Title: 25th - 26 th February
1The Role of Business Continuity in Disasters
Response
25th - 26 th February Sadiyat Island Abu Dhabi
25 February 2014 Alan Berman President/CEO DRI
International
2DRI International
3DRI International Truly International
- DRI has Certified INDIVIDUALS in over 100
Countries - DRI conducts training courses in over 50
countries - Since 2009, DRI taught more students outside the
US than within the US - More individuals are certified by DRI
International than all other organizations in our
industry combined (11,000 active individuals as
of June 2013) - Since 1988, 25,000 individuals have held a DRI
certification - DRI trains and certifies in English, Spanish,
French, Italian, Japanese, Mandarin, Portuguese,
and Russian - Creation of the first international glossary for
business continuity
4Government Organization Collaboration
- United States
- Chaired the Alfred P. Sloan Committee that
drafted the Framework for Preparedness that is
the foundation for the Title IX Implementation. - Member U.S. Chamber of Commerce Homeland Security
Task Force - Member of the Council of Experts for ANSI-ANAB
who will set the credentialing standard for
certifying bodies for PS-Prep - Member of FEMA National Advisory Council Private
Sector Subcommittee - Member of Advisory Committee for Congressionally
funded Project for National Security Reform - Meeting with Special Assistant to The President
for Homeland Security Standards Policy - APEC Only business continuity certification
recognized by the Asian Pacific Economic
Cooperation - DRI Canada is a member of the technical committee
for the CSA Z1600 Standard for Emergency
Management Business Continuity - Singapore Official BCM education partner for the
government-sponsored Singapore Business
Federation - Malaysia Annual DRI conference in collaboration
with the Ministry of Science, Technology and
Innovation via its agency Cyber Security
Malaysia to promote BCM - Japan Joint Declaration on overcoming future
crises with municipal governments of Tokyo and
Niigata - Mexico Advisor to the government for development
of new national BCP standard - UAE Member Standards Committee Advisory Team
5DRI International Outreach
Weekly E-News
International Publications
6Charitable Giving and Volunteerism
- The Disaster Recovery International Foundation is
a 501(c)(3) non-profit organization whose mission
is to promote professional and personal
preparedness promulgate response and recovery
practices through proactive and real time
engagement with organizations, individuals and
communities liaise with relief organizations on
behalf of businesses and communities impacted by
a disaster to expedite the response and focus of
aid during or after an event and, provide
volunteer opportunities for Business Continuity,
Disaster Recovery, and Emergency Management
professionals everywhere. - Launched as a separate entity of DRI
International (DRII) in July 2011 - The Foundation leverages DRIIs relationships
with U.S. and world governments including local
grass roots organizations -- to empower the more
than 10,000 worldwide Certified Professionals
with a pathway to give back to their communities.
7The Role of BCP in Disasters
8Disaster Response Components
Emergency Response
Crisis Management
Business Continuity
Activity
Inception - Duration
9Emergency Response
Emergency Response
Crisis Management
Business Continuity
Activity
Inception - Duration
10Crisis Management
Emergency Response
Crisis Management
Business Continuity
Activity
Inception - Duration
11Business Continuity
Emergency Response
Crisis Management
Business Continuity
Activity
Inception - Duration
12Risk Management vs. BCM
- Cause vs. Effect
- Risk Management Anticipates Causes (Risks)
- Identifies Threats (Facility, Environmental,
Climatic, Geopolitical, - Personnel, Business, Technology, etc)
- Recommends Mitigation
- Probability
- Cost of Mitigation
- BCM - Deals with Effects
- What are the Implications of failing to mitigate
or prevent - Preparation
- Structure, planning, resources, testing
- Execution
- Relocation, operating under duress
13Risk Assessment Preparing to Deal with Causes
Location 1 Primary Workspace Primary Systems Electronic Data Key Personnel Key Vendors and Services Vital Records(Paper Files Mail) G
Possible Scenarios Primary Workspace Primary Systems Electronic Data Key Personnel Key Vendors and Services Vital Records(Paper Files Mail) Y
Power Failure Power Failure Power Failure Power Failure Power Failure Power Failure R
Electric Internal G Y G G G
Con Ed failure G Y G G G
Back-up Generators failure G Y G G G
Gas Leaks R R R G G
Telecommunications Network Failure (Lan/Wan) Telecommunications Network Failure (Lan/Wan) Telecommunications Network Failure (Lan/Wan) Telecommunications Network Failure (Lan/Wan) Telecommunications Network Failure (Lan/Wan) Telecommunications Network Failure (Lan/Wan)
Loss of Vendor Service G R G R G
Loss of Voice Service G G G R G
Loss of Cellular Service G G G Y G
Loss of Data Transmissions G R G R G
Router / Hub Failure/Firewall G R G R G
Overloaded Performance failure G R G R G
Data Center Failure Data Center Failure Data Center Failure Data Center Failure Data Center Failure Data Center Failure
Software failure G R G G Y
Infrastructure damaged G R G R Y
Mainframe failure G R G R Y
Server failure G R G R Y
Router failure G R G R Y
Hubs Failure G R G R Y
Water / Plumbing / Sprinkler Malfunction Water / Plumbing / Sprinkler Malfunction Water / Plumbing / Sprinkler Malfunction Water / Plumbing / Sprinkler Malfunction Water / Plumbing / Sprinkler Malfunction Water / Plumbing / Sprinkler Malfunction
14Risk Management vs. BCM
- Cause vs. Effect
- Risk Management Anticipates Causes (Risks)
- Identifies Threats (Facility, Environmental,
Climatic, Geopolitical, - Personnel, Business, Technology, etc)
- Recommends Mitigation
- Probability
- Cost of Mitigation
- BCM - Deals with Effects
- What are the Implications of failing to mitigate
or prevent - Preparation
- Structure, planning, resources, testing
- Execution
- Relocation, operating under duress
15Effects, Impacts, Consequences
INCIDENT OCCURS
16Risk Management vs. BCM
Reducing Causes
- Cause vs. Effect
- Risk Management Anticipates Causes (Risks)
- Identifies Threats (Facility, Environmental,
Climatic, Geopolitical, - Personnel, Business, Technology, etc)
- Recommends Mitigation
- Probability
- Cost of Mitigation
- BCM - Deals with Effects
- What are the Implications of failing to mitigate
or prevent - Preparation
- Structure, planning, resources, testing
- Execution
- Relocation, operating under duress
Reducing Effects
17Traditional Causes of Interruptions
- Natural Disasters
- Man-Made Incidents
- Technology Failure
18New Concerns
- Pandemics
- Nuclear, Biological, Chemical
- Political
- Economic
19Combining Disciplines
- More Integrated Solution
- Business Continuity
- Disaster Recovery (IT Recovery and Continuity)
- Emergency Response
- Crisis Management
Under The Banner of Business Continuity
Management
20Resiliency
Enterprise Risk Risks associated with not only
accidental losses, but also financial, strategic,
operational, and other risks. Operational
Risk Risks associated with internal inadequacies
of an organization or a breakdown of its
controls, operations or procedures. Business
Continuity Management Reducing the impacts that
occur when there is a failure in Enterprise or
Operational Risk Management
21Thank You