1 / 29

Implementing Organizational Resilience

Implementing Organizational Resilience. Why Organizational Resilience ?. ANSI/ASIS SPC.1-2009 Organizational Resilience: Security, Preparedness, and Continuity Management Systems—Requirements with Guidance for Use Standard   (March, 2009)

elyse
Download Presentation

Implementing Organizational Resilience

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Implementing Organizational Resilience

  2. Why Organizational Resilience ? • ANSI/ASIS SPC.1-2009 Organizational Resilience: Security, Preparedness, and Continuity Management Systems—Requirements with Guidance for Use Standard  (March, 2009) • DHS Secretary Janet Napolitano announced the PS-PREP Accreditation and Certification Program, for which an organization can be considered fully compliant if they meet the ANSI/ASIS SPC.1-2009 Standard; • Standard developed by the National Fire Protection Association, the British Standards Institute and ASIS International ; • Standard has been adopted in the Netherlands, along with Organizational Resilience Standards in Australia. • It is the only preparedness standard that takes an enterprise-wide view of risk management • Seamless integration with the new ISO 31000 Risk Management Standard for a comprehensive risk management program • 100% compatible with existing ISO management system standards (such as ISO 9001, ISO 14001, ISO 27001 and ISO 28000)

  3. It Starts From The Top • Top management must define, document and provide the resources by the creation of an Organizational Reliance Policy that is appropriate to the risks, demonstrates commitment, has objectives and targets, is documented, communicated and is continual.

  4. R-SEC Is The Methodology • R-SEC is a management methodology that recognizes the risks, threats and the impacts of events that harm the organization are not departmental or corporate responsibilities, rather they are the responsibility of every individual, department and internal/external stakeholder. R-SEC requires teams of people, using the best techniques, the correct technologies, along with regular training.

  5. R-SEC Is Built On Risk

  6. R-SEC Is Built On Risk

  7. R-SEC Is Built On Risk

  8. Resilient Individuals • Organizational Resilience is based on the strength of the individual who is the cornerstone building block with everyone in the organization having a role to play as part of their daily job.

  9. Individuals Form Teams • Individuals with specialties form teams: • Functional Teams; • Tactical Teams; • Strategic Teams.

  10. Teams Must Be Managed • These Teams must, of course, be managed in a way that meets their tasks and that meets the organizations management style. These Techniques will vary based on what they are addressing, for example there are Techniques for Assessment, Compliance and Operations.

  11. Teams Techniques Technologies • Based upon the needs of the teams, as well as the techniques they employ, the most appropriate Technologies will be implemented. These can include Security, Fire/Life Safety, Command & Control, Operations Centers, as well as systems such Risk Assessment modeling.

  12. Training Brings It Together • Once the Teams have been established, the Techniques put into action, and the Technologies implemented, then a continual training program that is comprehensive is put in place. This program must include individual, systems and exercise training. • Exercises are, in reality, “assessment audits” that provide actionable Improvement Plans as part of a continuous improvement model.

  13. Communications Are NetCentric • Teams cannot operate in silos, they work together in a NetCentric environment that includes: • Computer networks; • Social networks; • Human networks.

  14. Operational Excellence Achieved • Operational Excellence is achieved when the risks are defined, the role of the individual is recognized, Teams are implementing measurable Techniques using appropriate Technologies, with regular Training, led by top management, working to address the multitude of risks in a continuous improvement cycle.

  15. Organizational Resilience Delivered

  16. How Do We Start? Analysis of Existing Plans and Procedures Interview(s) With Key Stakeholders Conduct Assessment/Audit Exercise(s) Prepare Improvement Plan

  17. Reference Materials ANSI/ASIS SPC.1-2009 Organizational Resilience: Security, Preparedness, and Continuity Management Systems—Requirements with Guidance for Use Standard (www.asisonline.org/guidelines/published.htm) R-SEC and Organizational Resilience (www.asisonline.org/guidelines/committiees/sp.4_std.htm) ISO 9001:2008 Quality Management Systems – Requirements(www.iso.org) ISO 31000 Risk Management Standard(www.iso.org)

  18. Questions

  19. For More Information www.TRUSYS-Institute.Org classes@TRUSYS-Institute.Org (800) 905-6810 Extension 410

More Related