This document discusses contingency planning and business continuity management. It explores remote monitoring and facilities management using a National Intelligence Centre. The Centre would allow around-the-clock monitoring and control of multiple sites and supply chains through technologies like CCTV, alarms, and access control. This would help with contingency planning, crisis response, disaster recovery, and business continuity. The document outlines the components and benefits of such a remote system for protecting potential targets and restoring services quickly in the event of disruptions.
CGC Solutions & Services is provider of IT security consulting services and also developer of Integrated Facility Management System.
Our core philosophy is the trust, reliability, professionalism, and we will be happy to help you with any problems related to security and safety. Key employees are active members of ISACA, GIAC and (ISC)².
Specialties
Facility Management, Penetration Testing, Virtual Desktop Infrastructure, Network Security Audit, CCTV Security Surveillance, Attendance Tracking, Access Control, Desktop as a Service, Services of Security Operation Center, Security Incident and Event Management
ControlCase covers the following:
- What is CMMC?
- Who does CMMC apply to?
What is the accreditation body (CMMC-AB)?
- What is a CMMC Third Party Organization (C3PAO)?
- What does CMMC mean for Cybersecurity?
- What are the CMMC certification levels?
- How often is CMMC needed?
- CMMC and NIST
- What is the CMMC Assessment process?
In order to bid on Department of Defense (DoD) contracts, hundreds of thousands of organizations will need to be assessed for their Cybersecurity Maturity Model Certification (CMMC) Level. But how exactly does that process work?
Watch the free session here: https://www.infosecinstitute.com/webinar/cmmc-case-study-assessment/
CGC Solutions & Services is provider of IT security consulting services and also developer of Integrated Facility Management System.
Our core philosophy is the trust, reliability, professionalism, and we will be happy to help you with any problems related to security and safety. Key employees are active members of ISACA, GIAC and (ISC)².
Specialties
Facility Management, Penetration Testing, Virtual Desktop Infrastructure, Network Security Audit, CCTV Security Surveillance, Attendance Tracking, Access Control, Desktop as a Service, Services of Security Operation Center, Security Incident and Event Management
ControlCase covers the following:
- What is CMMC?
- Who does CMMC apply to?
What is the accreditation body (CMMC-AB)?
- What is a CMMC Third Party Organization (C3PAO)?
- What does CMMC mean for Cybersecurity?
- What are the CMMC certification levels?
- How often is CMMC needed?
- CMMC and NIST
- What is the CMMC Assessment process?
In order to bid on Department of Defense (DoD) contracts, hundreds of thousands of organizations will need to be assessed for their Cybersecurity Maturity Model Certification (CMMC) Level. But how exactly does that process work?
Watch the free session here: https://www.infosecinstitute.com/webinar/cmmc-case-study-assessment/
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
Leveraging the technology advancements in video analytics, THRIVE Intelligence has developed an end-to-end video monitoring and management service from the camera to the Monitoring Center where video is monitored 24/7 by trained Security Intervention Specialists.THRIVE IP cameras are installed with edge-based video analytics making the camera intelligent. When an alarm or event occurs, it’s immediately reviewed by special screened, trained and certified personnel at our Monitoring Center, who will dispatch officers or first responders (if necessary), based on the event protocols set. THRIVE analytics eliminates incidents of false alarms and operator interaction ensures proper response. Live footage of events can be streamed directly to customers and to law enforcement officers en route via a smartphone, tablet, or computer. iOS and Android apps have been developed to work with the THRIVE solution. THRIVE’s video analytics first stabilizes the image then learns the environment which allows our analytics to automatically overcome environmental conditions such as: light changes, repetitive motion, and adjustments to the image caused by rain, fog, dirt and low light.
In this presentation, THRIVE will demonstrate the capabilities of its camera analytics and our 360 solution that is offered to end users.
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
Effective Security Operations Centre SOC building - by Manoj Purandare. This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security
In this video, you will learn:
1. How to specify the scope of Federal Contract Information (FCI) Assets
in your CMMC 2.0 Level 1 Self-Assessment.
2. What is the scope of CMMC 2.0 Level 2 Assessment?
3. How to map and categorize organizational assets?
4. What are the ways to reduce the scope of your assessment?
Learn more from the video: https://youtu.be/Tp3rya6EZCA
Building an Intelligence-Driven Security Operations CenterEMC
This white paper describes how an intelligence-driven security operations center (SOC) improves threat detection and response by helping organizations use all available security-related information from both internal and external sources to detect hidden threats and even predict new ones.
I enjoyed presenting on effective controls for software development with Matthew Crabbe and QA Financial. I am pushing the concept of "cyber compliance" to define internal and external requirements for IT assets such as software, data, hardware, services, contracts, and licenses. Cyber compliance is rapidly expanding from licenses, privacy and contracts with IT vendors to outsourcing, software development and business continuity of essential services providers, cloud in particular.
#riskmanagement #compliance #itcontrol #CISO #cybersecurity
The MCGlobalTech Managed Security Compliance Program helps small business government contractors meet the DFARS/NIST 800-171 compliance requirements by managing their security and compliance. Save Money. Run your business. Leave it to the experts.
Infosec 2014 - Considerations when choosing an MSSPHuntsman Security
The considerations organisations should be aware of when selecting managed security service providers (MSSPs) for the management of controls and the monitoring of detected intrusions.
With an often-increased focus on effective and timely response to breaches, many organisations are going down the route of using a third party service to conduct an operational role in their security management processes. However there are things to ask of potential providers at the selection stage, as well as requirements on how services operate once up and running.
It is also important to understand that there will be controls and processes that will still be required for effective management of, and communication with, the MSSP. Both parties play a role in responding to incidents from detection to resolution.
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions.
(Source: RSA USA 2016-San Francisco)
The Cybersecurity Maturity Model Certification (CMMC) continues to take shape, with the formation of the Accreditation Body (AB) and continued release of framework and contract guidance. The CMMC will be used as a unified standard for defense contractors to demonstrate cybersecurity program maturity and protection of CUI, and will ultimately require a third party assessment to achieve required certification. The DoD acknowledges that contractors of varying sizes struggle to maintain an appropriate cybersecurity posture and believes this new framework will help contractors implement effective cybersecurity controls tailored to the size and nature of their business and meet the DoD’s requirements.
In this webinar, Tom Tollerton, Managing Director of Cybersecurity & Privacy at DHG will discuss the latest developments around the framework, expectations in contracts in the coming months, and offer actionable recommendations for steps to prepare for potential requirements.
Download the presentation today or visit us at www.unanet.com.
This presentation discusses why cybersecurity is an issue for safety instrumented systems and will examine example architectures when communicating with the SIS.
The new CMMC version 1 was published in January 2020. This presentation was provided to small businesses's that are part of the DoD supply chain. It helps to understand the requirements.
Comp tia security sy0 601 domain 3 implementationShivamSharma909
For a company’s security program, implementation is critical. It is the point at which a security system or technology comes into being, a new security effort is nothing but a collection of thoughts on a document if it isn’t put into action. In this domain, we cover 9 objectives and their subtopics.
The objectives covered in security+ domain 3.0 are listed below.
Implement Secure Protocols
Implement Host or Application Security Solutions
Implement Secure Network Designs
Install and Configure Wireless Security Settings
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-3-implementation/
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
Leveraging the technology advancements in video analytics, THRIVE Intelligence has developed an end-to-end video monitoring and management service from the camera to the Monitoring Center where video is monitored 24/7 by trained Security Intervention Specialists.THRIVE IP cameras are installed with edge-based video analytics making the camera intelligent. When an alarm or event occurs, it’s immediately reviewed by special screened, trained and certified personnel at our Monitoring Center, who will dispatch officers or first responders (if necessary), based on the event protocols set. THRIVE analytics eliminates incidents of false alarms and operator interaction ensures proper response. Live footage of events can be streamed directly to customers and to law enforcement officers en route via a smartphone, tablet, or computer. iOS and Android apps have been developed to work with the THRIVE solution. THRIVE’s video analytics first stabilizes the image then learns the environment which allows our analytics to automatically overcome environmental conditions such as: light changes, repetitive motion, and adjustments to the image caused by rain, fog, dirt and low light.
In this presentation, THRIVE will demonstrate the capabilities of its camera analytics and our 360 solution that is offered to end users.
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
Effective Security Operations Centre SOC building - by Manoj Purandare. This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security
In this video, you will learn:
1. How to specify the scope of Federal Contract Information (FCI) Assets
in your CMMC 2.0 Level 1 Self-Assessment.
2. What is the scope of CMMC 2.0 Level 2 Assessment?
3. How to map and categorize organizational assets?
4. What are the ways to reduce the scope of your assessment?
Learn more from the video: https://youtu.be/Tp3rya6EZCA
Building an Intelligence-Driven Security Operations CenterEMC
This white paper describes how an intelligence-driven security operations center (SOC) improves threat detection and response by helping organizations use all available security-related information from both internal and external sources to detect hidden threats and even predict new ones.
I enjoyed presenting on effective controls for software development with Matthew Crabbe and QA Financial. I am pushing the concept of "cyber compliance" to define internal and external requirements for IT assets such as software, data, hardware, services, contracts, and licenses. Cyber compliance is rapidly expanding from licenses, privacy and contracts with IT vendors to outsourcing, software development and business continuity of essential services providers, cloud in particular.
#riskmanagement #compliance #itcontrol #CISO #cybersecurity
The MCGlobalTech Managed Security Compliance Program helps small business government contractors meet the DFARS/NIST 800-171 compliance requirements by managing their security and compliance. Save Money. Run your business. Leave it to the experts.
Infosec 2014 - Considerations when choosing an MSSPHuntsman Security
The considerations organisations should be aware of when selecting managed security service providers (MSSPs) for the management of controls and the monitoring of detected intrusions.
With an often-increased focus on effective and timely response to breaches, many organisations are going down the route of using a third party service to conduct an operational role in their security management processes. However there are things to ask of potential providers at the selection stage, as well as requirements on how services operate once up and running.
It is also important to understand that there will be controls and processes that will still be required for effective management of, and communication with, the MSSP. Both parties play a role in responding to incidents from detection to resolution.
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions.
(Source: RSA USA 2016-San Francisco)
The Cybersecurity Maturity Model Certification (CMMC) continues to take shape, with the formation of the Accreditation Body (AB) and continued release of framework and contract guidance. The CMMC will be used as a unified standard for defense contractors to demonstrate cybersecurity program maturity and protection of CUI, and will ultimately require a third party assessment to achieve required certification. The DoD acknowledges that contractors of varying sizes struggle to maintain an appropriate cybersecurity posture and believes this new framework will help contractors implement effective cybersecurity controls tailored to the size and nature of their business and meet the DoD’s requirements.
In this webinar, Tom Tollerton, Managing Director of Cybersecurity & Privacy at DHG will discuss the latest developments around the framework, expectations in contracts in the coming months, and offer actionable recommendations for steps to prepare for potential requirements.
Download the presentation today or visit us at www.unanet.com.
This presentation discusses why cybersecurity is an issue for safety instrumented systems and will examine example architectures when communicating with the SIS.
The new CMMC version 1 was published in January 2020. This presentation was provided to small businesses's that are part of the DoD supply chain. It helps to understand the requirements.
Comp tia security sy0 601 domain 3 implementationShivamSharma909
For a company’s security program, implementation is critical. It is the point at which a security system or technology comes into being, a new security effort is nothing but a collection of thoughts on a document if it isn’t put into action. In this domain, we cover 9 objectives and their subtopics.
The objectives covered in security+ domain 3.0 are listed below.
Implement Secure Protocols
Implement Host or Application Security Solutions
Implement Secure Network Designs
Install and Configure Wireless Security Settings
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-3-implementation/
Chapter 18 vital records recoveryVital assetsIn.docxketurahhazelhurst
Chapter 18:
vital records recovery
Vital assets
Information stored on any media
Personal data
Important business data
Contracts
Customer lists
Personnel files
Vital records inventory
Records, Media, Originating department, location
Locate your Records
Where and how are they stored?
Prioritize your records
Ranking to determine which records need to be restored first
Records transportation
Just as important as storing, we need to think about how we transport our vital records.
Security – security during and after transportation
Magnetic recordings – take care as many factors can effect this medium
Records retention
Establish records retention requirements
Eliminate obsolete documents
Identify critical records
End of life plan – destruction of documents
Media storage
Each media storage type will require different storage parameters:
Paper document storage
Microfilm storage
Magnetic media storage
Risk assessment
Storage risks include:
Water
Smoke
Structural problems
Fire
Humidity
High heat and deep cold
Wide temperature swings
Theft
Sabotage
Insects and rodents
Magnetic fields
Fire control systems mitigation
Fire control systems
smoke alarms and fire detection
sprinklers
gas fire suppression
fire extinguishers
fireproof containers
fire drills
good housekeeping
electrical equipment
Environmental issues mitigation
Environmental Issues:
moisture sensors and alarms
humidifier/dehumidifier
temperature control
magnetic check
Other issues mitigation
Other Issues:
secured access
off-site duplication of key records
pest extermination
proper storage
Security mitigation actions
Controlling access is important to prevent:
Reading your records
Stealing records
Damaging your records
Action steps for your plan
Materials needed for an emergency fall in several categories:
General items
Portable equipment
Individual equipment
Drying and cleaning materials
Containment materials
Maintenance activities
Plan as part of your normal routine:
Daily actions task
Every week task
Quarterly action task
Immediate action team
Damage containment team
Assessment team
Shuttle team
Triage team
Recovery techniques
Water damage to paper records
Air drying
Freeze drying
Determine what documents are unrecoverable
Fire damage of paper records
Microfilm
Optical and magnetic media
summary
Vital records protection is not difficult but necessary
Have a good retention policy in place
Monitor all storage media
.MsftOfcThm_Accent1_Fill {
fill:#4472C4;
}
.MsftOfcThm_Accent1_Stroke {
stroke:#4472C4;
}
1. Describe best practices to develop and prepare to lead risk management mitigation exercises related to illegal border activity.
2. Using IS-120.A: An Introduction to Exercises from EMI/FEMA as a process guide, develop a border activity desktop risk management mitigation exercise to be submitted to your instructor for review.
Chapter 17: t ...
Anticipate Versus React To Security Threats with Security Surveillancecgiprotects
The key ability to anticipate security threats to then prevent them is in behavioral analysis with video analytics plus security surveillance with trained personnel for emergency response. CGI Protects' webinar on “Anticipate versus React to Security Threats”.
Anticipate Versus React To Security Threats with Surveillance Behavioral Anal...cgiprotects
Recently we provided this webinar on “Anticipate versus React to Security Threats”. The key ability to anticipate security threats to then prevent them is in behavioral analysis with video analytics plus security surveillance with trained personnel for emergency response.
Information security leaders are charged with protecting some of the enterprise's most valuable assets: Money, Customer Data, Intellectual Property and the Brand itself.
IBM's Business Partner Community can sell Security Managed Services either as a stand alone solution or integrating it into a broader proposal being architected.
European smart grid cyber and scada securityYulia Rotar
European Smart Grid Cyber and SCADA Security Conference by the SMi Group, London, UK, 10-11 March 2014.
Get in touch with us via mmalik@smi-online.co.uk
WIB March 2016 de Leeuw Focus on basics: simple, robust and safe automation a...Valentijn de Leeuw
At the process automation users association WIB, March 2016, ARC's Valentijn de Leeuw gave a presentation about simple, robust and safe automation and IT from instrument up to and including Industrial IoT networks
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
Building Your Employer Brand with Social MediaLuanWise
Presented at The Global HR Summit, 6th June 2024
In this keynote, Luan Wise will provide invaluable insights to elevate your employer brand on social media platforms including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok. You'll learn how compelling content can authentically showcase your company culture, values, and employee experiences to support your talent acquisition and retention objectives. Additionally, you'll understand the power of employee advocacy to amplify reach and engagement – helping to position your organization as an employer of choice in today's competitive talent landscape.
FIA officials brutally tortured innocent and snatched 200 Bitcoins of worth 4...jamalseoexpert1978
Farman Ayaz Khattak and Ehtesham Matloob are government officials in CTW Counter terrorism wing Islamabad, in Federal Investigation Agency FIA Headquarters. CTW and FIA kidnapped crypto currency owner from Islamabad and snatched 200 Bitcoins those worth of 4 billion rupees in Pakistan currency. There is not Cryptocurrency Regulations in Pakistan & CTW is official dacoit and stealing digital assets from the innocent crypto holders and making fake cases of terrorism to keep them silent.
Recruiting in the Digital Age: A Social Media MasterclassLuanWise
In this masterclass, presented at the Global HR Summit on 5th June 2024, Luan Wise explored the essential features of social media platforms that support talent acquisition, including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
An introduction to the cryptocurrency investment platform Binance Savings.Any kyc Account
Learn how to use Binance Savings to expand your bitcoin holdings. Discover how to maximize your earnings on one of the most reliable cryptocurrency exchange platforms, as well as how to earn interest on your cryptocurrency holdings and the various savings choices available.
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Company Valuation webinar series - Tuesday, 4 June 2024FelixPerez547899
This session provided an update as to the latest valuation data in the UK and then delved into a discussion on the upcoming election and the impacts on valuation. We finished, as always with a Q&A
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...my Pandit
Dive into the steadfast world of the Taurus Zodiac Sign. Discover the grounded, stable, and logical nature of Taurus individuals, and explore their key personality traits, important dates, and horoscope insights. Learn how the determination and patience of the Taurus sign make them the rock-steady achievers and anchors of the zodiac.
2. This Session We will explore:
Contingency Planning &
Business Continuity
Management (BCM)
The role of the National
Intelligence Centre:
Remote location via IP
network
Monitoring, Control,
Management of multiple
sites and supply chain, 24-7
Protecting potential targets
in the City of London and
other locations
The systems and
technologies available:
Security & Facilities
Management
Access control post-
evacuation: audio-visual,
emergency services
3. Contingency Planning
Business Continuity Management
ISO 22301 / BS25999 -
British Standard for BCM
A holistic management
process that identifies
potential threats to an
organisation and the impacts
to business operations that
those threats, if realised, might
cause and which provides a
framework for building
organisational resilience with
the capability for an effective
response that safeguards the
interests of its key
stakeholders reputation, brand
and value creating activities.
4. Contingency Planning
and Resilience
Contingency Planning
and Resilience
Continuity of
Operations
Business
Continuity
Crisis
Communications
Disaster
Recovery
Cyber Incident
Response
Information
Systems Contingency
Occupant
Emergency
Critical Infrastructure
Protection
5. Stakeholders Frame Components Intended Outcome
Board Policy Procedures Understanding of Appetite
Executive & Senior Management Supporting Documents Proactive Assessment
Operational Management Plans & Training Understanding of Impact
Other Considerations
Impact on Capital Impact on Change Insurance
Synergies between the two
6. National Intelligence Centre
Connecting Sites & the Supply Chain
Remote:
1. Management
2. Monitoring
3. Access Control
1. Contingency Planning
2. Crisis & Vital Service Response
3. Disaster Recovery
4. Business Continuity
Data & Risk Analysis
Identify risks, scenarios
on site & in the chain
The Intelligence Centre is the hub for Plans:
Emergency services & local teams
Crisis Management Centre
7. Why Remote?
Central resource & control of multiple sites, teams,
disciplines & systems
Integration: alarms, CCTV, Facial Recognition, audio,
access control, man-down, EPOS, Detectives, vehicle
tracking
Away from danger, contamination, crime scene,
influence & tampering
Communication: deployment by multiple comms
links – RF, data over IP, SMS, email
Restore services to new, disabled or temporary site
Cost savings: outsource to share resources;
back-up; redundancy; extra expertise
8. Timeline
Pre-empt
and Prevent Disaster Strikes
Reduce
Within Minutes
or Hours
Respond
Within Hours
or Days
Recover
Resume
Within Weeks
to Months
Restore
Return
Disaster Strikes
9. Remote Monitoring
& Access Control
Lights On CCTV Unlock Doors Audio Link Man Down
Tested with out of hours delivery for major retailers
Vehicle in transit – GPS monitoring and 2-way comms
Control evacuation & emergency services entry & egress
Services control: power supply, lighting, Lifts, HVAC, fire control
Deploy local emergency & service teams (e.g. lift repairs)
Access Control:
10. Target Protection
Scenarios
Data
Risks
Plan
Deploy
Test
Consider traffic & spaces: staff, deliveries, suppliers, public access & out of hours
Analysts: assess statistics, incidents, response
time, costed alternatives
Evidence: coordination of technology,
detectives, investigation
Testing: rehearsals, detectives, ‘secret
shopper’ - training
• staff interviews & checks
• store detectives, ‘secret shopper’
External v Internal threats:
11. Technology & Systems
IP
Review range of technology platforms and compatible devices
Systems
RF radio, internet telephony, alarms, CCTV, audio, access
control, man-down, EPOS, Building Services
1. Alarms: WebWayOne, BT Redcare, CSL Dualcom and Sur-gard Receivers
2. CCTV connections are supported via Immix, Sureview International, others
Lodge Service Accrington centre
Outsource to share resources; back-up; redundancy; extra expertise
12. Operational Risk Components
Purpose /
Vision
Strategy
External Events
Eg Weather/Terrorism
Core Processes Critical Systems Colleagues Facilities
Suppliers & Outsource
Partners
Change Agenda
1-3 Year
Strategic Plan
Control Self Assessment Operational Risk Business Continuity Insurance Programme
Operational Risk Strategy & Plan
Key Controls
End-to-end
Process View
Top-down Operational
Risk Profile
Bottom-up Operational
Risk Profile
Incident & Near
Miss Reporting
Resilience
Work-Area Recovery
Disaster Recovery
Policies
Claims
Incident &
Crisis Management
Operational
Risk Appetite
Operational
Risk Capital
Reporting
Scenarios
13. Finally…
Embedding the Culture
Define overall risk appetite at Board level. Holistic buy-in paramount
Aligned to business processes, including suppliers
Practical considerations – need policies & procedures
Integration: Risk Department, Business Continuity, Incident Management,
Security, Facilities Management. Keep things simple – common language
Reviews: data analysis, risk assessment, scenarios, TESTING
Potential to drive efficiencies and cost-savings: set KPIs and ROI
Editor's Notes
Contingency Planning
Remote Surveillance and Facilities Management Advances
By Steve Goodwin MBE MSyI
Compliance and Risk Director Lodge Service
This Session – Target - we will explore:-
Contingency Planning & Business Continuity Management (BCM)
The role of the National Intelligence Centre: remote location via IP network
Monitoring, Control, Management of multiple sites and supply chain, 24-7
Access control post-evacuation: audio-visual, emergency services
The systems and technologies available: Security & Facilities Management
Protecting potential targets in the City of London and other locations
Contingency Planning - Business Continuity Management
“ A holistic management process that identifies potential threats to an organisation and the impacts to business operations that those threats, if realised, might cause and which provides a framework for building organisational resilience with the capability for an effective response that safeguards the interests of its key stakeholders reputation, brand and value creating activities.”
(ISO 22301 / BS25999 – British Standard for BCM (24 month transition 30th May 2014)
National Intelligence Centre:
Connecting Sites & the Supply Chain
Remote 1) Management 2) Monitoring 3) Access Control.
Data & Risk analysis – identify risks, scenarios on site & in the chain
The Intelligence Centre is the hub for Plans:
Contingency Planning
Crisis & Vital Service Response
Disaster Recovery
Business Continuity
Crisis Management Centre – emergency services & local teams
Why Remote?
Central resource & control of multiple sites, teams, disciplines and systems
Integration: alarms, CCTV, Facial Recognition, audio, access control, man-down, EPOS, Detectives, vehicle tracking
Away from danger, contamination, crime scene, influence & tampering
Communication: deployment by multiple comms links – RF, data over IP, SMS, email
Restore services to new, disabled or temporary site
Cost savings. Outsource to share resources; back-up; redundancy; extra expertise
Remote Monitoring & Access Control
Tested with out of hours delivery for major retailers
Vehicle in transit – GPS monitoring and 2-way comms
Access control: lights on > CCTV > unlock doors > audio link > man-down
Control evacuation & emergency services entry & egress
Services control: power supply, lighting, Lifts, HVAC, fire control
Deploy local emergency & service teams (e.g. lift repairs)
Target Protection
Loop: Data – Scenarios – Risks – Plan – Deploy - Test
Consider traffic & spaces: staff, deliveries, suppliers, public access + out of hours
External v Internal threats:
staff interviews & checks
store detectives, ‘secret shopper’
Analysts: assess statistics, incidents, response time, costed alternatives
Evidence: coordination of technology, detectives, investigation
Testing: rehearsals, detectives, ‘secret shopper’ - training
Technology & systems
IP – review range of technology platforms and compatible devices
Systems - RF radio, internet telephony, alarms, CCTV, audio, access control, man-down, EPOS, Building Services
Lodge Service Accrington centre–
Alarms: WebWayOne, BT Redcare, CSL Dualcom and Sur-gard Receivers
CCTV connections are supported via Immix, Sureview International, others
Outsource to share resources; back-up; redundancy; extra expertise
Finally: Embedding the Culture
Define overall risk appetite at Board level. Holistic buy-in paramount
Aligned to business processes, including suppliers
Practical considerations – need policies & procedures
Integration: Risk Department, Business Continuity, Incident Management, Security, Facilities Management. Keep things simple – common language
Reviews: data analysis, risk assessment, scenarios, TESTING
Potential to drive efficiencies and cost-savings: set KPIs and ROI