The document provides an overview of disaster management basics and business continuity planning. It discusses that organizations need to consider a wide range of potential disasters and risks, both predictable and unpredictable. Further, it emphasizes that effective planning requires analyzing interdependencies and impacts, having coordinated response plans, and building organizational resilience through strategies like graceful degradation and agile restoration. The final sections discuss crisis management team roles and the three levels of continuity - strategic, operational, and tactical.
Risk Management is more than just Risk Avoidance.
Go beyond IT Audits, Security Assessments, checklists and checkboxes. Join Michael Scheidell, Certified CISO as you move beyond Risk Assessments and Risk Management into Risk Enablement.
Risk Enablement is the process of developing an Enterprise Risk Management program that facilitates and encourages a strategy of supporting TAKING Risks. The requirement of any growing company.
Find out how to build a culture of informed Enterprise Risk Management.
(related whitepaper at http://blog.securityprivateers.com/2014/03/to-achieve-good-security-you-need-to.html
A presentation given by international keynote speaker Dr. Stephen Muething from Cincinnati Children's Hospital, USA at the CHA conference The Journey, in October 2012.
What might be the ultimate risk management machine, is called a ‘High Reliability Organization’ (HRO). HRO can be thought of as a very advanced version of continuous quality improvement that extends to the performance of an entire organization.
Leadership is one of the key drivers of a culture within an organisation.
Key attributes of a safety leader include understanding the basis of a high performance organisation through the adoption of HSE mindfulness.
When people fail to follow rules and procedures they usually know what they should be doing. Although, there are some cases where people mistakenly violate rules because they failed to understand the rule or did not know it existed.
Risk Management is more than just Risk Avoidance.
Go beyond IT Audits, Security Assessments, checklists and checkboxes. Join Michael Scheidell, Certified CISO as you move beyond Risk Assessments and Risk Management into Risk Enablement.
Risk Enablement is the process of developing an Enterprise Risk Management program that facilitates and encourages a strategy of supporting TAKING Risks. The requirement of any growing company.
Find out how to build a culture of informed Enterprise Risk Management.
(related whitepaper at http://blog.securityprivateers.com/2014/03/to-achieve-good-security-you-need-to.html
A presentation given by international keynote speaker Dr. Stephen Muething from Cincinnati Children's Hospital, USA at the CHA conference The Journey, in October 2012.
What might be the ultimate risk management machine, is called a ‘High Reliability Organization’ (HRO). HRO can be thought of as a very advanced version of continuous quality improvement that extends to the performance of an entire organization.
Leadership is one of the key drivers of a culture within an organisation.
Key attributes of a safety leader include understanding the basis of a high performance organisation through the adoption of HSE mindfulness.
When people fail to follow rules and procedures they usually know what they should be doing. Although, there are some cases where people mistakenly violate rules because they failed to understand the rule or did not know it existed.
Human Factors (HF) covers a variety of issues that relate primarily to the individual and workforce, their behavior and attributes. Human error is still poorly understood by many stakeholders and so the risk assessments of operations or process often fall short in their capture of potential failures. There is little consideration of human factors in the engineering design of equipment, operating systems and the overall process, procedures and specific work tasks. Operational human factor issues are often treated on an ad-hoc basis in response to individual situations rather than as part of an overarching and comprehensive safety management strategy. The role that human factors play in the rate of incidents, equipment failure and hydrocarbon releases is poorly understood and underdeveloped.
Events which massively impact your reputation need to be managed upfront. But which events can can harm you so much? is it the small events that get out of control or the large rare events that you have missed? I am proposing a method which can help you understand where you have weaknesses and help focus your efforts.
Business Continuity for Mission Critical ApplicationsDataCore Software
Unplanned interruption events, a.k.a. “disasters,” hit virtually all data centers at one time or another. While the preponderance of annual downtime results from interruptions that have a limited or localized scope of impact, IT planners must also prepare for the possibility of a catastrophic event with a broader geographical footprint.
Such disasters cannot be circumvented simply by using high availability configurations in servers or storage. What is needed, especially for mission-critical applications and databases, are strategies that can help organizations prevail in the wake of “big footprint” disasters, but that can also be implemented in a more limited way in response to interruption events with a more limited impact profile.
DataCore Software’s storage platform provides several capabilities for data protection and disaster recovery that are well-suited to today’s most mission-critical databases and applications.
Why Your Organization Should Leverage Data Science for Risk Intelligence and ...Resolver Inc.
Every security organization needs data scientists! Expanding the utilization and influence of data scientists within corporate security risk intelligence teams will undoubtedly lead to enhancements for the organization’s risk exposure understanding and business decision-making, while also presenting analytical intelligence products in a more visually-appealing and quickly digestible format.
The collection, organisation and upkeep of the policies, procedures, requirements, expectations, processes, records and tools we use for managing health and safety in our work environment.
IT Alert Management Survey Results - February 2013SolarWinds
SolarWinds recently conducted a survey on IT Alert Management with participation from over 150 IT professionals. We learned about the challenges faced in managing alerts. Here are the findings…
2014 10 16_challenge of natural security systemsrbrockway
Static security models and "business as usual" directives have naturally resulted in a collective eyes wide shut mentality of organizational entropy. Organisms, as well as organizations, can only adapt to changing environments by leaving (or being forced from) their comfort zones. It should be obvious that today's threat landscape is changing at a breakneck pace, yet most organizations are seemingly content in adding "spend" to the annual budget for more systems that claim to protect against the latest FUD. This is not learning and without learning adaptation cannot occur. Challenges to the organism and organization that move them both out of their respective comfort zones are crucial for successful adaptation. This talk will explore these adaptation requirements in an effort to develop a framework for more naturally secure systems and organizations. At its conclusion it will present a challenge for all those willing to get out of their own respective comfort zones and organically contribute to naturally stronger systems and organizations.
Whitepaper : Building a disaster ready infrastructureJake Weaver
It’s not just hurricanes, fire or other natureal disasters that can bring a business to its knees. Everyday problems such as bad software, misconfigured networks, hardware failures or power outages are much more common. In fact, power failures accounted for nearly half of the declared disasters reported in a recent survey conducted by Forrester
Identify your major technology change risks and set appropriate priorities by scoring them with this helpful guide, a 3-part, do-it-yourself assessment whitepaper: Where are you in Managing Big System Implementation?
Mastering disaster a data center checklistChris Wick
50% of businesses that experience data loss for 10 days or more file for bankruptcy and 93% fail within a year. But with a Disaster Recovery plan, you don't have to worry visit https://goo.gl/Ba1J9e.
Human Factors (HF) covers a variety of issues that relate primarily to the individual and workforce, their behavior and attributes. Human error is still poorly understood by many stakeholders and so the risk assessments of operations or process often fall short in their capture of potential failures. There is little consideration of human factors in the engineering design of equipment, operating systems and the overall process, procedures and specific work tasks. Operational human factor issues are often treated on an ad-hoc basis in response to individual situations rather than as part of an overarching and comprehensive safety management strategy. The role that human factors play in the rate of incidents, equipment failure and hydrocarbon releases is poorly understood and underdeveloped.
Events which massively impact your reputation need to be managed upfront. But which events can can harm you so much? is it the small events that get out of control or the large rare events that you have missed? I am proposing a method which can help you understand where you have weaknesses and help focus your efforts.
Business Continuity for Mission Critical ApplicationsDataCore Software
Unplanned interruption events, a.k.a. “disasters,” hit virtually all data centers at one time or another. While the preponderance of annual downtime results from interruptions that have a limited or localized scope of impact, IT planners must also prepare for the possibility of a catastrophic event with a broader geographical footprint.
Such disasters cannot be circumvented simply by using high availability configurations in servers or storage. What is needed, especially for mission-critical applications and databases, are strategies that can help organizations prevail in the wake of “big footprint” disasters, but that can also be implemented in a more limited way in response to interruption events with a more limited impact profile.
DataCore Software’s storage platform provides several capabilities for data protection and disaster recovery that are well-suited to today’s most mission-critical databases and applications.
Why Your Organization Should Leverage Data Science for Risk Intelligence and ...Resolver Inc.
Every security organization needs data scientists! Expanding the utilization and influence of data scientists within corporate security risk intelligence teams will undoubtedly lead to enhancements for the organization’s risk exposure understanding and business decision-making, while also presenting analytical intelligence products in a more visually-appealing and quickly digestible format.
The collection, organisation and upkeep of the policies, procedures, requirements, expectations, processes, records and tools we use for managing health and safety in our work environment.
IT Alert Management Survey Results - February 2013SolarWinds
SolarWinds recently conducted a survey on IT Alert Management with participation from over 150 IT professionals. We learned about the challenges faced in managing alerts. Here are the findings…
2014 10 16_challenge of natural security systemsrbrockway
Static security models and "business as usual" directives have naturally resulted in a collective eyes wide shut mentality of organizational entropy. Organisms, as well as organizations, can only adapt to changing environments by leaving (or being forced from) their comfort zones. It should be obvious that today's threat landscape is changing at a breakneck pace, yet most organizations are seemingly content in adding "spend" to the annual budget for more systems that claim to protect against the latest FUD. This is not learning and without learning adaptation cannot occur. Challenges to the organism and organization that move them both out of their respective comfort zones are crucial for successful adaptation. This talk will explore these adaptation requirements in an effort to develop a framework for more naturally secure systems and organizations. At its conclusion it will present a challenge for all those willing to get out of their own respective comfort zones and organically contribute to naturally stronger systems and organizations.
Whitepaper : Building a disaster ready infrastructureJake Weaver
It’s not just hurricanes, fire or other natureal disasters that can bring a business to its knees. Everyday problems such as bad software, misconfigured networks, hardware failures or power outages are much more common. In fact, power failures accounted for nearly half of the declared disasters reported in a recent survey conducted by Forrester
Identify your major technology change risks and set appropriate priorities by scoring them with this helpful guide, a 3-part, do-it-yourself assessment whitepaper: Where are you in Managing Big System Implementation?
Mastering disaster a data center checklistChris Wick
50% of businesses that experience data loss for 10 days or more file for bankruptcy and 93% fail within a year. But with a Disaster Recovery plan, you don't have to worry visit https://goo.gl/Ba1J9e.
SolarWinds Presents Compliance with Log and Event ManagerSolarWinds
Compliance with security standards has a direct impact on organizations of all sizes, and being non-compliant can result in serious consequences including security breaches, fines, failure of critical missions or projects, loss of revenue, and more.
Join us for this webinar, in which we’ll discuss: the various compliance requirements, including PCI, HIPAA, SOX, FISMA, DISA STIGs and more, the ramifications of not being compliant, and how SolarWinds Log & Event Manager can help in your security and compliance efforts.
ISACA Reporting relevant IT risks to stakeholdersMarc Vael
A presentation I made for the ISACA Belgium open forum of June 2015 in Brussels on Reporting relevant IT risks to stakeholders. This presentation served as starter for the discussions in the open forum.
So, you have a continuity plan and perhaps even think you have resiliency covered? Think again!
About more than just theoretical “best practices”, the deck was originally presented as a key note for CPM West 2007. It covers the semenal role of strategic vision and the vital importance of executives’ risk exposure perspective. Practicioners’ and senior executives’ eyes alike are opened to the realities of what it takes to be truly prepared and capable of responding in an all-hazards approach as an integral part of enterprise-wide risk management (ERM). This presentation looks at pragmatic cures for the “hardening of the attitudes” disease prevalent in too many boardrooms that results in the 10 most common mistakes corporate and governmental entities at all levels face when attempting to plan and implement viable resiliency programs.
NIST Cybersecurity Framework is a good starting point for many enterprises to harden their security posture against advanced threats. In this webinar, we will share the major take-aways from the framework. More importantly, we will explain the 5 critical factors in implementing cybersecurity defense, and how to handle them with best practice.
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...commonsenseLT
Dr. Bahadir Inozu, CEO, NOVACES, LLC (USA) @ TOCICO International Public Sector Effectiveness Conference 2013 Vilnius
- Focusing on everything is synonymous with not focusing on anything.
- Flow concept in public sector.
- Complementary features of Integration of best practices.
- Purpose, focus and application guidelines of Constraints Management, Lean and Six Sigma.
- Reaching operational excellence: systematic tools that turn any organisation into Best-In-Class one.
More information - http://pse.lt
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
Is the CISO the new CEO. Proactive Risk Management and Compliance in a World of Digital Disruption presentation at annual Information Technology Security and Audit (CACS) event in Chicago...as GDPR becomes a reality!
Corporate Social Responsibility: Balancing the Risks and RewardsPECB
Corporate Social Responsibility shows a preference for a wider range of issues around the organization, with new responsibilities, opportunities, and risks (positive and negative).
A dynamic CSR program entails rethinking short term approaches to embedding long term “ways of doing business”, changing the culture of the organization. While many organizational processes put the focus on the short term, things can go very wrong if the short term creates limitations and unsustainability.
Main points covered:
• Definition of Corporate Social Responsibility
• Establish Goals and Objectives
• Conceptualize, Position, Calibrate, Buffer Risks
Presenter:
Geary Sikich is a Principal with Logical Management Systems, Corp. Geary is active in Executive Education, where he has developed and delivered courses in enterprise risk management, contingency planning, performance management and analytics. Geary is a frequent speaker on business continuity issues business performance management.
Link of the recorded session published on YouTube: https://youtu.be/lSkOmQs0WZU
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Kseniya Leshchenko: Shared development support service model as the way to ma...Lviv Startup Club
Kseniya Leshchenko: Shared development support service model as the way to make small projects with small budgets profitable for the company (UA)
Kyiv PMDay 2024 Summer
Website – www.pmday.org
Youtube – https://www.youtube.com/startuplviv
FB – https://www.facebook.com/pmdayconference
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...BBPMedia1
Marvin neemt je in deze presentatie mee in de voordelen van non-endemic advertising op retail media netwerken. Hij brengt ook de uitdagingen in beeld die de markt op dit moment heeft op het gebied van retail media voor niet-leveranciers.
Retail media wordt gezien als het nieuwe advertising-medium en ook mediabureaus richten massaal retail media-afdelingen op. Merken die niet in de betreffende winkel liggen staan ook nog niet in de rij om op de retail media netwerken te adverteren. Marvin belicht de uitdagingen die er zijn om echt aansluiting te vinden op die markt van non-endemic advertising.
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
Digital Transformation and IT Strategy Toolkit and TemplatesAurelien Domont, MBA
This Digital Transformation and IT Strategy Toolkit was created by ex-McKinsey, Deloitte and BCG Management Consultants, after more than 5,000 hours of work. It is considered the world's best & most comprehensive Digital Transformation and IT Strategy Toolkit. It includes all the Frameworks, Best Practices & Templates required to successfully undertake the Digital Transformation of your organization and define a robust IT Strategy.
Editable Toolkit to help you reuse our content: 700 Powerpoint slides | 35 Excel sheets | 84 minutes of Video training
This PowerPoint presentation is only a small preview of our Toolkits. For more details, visit www.domontconsulting.com
Unveiling the Secrets How Does Generative AI Work.pdfSam H
At its core, generative artificial intelligence relies on the concept of generative models, which serve as engines that churn out entirely new data resembling their training data. It is like a sculptor who has studied so many forms found in nature and then uses this knowledge to create sculptures from his imagination that have never been seen before anywhere else. If taken to cyberspace, gans work almost the same way.
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Skye Residences | Extended Stay Residences Near Toronto Airportmarketingjdass
Experience unparalleled EXTENDED STAY and comfort at Skye Residences located just minutes from Toronto Airport. Discover sophisticated accommodations tailored for discerning travelers.
Website Link :
https://skyeresidences.com/
https://skyeresidences.com/about-us/
https://skyeresidences.com/gallery/
https://skyeresidences.com/rooms/
https://skyeresidences.com/near-by-attractions/
https://skyeresidences.com/commute/
https://skyeresidences.com/contact/
https://skyeresidences.com/queen-suite-with-sofa-bed/
https://skyeresidences.com/queen-suite-with-sofa-bed-and-balcony/
https://skyeresidences.com/queen-suite-with-sofa-bed-accessible/
https://skyeresidences.com/2-bedroom-deluxe-queen-suite-with-sofa-bed/
https://skyeresidences.com/2-bedroom-deluxe-king-queen-suite-with-sofa-bed/
https://skyeresidences.com/2-bedroom-deluxe-queen-suite-with-sofa-bed-accessible/
#Skye Residences Etobicoke, #Skye Residences Near Toronto Airport, #Skye Residences Toronto, #Skye Hotel Toronto, #Skye Hotel Near Toronto Airport, #Hotel Near Toronto Airport, #Near Toronto Airport Accommodation, #Suites Near Toronto Airport, #Etobicoke Suites Near Airport, #Hotel Near Toronto Pearson International Airport, #Toronto Airport Suite Rentals, #Pearson Airport Hotel Suites
1. Disaster Management Basics
It IS All About Survivability
Copyright 2013, Logical Management Systems, Corp., all rights reserved
2. Disaster Management Basics
We tend to
subconsciously
decide what to
do before figuring
out why we want
to do it.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
3. Business: what is it?
Business is driven by strategy carried out in the
form of plans by people who operate in existing
and evolving markets.
Every organization’s “strategic plan” (developed
either formally or informally) identifies their
critical objectives.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
4. What is a disaster?
Merriam Webster:
something (such as a flood, tornado, fire, plane
crash, etc.) that happens suddenly and causes
much suffering or loss to many people
something that has a very bad effect or result
a complete or terrible failure
What is a disaster for your organization?
Copyright 2013, Logical Management Systems, Corp., all rights reserved
5. Is Your Organization’s Planning Brittle?
Do the organization’s plans stand in silos of excellence?
Are activation and implementation of plans independent
and uncoordinated?
Does the organization face critical junctures of survival
every time an event or certain shocks affect it?
Does analysis of “worst case” scenarios underlay the basis
for planning?
Do the plans reflect the strategy, goals and objectives of the
organization?
Copyright 2013, Logical Management Systems, Corp., all rights reserved
6. Is Your Organization’s Planning Brittle?
We live in a complex and interdependent world, filled with
complex systems that are full of interdependencies (touchpoints)
that are hard to detect.
The result is nonlinearity in responses to events, especially
random events/shocks.
The odds of rare events are simply not computable.
Model error swells when it comes to small probabilities.
The rarer the event; the less tractable, and the less we know
about how frequent its occurrence.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
7. Is Your Organization’s Planning Brittle?
Complexity
Touchpoints
Responsiveness
Resource Constraints
It is much easier to
sell: “Look what I
did for you”
than
“Look what I
avoided for you.”
Copyright 2013, Logical Management Systems, Corp., all rights reserved
8. Business Continuity – From What?
What is going to cause discontinuity?
Natural Disaster?
Sabotage?
People?
Fraud?
Operations?
Mismanagement?
Internal Factors?
EHS Issues?
Workplace Violence?
Power Failure?
Cyber-threats?
Nuclear, Chemical, Biological?
Terrorism?
What is the single highest probable
failure factor for your business?
External Factors?
Copyright 2013, Logical Management Systems, Corp., all rights reserved
9. How much Analysis are you doing right now?
Symmetric Threats – Natural, Normal, Abnormal
Natural Disasters
•Hurricanes
•Earthquakes
•Floods
•Tornadoes
•Drought
Physical Disasters
•Industrial Accidents
•Supply Chain
•Value Chain
•Product Failure
•Fires
•Environmental
•Health & Safety
Information Disasters
•Theft of Proprietary Information
•Hacking, Data Tampering
•Cyber Attacks
Personnel Disasters
•Strikes
•Workplace Violence
•Vandalism
•Employee Fraud
Economic Disasters
•Recessions
•Stock Market Downturns
•Rating Agency Downgrade
Criminal Disasters
•Product Tampering
•Terrorism
•Kidnapping & Hostages
Reputation Disasters
•Rumors
•Regulatory Issues
•Litigation
•Product Liability
•Media Investigations
•Internet Reputation
•Social Media
Copyright 2013, Logical Management Systems, Corp., all rights reserved
10. How much Analysis are you doing right now?
Asymmetric Threats – Known is replaced by the invisible foe
Put simply, asymmetric threats are
a version of “not fighting fair,” that
can include surprise, unplannable
and unpredictable events, impacts
to your touchpoints that have not
been anticipated.
Not fighting fair also includes the
prospect of an opponent designing
a strategy that fundamentally
alters the markets that you
compete in.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
11. Business Impact Analysis
what are we analyzing?
We know now what to
measure, we know the current
performance and we have
discovered some problem
areas.
Now we have to understand
why problems are generated,
and what the causes for these
problems are.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
12. Prediction – Projection
If you don’t know what you
don’t know, how can you
prepare for it?
Conventional practices leave us
vulnerable to random,
potentially catastrophic events,
that cannot be predicted based
on simple extrapolations from
the past or projections of the
future.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
13. Emerging Risks – Likelihood, Impact & Velocity
High
Global Workforce
Environmental
Competition
Sovereign Debt
Geo-Political
Infrastructure
Markets
RISK VELOCITY
Likelihood
Economies
Very Rapid
Foreign Sources
Alternatives
Technology
Impact of the risk would
be evident in a month
Rapid
Impact of the risk would
be evident in a quarter
Slow
Social Trends
Impact of the risk would
be evident in a year
Low
Low
Impact
High
•Traditional risk assessments that prioritize risk on probability and impact are outpaced by the speed
at which risks move throughout the organization.
•While 70% of finance executives agree that risk velocity is a core consideration, only 11% have
introduced it into their risk assessments.
Source: Deloitte; Risk Integration Strategy Council Research
Copyright 2013, Logical Management Systems, Corp., all rights reserved
15. Six Key Questions
STRATEGY:
What are we committed to?
CONCEPT OF OPERATIONS:
How will we fulfill these commitments?
STRUCTURE:
Do we have an organization that serves our needs?
RESOURCE MANAGEMENT:
How will we manage our resources?
CORE COMPETENCIES:
What skills do we expect from our organization?
PRAGMATIC LEADERSHIP:
How will we optimize authority, decision-making,
workflow, information sharing?
Copyright 2013, Logical Management Systems, Corp., all rights reserved
16. Decision Making Issues Related to Risk
Neutralize
Share
Diversify
Mitigate
Transfer
Contain
Identify
Alter
Offset Effects
Reduce Exposure
Control
Alleviate Impact
Change Negative – Positive
Insure Against Loss
Monitor
Hedge
Derivatives
Discount
Copyright 2013, Logical Management Systems, Corp., all rights reserved
17. Living in a Non-Predictive World
A stone and its weight in pebbles – size matters.
A collection of small units with semi-independent variations
produces vastly different risk characteristics than a single large unit
Copyright 2013, Logical Management Systems, Corp., all rights reserved
18. Business Continuity Lifecycle
Recovery Management
Crisis Management
Emergency Response
Response
Mitigation
Termination
Normal Business
Operations
Transition
Point 1
Activation
Reactive Response
Chaos
Business Recovery
Systems/Information Recovery
Reentry
Restoration
Resumption
Transition
Point 2
Unplanned
Disruption
Resumption
Transition to New
Normal Operations
Transition
Point 3
Planned
Disruption
New Normal
Business
Operations
Transition
Point 4
Termination
Copyright 2013, Logical Management Systems, Corp., all rights reserved
19. How Well Will Your Organization Transition?
Transition Point 1
Activation
Reactive Response
Chaos/Uncertainty
Transition Point 3
Planned Disruption
?
Transition Point 2
Transition Point 4
Unplanned
Disruption
Termination
Copyright 2013, Logical Management Systems, Corp., all rights reserved
20. Plan – Respond – Recover – Restore – Resume
Plan
High
Resume
Event
Response
Restore
RTO
Recovery
RPO
Level of Service
(Image and Profile
affect degree of
disruption)
Graceful Degradation
Stability Levels
Agile Restoration
MTO
Low
CTL
Time (Time Critical)
(Time Sensitive)
(Time Dependent)
Copyright 2013, Logical Management Systems, Corp., all rights reserved
21. Plan – Respond – Recover – Restore – Resume
Plan
High
Resume
Event
Response
Restore
RTO
Recovery
RPO
Level of Service
(Image and Profile
affect degree of
disruption)
Graceful Degradation
Stability Levels
Agile Restoration
MTO
Low
CTL
Time (Time Critical)
(Time Sensitive)
(Time Dependent)
Copyright 2013, Logical Management Systems, Corp., all rights reserved
22. Plan – Respond – Recover – Restore – Resume
Plan
High
Resume
Event
Response
Restore
RTO
Recovery
RPO
Level of Service
(Image and Profile
affect degree of
disruption)
Graceful Degradation
Stability Levels
Agile Restoration
MTO
Low
CTL
Time (Time Critical)
(Time Sensitive)
(Time Dependent)
Copyright 2013, Logical Management Systems, Corp., all rights reserved
23. Business Continuity Lifecycle
Graceful Degradation + Agile Restoration = Resilience
Full Functionality
Detectors/Indicators of
change
Minimum Stable
Functionality
Maximum Stable
Level of Service
Devolve to most robust less functional configuration
(Personnel, Time, Product, Services)
Copyright 2013, Logical Management Systems, Corp., all rights reserved
25. Building an effective crisis management team
Why Crisis Management Teams Fail:
Crisis Management Team does not know its own reaction
time;
Communications;
Micro-Managing;
Decisions are left at low levels;
Allowing problems to compound.
Copyright 2013, Logical Management Systems, Corp., all rights reserved
26. Building an effective crisis management team
Your biggest challenge:
Getting the team to work together when they
generally do not function every day as a team
Your next biggest challenge:
Getting the team to comprehend their crisis
management roles, responsibilities, functions and
how they differ from their day-to-day roles,
responsibilities and functions
Copyright 2013, Logical Management Systems, Corp., all rights reserved
27. Crisis Management Team (CMT)
Team Competencies (TC)
How good are the team members?
Are they still struggling with basic procedures?
Team Identity (TI)
Does everyone know who does what?
Do they help each other out?
Is anyone micro-managing?
Is anyone “out of it”?
Team Metacognition (TM)
Who’s taking responsibility?
Do they spot and correct problems?
Do they get crunched for time?
Are they “territorial”?
Team Cognition (TC-1)
Is the CMT heading for the same goals?
Does everyone have the same picture?
Are they consistently in a reactive mode?
Do they get paralyzed by uncertainty?
Gary Klein:
“Sources of Power: How People Make Decisions”
Copyright 2013, Logical Management Systems, Corp., all rights reserved
28. Business Continuity – Three Levels
Strategic Level –
Saving the business
Operational Level –
Containing Business Unit Impacts
Key Functions
Leadership (Management)
Planning
Operations
Logistics
Finance
Administration
Infrastructure
Internal/External Relations
Tactical Level –
Operational Actions
Copyright 2013, Logical Management Systems, Corp., all rights reserved
29. Three Spheres of Concern
SPHERE OF INFLUENCE
Your assets and capabilities can affect the
courses of action of others
SPHERE OF RESPONSIBILITY
Your corporate mission, vision, values,
goals, objectives
SPHERE OF INTEREST
Assets and Capabilities of others can effect
your courses of action
Copyright 2013, Logical Management Systems, Corp., all rights reserved
30. “If you keep doing what you’ve
always done – you’ll keep getting
what you’ve always gotten.”
Geary W. Sikich
Principal
Logical Management Systems, Corp.
www.logicalmanagement.com
gsikich@logicalmanagement.com
g.sikich@att.net
+1 (219) 922-7718
Copyright 2013, Logical Management Systems, Corp., all rights reserved
Editor's Notes
Debt becomes poisonous once it reaches 80% to 100% of GDP for governments, 90% of GDP for companies, and 85% of GDP for households. From then on, extra debt chokes growth. Stephen Cecchetti and his team at the Bank for International Settlements have written the definitive paper rebutting the pied pipers of ever-escalating credit."The debt problems facing advanced economies are even worse than we thought."
Understanding risk velocity is important - how hard you are hit by a risk realized can determine if your organization survives or flounders. Yet few executives have actually used risk velocity in their analysis of risk exposures.We all know “risk” – yet we really do not understand risk.
It’s all about targeted flexibility, the art of being prepared, rather than preparing for specific events. Being able to respond rather than being able to forecast, facilitates the ability to respond to the consequences of an event.We have the unfortunate tendency to view recent experience through a very narrow window of data sets. The data sets often times are based on convenience of access and data availability, rather than on research and a deeper analysis of a broader base of information. What is possible is a long way from what is probable. Determining what is probable takes a lot more effort and analysis.