigate interruptions to core business systems. A BCP identifies critical business functions, assesses risks like power outages or cyberattacks, and develops reduction, readiness, response and recovery plans. It is tested through simulations. Developing a comprehensive BCP is complex for healthcare given systems' criticality and risk to patient care, but consistency in the literature can guide appropriate plan development. Testing assesses a plan's achievability and timely, cost-effective response while ongoing review ensures applicability amid changing systems.
IT-Centric Disaster Recovery & Business ContinuitySteve Susina
IT-centric business continuity planning aims to align IT recovery with business needs. It recognizes that while disaster recovery focuses on restoring IT systems, business continuity prioritizes maintaining business processes. The approach involves business leaders and IT leaders collaboratively assessing risks, mapping processes, developing strategies to restore critical systems based on business priorities, and creating plans to guide response and recovery. Regular testing and updates are needed to ensure plans remain effective over time.
Business continuity and recovery planning for manufacturingARC Advisory Group
The document discusses the importance of business continuity and recovery planning (BCRP) for manufacturers. It outlines a systematic approach to developing a BCRP, including conducting a business impact analysis to identify critical operations, developing recovery strategies and procedures, and making recommendations to balance investment costs with protection needs. The key objectives of a BCRP are to minimize downtime and losses from a disaster through preparedness and planning.
Streamline the traditional approach to make BCP development manageable and repeatable.
Your Challenge
Ineffective business continuity planning (BCP) leads to:
Regulators and customers demanding a functional BCP.
Progress is limited or stalled – no effective approach to make this a manageable project that can actually be completed.
No clear sense of appropriate recovery objectives or how to get there.
Do-It-Yourself Implementation
The slides in this our Best Practice Blueprint will walk you step-by-step through every phase of your project with supporting tools and templates ready for you to use.
Project Accelerator Workshop
You can also use this Best Practice Blueprint to facilitate your own project accelerator workshop within your organization using the workshop slides and facilitation instructions provided in the Appendix.
Let us help you plan your project
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops.
Onsite Expert Advice
Our expert analysts will come onsite to help you work through our project methodology in a 2-5 day workshop. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully. In some cases, we can even help you to complete the project while we are onsite!
This document provides an overview of business continuity management (BCM) and disaster recovery planning (DRP). It discusses what BCM and DRP are, their benefits, governance structure, creation process, policies, and auditing. BCM aims to ensure essential business functions continue during and after disasters through documented processes and procedures. DRP focuses on restoring operations, applications, etc. to their original state after a disaster. Key aspects of BCM include business impact analysis, risk assessment, crisis communication plans, and training employees.
The document outlines a framework for business continuity management (BCM) consisting of several interconnected components: event monitoring and response management, emergency response management, incident command, response management, business continuity planning, disaster recovery planning, and change management. It describes the process of monitoring for events, declaring emergency response plans, convening a crisis management team, initiating business continuity and disaster recovery plans, recovering critical services, and returning to normal operations. Governance is provided by a crisis management plan outlining roles and responsibilities.
This handout was provided at the OCNC Business Emergency Preparedness Series workshop hosted by the Orange County Emergency Services and The Chamber on April 11, 2019.
Building a Business Continuity CapabilityRod Davis
A detailed overview of the business continuity / disaster recovery planning process. Gives numerous tips for effective execution of plan development. Emphasizes development of a true recovery capability through exercises which reveal weaknesses in the plan or technology leading to improvements.
This document discusses business continuity planning and crisis management. It begins by outlining the pre-crisis, crisis, and post-crisis situations an organization may face. It then discusses managing both the crisis event itself as well as the organization's reputation during a crisis. The rest of the document provides guidance on developing a business continuity plan, including conducting risk assessments, developing contingency plans, and establishing roles and responsibilities to manage crises effectively.
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
This document outlines a presentation on developing a Disaster Recovery Plan (DRP) and Enterprise Continuity Plan (ECP). It discusses defining roles and teams for responding to incidents, assessing risks across six resilience layers of strategy, organization, processes, data, technology, and facilities. It also covers training the response team, engaging outside experts, and creating awareness campaigns to implement the DRP/ECP.
This document outlines a disaster recovery plan (DRP). It begins by discussing different approaches firms can take toward disasters, with the realistic approach of investing in reducing risks being the best. It then defines a DRP as a documented process for recovering IT infrastructure during a disaster. The benefits of a DRP are minimizing delays and risks while guaranteeing reliable backup systems. Key questions a DRP addresses are its objectives, responsibilities, and response procedures. The document provides tips on considering common disaster types and communicating the full DRP. It concludes that investing in a DRP is worthwhile for new firms.
This document provides a business continuity plan for a small business that provides consulting services. It identifies key business functions and processes, potential impacts of disruptive events, resilience strategies, and recovery actions. The plan addresses how the business would continue operating and recover if it lost its IT infrastructure, office, or other assets due to events like fire or flood. It outlines backup procedures for important digital and physical assets and identifies alternative options and vendors that could be used to quickly restore operations.
Leveraging Your CMMS - From Selection to Daily Usejohnnyg14
This document discusses leveraging a computerized maintenance management system (CMMS) from selection through daily use. It begins by outlining the business benefits of a 1% improvement in key maintenance metrics. Selection criteria for a CMMS include defining requirements, benchmarking current performance, and selecting a system that integrates with other applications. Proper implementation requires training, documentation, and continuous improvement. Leading practices involve mobile and analytical capabilities to turn maintenance data into actionable insights. Key performance indicators allow measuring progress toward maintenance goals.
Crisis information management framework for regional disaster resiliency (Joe...Learning Manager
This document presents a crisis information management framework to improve regional disaster resilience. The framework defines a repeatable process for communities to measurably enhance their crisis information capabilities. It is intended for regional stakeholders, program managers, planners and others. The framework helps align local efforts with national goals in areas like emergency response and risk management. It assesses capabilities using a maturity model and guides a multi-step training process including exercises and re-assessments to advance capabilities over several years. The goal is to strengthen coordination and information sharing across regions during disasters.
Julie Rampello gave a presentation on using Key Performance Indicators (KPIs) in IBM Maximo to measure the effectiveness of reliability programs and support organizational objectives. She discussed selecting relevant KPIs, collecting accurate data from various sources, and using Maximo's built-in features like the KPI manager and reporting tools to analyze trends over time. Examples of KPIs included maintenance costs, equipment uptime, and safety metrics. Rampello stressed the importance of prioritizing vital few KPIs and integrating data from Maximo and other systems for meaningful analysis of reliability program success.
Talk given by Robert Maxwell, Lead Incident Handler and Kelly McCracken, Director, CSIRT at Salesforce, at Techno Security, in June 2016
Effective IR Communication & Coordination using a Case Management System Description: Too often IR teams are left to managing incidents from email, personal folders, and shared drive. Salesforce's CSIRT will demonstrate how they have developed an effective case management system to increase the team's ability to effectively track, respond, manage, measure, and report on incidents from detection through the lessons learned phase of the incident response lifecycle.
Reliability programs should support strategic corporate objectives
Relevant Key Performance Indicators
Measure program effectiveness
Provide believable data
KPI management and other Reporting options in Maximo
How to Drive Efficiency and Reduce Risk with Investigative Case Management So...Case IQ
This document discusses the benefits of investigative case management software. It begins by introducing the presenters and providing an overview. It then discusses external and internal trends driving the need for such software, including more cases from employees reporting issues and the inefficiencies of manual processes. The document considers whether to build, repurpose, or buy a case management system. It outlines five key features that should be included: multichannel intake, flexibility to handle different case types, security controls, reporting capabilities, and configurability. Finally, it discusses how to make the business case for case management software through increased efficiency, reduced risk, and better insights to prevent future incidents. The presentation provides resources for learning more about ROI and next steps.
Practical Measures for Measuring SecurityChris Mullins
Security is often a frustrating field for business and IT decision makers. It can be difficult to quantify, difficult to get visibility, and it’s difficult to know when you have “enough”. Do you really need that latest threat feed subscription or state of the art malware protection device? Do you need to add another security analyst to your team? And if so, how can you understand, in business terms, the value these investments bring to the business? This session will explore practical methods for the application of metrics in security to support business decision making, and provide a framework to implement straightforward security metrics, whether inside your wall or at a service provider.
Renita Jesma Lobo is a Software Engineer-Testing with over 3 years of experience in manual and automation testing. She has expertise in test case design, test execution, defect tracking, Selenium automation using POM framework, and experience working in agile methodologies like scrum. Currently she is spearheading testing efforts on the DB Uplift project from VB to C# platform at Cerner Corporation. Previously she worked on projects like BMS and Toshbro enterprise management application, performing functional and integration testing. She has a BE in ECE and is proficient in languages like Tulu and Marathi.
This presentation given by Think Big's senior data scientist Eliano Marques at Digital Natives conference in Berlin, Germany (November 2015), details how to go from experimentation to productionization for a predictive maintenance use case.
"From Insights to Production with Big Data Analytics", Eliano Marques, Senior...Dataconomy Media
"From Insights to Production with Big Data Analytics", Eliano Marques, Senior Data Scientist at ThinkBig, a Teradata Company
YouTube Link: https://www.youtube.com/watch?v=caTyh1KflsI
Watch more from Data Natives 2015 here: http://bit.ly/1OVkK2J
Visit the conference website to learn more: www.datanatives.io
Follow Data Natives:
https://www.facebook.com/DataNatives
https://twitter.com/DataNativesConf
Stay Connected to Data Natives by Email: Subscribe to our newsletter to get the news first about Data Natives 2016: http://bit.ly/1WMJAqS
About the author:
Eliano is an analytics professional that combines Data Science skills with leadership, vision, creativity, project management, team building/management acquired through academia, personal research, leading internal Data Science/Advanced Modelling teams and providing consulting services to customers in several industries (including manufacturing, utilities, telcos, financial services, hospitality, sports).
This document outlines a 5-step process for improving an organization's incident response plan. Step 1 involves determining what constitutes an incident based on factors like asset criticality and impact. Step 2 is defining roles and responsibilities and ensuring the team is prepared. Step 3 is testing the plan through exercises to identify weaknesses. Step 4 focuses on improving communications plans. Step 5 is measuring the potential impact of incidents to understand recovery objectives. The overall goal is to create a well-defined, tested plan with the right people assigned to effectively respond to security incidents.
Risk Based Security and Self Protection Powerpointrandalje86
Miguel Sanchez presented on risk based security and self protection technologies. He discussed how the threat landscape has changed and the need for a proactive, risk based approach. This involves a multi-tiered risk management process including framing risks at the organizational, mission, and system levels. Emerging technologies like runtime application self protection can help applications protect themselves by monitoring for threats during execution.
This document discusses best practices for successfully implementing an EDM/PDM system project. It notes that the scope of work, requirements, and physical/behavioral components can be controlled, while budgets, timelines, team members, vendor behavior, and user acceptance are more difficult to control. A successful project manager clearly defines critical success criteria, maintains knowledge of business processes, technical systems, and personnel, and keeps stakeholders informed of progress and milestone criteria. Risks should be identified and mitigated through careful planning, and common pitfalls like unrealistic schedules and feature creep should be avoided. The implementation process requires the same project management rigor as any complex IT project.
The document discusses various topics related to software development including challenges, opportunities, and best practices. Some key points:
1. Software development involves many phases from requirements analysis to testing to maintenance. It is important to involve users, establish clear standards, and divide projects into well-defined phases and activities.
2. Developing software presents inherent challenges like changing requirements, managing frequent changes, and ensuring compatibility with existing systems. Adopting a problem-solving approach and justifying systems as investments can help address some challenges.
3. Opportunities in software development include making the process more cost-effective, improving quality, and capturing important domain knowledge. New approaches like model-driven development also offer benefits if properly
Mike Marshall, PE (mtmarshall.llc@gmail.com) is an Oil & Gas industry consultant who has recently developed an EAM loss prevention and asset optimization software product derived from various spreadsheet-based tools (consisting of business methods, practices, KPIs, scorecards, reports, data maps/views, etc.) which were central to the actual asset performance optimization/management and process safety improvement metrics and methodologies he implemented while working for both Marathon (23 years) and Chevron (10 years).
IT departments face pressure to improve business value by accelerating new applications while maintaining existing systems, which consume most resources. Outsourcing maintenance and development can help manage costs and resources to support current systems while enabling new initiatives for competitive advantage. While in-house teams still manage higher-level tasks, outsourcing arrangements are structured partnerships where vendors assume responsibility for delivery of business value from outsourced services, as measured by performance metrics in service level agreements. Both benefits and risks must be considered in planning and contracting for outsourced work.
The document discusses achieving information and cyber security (ICS/SC) compliance through a risk-based approach. It begins by outlining the end state of having a holistic management system for regular compliance reporting and improvement. It then addresses identifying the current "as-is" security state, establishing a leadership model, and using compliance and risk assessments to prioritize controls. The document emphasizes that compliance is just the beginning and that risk management should inform decision making to balance security, compliance, and business needs. It concludes that compliance alone is not sufficient and a phased, governance-based approach is needed to deal with complex environments.
This document provides an overview of chapter 14 from the textbook "Managing the Digital Firm" which discusses managing projects. The chapter covers the objectives of project management and its importance for developing information systems. It also discusses methods for selecting and evaluating projects, assessing business value, managing risks, and strategies for implementation. Specific topics covered include portfolio analysis, critical success factors, scoring models, managing technical and organizational risks, and the role of project management software.
Vijay Mohire presented information on his planned contributions to Microsoft's ACE (Assessment, Consulting & Engineering) team. He outlined how he would assist with risk assessments, compliance checks, security consultations, engineering tasks, and program management. The presentation also provided an overview of Microsoft's information security practices, including its security stack, tools like Azure and Active Directory, and adherence to standards like NIST and PCI DSS.
Similar to Best-in-Class Crisis Preparation: Maximize Readiness with the Four T’s (20)
Crisis Communications 101: A Crash CourseMissionMode
12 major principles that will help you take charge of the next corporate crisis. Effective communications during a crisis can make the difference between quickly resolving the situation and it becoming a nightmare. This presentation covers the bases from crisis leadership and planning to social media and the press.
We've assembled 12 of the most interesting websites that deal with crisis management and disasters. Some have very practical applications in crisis management, while others are simply cool to interact with.
Best Practices for Emergency Notification MessagesMissionMode
When sending an alert through an emergency notification system, it’s important to have the best possible message for each type of communication channel. This presentation gives you a variety of best practices for each communication channel. Follow these guidelines and your alert will be more successful.
Severe Weather Preparedness and ResiliencyMissionMode
Storms, hurricanes, tornadoes, flooding and other severe weather events are an unavoidable fact of life. In 2012, severe weather caused more than $100 billion in damages within the United States alone.
This white paper is a guide to planning and implementing your response to weather threats, and it's much more than a simple checklist. Resiliency is the ability to withstand and 'bounce back' from an emergency event. The white paper helps you to think through the processes that will result in a successful response to a weather threat. Your business and people will then be truly prepared and resilient.
16 Killer Crisis Management Apps for iPhone & iPadMissionMode
Here are 16 of the best iPhone and iPad apps that will interest crisis management and disaster response professionals. Many will also be of interest to the average user. These are practical apps that you should find useful as you do your job.
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
ISO 22301 is the new international standard for Business Continuity Management best practice. It provides organizations with a framework to manage risk and ensure that they can continue operations in any type of event. In this webinar, ISO 22301 expert John McGill will help you understand the ISO standard, why it's important, and how to plan for certification.
Five Disciplines of Organizational ResilienceMissionMode
Resilient organizations are able to thrive under all circumstances. Michael Lazcano shares the keys to organizational resilience during this recorded webinar. Discover how companies can anticipate, react to and withstand any type of disruption. Learn the five core disciplines that are at the heart of every resilient company, why they're important, and how to achieve them.
Faster, Stronger Crisis Response With ICS for BusinessMissionMode
The Incident Command System (ICS) is a proven planning method that improves communications between teams and leads to a better-organized response. Originally developed for the public sector, ICS is now becoming a standard way for companies to respond to incidents. In this webinar, you'll discover how ICS works, why it benefits companies, and how it can be adapted for business use.
Reputation Combat: Protecting Your Company's Online ReputationMissionMode
A single person can attack your corporation's reputation, armed with nothing more than a computer or mobile phone. Within minutes, the news can spread to thousands or even millions of people, and the damage is done. No advance warning, no time to react. Noted crisis communications expert Jonathan Bernstein will help you understand online reputation management (ORM) and learn how to defend your company against threats.
Revolutionary Mobile Crisis Communications - EarShotMissionMode
The document describes EarShot, a crisis communication system that allows two-way communication between organizations and their staff using smartphones. EarShot goes beyond simple alerts by enabling rich, interactive messages with photos, forms, location data and a resource library. During a hurricane response, the system allowed an organization to send evacuation instructions, check on remote workers, and receive damage reports and photos from the field in real-time. EarShot integrates with other systems and supports various devices to provide a more effective crisis response.
Proactive Crisis Management Through Internal CrowdsourcingMissionMode
Internal crowdsourcing is a relatively new way to use the eyes and ears of your employees to avert a crisis or reduce the impact of a crisis. (It does NOT involve social media.) Learn what it is and some strategies for using it in your organization.
Swift, accurate communication is the most important factor in successfully mitigating a crisis. While there are many articles about the methodology behind external communication, the art of internal communications during a crisis is often overlooked. In this presentation, you'll learn about the critical things that must be accomplished in the initial stages of a crisis and a way to make the crisis response more consistent and on-plan.
Corporate Crisis Management - Minimize the ChaosMissionMode
This white paper is an executive introduction to crisis management—what it is, why it's important, and key principles for success. Senior managers in particular will benefit from this insider's guide.
People, processes and management tools are critical components of a successful crisis response, and effective communication is the foundation. Neglect any of these facets, and a crisis can easily escalate.
Crisis management expert Elizabeth Stevens provides a solid overview of these areas, as well as expert advice.
Table of Contents:
What is Crisis Management?
Preparedness:
– People
– Program
– Platform
Communication: the single most important element
Critical communications considerations
Successfully Managing Emergency Operations in a Distributed EnvironmentMissionMode
The document discusses strategies for successfully managing emergency operations in a distributed organization. It recommends selling the crisis management program to gain support from all levels of the organization. It also suggests organizing the crisis response team based on roles rather than individuals, and ensuring the program has flexibility to address local conditions. The document emphasizes having open communication channels to allow flexible response, and taking a global view while empowering local crisis teams to act independently as needed.
Supply Chain Recovery is a Competitive CapabilityMissionMode
In today's volatile and interdependent economy, even the best organized companies are increasingly vulnerable to many types of supply chain disruptions that are beyond their control.
This white paper details how mitigating supply chain disruptions can create a competitive advantage. Executives, board members and supply chain leaders will better understand the need for mitigation and how to go about it.
The author, Professor Alan Braithwaite, draws upon established case material and risk management principles in the paper. Topics include:
• How supply chain glitches destroy shareholder value
• General principles of risk mitigation and recovery
• The global economy and the implications of extended supply chains
Crisis Preparedness Ins and Outs - White PaperMissionMode
Large, complex plans often prove ineffective during a crisis. In this white paper, crisis management expert Jonathan Bernstein describes a new way to streamline crisis management and focus on the key aspects of the response.
By using operational and communication plans, coupled with a crisis support system, an organization can react and recover more quickly.
Table of Contents
1. A not-too-far from reality case study
2. Who and where are your stakeholders?
3. How to prepare for crises—an inside job
4. The challenges of crisis communications
5. Evaluating crisis response
Presentation by Herman Kienhuis (Curiosity VC) on Investing in AI for ABS Alu...Herman Kienhuis
Presentation by Herman Kienhuis (Curiosity VC) on developments in AI, the venture capital investment landscape and Curiosity VC's approach to investing, at the alumni event of Amsterdam Business School (University of Amsterdam) on June 13, 2024 in Amsterdam.
The report *State of D2C in India: A Logistics Update* talks about the evolving dynamics of the d2C landscape with a particular focus on how brands navigate the complexities of logistics. Third Party Logistics enablers emerge indispensable partners in facilitating the growth journey of D2C brands, offering cost-effective solutions tailored to their specific needs. As D2C brands continue to expand, they encounter heightened operational complexities with logistics standing out as a significant challenge. Logistics not only represents a substantial cost component for the brands but also directly influences the customer experience. Establishing efficient logistics operations while keeping costs low is therefore a crucial objective for brands. The report highlights how 3PLs are meeting the rising demands of D2C brands, supporting their expansion both online and offline, and paving the way for sustainable, scalable growth in this fast-paced market.
AI Transformation Playbook: Thinking AI-First for Your BusinessArijit Dutta
I dive into how businesses can stay competitive by integrating AI into their core processes. From identifying the right approach to building collaborative teams and recognizing common pitfalls, this guide has got you covered. AI transformation is a journey, and this playbook is here to help you navigate it successfully.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Discover the Beauty and Functionality of The Expert Remodeling Serviceobriengroupinc04
Unlock your kitchen's true potential with expert remodeling services from O'Brien Group Inc. Transform your space into a functional, modern, and luxurious haven with their experienced professionals. From layout reconfiguration to high-end upgrades, they deliver stunning results tailored to your style and needs. Visit obriengroupinc.com to elevate your kitchen's beauty and functionality today.
The Role of White Label Bookkeeping Services in Supporting the Growth and Sca...YourLegal Accounting
Effective financial management is important for expansion and scalability in the ever-changing US business environment. White Label Bookkeeping services is an innovative solution that is becoming more and more popular among businesses. These services provide a special method for managing financial duties effectively, freeing up companies to concentrate on their main operations and growth plans. We’ll look at how White Label Bookkeeping can help US firms expand and develop in this blog.
Enhancing Adoption of AI in Agri-food: IntroductionCor Verdouw
Introduction to the Panel on: Pathways and Challenges: AI-Driven Technology in Agri-Food, AI4Food, University of Guelph
“Enhancing Adoption of AI in Agri-food: a Path Forward”, 18 June 2024
Satta matka fixx jodi panna all market dpboss matka guessing fixx panna jodi kalyan and all market game liss cover now 420 matka office mumbai maharashtra india fixx jodi panna
Call me 9040963354
WhatsApp 9040963354
High-Quality IPTV Monthly Subscription for $15advik4387
Experience high-quality entertainment with our IPTV monthly subscription for just $15. Access a vast array of live TV channels, movies, and on-demand shows with crystal-clear streaming. Our reliable service ensures smooth, uninterrupted viewing at an unbeatable price. Perfect for those seeking premium content without breaking the bank. Start streaming today!
https://rb.gy/f409dk
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineCIOWomenMagazine
In this article, we will dive into the extraordinary life of Ellen Burstyn, where the curtains rise on a story that's far more attractive than any script.
Prescriptive analytics BA4206 Anna University PPTFreelance
Business analysis - Prescriptive analytics Introduction to Prescriptive analytics
Prescriptive Modeling
Non Linear Optimization
Demonstrating Business Performance Improvement
2. Business Continuity Readiness Overview
Business Continuity Management (BCM) as a
discipline continues to develop rapidly, but…
Source: CI/KPMG 2013-2014 Benchmark Study
“75% of
companies worldwide are
failing in terms of Disaster
Readiness”
Source: Disaster Recovery Preparedness
Benchmark Survey, 2014
7. Right Team – Executive Sponsorship
Multiple studies have shown the linkage between
C-Level involvement and BCM Program success
8. Executive Sponsor Roles
• Select/review BCM team leadership
• Secure funding to support BC/DR initiatives
• Lead steering committee
• Weigh-in on key decisions
• Request/review key metrics
• Create a business continuity
culture
9. Right Team – BC Team Roles
63% of companies claim between 0-2 of full-time employees
dedicated to BC/DR.
Let’s Explore Three Key Roles:
BCM Director/Lead Functional Leads External Stakeholders
10. Case Study: Creating a
Continuity Culture – Gap, Inc.
Challenge: Building relevancy for a new global
business continuity program in an organization
that had only spotty BC/DR initiatives previously
Keys to Success:
• Clear “Source of Power”
• Short chain of command to executive sponsor
• Company wide visibility
• Foster team-wide relationships/break-down organizational silos
• Technology-driven processes
• Celebrate wins
11. The Right Templates
What templates are required depends
on the event types you need to
prepare for. Top threats include:
1. Severe Weather
2. IT Issues (outages, breach, virus…)
3. Power Outages
4. Natural disaster (flood, earthquake)
5. Physical Violence
6. Fire
7. Epidemic
8. Product delivery/quality
9. Scandal/reputation
10. Theft
12. Team ID
• Primary
• Alternates
Risk Assessment
• Situation
Monitoring
• Team Activation
Impact Assessment
(Go/No Go)
• Impact
Assessment
• Go / No Go
Decision
Template Creation
Response Planning
• Communications
• Functional
Assessment
• Plan Checklists
Recovery
• Communications
• Damage
Assessment
• Repair planning
• Vendor Impacts
Metrics Review
• Pre-Event ID
• Decision Speed
• Communication
effectiveness
• Recovery speed
13. Case Study – Xcel Energy
Standardizing Incident Management
Challenge: Poor response record to outages based on
siloed approach to emergency response
Keys to Success:
• Regulatory driven requirement to improve metrics
• Top-down mandate to create standardized approach
• Lead appointed to champion enterprise-wide effort
• Flexible tool selected to pre-populate templates (teams
members, contact preferences, messages, task lists)
• Standard process, customizable by division – flexibility
• System applied to both emergency and routine
operational events
14. Drills – Practice Makes Perfect
Writing a plan on paper and making
it work in a real emergency are
wildly different. Testing critical for:
• Team training
• Breaking departmental silos
• Validating plan effectiveness
• Testing support tool configuration
16. The Right Tools:
Incident Management in the Digital age
Business Continuity has gone virtual for good reasons:
• Redundancy/systems access key in an emergency
• Increasing geographic dispersion of BCM teams
• Simplified information access speeds decision
making
• Affordable, easy to use tools
remove barriers to automation
17. Key Functionality for BCM Efficiency
Effective
Communications
Simplified Project
Management
• Intelligent Alert system
• Escalates alerts across devices
• Personalized message delivery
• GIS mapping for location-
specific alerts
• 2-way messaging with one
touch response
• Easily integrates with IT systems
• Real-time dashboard for
delivery/receipt
• Virtual Collaboration Platform
• Pre-populated templates
• Messages
• Task checklists
• Document library
• Centralized event dashboard
• Operational logs with time
stamping
• Intelligent alerting
• Rich media sharing
• Mobile app
18. Case Study: Driving Efficiency with
better tools - Birmingham Airport
Challenge: Consolidated emergency response teams across the
airport. Needed paperless, centralized system for logging and
managing both routine operational and emergency issues.
Keys to success:
• Ease of use
• Accessible anytime/anywhere
• No need to change current processes – easy start up
• Logged activities are time/date stamped for regulatory compliance
• Centralized dashboard of events allows management to get up to
speed quickly – great for shift changes
• Use system daily – becomes second nature vs. only for crises
19. Metrics Matter
Most commonly tracked metrics:
• Completion of drills
• Incident response performance
• Completion of objectives
• Awareness generation
• Operational performance
(SLAs)
BCM programs that systematically track and report on key
performance indicators reach maturity faster.
Source: Continuity Central Survey
20. Don’t be a Statistic
• 25% small businesses close each year due to inability to
recover from a disaster
• 180 of 350 businesses shut down in the World Trade
Center disaster never reopened
Instead…Build BCM Program Maturity with
the Four T’s Approach
While BCM Program maturity continues to grow, overall levels of readiness are spotty:
This year’s CI/KPMG benchmarking study showed an 8pt increase in the number of respondents self-reporting program maturity
BUT at the same time 2014 Disaster Recovery Preparedness benchmark report showed 75% of companies failing.
MissionMode’s own Readiness Survey results show something in between
Our Readiness Survey asks respondents to rate themselves on a wide variety of readiness factors pertaining to:
Team
Planning
Risk assessment
Response effectiveness
Post response evaluation
Then it gives calculates a weighed Readiness Score on a 0-100 scale. Of the hundreds of organizations who’ve taken the survey, we’re seeing an average readiness index of 58
A full third of respondents are still feeling very or slightly unprepared.
Planning and testing is a fairly large gap:
7% have no plans in place at all
22% have preliminary plans drafted, but no training or testing
32% have plans drafted and trained but for only some event types, not all events
In contrast to the CI Benchmarking study results, only 20% of our survey respondents have both the templates and the tools in place for incident management
The majority have templates without corresponding tools and processes for execution
If you’re interested in learning your organization’s Readiness Number, you can find out by taking our Readiness survey at www.missionmode.com/be-ready
Or visiting us at booth #514.
So why are so many organizations having trouble reaching program maturity? Well as most of you in this room know – Business Continuity Management is hard work!
The fact is it takes a highly disciplined approach to achieve program maturity and many programs lack the support they need to succeed.
That’s why MissionMode has created the Four T’s approach to help companies struggling with achieving BCM program maturity identify and fix the issues that are holding them back.
The Four T’s to BC success include:
Team
Templates
Testing
Tools
And a fifth success factor not starting with T – a metrics driven approach
The First T is Team
And the right team starts with Executive sponsorship in the form of a single C-level person responsible for BCM success and an executive steering committee to monitor and guide the overall program
Studies prove that programs with executive support beat programs without support on nearly every metric
The CI Benchmark study looked at this issue in detail – a few highlights from the chart above:
Programs with steering committees are:
- 63% more likely to do test exercises
105% more likely to do BCM Performance Reviews
92% more likely to do Technology recovery testing
In fact, companies without steering committees are 3 times more likely to have no BCM performance metrics in place at all
Since it’s clear that executive sponsorship is critical to program success,
It’s worth a deeper exploration of the role of the executive sponsor.
This person or team must get Business Continuity on the map as an internal business priority
On the map with the full executive team
On the map across all divisional siloes
On the map with each employee
Companies that are good at this actually create a Business Continuity Culture
2. This person needs to select and manage the BCM team leadership and support this team with Funding, and key risk assessment decisions
Executive leadership is critical, but day-to-day success will be driven by the team itself:
Some organizations have teams of full time employees dedicated to business continuity management, but this isn’t the norm. 63% of companies report having between 0-2 FTEs dedicated to BC/DR program management.
The right team has three major roles:
BCM Director/Program Lead: This person is responsible for organization and management of the company-wide effort. Including: determining what events to prepare for, making sure the right teams are in place for each event type, drafting and documenting plans, ongoing testing, collection of metrics post event and ongoing optimization of the program
2. Functional Leads: To successfully respond to any disruptive event take a cross functional approach. Team leads need to be identified to manage communications, ensure facilities security, support customer service, manage operational impacts and more. For each event type, a different team is required.
3. External stakeholders: these may include public safety officials, suppliers, media and others who need to be kept in the loop in the event of an emergency.
Michael Lazcano was hired at GAP 8 years ago to help them create a global BCM program. Previously, they had no clear plan in place although certain divisions were more developed than others.
-Luckily Michael had a clear management mandate and support
-The management team made this a high visibility initiative where failure was not an option
-But that alone was not enough – GAP was very geographically driven at the time and Michael had to work hard to create a global team that would work together to make this effort a success-Relationship building across multiple face-to-face sessions helped
-Celebration of wins was also key
But they couldn’t have achieved the level of global compliance they have attained without a technology driven approach.
Planning and template creation is one of the most critical factors for BCM program success.
The first step of the process is to identify which events you need to prepare for. Doing some preparation across a wide number of events is less effective than doing complete detailed planning and training across a smaller number of events. Plan to tackle whatever you can manage to completion before moving to the next event type.
This slide illustrates the most commonly experienced event types.
Over 50 % of companies with BCM programs in place, activated their teams for weather, IT and power related issues in 2013.
Planning and template creation is a six step process which needs to be repeated for each event type you choose to tackle:
Team Identification: Functional team leads and alternates plus external stakeholders need to be identified. Contact info for multiple devices should be stored for emergency notification purposes
Risk Assessment: Someone needs to be responsible for monitoring risk and specific triggers identified which would merit BC Team activation
Impact Assessment: Plans should cover who, how, and what information will be gathered to facilitate decision making and how that information will be shared across the full team.
Response Planning: each functional team needs to use planning templates to create their detailed plans. Templates should include checklists of likely impacts and must be easily sharable
Recovery: This stage is about execution and communication. Because of team interdependencies, full visibility of the situation dashboard facilitates better coordination
Post Event Review: As part of the template creation process the team should determine which metrics will be measured to evaluate success.
Xcel Energy had a real problem. Each business unit had their own approach to incident management and none did it particularly well. They were incurring fees for not meeting regulatory standards on outage response.
Management determined that they needed to a standardized approach cross company and appointed a champion to lead the enterprise wide effort
They opted in implement MissionMode’s Situation Center for management of both routine and emergency events and pre-populated the tool with templates for everything from power outages, severe weather risks, IT issues and more.
Templates included team members/alternates, contact preferences and data, check lists, and pre-approved alert messaging, operational log procedures
They evaluated the best processes across the company and used these when developing the enterprise-wide approach. Were able to configure the tools around their existing best practices vs. having to develop whole new processes.
Because the system is used for both routine and emergency events, adoption was much quicker than for organizations that only deploy their emergency response solutions infrequently.
One of the biggest issues faced by companies looking to improve their BC program maturity is overcoming the cross functional problem.
Because BC teams very often include groups of people not used to working together, the more practice these teams get the better. Performance of practice drills is highly correlated with BC program success.
People benefits of Drills:
Training team members on their specific roles
Creating a common goal across the team
Breaking down silos
Process benefits of Drills:
Validate the plan
Make sure all bases covered
Test/train use of support tools
Creating and managing effective drills is a key role of Business Continuity team leadership
It all starts with strong test plans – drills need to be happening all year long across different event types and functional teams.
Each test plan will include a scenario, expected response and KPI’s
The BC team lead needs to create internal urgency around the drill by demonstrating importance to all team members – it helps when there is a steering committee in place to make sure drills occur and monitor results
The Lead will first review the test with the team so all members know what is expected. At some point after, but not previously scheduled, the drill will be launched.
Afterwards, the team will meet to review KPIs and evaluate their performance. Results will be communicated to management and, if needed, templates will be adapted to fill gaps identified by the test exercise.
The right tools can help structure a BC team effort and make sure that key steps don’t get missed. They help standardize response and reduce the learning curve for BC Program maturity
In this age of connectivity and mobility – there are huge advantages to equipping your BC team to be completely virtual
Last year Gartner’s Hype Cycle Report suggested that the virtual incident management system had officially “come of age”. The main drivers of adoption from their point of view included:
Manage relationships with all internal and external stakeholders of an organization
More efficiently manage response, recovery and restoration actions
Communicate critical information internally and externally
Review and report on the incident so that an organization’s business continuity team can utilize the data for future training and improvements
BCM program leads need two primary tools to speed and simplify incident management. First is fully featured emergency notification and second is an incident management system for to serve as your virtual command center.
This chart highlights some of the key functionality you want to look for when sourcing emergency notification and incident management solutions:
Birmingham Airport realized huge efficiencies when they adopted an automated incident management approach.
Were consolidating teams and downsizing – needed to make it easier
Employees distributed across wide area – needed anytime /anywhere access
Needed to get away from paper-based logs for regulatory compliance.
Lots of different employees using this solution. HAD TO BE EASY to use!!
Run three shifts a day – having all routine and emergency events documented on centralized system made shift changes and management updates much easier and quicker
Again, not to sound like a broken record, but daily adoption and use for routine events made it much easier for them to learn new tools
As I showed earlier, companies that have BCM Program effectiveness tracking in place perform better in terms of program maturity.
That being said almost half of those surveyed in a Continuity Central study on BC Program measurement said they had absolutely no tracking in place.
THAT IS A PROBLEM, but it’s a problem that’s easily fixed. You don’t have to create a major complicated dashboard for BC metrics. Some will even be qualitatively reported, but the act of tracking and reporting results will make a big difference.
Continuity Central found that the for those organizations that do have BC/DR program KPIs in place, the top metrics included:
-Completion of drills
-Incident response performance (speed, effectiveness, compliance with plan)
-Completion of program objectives
-Internal program awareness generation activity (building a continuity culture)
-Meeting SLAs
Being at this conference already demonstrates a desire to not be a statistic like the ones here
-One of the 25% of small businesses that close each year due to the inability to recover from a disaster
One of 180 businesses that never reopened after the WTC disaster
By adopting the Four T’s approach to Crisis Management, you can be sure your organization will climb the majority curve in a consistent, disciplined fashion and achieve your BC readiness goals faster.
Want to get your readiness number. Visit MissionMode at booth #514 or take our Readiness Survey online at: www.missionmode.com/be-ready