DNS Entrepreneurship Center
Cairo, April 2015
Registry Best Practices Workshop
Website : http://www.dnsec.eg/
Facebook : https://www.facebook.com/dns.entrepreneurship.center
Twitter :- https://twitter.com/DNS_EC
4. n Subjective choice
n It helps to profile your company
n It takes very little to make the difference
Should a registry be green?
5. n The EU Eco-Management and Audit Scheme
(EMAS) is a management tool for companies and
other organisations to evaluate, report and
improve their environmental performance. The
scheme has been available for participation by
companies since 1995 and was originally
restricted to companies in industrial sectors
What is EMAS?
6. n The core elements of EMAS are:
• Performance, credibility and transparency
n Environmental policy targets and actions
n Objective to continuously improve environmental
performance and provide evidence of compliance
with the environmental legislation
What is EMAS?
7. n 9 objectives
n 41 actions
n Living programme over 3 years time
EURid ENV programme
8. ① Increase use of sustainable material consumption by 30%
② Reduce paper use by 10%
③ Increase the good practices to reduce the electricity use
④ Reduce the amount of waste produced by 6%
⑤ Reduce the environmental impact of transport
⑥ Compensate 30% of CO2 and greenhouse gases
emissions that come from air travel and rental cars
EURid ENV programme
objectives
9. ⑦ Organize at least 50% of EURid events with environmental
criteria
⑧ Increase the environmental communications towards key
stakeholders
⑨ Involve managers and employees in environmental
activities and projects promoted by EURid
EURid ENV programme
objectives
10. n The EMAS registration is just the first step of an
approach we intend to further develop in the next
years
n We plan to set higher environmental objectives on
a regular basis
An ongoing process
12. n Internet governance literacy is largely based on
Internet literacy
n Who is an Internet literate and if we can be fully
Internet and/or IG-literate
n The Internet environment is full of documents that
are barely readable and therefore, the path to IG-
literacy is extremely long.
n The ccTLD managers as key communication
channels to promote local IG-literacy and make the
IG more accessible to all
What is Internet literacy ?
13. n Engagement in government IG strategies and
proactive support to the local Internet governance
forums
n Spin-offs to better contribute to the Internet growth
in their country
n Funding of University research programmes on
Internet governance
n Initiatives to educate the young generations to
Internet matters
CRS: Engaging with the
community
14. n Participation in training activities with European
Universities
n Engagement in DNS Centers to share its best
practices
n Support to reforestation projects in Europe
n Publication of leaflets and studies on DNS at the
disposal of the wide community
EURid
15. n Corporate Social Responsibility:
• It helps improving the registry profile
• It eventually creates new digitally-literate users
• It drives website building, thus domain name
usage
• It shows the registry role in building local, national
or international capacities
• It expands the registry stakeholder network and
allows the registry to establish new partnerships
Conclusion
17. Where we started
6. Premises including external data centres (see also 11.6)
6.1 Short term
evacuation for
external reasons
(petrol tanker on fire
outside; riot or
demonstration in
street)
Not
selected
Not
selected
Not
selected
Not
selected
Not selected
Minimize likelihood Choose "good" neighbourhood
N/A
enforce boundary restrictions
N/A
Minimize impact Business backup site
N/A
homeworking
N/A
key information offsite
N/A
Transfer risk
N/A
Insure Purchase cover
N/A
Reaction plan Invoke emergency plan
N/A
telephone cascade procedure
N/A
6.2 Short term
problem with the
buildings
(Legionnaires
disease; dead body
found; major break-
in)
Not
selected
Not
selected
Not
selected
Not
selected
Not selected
Minimize likelihood Good building maintenance & hygiene
N/A
Minimize impact Business backup site
N/A
homeworking
N/A
key information offsite
N/A
Transfer risk
N/A
Insure Purchase cover
N/A
Reaction plan Invoke emergency plan
N/A
telephone cascade procedure
N/A
6.3 Serious damage
to the buildings
some material/
resources
recoverable (Fire,
hurricane;
earthquake, flood,
bomb)
Not
selected
Not
selected
Not
selected
Not
selected
Not selected
Minimize likelihood Good building design
N/A
compartmentalize key areas
N/A
Minimize impact Business backup site
N/A
homeworking
N/A
key information offsite
N/A
Transfer risk
N/A
Insure Purchase cover
N/A
Reaction plan Invoke emergency plan
N/A
recover material
N/A
inform staff
N/A
High
Medium
Low
0
20
40
60
80
High
Medium Low
0
0
0
0
70
0
0 0 0
Impact
Exposure
Likelihood
Risk Profile
High Medium
18. n Process layer (core business, …)
n Technology (hardware, servers, software, applications,
websites)
n People (HR)
n Logistics (buildings, sub contractors…)
The 4d of a registry
business
20. n Shared with all staff members and regularly reviewed at
management level
n Crisis management guidelines (crisis team, war room,
emergency numbers,...)
Key “rules” in BCP
21. n To identify the EURid business processes and evaluate
them through risk categories
n To assign to each of them risk assessment ratings
n To establish recovery time objectives in case of disaster/
calamity or in case that specific feature is unavailable
n To establish a list of those EURid processes to be
considered critical according to the given ratings
n To cross-check the impact of different risk scenarios on
the ten most critical processes
n To illustrate the procedures to be followed for each
scenario in case the risk assessment has turn out to be
ranked as “low”, “high” or “alarm” level
The EURid BCP approach
24. n At the end of any crisis, a debriefing should be conducted
within 24 hours
n This is so for "known" crises, but also for unexpected ones
n Debriefing is conducted by BCP manager or, in case it is
needed, by his backup
n The debriefing reports will be permanently archived
Crisis debriefing
26. n A set of documents:
• The Business Continuity Plan, which includes the crisis
management guidelines
• The Disaster Recovery Plan
• The Crisis Communication Plan
• The Master BCP, which aims to provide a quick overview of
the core elements of EURid BCP
n An approach shared by the entire company:
• To see the BCP as a living process and therefore, to
constantly improve the BCP framework
• To test the effectiveness of the procedures as far as
possible
n The assessment of our approach by an external company
The outcome
27. n Communications should be:
• Transparent
• Correct
• As timely as possible
n Spoke person
n Target stakeholders
n Standard communication
n Communication channels
Crisis communication
28. n 25 April 2009: DRP-exercise (Disaster Recovery Plan) was
executed to test EURid’s business continuity capabilities
n Real scenario created
n Focused on our core Internet technical services
n Split into 3 phases. Registration system was moved to mirror
site
n Successful: >10.000 transactions were successfully handled
by the system
n Audited by an external party
The BCP very first exercise
29. n Identify the three top risks for your registry
n For the top one, identify the measures to take to cope with it
and restore the normal registry business
n List the possible communications to be issued to your
stakeholders
Exercise (30 min)