Take Courses
Get Certified
Attend Events
Explore Resources
About

Library

Professional Practice Image

Library

A selection of materials from DRI International is available here as an added benefit for DRI members. We hope you enjoy this informative collection of industry information and research.

Crisis Response Journal - March 2019

Author: Crisis Management Limited

DRI has partnered with CRJ to provide DRI Certified Professionals access to a PDF version of the most current issue. To access the ‘Flipping Book' version of the current digital issue plus access to the CRJ 15 year back issue library will require a separate subscription. CRJ offers DRI Certified Professionals a digital subscription for only $15 and hard copy subscription for only $100, a significant discount from the list price. To take advantage of this offer, go to http://crisis-response.com/subscribe/ and enter the discount codes DRI15 or DRI100.

Tags: Communications/Crisis Communications, Resiliency, Emergency response, Organizational Resilience, Security

Login to access Certified Professionals Only
“You Say Incident, I Say Event” – A look at defining a term

Author: DRI Glossary Committee

In recognizing the critical importance of effective communications within the resilience community, DRI created a committee to develop a new reference document that combines the most common business continuity and resilience terms and definitions into a single guide. Most terms were relatively straightforward in their definition, and others required more discussion and analysis by the committee. The analysis of one term, incident, became a long-term discussion, with no consensus reached. The Glossary Committee presents this white paper on defining incident to showcase the continuing effort for effective communications in our community.

Tags: Best Practices, Communications/Crisis Communications, White Paper

Get Schooled! What We All Can Learn from Higher Education Continuity

Event: DRI2019

Author: Stephen Woods, Tara Brown

Fires, floods, blizzards, burst pipes. Sound familiar? Attend this session for a look at continuity from a higher education perspective. From the recent California wildfires to the East Coast arctic freeze, hear from resilience professionals from Yale University and UCLA about unique, and not-so-unique challenges faced by these two world renown universities. Explore actual case studies, talk about what worked and what didn’t, and share solutions that can be applied regardless of your industry. You’ll want to take notes, but no final exam…we promise.

Tags: DRI2019, Case Study, Higher Education

The State of Organizational Resilience 2019

Event: DRI2019

Author: Roberta Witty

This presentation will discuss the current and future state of organizational resilience across multiple management disciplines including business continuity management, information security and more. Using the five layers of culture, people, process and infrastructure, we will address the role of the chief risk/strategy officer and present a framework for developing a business/organizational resilience program in the organization.

Tags: DRI2019, Resiliency, Organizational Resilience

Workshop: Crisis Management at Penn State – An Insider’s View

Event: DRI2019

Author: Ted Brown

In 2011, the Jerry Sandusky scandal hit Penn State. This session, conducted as a workshop, will examine how the scandal was handled, what went right (very little) and what went wrong. The attendees will be asked to make decisions that the Penn State Board did. The session will also briefly discuss the view of Boards and Crisis Management, and actions the speaker has taken as a member of the PSU Board and founder and chair of the risk sub-committee.

Tags: DRI2019, Case Study

New Glossary, New Challenges!

Event: DRI2019

Author: Dean Gallup

With a major revision recently released, the DRI International Glossary for Resiliency is both an in-demand resource as well as a hot topic. Since its first release in 2014, the glossary has been a major resource for business continuity and resilience professionals around the world and is currently published in four different languages. This session will share the thought process behind the recent changes and explore the future of the glossary – with a new version due out in 2022.

Tags: DRI2019, Professional Practices

Trends and Approaches to Managing Climate and Disaster Risk in Corporate Business Continuity Planning

Event: DRI2019

Author: Josh Sawislak

Assessment and pricing of climate and disaster risk by the global financial markets is changing based on increases in global disaster costs and a clearer understanding of the threats and vulnerabilities to physical assets as well as supply and value chains. Business continuity planners are more frequently being called on to demonstrate how companies are effectively planning to reduce and manage these risks as part of overall valuation of company equity and corporate strategy planning. Josh Sawislak, a global expert in climate and disaster resilience and continuity planning, will conduct an interactive discussion of why these issues are becoming more and more salient to BCP professionals as well as company financial and operations executives and boards of directors, including the overlap of climate adaptation and climate mitigation (sustainability) issues. He will cover issues including: Financial market and investor interest Corporate responsibilities and disclosures Tools and resources available to support strategy development and compliance Strategies and approaches to drive executive leadership understanding, engagement, and support The resilience/sustainability nexus. Session attendees will gain a clearer understanding of why these issues are already salient to their organization and why the importance will likely grow over the next few years. They will also learn about and have the opportunity to discuss tools, resources, and strategies to address these risks, how to talk to management and gain their support, and how to engage other groups within their organization who have overlapping and aligned missions and resources.

Tags: DRI2019, Banking/Financial Sector

How to Get Involved in ISACs to Benefit your Company’s Business Continuity, Response Capabilities and Exercising

Event: DRI2019

Author: Susan Rogers

U.S. and global critical infrastructure protection for cyber and physical events, recognize the effectiveness of trusted information sharing and peer communication during cyber and physical events. In this session, the Financial Sector Information Sharing and Analysis Center’s(FS-ISAC) information sharing lifecycle model will be discussed. The goal of this session is to spread awareness within the business continuity community, and encourage their increased participation in resilience information sharing. The session will describe the operational activities FS-ISAC members participate in and lead, the various peer communities of trust members may join and examples of how company’s incorporate ISAC participation into their resiliency plans and exercising.

Tags: DRI2019, Banking/Financial Sector, Resiliency

City of Atlanta Ransomware Attack Best Practices and Lessons Learned

Event: DRI2019

Author: Ria Aiken

In March of 2018, the City of Atlanta, GA was the subject of a massive cyberattack. Many city services and programs were affected by the ransomware attack, including online services for citizens to pay bills and request utility service. The attack was notable for the extent of services affected and the duration of service outages, as well as the importance of Atlanta as a major American economic and transportation hub. Attend this session to hear lessons learned from the attack and learn how you can transform and strengthen your organizations cyber-resilience through operational effectiveness, change management, and business continuity.

Tags: Cybersecurity, DRI2019, Public Sector

BCM as an Operational Risk Service Provider

Event: DRI2019

Author: Scott Baldwin

As BCM matures and moves from a business recovery model to an integrated risk partnership within organizational resilience, its use cases and purpose are evolving. In this session, the speaker will share one example of where BCM/OR is uniquely qualified to become a core component of the operational risk landscape. Through three stages of maturity – compliance, readiness, and resilience, this session will discuss how to create the infrastructure to leverage BCM as your organization’s primary operational risk service provider.

Tags: Business Continuity Program, DRI2019, Risk Management, Organizational Resilience

Integrating Security, Safety and Business Continuity into an Enterprise Risk Management Program at Northwestern Mutual (Part 2)

Event: DRI2019

Author: Brian Bleck, Nancy Bentley

Northwestern Mutual is transforming to be at the center of our client’s financial lives by delivering world class products to meet their financial needs through our best in class financial representatives. In support of these efforts, the Campus and Event Experiences teams are evolving to provide an enterprise risk management strategy that integrates physical security, safety and business continuity programs. This session will share how independent, siloed teams are transforming into a proactive, integrated risk management approach to meet the new digital technology demands, to support the increase in public community events, to evolve with the changing workforce and to prepare for the uncertain external environment.

Tags: Business Continuity Program, DRI2019, Banking/Financial Sector

Extreme Resiliency

Event: DRI2019

Author: Colleen Herrmann, John Harris

Capital One is raising the stakes for resiliency by adding the practice of regional isolation (ring fencing) of cloud regions to ensure real and effective regional independence. This presentation will cover the approach and the lessons learned from this important evolution in our practice.

Tags: DRI2019, Banking/Financial Sector, Resiliency

Financial Industry: Staying Ahead of BCM Challenges

Event: DRI2019

Author: Michelle Cross, Ronald Adams

Financial institutions are facing challenges that test their ability to protect the assets of their customers by securing records and one which may threaten the very existence of these institutions.; In addition, government regulations at the international, national and state levels are demanding that the individual be able to have protection of their information, its use and its distribution. This session will discuss the challenges (cyberattacks, data protection, blockchain, etc.) and how financial institutions are preparing to cope with these issues.

Tags: Business Continuity Program, Cybersecurity, DRI2019, Banking/Financial Sector

Supporting Northwestern Mutual Digital Transformation: Disaster Recovery Maturation from Walkthrough to Business Process Exercise

Event: DRI2019

Author: Paul McMillan, Will Belke

Northwestern Mutual (NM) has embarked on a digital transformation which has created greater client visibility to and demand on technology services, thus raising the importance of availability and resiliency of those services. The NM Enterprise disaster recovery and technology infrastructure teams will describe how disaster recovery practices have matured to support the firm’s transformation. Over a two-year period, disaster recovery exercises have moved from solely application focused walkthroughs to business process workflow exercises which include production technology and business user participation. Learn how NM made these improvements happen, lessons learned on the journey, and what still lies ahead to reach a highly performing DR program.

Tags: DRI2019, Banking/Financial Sector, Resiliency

WORKSHOP: Transitioning from Crisis Management to BCP: It’s All in the Set Up!

Event: DRI2019

Author: Bobby Cook, Raelene Anderson

How do you go from crisis management to business continuity mode? Attend this workshop to find out how to make the transition smooth and avoid common pitfalls. The two-hour session will explore “hour zero activities,” including setting up the event, getting the smartest people in the room, communications and notifications, and bringing in business continuity personnel early. Next, you’ll walk through the “48 hours later” transition, including transferring to business continuity and the long-term issues involved in going from crisis response to continuity and recovery.

Tags: Business Continuity Program, DRI2019, Emergency response, Process

The McKesson Sessions: McKesson's Business Continuity Services

Event: DRI2019

Author: Bill Lavigne, Kathryne Estrada, Raymond Seid , Ronnie Sebren, Stephen Weber

This session will explore how a Fortune 6 company manages business continuity; discussion will include the tools McKesson uses to manage one of the largest programs in the business. Learn how McKesson’s internal business continuity (BC) consulting service works very closely with business units as a center of excellence to execute BC policy and drive best practices into operating processes and procedures. BC Consulting conducts assessments, develops strategies, builds plans and conducts both exercises and reviews. The group is also called on at times to train sales teams on BC capabilities and to work directly with large customers alongside corporate leadership and account managers. Next learn how McKesson’s internal disaster recovery (DR) consulting group provides services across business units that focus on the validation and sustainability of a DR capability via performing impact assessments, DR implementation support, DR validation coordination, and procedure plan support. Validation exercises coordinated by DR Consulting can range from individual infrastructure or application-level validation through to complex business process validation. Finally, hear how McKesson’s DR as a Service is integrated with McKesson Technology’s Public Cloud Adoption Plans and provides business units with a customized DR solution leveraging key technology partners. DRaaS supports DR solution design, engineering, and implementation, and has proven to be both highly capable as well as extremely cost effective and presents a very compelling business case for McKesson’s disaster recovery needs.

Tags: Business Continuity Program, DRI2019

Trends in Risk Management

Event: DRI2019

Author: Lou Drapeau

In this era of Enterprise Risk Management and Strategic Risk Management, we will examine some of the latest trends that keep risk managers up at night. Amid government shutdowns, artificial intelligence, unmanned aircraft systems, self-driving cars and climate change, what is the impact on the practice of Risk Management?

Tags: DRI2019, Risk Management

Presidential Policy Directives 8, 21, and YOU

Event: DRI2019

Author: Duane Bygum, M. Scott Furr, Ron Latorre

National preparedness is first and foremost a partnership between private and public sectors. Learn how presidential policy links private and public domains underpinning the security of the United States and American society. And understand how the FEMA 2018-2022 strategic plan is now inclusive, utilizing whole of community effort toward a collective preparedness posture. Attend this session to find out what all this means to you.

Tags: DRI2019, Public-Private Partnership, Emergency preparedness, Regulations and Standards

The McKesson Sessions: McKesson’s Information Risk & Security Program

Event: DRI2019

Author: Beth-Anne Bygum, Marian Reed, Siobhan Smyth

Attend this session for an in-depth look at McKesson Corporation’s Information Risk & Security Program. First, learn about Information Protection at McKesson (IPAM), a strategic initiative designed to improve the maturity of cybersecurity defensive, preventative, and resiliency controls as well as instill clear lines of governance over information security risks. IPAM’s roadmap ensures accountability, transparency, robust governance, and a strong advocacy model with staff. A discussion of IPAM will include driving necessary improvements over a three-year, accelerated timeframe. Next, attendees will be introduced to McKesson’s iSecurity Operations Center (iSOC) process which addresses growing cyber threats across the globe. Rounding out this presentation is a discussion of McKesson’s Trust, Risk, Assurance, and Compliance program, which provides a level of confidence that software and systems are free from conditions, either intentionally designed or accidentally inserted at any point during its lifecycle, and customer solutions and internal business platforms function in the intended manner. This program ensures that capabilities and prescriptive consults are designed to embed security throughout the development lifecycle, address risks and vulnerabilities early, and reduce cost with unplanned R&D spend.

Tags: DRI2019, Risk Management

WORKSHOP: The Why and How of Implementing Incident Command in BC Management

Event: DRI2019

Author: Jeanne Powell

Should your business take an approach successfully used by first responders across the U.S. and, with some modifications, use it temporarily to enable more efficient and effective business continuity and disaster recovery? This session will help you identify benefits of Incident Command (IC) and provide you with the opportunity to observe the practical workings of IC so you more fully understand what it means to shift to a temporary IC management during and after a disaster. In this jam-packed two-hour session, the speaker will bring her years of real-world disaster experience (and humor) to talk about IC benefits and implementation. You'll walk through examples of: a temporary IC reporting structure modified for business; incident related documentation and forms to track progress; and an execution method to continuously and effectively keep incident efforts focused. Then, with the help of a strawman business and disaster scenario, reinforce what you've learned with some hands on learning. Participants will work together to establish an IC reporting structure, apply an operational period approach, complete incident documentation, and observe post-disaster incident documentation reconciliation."

Tags: Business Continuity Program, DRI2019, Process

WBCM: Tips from the Trenches – Ask Betsy…In Person!

Event: DRI2019

Author: Betsey Sayers

Following on her smash hit Women in Business Continuity Management Ask Betsy webinar, Betsy Sayers is back with tips from the trenches. She promises that attendees will walk away with solid examples and templates that you can use – plus some more of those handy “Betsyisms” that are pretty much guaranteed to get you out of any tight spot. Always creative in her approach to continuity, Betsy will show how she uses the Professional Practices for status reporting and teach you all how to play pandemic poker!

Tags: Business Continuity Program, DRI2019, Best Practices, Women in BCM

Cyber-resilience: A Day in the Life of a CISO

Event: DRI2019

Author: Wade Richmond

Cyber-resilience can be thought of as the ability of an enterprise to anticipate, withstand, recover from and evolve to improve capabilities it needs to function brought about as the result of cyber threats and/or attacks. This enhances both the cybersecurity function and the BCM function (e.g. the whole is greater than the sum of its parts). To be resilient, a holistic approach to understand and prioritize entity risk, and implement risk management activities needs to be integrated into day-to-day operations (across all entity functions). But what does all this mean to the CISO? Attend this session to find out as you take a look at t day in the life of a CISO from a cyber-resilience perspective.

Tags: Cybersecurity, DRI2019, Cyber Resilience

Performing Effective Business Continuity Audits

Event: DRI2019

Author: Harvey Betan

This session will not only cover the best approach for effective business continuity audits, but it also will show you how to gauge your organization’s preparedness. Attend this session to learn how to prevent simple check box audits while discovering what to look for beneath the hood. When you complete this session, you will have sufficient information to be confident in your BC audit and show your leadership the most accurate assessment of the business continuity program.

Tags: Audit, DRI2019

Connecting with your Continuity Coordinators & Community

Event: DRI2019

Author: Chris Volpe

Business moves faster every day with increased demands from regulatory, compliance, risk and increased market complexity. How then do we as continuity professionals compete for time to ensure the safety of personal and the continuity of services for our clients? Consistent and persistent contact with the continuity community and coordinators that creates a partnership and value while mitigating the risk. We will look at ways to keep it simple but authentic, reduce the noise and focus on the mission, provide value to the community and the individuals supporting the program as well as investing time to create aids for the community to navigate the program efficiently to produce the desired objectives. We’ll take a look at our shared experiences with the communities we support, laugh a bit and walk away with elements that can be incorporated into your program to help all those involved.

Tags: DRI2019, Banking/Financial Sector

Case Study: How Goodyear’s Business Continuity and Risk Management Teams Took on Hurricane Harvey and Won!

Event: DRI2019

Author: Craig Melnick, Mike Janko

Attend this session for a true multidisciplinary presentation, as Goodyear’s business continuity and risk management experts explore how the two disciplines work together at this global manufacturing giant. Using Hurricane Harvey as a jumping off point, the presenters will detail Goodyear’s hurricane response, with a focus on how risk management is integral to overarching continuity and resilience efforts. Get ready for a eye-opening success story that does more than just tell you that business continuity and risk management should work together and instead shows you how to actually do it during events and every day.

Tags: Business Continuity Program, DRI2019, Risk Management, Case Study

Case Study: Bouncing Back Strong – Building the Merck Global Regulatory Affairs and Clinical Safety Business Continuity Plan

Event: DRI2019

Author: Colleen Merritt Severyn

In June 2017, Merck experienced a cybersecurity incident that identified the need to bolster preparedness for business disruptions. From the fall of 2017 through the present, the Global Regulatory Affairs and Clinical Safety (GRACS) organization prepared its first ever business continuity plan (BCP), including table top exercises and training. This was a massive undertaking for an organization of such breadth (regulatory science, clinical safety, labeling, licensing, operations, etc.) and large size (2200 employees globally), starting from scratch, and an illuminating experience regarding the risk susceptibility of our systems and processes. GRACS is in a much better place today with a completed BCP across the entire organization and connections with ongoing business continuity, risk management, and resiliency efforts across the company.

Tags: Business Continuity Program, DRI2019, Resiliency, Risk Management, Case Study

Continuity Coffee Talk- Leadership: Double-Shot of Strategy

Event: DRI2019

Author: Michele Turner

At the core of a successful BC program is leadership, support and engagement. Articulating the value from an employee safety, customer commitment,organizational resiliency, and potential risk and liability perspective is key. Once that support is received, how do we continue to “savor that flavor”? During this session, we will explore the inclusion of leadership as continuity is percolated throughout the organization. What information does leadership need to continue to validate/fund the brewing approach, based on change in strategy? What type of “in store training” is needed at their level, to confirm roles in the event of a business interruption or “bad pour.” We’ll review case studies of where things went well, and where some things were quite bitter in taste. Continuity when done right…great to the last drop!

Tags: Business Continuity Program, Case Study, DRI2019

Trends and Predictions for Our Profession

Event: DRI2019

Author: Lyndon Bird

With a look back and one ahead, the chair of the Future Vision Committee, will take attendees through trends observed in 2018 and provide predictions for what to expect in the year to come. Based on the Fourth Annual Trends and Predictions reports, this year’s content features a first-ever geographic breakdown of threats and preparedness worldwide.

Tags: Trends and Predictions, DRI2019, Future Vision Committee, Global Strategy, Resiliency, Risk Management

Leading Large Scale Exercises for Active Shooter and Mass Casualty

Event: DRI2019

Author: James Mitchell

Attend this session to learn the essential elements necessary to manage an exercise on a large scale. The presentation walks through the process used by Texas Children’s to manage multiple large-scale exercises involving multiple external agencies and hundreds of participants. While the presentation is from a healthcare organization, the lessons are applicable to all. Topics covered include working with external partners (such as law enforcement and EMS0, internal and external communications, and developing after-action reports and corrective actions.

Tags: DRI2019, Healthcare, Active Shooter/Workplace Violence, Exercises

WBCM: Women in Business Continuity Management Panel Discussion

Event: DRI2019

Author: Diane Doering, Karina de Allicon, Leah Sawyer, Marsha Buehler, Mitzi Harlor

Join our WBCM Committee members as they lead an informative and enlightening panel touching on the issues important to women in our profession. This session will kick off the WBCM track by sharing the latest news from the committee – including 2018 WBCM survey results. Look forward to an engaging, interactive session where you are certain to learn and welcome to share!

Tags: DRI2019, Women in BCM

Welcome Address

Event: DRI2019

Author: Chloe Demrovsky

Join Chloe Demrovsky as she welcomes DRI2019 attendees to Las Vegas. She will address key updates from DRI and our profession as a whole as she sets the tone for our annual event.

Tags: DRI2019

Trends and Predictions from DRI's Future Vision Committee: How to Prepare for 2019

Event: DRI Webinar

Author: Future Vision Committee

Join Future Vision Committee members Lyndon Bird, Richard Knowlton, and Patrick Alcantara, along with DRI President Chloe Demrovsky, for highlights from the Fourth Annual Global Risk and Resilience Trends and Predictions reports. Discover how your job will be impacted by world events - including sustainability, cyberthreats, and more - and what you can do about them.

Tags: Trends and Predictions, Cybersecurity, Future Vision Committee, Resiliency, Supply Chain, DRI Webinar Series, Global Strategy

Fourth Annual DRI International Predictions Report

Author: DRI Future Vision Committee

One way of promoting our relevance to the wider business community is to look at what might happen and evaluate how well we can deal with it to minimize impact. Most professionals will have developed tests and exercises based on scenarios – these give realism, focus, and interest to our resilience programs. Predictions are really an extension of that – a look at the wider world and how such trends and possible events might threaten our ability to respond.

Tags: Trends and Predictions, Resiliency, White Paper, Future Vision Committee, Global Strategy

GDPR: Considerations for Continuity Professionals

Event: DRI Webinar

Author: --

“GDPR: Considerations for Continuity Professionals" is DRI's first webinar designed for European audiences. We will be discussing GDPR and its implications across business continuity. We will hear first from Lyndon Bird, DRI’s Chief Knowledge Officer, who will provide background on the regulation and its considerations. Lyndon will be joined by Ovidiu Diaconescu, who will be discussing cross-border data transfers, and Luuk Akkermans who will expand on the impact of GDPR on supplier contracts.

Tags: Business Continuity Program, DRI Webinar Series

The Value of Cyber Resilience: Building a Case Executives Will Support

Event: DRI Webinar

Author: Wade Richmond

Join cybersecurity expert Wade Richmond for an information-packed hour of important information on one of the profession’s hottest topics. Explore aspects of cybersecurity and business continuity, with the goal of integrating the two and achieving the ultimate goal -- cyber resilience. Learn how to talk to top management about these issues and sell them on the concept of cyber resilience.

Tags: Cybersecurity, DRI Webinar Series, Resiliency, White Paper, Cyber Resilience, Executive Support

Achieving Cyber Resilience: A Formula for Success

Author: Wade Richmond

Organizations today are confronted by a wide range of cyberattacks, so it comes as no surprise that cyberattacks and data breaches have consistently ranked high on the list of key issues identified for the resilience community according to the DRI International Global Risk and Resilience Trends Reports, issued annually by DRI’s Future Vision Committee. This year’s report revealed that although the top issues remain the same, there appears to be an even greater focus on technological risk. Given the development of technologies and the growth of business data, this is likely to remain the case moving forward … which may provide new opportunities for hackers to cause such massive disruptions.

Tags: Cybersecurity, Resiliency, White Paper, Cyber Resilience

Fourth Annual Global Risk and Resilience Report Infographic - Top Risks

Author: DRI Future Vision Committee

Part of the 2018 Global Risk and Resilience Trends Report, a worldwide survey of business continuity professionals revealed the following top 10 risks depicted in this infographic.

Tags: Cybersecurity, Disaster Scenarios, Infrastructure, Supply Chain, IT/DR, Resiliency, Risk Management, Trends and Predictions, Future Vision Committee

Fourth Annual DRI International Global Risk and Resilience Trends Report

Author: DRI Future Vision Committee

The DRI International Global Risk and Resilience Trends Report provides a global perspective and comprehensive trends analysis of how resilience professionals view their industry and the external factors that are shaping it. It provides insight into the key trends and changes that have been observed since the last report, and has been extended this year to give an even more detailed picture of the state of the profession.

Tags: Resiliency, Risk Management, White Paper, Global Strategy, Future Vision Committee, Trends and Predictions

Women in Business Continuity Webinar: Ask Betsy (supplemental flyer)

Event: DRI Webinar

Author: Betsy Sayers

When Betsy Sayers is in a tough spot, she always knows exactly what to say. That’s because she’s awesome...and she has a few handy phrases written in the back of her notebook at all times. She’s generously shared those words of wisdom with you (see...awesome, right?). If you haven’t checked out the Women in Business Continuity Management Committee’s “Ask Betsy” webinar, you really should, right here at https://drii.org/webinars

Tags: Women in BCM, Best Practices, DRI Webinar Series

Women in Business Continuity Management: Ask Betsy

Event: DRI Webinar

Author: Betsy Sayers

During DRI2018’s WBCM panel discussion, nearly 50% of session attendees responded that the stereotype they were most concerned with was being labeled as “too aggressive,” particularly when disagreeing with others’ views. Please join us as we take that conversation further with Betsy Sayers, MBCP, ITIL, ICS – IT/DR. With more than 25 years of industry experience, including serving as a DRI Instructor, Betsy shares her views on the best tools to communicate clearly — and with objectivity – while maintaining a style that honors who you are and what you believe. Special thanks to our webinar sponsor OnSolve.

Tags: Women in BCM, Best Practices, DRI Webinar Series

Webinar DRI en Español 2018: Tendencias y Predicciones en Continuidad de Negocio

Event: DRI Webinar

Author: Chloe Demrovsky, Karol Cordero

El DRI se complace en anunciar el webinar en español del 2018. Buscamos entregar beneficios a nuestros profesionales certificados y a la comunidad del DRI en general, por lo que no solamente brindamos webinars en inglés, sino que ahora también los traemos en el idioma español. Anota en tu calendario este 12 de Octubre de 2018 en el horario 9:00 a.m. – 10:00 a.m. CDT, el siguiente webinar educacional del DRI: Tendencias y Predicciones en Continuidad de Negocio Chloe Demrovsky, Presidente y Directora Ejecutiva del DRI Internacional y Karol Cordero, Directora de Mercadeo para América Latina del DRI, serán las presentadoras del Webinar. Con base en los eventos y resultados del 2017, el Comité de Visión Futuro del DRI Internacional ha elaborado el tercer informe anual de tendencias y predicciones para la profesión de Continuidad de Negocio y Resiliencia. En este webinar presentaremos los resultados de este informe, mirando hacia atrás en lo que ha ocurrido y viendo lo que podría estar a la vuelta de la esquina para nuestra profesión. ¡No te pierdas este webinar gratuito totalmente en español!

Tags: Business Continuity Program, DRI Webinar Series, Resiliency, Spanish Language

Overview of State Street Bank's Business Continuity Program

Event: Collegiate Conference - Pace University

Author: Jerome Ryan

Overview of State Street Bank’s Business Continuity Program

Tags: Business Continuity Program, Collegiate Conference – Pace University

Public and Private…You Can’t Have One Without the Other

Event: Collegiate Conference - Pace University

Author: Ira Tannenbaum

Planning anything in a vacuum is virtually impossible. Resiliency and continuity planning – especially searching out dependencies and preparing for them – highlights the critical connections between the sectors. Various models exist to bring us together but these partnerships, like plans, are dynamic and cannot be put on a shelf to be “referenced” when necessary. In order for everyone to be successful these mutually beneficial relationships need to be nurtured and maintained on a regular basis. In this session we will discuss some of the strategies that can be used for engaging both sides of these “institutions”.

Tags: Business Continuity Program, Collegiate Conference – Pace University, Public-Private Partnership

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Event: Collegiate Conference - Pace University

Author: Tejas Katwala

Current cyber response frameworks are incomplete and cyber programs in a silo are a major vulnerability. Lost business is the number one component of cyber breach cost because of customer turnover, brand reputation loss and diminished goodwill. Cyber threat and breach are business problems and business continuity professionals have the expertise that can be leveraged to reduce both the time and money associated with a cyber breach. Join Tejas Katwala to build your business case.

Tags: Business Continuity Program, Collegiate Conference – Pace University, Resiliency, Resilient Enterprise

My Hurricane Sandy Experience: Stories from an Unlikely Emergency Manager

Event: Collegiate Conference - Pace University

Author: Morgan Jones

Morgan Jones, AVP at the New York City Economic Development Corporation describes his Hurricane Sandy Experience. Morgan A. Jones is AVP at the New York City Economic Development Corporation. Previously, Jones was Chief Operating Officer of the US-China Strong Foundation, Senior Emergency Management Specialist at NYU Langone Medical Center. Mr. Jones also served at the NYC Mayor’s Community Affairs Unit (CAU) and the Mayor’s Office of Housing Recovery under Mayors Michael R. Bloomberg and Bill de Blasio from 2010-2015.

Tags: Collegiate Conference – Pace University, Community Resilience, Public Sector, Resiliency

Resilience through Public Private Partnerships

Event: Collegiate Conference – Pace University

Author: Dr. Joseph Ryan

In the wake of the terrorist attack on September 11, 2001, the 9/11 Commission Report revealed that this country was not prepared for such a horrific tragedy, and in hindsight, for any other major humanmade/natural disaster. Since that date, the world has seen numerous tragedies from mass shootings: Newtown, Connecticut, wildfires, tornadoes (more than $300 billion in losses in 2017), superstorms, hurricanes (Puerto Rico), and other catastrophes. It is now 2018 and we need to assess our preparedness not only to major events, but every day activities such as crime, vehicle accidents, etc. This presentation will focus on where we are today, and where we need to be in the future. Specifically, the will be focus on the 2010 National Security Strategy for Achieving Resilience Through Public Private Partnerships (PPP). PPP is the logical strategy for a democratic society in that it recognizes two things: the government cannot do it alone, and preparedness requires each of us to be responsible to the degree of our individual capacities. In this session, you will learn about emergency operations center (EOC) activation criteria, stakeholder identification and prioritization during critical incidents, in addition to returning to normal operations while managing recovery

Tags: Collegiate Conference – Pace University, Public-Private Partnership, Resiliency

Pathways to Resilience: Planning a Future in the Resilience Industry

Event: Collegiate Conference – Pace University

Author: Kelsey Rose, Jerome Ryan

Join DRI board member Jerome Ryan and Director of Global Operations Kelsey Rose for an interactive discussion of the career options in business continuity and related fields. Their talk will cover everything from the current state of the industry to future trends in the resilience job market. In addition to learning the latest insights and resources from DRI, you will get to hear personal career experiences and advice from our speakers.

Tags: Collegiate Conference – Pace University, Resiliency

Women in BCM - Ask Betsy and More

Author: --

The September Women in BCM newsletter includes an invitation to the upcoming "Ask Betsy" webinar with Betsy Sayers, MBCP, ITIL, ICS - IT/DR, as well as resources for school/work balance and DRIDay in Brazil.

Tags: Business Continuity Program, Women in BCM

Young Leaders in Resilience - September 2018 Newsletter

Author: --

The DRI Young Leaders in Resilience September newsletter includes invitations to participate from YLR Chair Amber Elias and a recap of a recent NYC educational event.

Tags: Business Continuity Program, Resiliency, Young Leaders in Resilience

Maintaining Critical Staffing During an Incident

Event: Collegiate Conference - University of Kentucky

Author: Joe Monroe

Joe Monroe, Chief of Police for University of Kentucky, presents on how the nation’s colleges and universities can prepare to respond to various types of operational interruptions. Campuses face a variety of risks that can disrupt teaching, research, extension services, and healthcare. These risks can be all-encompassing, localized, or personal. Because disasters often cause loss of life, loss of income, property damage and adversely affect individuals and families, universities must make plans to continue their core functions as seamlessly as possible.

Tags: Collegiate Conference - University of Kentucky, Higher Education

Here's How it All Ties Together: A Case Study in Convergence

Event: Collegiate Conference - University of Kentucky

Author: Mike Epstein

Mike Epstein, Vice President, Risk Management & Business Continuity, The E. W. Scripps Company, discusses how his passion for business continuity has lead him to recognition as a leader in his field and a diversification of his skills into his current role. He shares lessons learned from some of the 800+ incidents he has managed over a 20 year career grounded in business continuity.

Tags: Collegiate Conference - University of Kentucky, Case Study

Business Continuity: A Career and a Profession

Event: Collegiate Conference - University of Kentucky

Author: Al Berman

DRI Foundation President and CEO Al Berman discusses the issues facing organizations today and into the future. This includes; cyber issues surrounding mobile devices and the Internet of Things (IoT), the impacts of supply chain in a global economy and privacy of individuals vs. security needs of governments.

Tags: Collegiate Conference - University of Kentucky

Organizational Resilience: The Convergence of Enterprise Risk Management and Business Continuity

Event: Collegiate Conference - University of Kentucky

Author: Lou Drapeau

Lou Drapeau, Vice Chairman of the Board of Directors for DRI International, presents on enterprise risk management and business continuity. How do we define resilience? Why is resilience important? What makes a system resilient? What does resilience mean for an organization? The answers to these questions will be revealed through a discussion of the roles of business continuity and risk management as well as where these functions reside in organizations. You’ll learn about the terminology of resilience, relevant trends identified by DRI’s Future Vision Committee, as well as cyber resilience and developing strategies for resilience.

Tags: Collegiate Conference - University of Kentucky, Cyber Resilience, Resiliency, Risk Management, Trends and Predictions, Organizational Resilience

DRI International Glossary for Resilience

Author: --

The International Glossary for Resilience is a language guide designed to improve communications and increase clarity across the business continuity, disaster recovery, and resilience community.

Tags: Communications/Crisis Communications, Resiliency

My experience with an EOC staffed by Trauma Responders

Event: Collegiate Conference - NorQuest College

Author: Garth Tucker

Garth Tucker, CBCP, CORP – Manager, E/DM Covenant Health Canada, discusses his experience with the Humboldt EOC.

Tags: Collegiate Conference - NorQuest College, Emergency response, Canada

TELUS Incident Management for recent events such as the BC/Fort McMurray wildfires and the Ontario/Quebec floods

Event: Collegiate Conference - NorQuest College

Author: Ramon Zulueta

Ramon Zulueta, CBCP, Risk Manager, Corporate Business Continuity Office (CBCO), presents on communications during disasters.

Tags: Collegiate Conference - NorQuest College, Communications/Crisis Communications, Disaster Scenarios, Canada

The Power of Collaboration: A Business Continuity Management System for the Alberta Post-Secondary Sector

Event: Collegiate Conference - NorQuest College

Author: Jim Ross

Jim Ross, Campus Alberta Risk Assurance Committee Director, Risk and Assurance Services, MacEwan University presents on collaboration as a BCM system for the Alberta post-secondary sector.

Tags: Business Continuity Program, Collegiate Conference - NorQuest College, Canada, Higher Education

IT and Business Continuity Management at NorQuest College

Event: Collegiate Conference - NorQuest College

Author: Claire Mechan,Dave Melanson

Business Continuity Coordinator Claire Mechan, ABCP, and David Melanson, BSc, discuss continuity and cyber security at NorQuest College.

Tags: Business Continuity Program, Collegiate Conference - NorQuest College, Cybersecurity, Canada, Higher Education

Enterprise Risk Management and Business Continuity Planning

Event: Collegiate Conference - NorQuest College

Author: Patrick (Butch) Brennan, Ken Baker

Ken Baker and Butch Brennan present on enterprise risk management and business continuity for the city of Edmonton.

Tags: Business Continuity Program, Collegiate Conference - NorQuest College, Risk Management, Canada

Predictions and Trends for 2018

Event: Collegiate Conference - NorQuest College

Author: Chloe Demrovsky

DRI President Chloe Demrovsky presents on upcoming BCM predictions and trends.

Tags: Collegiate Conference - NorQuest College

Women in BCM May Spotlight

Author: DRI Foundation Women in BCM Committee

Women in BCM Celebrates Working Moms for Mothers Day - get to know the WBCM Committee, get involved with upcoming webinars, additional resources, and more!

Tags: Women in BCM

Women in BCM March Spotlight

Author: DRI Foundation Women in BCM Committee

DRI Women in BCM Spotlight: DRI2018 Session Recap, BC Compensation Survey, Mentor Opportunities, Recommended Reading, and More

Tags: DRI2018, Women in BCM

Real Recovery Lessons and a Partnership that Passed the Test

Event: DRI Webinar

Author: Ryan Miller, Larry Twele

When a sudden devastating flood put a public-private partnership to the test, results were remarkable! Ryan Miller, CBCP, CBCLA, Director of Emergency Management for Howard County, MD, and Larry Twele, CEO of Howard County Economic Development Authority, offer lessons learned in recovering from a record-breaking flood – and detail the partnership between emergency management and economic development as one of the key elements that resulted in more than 95% of businesses surviving! You’ll learn about the plans in place before the flood, the immediate response, and how to create a meaningful partnership between public and private resources. For additional context, watch the NBC Nightly News coverage of the flood here: https://www.youtube.com/watch?v=9WgI9bUUsJM

Tags: DRI Webinar Series, Public Sector, Public-Private Partnership

Transparency, Storytelling, Consistency and Expertise: Nudging Humans Toward Security Compliance

Event: DRI Young Leaders in Resilience Educational Event

Author: Elizabeth Anne Watkins

Columbia University Doctoral Candidate Elizabeth Watkins presents on innovative emergency preparedness and cyber security strategies for a tech-obsessed world.

Tags: Cybersecurity, Security

WORKSHOP: Designing Creative Exercises – From Theory to Real World (Active Shooter Exercise)

Event: DRI2018

Author: Raelene Anderson, Bobby Cook

This three-hour, hands-on workshop is a practical exercise design course during which you will be actively engaged. If you want to learn how to build (or better!) your exercises, this is the workshop for you. Exercising can mean the difference between surviving a crisis and not. We practice to ensure all participants understand their roles and responsibilities during crisis. An exercise is NOT a test, but rather to practice skills learned through training. Supplementary Active Shooter Exercise Example. See presentation listing. Equally as important, is to set your exercise up right from the beginning. Designing an exercise takes time, patience, and support. An exercise should produce measurable, useful, timely and relevant results. Designing exercises is not a one size fits all, however many of the foundations are the same. This course will take you through the steps to design a creative, effective and fun exercise.

Tags: Active Shooter/Workplace Violence, DRI2018, Exercises

WORKSHOP: Designing Creative Exercises – From Theory to Real World

Event: DRI2018

Author: Raelene Anderson, Bobby Cook

This three-hour, hands-on workshop is a practical exercise design course during which you will be actively engaged. If you want to learn how to build (or better!) your exercises, this is the workshop for you. Exercising can mean the difference between surviving a crisis and not. We practice to ensure all participants understand their roles and responsibilities during crisis. An exercise is NOT a test, but rather to practice skills learned through training. Equally as important, is to set your exercise up right from the beginning. Designing an exercise takes time, patience, and support. An exercise should produce measurable, useful, timely and relevant results. Designing exercises is not a one size fits all, however many of the foundations are the same. This course will take you through the steps to design a creative, effective and fun exercise.

Tags: Active Shooter/Workplace Violence, Disaster Scenarios, DRI2018, Exercises

CASE STUDY: The Organizational Resilience Management System at the United Nations

Event: DRI2018

Author: Vic Bhatia

Streamlining business continuity management as an integral part of the emergency management framework, the Organizational Resilience Management System (ORMS) comprises crisis management, ICT disaster recovery, security, medical, staff support, crisis communications, records, facilities management and BCM. The ORMS at the UN provides an effective means to integrate and harmonize the emergency management activities. The ORMS provides a framework for cooperation across institutional silos and between the various actors responsible for the key components.

Tags: Organizational Resilience, Public Sector, Resiliency, UNISDR, Case Study

Trends and Predictions for Our Profession

Event: DRI2018

Author: Lyndon Bird

With a look back and one ahead, the chair of the Future Vision Committee, will take attendees through trends observed in 2017 and provide predictions for what to expect in the year to come. Based on the third annual trends and predictions reports, this year’s content features results from a first-ever FVC survey of DRI certified professionals worldwide.

Tags: DRI2018, Future Vision Committee, Global Strategy, Resiliency, Risk Management, Trends and Predictions

Using Key Performance and Risk Indicators to Make the BCM Business Case

Event: DRI2018

Author: Roberta Witty

Educating business managers on the business value of business continuity management (BCM) is a challenge for many organizations. Often, this challenge arises because business managers don’t understand or appreciate the value of availability risk information or their relationship to it. This lack of understanding of how availability risk links to business performance is a leading cause of BCM programs having a great, exciting start, but ending in their long-term demise. In this session, we will discuss the following key issues: What do boards and line-of-business executives want from continuity of operations programs? How do the risk-based disciplines impact corporate performance? How can you use KPIs and KRIs to present a defensible case for the value and effectiveness of BCM to an executive audience?

Tags: DRI2018, Risk Assessment, Risk Management

The Curious Case of Business Continuity (BC) and Geographic Recovery Strategies: What is Old, Becomes New…

Event: DRI2018

Author: Michele Turner

We’ve learned a lot in the past 30+ years in the world of recovery and continuity. Where the origin may have been systems and technology, an industry evolution was necessary. Where previous conversations would have been focused on tape recovery and disk storage, the 3Ps (partnership, process, and persistence) brought about a rebirth that has led to significant understanding in the shared roles of the business, IT and vendors in supporting critical processes, across geographies (language and geo political challenges not withstanding). During this session, we’ll review these 3 Ps in a case study format, using references of the 2008 movie: The Curious Case of Benjamin Button (your homework is to watch the movie!). Unusual circumstances, a refresh of what we think we know, time keeps on ticking…what is old, becomes new.

Tags: Business Continuity Program, DRI2018, Global Strategy, Process

CASE STUDY: Rain, Rushing Water, and Recovery – Lessons from Ellicott City

Event: DRI2018

Author: Ryan Miller, Larry Twele

When six inches of rain got dumped on Ellicott City, MD, in under two hours, something perhaps even more rare than the resulting 1,000-year flood happened – a partnership between county emergency management and economic development officials rose to the top and really worked! Everyone talks about public private partnerships. Attend this session to hear about one that resulted in more than 95% of businesses surviving. Ryan Miller, Director of Emergency Management for Howard County, MD, and Lary Twele, CEO of the Howard County Economic Development Authority will give an overview of the plans in place before the flood, including how they incorporated economic development into the emergency operations plan and the community disaster recovery plan. They’ll take attendees through the response – a response was so large and complex that resources from as far away as Colorado were called in – to the devastating flood that gave almost no warning. They’ll cover short, medium and long term recovery. But most importantly, they’ll teach you how to apply their model in order to get your local emergency managers and economic development officials working together!

Tags: Case Study, Disaster Scenarios, DRI2018, Public-Private Partnership

WORKSHOP: Reality-based Disaster Exercise Techniques

Event: DRI2018

Author: Jeanne Powell

We test our backups and recovery processes occasionally and pass our audits, isn’t that enough? Only if your BCP goals are just that. Those are certainly important objectives. But, those types of exercises are not enough if the ultimate goal of your BC/DR Program is for your business to survive an actual disaster and the ensuing chaos. Reality-based, scenario driven exercises pull everything together by encouraging a holistic view of impacts and consolidated recovery considerations/efforts not discoverable in more narrowly focused exercises. This workshop will build on previous topics from the same presenter and take things further into the practical realm of disaster exercises. Come and participate in this workshop as we look at and talk about the benefits of robust disaster exercises; quickly review definitions and disaster scenario creation process (previous topics); exercise ingredients, methods, and script techniques; potential outcomes. The presenter brings deep experience with both actual disaster situations and reality-based disaster exercises, which will add a real-life perspective to our discussions.

Tags: Disaster Scenarios, Process, Exercises

Sticky BC: How to Create, Value, and Elevate Your BC Program in the Organization!

Event: DRI2018

Author: Donald Long, Ted Marquardt

As a BC practitioner, to effectively prepare your organization to respond to emergencies and recover from adverse events, you must cross boundaries and build relationships with staff, team leads, department heads, and subject matter experts from the various lines of business. While nurturing these relationships, have you ever considered leveraging your exposure to the wider enterprise as an opportunity to create even more value for the organization? As you engage associates from across the enterprise, listen to their challenges and ask yourself…Are there other measures that the BC program can pursue to make the organization more resilient? Are there other potential adversities that the BC program is well-suited to proactively manage and help the business avoid? Are there more opportunities to increase BC’s “stickiness” in the company? In this session, we will explore how to identify opportunities for leveraging your BC program’s strengths that can elevate the BC practice and make your program more valuable. Make BC “sticky” by optimizing the relationships you build and by applying your expertise in other areas that can benefit from your unique perspective. We will present the real-world use cases below, along with practical templates for you to use, where you can apply your knowledge and skills to increase the resiliency of the organization beyond usual BC practices, thus creating more value with the BC program: Data Management – BC practitioners document business functions, their related application systems, and conduct BIAs. Take this a step further to define and classify the data into security classes that helps identify what can be retained or destroyed. Vendor Management – BC activities usually include the tracking of key vendors that contribute significantly to the business. Extend that activity to identify the top vendors and determine for which of those vendors to execute a more detailed assessment, audit, and review.

Tags: Business Continuity Program, DRI2018

Intersecting Points of Business Continuity/Disaster Recover and Cybersecurity

Event: DRI2018

Author: Cheryl Carmel

Information security is, without a doubt, on the minds of every executive! Identifying and reducing risks, and responding to any information security incident, is a top priority that pulls resources from all areas together. Whether your role involves business continuity or disaster recovery or crisis communications, our responsibilities are converging with our information security counterparts about these challenges. Join industry expert Cheryl Carmel (CISSP) as she defines the coordination and collaboration between information security professionals and business continuity professionals that must be present for comprehensive risk mitigation and incident response plans within the information security program.

Tags: Business Continuity Program, Cybersecurity, Security

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

Event: DRI2018

Author: Tejas Katwala

Current cyber response frameworks are incomplete and cyber programs in a silo are a major vulnerability. Lost business is the number one component of cyber breach cost because of customer turnover, brand reputation loss and diminished goodwill. Cyber threat and breach are business problems and business continuity professionals have the expertise that can be leveraged to reduce both the time and money associated with a cyber breach. Join Tejas Katwala to build your business case.

Tags: Cybersecurity, DRI2018, Resilient Enterprise

CASE STUDY: Building a Winning Team!

Event: DRI2018

Author: Linda Chevalier

Attend this session to learn how Colorado Springs Utilities, the DRI 2017 Team of the Year award recipient, built a successful team and program. Strengthening a foundation through commitment, collaboration, and communication has brought the team to the forefront of the organization at times of utility disruptions and emergency incidents. Grab a tip or two, or three, from this session to enhance any program.

Tags: Business Continuity Program, DRI2018, Utilities, Case Study

CASE STUDY: A Hurricane Harvey Success Story at Zions Bancorporation

Event: DRI2018

Author: Ryan longman

Attend this session for a firsthand Hurricane Harvey case study! Zions Bancorporation is one of the nation’s premier financial services companies with total assets exceeding $65 billion. Zions operates under local management teams and distinct brands in 11 western states: Arizona, California, Colorado, Idaho, Nevada, New Mexico, Oregon, Texas, Utah, Washington and Wyoming, including Amegy Bank in Texas. Hard hit by Hurricane Harvey in the region served by Amegy, Zions committed to helping both customers and the greater Houston community. While Amegy was open for business throughout the storm with mobile, online, and telephonic banking access, some branches did close temporarily. Hear about the actions the Zions team took to ensure the safety of its employees and help ease the financial needs of its employees, customers, and the community.

Tags: DRI2018, Hurricanes, Case Study, Banking/Financial Sector

SEC, FINRA, HIPAA, FISMA, NFPA, ISO, FFIEC – Why Can’t We All Play by the Same Rules?

Event: DRI2018

Author: Bobby Williams

It seems that every industry or government agency wants DR and BC to be done a little bit differently. Some overlap and some don’t. Throw in a standard or two, and the plot really gets complicated. If your company touches multiple industries or agencies, how can you be in compliance? Let’s take a look at some regulations, standards, and guidelines and turn the heap of ingredients into alphabet soup that we can digest. We will look at BC and DR requirements and see if we can serve up components that can help your program be palatable and in compliance with multiple menus. Start participating now by helping out the beforehand. Send Bobby Williams a message detailing the standards, regulations, or guidelines with which you must comply. This session is meant to have gobal reach so North and South America, Europe, Africa, Asia, Australia, or Antarctica, get in on this! We don’t want anything to be left out and this is one time where there can’t be too many cooks in the kitchen. You can find Bobby on LinkedIn here or email your message to brojas@drii.org.

Tags: DRI2018, Governance/Regulatory Response and Compliance, Global Strategy, Regulations and Standards, Banking/Financial Sector, Healthcare

Healthcare Track: The Hurricane Panel – Lessons Learned

Event: DRI2018

Author: Anthony Pizzitola, Mike Mastrangelo

The 2017 hurricane season hit healthcare organizations hard. Hear from your peers at healthcare institutions as they relate their experiences before, during, and after the storms with a focus on lessons learned. While our panelists are from the healthcare sector, the information they will share is informative and applicable to all.

Tags: Disaster Scenarios, DRI2018, Healthcare, Hurricanes

It’s Not Your Parents’ BCP

Event: DRI2018

Author: Michelle Cross, Paul Johnson

The world of continuity planning is evolving. We face more diverse risks and our influence extends beyond traditional continuity. The lines dividing emergency response, DR, and BCP are becoming blurred and the expectations of continuity planners had grown in both scope and magnitude. The traditional continuity planning methods are no longer sufficient to meet these evolving demands and risks. As an industry we need to be nimble and adapt the fundamentals into a more flexible continuity planning model. This session addresses how a company can take traditional continuity planning and morph itself into a risks and resiliency culture.

Tags: Business Continuity Program, DRI2018

The Emerging Importance of Improving Resilience to Hazards

Event: DRI2018

Author: Marianela Guzman, Dale Sands

Attend this session to discover why disaster resilience is a winning strategy and how the ARISE Initiative may bring public and private sector together to make a difference. Sands has served as Vice Chair, United Nations’ Private Sector Advisory Group for International Strategy for Disaster Risk Reduction (2013 – 2015), and was a Board member (2011 – 2013). While Vice Chair, UNISDR Private Sector membership grew to 100 companies from 42 countries. Working with IBM, he developed the first Disaster Resilience Scorecard based upon the UN’s Ten Essential for Disaster Risk Reduction in 2014; the Scorecard is an innovative tool to assess preparedness of communities to respond to, and recovery from, natural disasters. The Disaster Resilience Scorecard received international acclaim, was recognized as a best practice by the UN International Strategy for Disaster Risk Reduction and received the Notre Dame Climate Adaptation Index 2015 Prize. He also developed a private business resilience survey tool that was applied to over 200 businesses in New Orleans in 2016.

Tags: DRI2018, Public-Private Partnership, Resiliency

WORKSHOP: Strengthening Your Program by Auditing (Supplemental Worksheet)

Event: DRI2018

Author: Harvey Betan, Donald Schmidt

Supplemental worksheet. See presentation listing. Auditing is an objective activity that should add value to an organization by following a systematic, disciplined approach. If you’re striving to improve your business continuity program or need to audit critical suppliers, this workshop is a must. Whether you are self-assessing your program (auditing the preparedness of your suppliers) or preparing for certification, this two-hour, hands-on workshop will provide the guidance you need.

Tags: DRI2016, Audit, Business Continuity Program

WORKSHOP: Strengthening Your Program by Auditing

Event: DRI2018

Author: Harvey Betan, Donald Scmidt

Auditing is an objective activity that should add value to an organization by following a systematic, disciplined approach. If you’re striving to improve your business continuity program or need to audit critical suppliers, this workshop is a must. Whether you are self-assessing your program (auditing the preparedness of your suppliers) or preparing for certification, this two-hour, hands-on workshop will provide the guidance you need. Auditing methodology will be defined, evaluation criteria including international standards will be identified, and lessons learned from decades of auditing will be shared. Project management, collecting “evidence,” corroborating information gathered, and using objective criteria to identify program gaps and support your opinion will be covered.

Tags: Business Continuity Program, DRI2018, Audit

Healthcare Track: Active Shooter Planning and Response

Author: Scott Cormier

Active Shooter events at a healthcare facility present unique challenges; healthcare professionals may be faced with decisions about leaving patients; visitors will be present; and patients or staff may not be able to evacuate due to age, injury, illness, or a medical procedure in progress. Workplace violence is another challenge that every organization may face; however, in the healthcare setting, there are more vulnerabilities due to patients and unique tensions that may result in a higher risk of injury. In this presentation, we will discuss how to effectively utilize threat assessment teams and how to develop a healthcare workplace violence program that will minimize the destruction if violence occurs.

Tags: Active Shooter/Workplace Violence, DRI2018, Healthcare

The Future of Ransomware and Social Engineering

Event: DRI2018

Author: Ross Albert

The threat of ransomware has risen with the increased existence of sensitive digital information. Businesses and individuals have experienced their computers and servers being seized by variations of ransomware that encrypt their data and hinder their computer accessibility, which can only be resolved with a decryption key upon payment of a ransom. Through any method of data hijacking, criminals are able to access privately held information through various intrusion techniques for financial gain. Ransomware tactics have evolved, with the introduction of software that instead of requiring payment to free a compromised computer provides victims with the opportunity to obtain a key in exchange for compromising others. As the threat of ransomware has risen, so has the sophistication of the attacks, to include the use of social engineering techniques. This presentation will explore the future of ransomware, the likely evolution of tactics, techniques and procedures over the next three to five years; better understand how these intrusions occur, how social engineering techniques are used to facilitate, perpetuate, and manage ransomware operations, strategies to prevent such exploitation, and appropriate responses and mitigation efforts in the event of an attack.

Tags: Cybersecurity, DRI2018

CASE STUDY: Designing a Resiliency Program – Tradition or Innovation?

Event: DRI2018

Author: Audrey Thibodeau, Crystal Witt

Ever wonder why some business continuity and crisis management programs succeed while others do not? Traditional program methodology paved the way for our firm’s highly successful enterprise resiliency program, but over time, it also led to our BC/CM approach getting stuck in the proverbial rut. How did we dig ourselves out of that rut and gain the unparalleled support of our enterprise’s executive team? By innovating. Join us as we share stories and the lessons we’ve learned about stepping out of our comfort zone, taking a business-centric approach to continuity risk, moving from a tactical mindset to a strategic focus and the value of building relationships.

Tags: DRI2018, Resiliency, Resilient Enterprise

How to Build an Enterprise BC Program That Gets around the Roadblocks

Event: DRI2018

Author: Scott Baldwin

Whether you’re struggling with program implementation, experiencing the continuous program ‘reboot’ cycle, or just want to investigate ways to improve your BC program, this presentation will describe clear and useful strategies you can use to address the most common program roadblocks and go from initial program implementation to true business continuity resilience. Based on the experiences of many BC professionals from around the world, this presentation will provide you with tried and tested practical steps you can use to create or improve your BC program.

Tags: Business Continuity Program, DRI2016

Healthcare Track: Continuity of Healthcare for Major Chemical Mass Casualty Incidents

Event: DRI2018

Author: Mike Mastrangelo

The University of Texas Medical Branch at Galveston was recently invited to meet with the Department of Homeland Security, Office of Health Affairs to present on UTMB’s 3-year effort to develop a national model for response to major chemical incidents such as releases of toxic industrial chemicals like Hydrofluoric Acid (HF). Unlike other chemical releases, HF produces a heavier-than-air persistent vapor cloud that is toxic to people, animals, and plant life. Specific medical countermeasures are needed to treat HF injuries, yet these are in short supply. Department of Homeland Security also recently completed a three-year effort to develop a new framework and strategic approach to chemical incident preparedness (for terrorist incidents and accidents). Although the efforts were independent, there were many commonalities, including the use of advanced computational modeling by Lawrence Livermore National Laboratory to simulate chemical release scenarios. Another significant similar approach was to enhance the risk assessment process to incorporate information about the jurisdiction’s response capability. A new toolset was developed called a Response Risk Assessment (RRA). In its pilot program, DHS completed the RRA at five cities across the United States (including Houston as part of the Super Bowl preparedness effort). At the conclusion of the meeting, the Office of Health Affairs and UTMB agreed to pilot test the RRA Toolset in Galveston County Texas with the assistance of UTMB. The ultimate goal is to roll out the toolset to all U.S. jurisdictions for self-assessments. The presentation will use HF as a case study on use of an enhanced risk assessment process to build healthcare continuity. Another aspect of preparedness examined is the use of a combination of an all-chemical hazards approach – with – a specific planning approach for Priority Risk chemicals in a given region. UTMB now sponsors an annual HF incident symposium that includes national and international experts in various aspects of the response. Honeywell, the world’s largest producers of HF, participates in UTMB’s annual HF Exercise and Symposium. The project won a University of Texas National Security Excellence grant and was the basis for a recent award of a Combined Coordinated Terrorist Attack (CCTA) preparedness grant from Department of Homeland Security/FEMA.

Tags: DRI2018, Healthcare, Risk Assessment

Women in Business Continuity Management Panel Discussion

Event: DRI2018

Author: Alexandria Brennan, Marsha Buehler, Diane Doering, Mitzi Harlor, Lynn Meadows, Leah Sawyer

Building on the tremendous success of DRI2017’s Women in Business Continuity Management (WBCM) session and the continued work of the DRI WBCM Committee, this session will explore the latest research and writings of the committee and facilitate a discussion of women in our profession.

Tags: DRI2018, Women in BCM

Case Study: The Flight to DR in the Cloud

Event: DRI2018

Author: Bill Lavigne, Stephen Weber

Attend this session to learn how McKesson – a Fortune 5 company delivering medical supplies, drugs, and services to the healthcare industry – transitioned from legacy disaster recovery (DR) methodologies to provide a new way of delivering DR by leveraging new state of the art technologies available in the public cloud. The presentation will take you on a short flight to disaster recovery in the cloud, which resulted in significant reduction in costs, streamlined processes with minimal effort, and the ability to test anytime and ensure application recoverability. Topics include reasons why this journey was necessary, what technology options are available, and some of the turbulence encountered along the flight path to delivering DR in the cloud.

Tags: Cloud Technology, DRI2016, Technology

Case Study: Changing the Wheels of a Moving Car: How HCL Technologies Implemented Its BCM Program

Event: DRI2018

Author: Arunabh Mitra

What separates a “good” BCM program from a “great” one? How does an organization’s investment in BC risk mitigation systems and processes measure up against leading practices? At a time when risks are increasing, what are the building blocks upon which to build a world-class BC program that not only protects an organization from internal and external threats, but also enhances its brand and strengthens its relationships with all stakeholders? With that as the backdrop this session will explore the unique nuances and journey of building out a world class BC program at HCL Technologies. Founded in 1976 as one of India’s original IT garage start-ups, HCL is a pioneer of modern computing with many firsts to its credit, including the introduction of the 8-bit microprocessor-based computer in 1978 well before its global peers. Today, the HCL Enterprise has a presence across varied sectors that include technology, healthcare and talent management solutions and comprises three companies – HCL Infosystems, HCL Technologies and HCL Healthcare. The enterprise generates annual revenues of over US $7 billion with more than 115,000 employees from 140 nationalities operating across 32 countries, including over 500 points of presence in India. The session will include curated insights from HCL Technologies’ journey on its BCM roadmap on the following themes: Money Goes Where Strategy Goes: Connecting your BC program to the long term business strategy of the firm Never waste a Crisis: Tales of business opportunism to accelerate the BC program at the wake of incidents Culture is King: Fixing the balance of accountability and the three lines of defense The Three E’s: Exciting, equipping, and empowering a cross-generational workforce Modernization of a BCM program to keep pace with evolving times Creating a Differentiated Industry Offering Attendees will leave this session with a rich understanding of the complexities of excelling in BCM in a multi-client and multi industry environment like HCL Technologies and how we leveraged BCM to create value for the firm.

Tags: Business Continuity Program, Case Study, DRI2018, Risk Management

Plan Management vs. Risk Management – Which Has a higher ROI and Which Is More Sustainable?

Event: DRI2018

Author: Larry Chase

Join us for a special and intense session delineating a programmatic approach to defining the long-term value of your BC program. A tale of two core disciplines – each essential in our profession but not absolute equals—with focus on burden of effort as it relates to ground gained and how each layer of the organization perceives (and expects) value in plan and risk management. This session will lay out critical points, trips and traps, and keys to success.

Tags: DRI2018, Risk Management

Technology Track Working Group: Cyberattack, Preparing for the Unexpected

Event: DRI2018

Author: Jim Wexler

Newsflash! Hackers are attempting to damage or destroy the computer network at one of the world’s biggest global banks, and your job is to manage the response. This is anything but routine! Join this session to experience the cyberattack simulation. Do your teams have what it takes to lead in a crisis? In this session, you will experience a learning simulation that depicts crises – and assess your team’s predisposition to succeed. The session shares research that confirms that having the right people with the right attributes is far more effective than investing in training those who do not.

Tags: Cybersecurity, DRI2018, Technology

How and Why Resilience in the Built Environment Affects Business Continuity

Event: DRI2018

Author: Aris Papadopoulos

Attend this session for an informative analysis of how resilience in the built environment from natural hazards affects business continuity. The built environment is not limited to a company’s own facilities and supply chain. There will be a discussion of the underlying root causes of vulnerability and why resilience is a prerequisite to sustainability. The speaker will explore the emergence of the resilience movement that will change the way we do business, but also create new market opportunities, and will share what companies need to consider in their investment and operating strategies.

Tags: DRI2018, Facility Management, Resiliency, Supply Chain

The Japanese Approach to BC/DR

Event: DRI2018

Author: Shinobu Sasaki

Japan is a country that continues to suffer serious natural disasters such as earthquakes, typhoons, and floods. In most cases, these are widespread incidents that impact a fairly large geographic region. In planning or such wide area disasters, the DR strategy may depend on the location where the incident occurred. Using real-lie case studies, this session will explain the unique approach the Japanese have to BC and DR.

Tags: Best Practices, Business Continuity Program, Global Strategy, Earthquakes, Asia, Case Study

Coming to Terms: The DRI Glossary Update

Event: DRI2018

Author: Dean Gallup

Since its first release in 2014, The DRI International Glossary for Resiliency has been a major resource for business continuity and resilience professionals around the world. Currently in four different languages, the glossary provides a common language for resilience professionals to use. The Glossary Committee is ready to release a major update to the Glossary in February, 2018. This session outlines the changes to the glossary, provides information on the new glossary, and discusses the future of the glossary.

Tags: DRI2018, Resiliency

Case Study: Navigating through an Unregulated Environment: The World of Asurion’s Global Business Resilience

Event: DRI2018

Author: Jerrick Croston, Michael Smith

Are you a government, healthcare, or financial organization? Then your business continuity and disaster recovery (BCDR) program is likely driven by regulatory requirements. The purpose of this presentation is to discuss BC/DR program management for private or non-traditional organizations. The goal of this session is to explore common challenges like: What if you don’t have regulatory drivers to guide your program? How do contractual requirements guide your program? What are some effective strategies to ensure that you are strengthening resiliency in your environments? We will review a case study on how Asurion’s Global Business Resilience Team managed the recent events of Hurricane Harvey and Irma, and Mexico City’s earthquake.

Tags: Business Continuity Program, DRI2018, Global Strategy, Resiliency, Resilient Enterprise, Case Study

Technology Track Kick Off

Event: DRI2018

Author: Linda Conrad

Please join us as we welcome Linda Conrad, Principal of corporate and information security risk management at Exelon Corporation, to kick off our Technology Track with a discussion on how cybersecurity trends will affect BC/DR in 2018. At Exelon, a Fortune 100 Energy company, Conrad is responsible for driving strategic risk activities and engagement with the Chief Security Officer team, Information Technology, and Enterprise Risk Management. She oversees cyber and physical security Key Risk Indicators and mitigation. Conrad is partnering with the National Institute of Standards and Technology (NIST) and Robert H. Smith School of Business on development and predictive analytics of the cyber supply chain risk portal, which received the 2017 Cybersecurity Award for Practice from Institute of Electrical and Electronics Engineers.

Tags: Cybersecurity, DRI2018, IT/DR, Security, Supply Chain, Technology

Panel: DRI’s Revamped Professional Practices – How Is the BCM Market Keeping Pace?

Event: DRI2018

Author: Al Berman, Chris Duffy, Will Minkoff, Frank Shultz, Bob Sibik

Attend this panel discussion, led by the legendary Al Berman, to learn how the BCM market is reacting to DRI’s recently updated and expanded Professional Practices. Based in part on feedback from DRI Certified Professionals worldwide, the revamped Professional Practices now include the most current concerns to our community – worries like supply chain and cyber risks. Attend this session to see how the BCM market is handling those changes. With myriad product and services offerings built on the foundation DRI provides, the vendor community is now challenged to ensure that those offerings also are in line with your concerns and DRI’s Professional Practices – the most used standard in our profession by a mile!

Tags: DRI2018, Professional Practices

Here Comes the Cavalry (literally) – The Military and Defense Support to Civil Authorities

Event: DRI2018

Author: Duane Bygum, COL John Dooley, Ron Latorre, Joachim Gloschat, COL (Ret) M.Scott Furr

Have you ever wondered how the military gets involved with disaster response? How does the military fit into the Incident Command System (ICS)? Why are military assets committed to some disasters and not others? Is there a difference between support provided by active duty, National Guard, and reserve components? Is it martial law?! Join this session to hear from our panelists and learn more about the nuances of military response and capabilities during a disaster.

Tags: DRI2018, Emergency response

Risk Assessment? Here's How!

Event: DRI2018

Author: Dan See

Have you done a Risk Assessment lately, ever? Do you have a risk methodology to work with? Do you know the critical assets that really allow your organization to meet its business goals? What keeps you and your leadership up at night? This risk assessment workshop will put your conference time to good use and go beyond talking about risk assessments – you’ll actually do a risk assessment. Using a combination of lecture and practical exercise you will be able to go back to your organization and put your new risk assessment skills to use/ The workshop will cover risk methodology (analyzing, reporting, managing); undesirable events; performing the analysis (impact, threat, vulnerability) risk identification; risk mitigation; and risk reporting.

Tags: DRI2018, Risk Assessment, Risk Management

DRI2018 Keynote Address

Event: DRI2018

Author: Mary Rose McCaffrey

DRI is honored to have Mary Rose McCaffrey as our day one keynote speaker. McCaffrey will draw from her three decades of security experience, including leadership positions at the Central Intelligence Agency, the National Reconnaissance Agency, Director of National Intelligence and the Department of Defense. Currently, Vice President, Security, ES &CSO, Northrop Grumman where she leads global security responsible for the protection of Northrop Grumman employees, facilities, and customer information, McCaffrey will address issues of great concern to all DRI2018 attendees.

Tags: DRI2018

DRI2018 Welcome Address

Event: DRI2018

Author: Chloe Demrovsky

Join Chloe Demrovsky as she welcomes DRI2018 attendees to Nashville and sets the tone for her first annual conference as DRI’s President and CEO. She will address key updates from DRI as well as speak to our profession as a whole.

Tags: DRI2018

Resilience in 2018

Event: Corporate Governance Summit

Author: Chloe Demrovsky

DRI recently presented at the 11th Corporate Governance Summit, held in Istanbul, Turkey, this January by Turkey’s Corporate Governance Association (TKYD). This year’s summit theme was “Corporate Governance’s Driving Force: Resilience and Durability,” focusing on organizational resilience and sustainability including a discussion of the implications of these two disciplines at the policy level.

Tags: Resiliency

Trends and Predictions from DRI’s Future Vision Committee: How to Prepare for 2018

Event: DRI Webinar

Author: Lyndon Bird, Chloe Demrovsky

Lyndon Bird, Chairman of DRI International’s Future Vision Committee, and Chloe Demrovsky, DRI President and CEO, discuss the findings of the Third Annual Global Risk and Resilience Trends and Predictions reports (also available in the resource library). Discover how your job will be impacted by world events — including supply chain disruption, extreme weather events, data protection, and more — and what you can do about them.

Tags: Future Vision Committee, Global Strategy, Resiliency, Trends and Predictions

Third Annual DRI International Global Risk And Resilience Predictions Report

Author: Future Vision Committee

It’s never easy to predict the future. With the pace of change rapidly increasing, accurate predictions are ever more difficult to make solely based upon extrapolation of past events. In this report, we have tried to make reasonable predictions given our current knowledge, and the DRI Future Vision Committee has limited its predictions to those issues most likely to impact resilience professionals.

Tags: Future Vision Committee, White Paper, Global Strategy, Resiliency, Trends and Predictions

Beyond Compliance: Getting Real About Regulations

Event: DRI Webinar

Author: Al Berman, Bobby Williams, Mike Mastrangelo

Organizations are becoming more proactive in assessing their programs and doing so in a more robust manner. This not only leads to them being more resilient but also reduces the effort associated with simply preparing for an audit. This webinar will examine how organizations are addressing regulatory compliance, which regulations they face, and how a pre-assessment program will help them be more resilient and improve their compliance.

Tags: DRI Webinar Series, Healthcare, Governance/Regulatory Response and Compliance, Audit, Regulations and Standards

Third Annual DRI International Global Risk And Resilience Trends Report

Author: DRI Future Vision Committee

Published each November, the DRI International Global Risk and Resilience Trends Report is essential reading for resilience professionals. It provides a summary of key trends that emerged over the course of the year as well as insight into the current state of the profession.

Tags: Future Vision Committee, Global Strategy, Resiliency, Risk Management, White Paper, Trends and Predictions

DRI Position Paper - Workplace Violence: Active Shooter, Terrorism, and Other Acts of Violence in the Workplace

Event: DRI Position Paper

Author: DRI Board of Directors

The DRI International Board of Directors has released the first of its position papers on the major issues affecting resilience professionals today. This statement covers active shooter scenarios, terrorism, and other acts of workplace violence.

Tags: Active Shooter/Workplace Violence, DRI Position Statement

Factores claves de éxito en la implementación de BCM (según las prácticas del DRI)

Event: DRI Webinar

Author: Mariana Quirós

In DRI's first Spanish-language webinar, Mariana Quirós of Copa Airlines talks about the changes to the new Professional Practices. She also guides viewers through implementing the practices within their organization.

Tags: Professional Practices, Spanish Language, DRI Webinar Series

A Study of Women in Business Continuity Management

Event: DRI White Paper

Author: DRI Women in BCM Committee

Based on the results of over 1,000 respondents to a survey conducted by the Women in Business Continuity Management Committee, this white paper examines the experiences of women in the BCM field, as well as professional expectations and challenges as the profession moves into the future.

Tags: White Paper, Women in BCM

Mapping The Professional Practices for Business Continuity Management from DRI International to The Sendai Framework for Disaster Risk Reduction

Author: Lyndon Bird

This white paper is designed as a tool for integrating organizational approaches to business continuity management and disaster risk reduction, a roadmap for implementing the Sendai framework into their existing resilience program.

Tags: Professional Practices, UNISDR, White Paper, Organizational Resilience

Cyber Risk and the Internet of Things

Event: DRI Webinar

Author: Bobby Williams, Melanie Sankaran

This webinar presentation tackles the much-requested subject of cybersecurity and the Internet of Things (IoT)! We all know that the risk is real – everyday objects are increasingly able to send and receive data. But do you know what compromised “smart” devices – like baby monitors or printers – could mean for your organization? Hear from both cybersecurity and business continuity executives as they discuss IoT from a corporate perspective and share their perspectives on this timely and compelling topic.

Tags: Cybersecurity, Internet of Things/IoT, IT/DR, DRI Webinar Series

Active Shooter and Mass Casualty Response: A Crisis Management Perspective

Event: DRI Webinar

Author: Felipe Den-Brok

The FBI’s Felipe Den-Brok addresses the timely topic of active shooters and mass casualty response from a crisis management perspective. With decades of experience to speak from, Den-Brok — who is a Supervisory Special Agent in the Crisis Management Unit — brings his experiences and actual case studies — including Virginia Tech, Fort Hood, and Sandy Hook — to the resilience profession in this compelling webinar. He’ll also discuss potential warning signs to look out for and developing a survival mindset in the midst of an active shooter event.

Tags: Active Shooter/Workplace Violence, DRI Webinar Series

2016 Kumamoto Earthquake Information Gathering Field Survey

Author: DRI Japan

On April 14, 2016, a strong earthquake occurred in Kumamoto Prefecture in Japan. In Kumamoto Prefecture, many buildings, including hospitals, collapsed and utilities were disrupted by the main shock and aftershocks. DRI Japan worked with Osaka University researchers to send a questionnaire about the actual conditions for information collection and sharing at the time of Kumamoto earthquake to the top information managers of the four major hospitals in Kumamoto city. The results are detailed in this research paper.

Tags: Earthquakes, Asia

Resilience in Supply Chains

Event: DRI Webinar

Author: Don Klock

With the advent of globalization, outsourcing, enhanced connectivity, and higher reliance on suppliers, supply chain disruptions have become more prevalent in the recent years. In this webinar, we will explore conceptual and practical developments on supply chain risk, supply chain resilience, and the application of business continuity beyond organizational boundaries. This webinar was sponsored by Metric Stream.

Tags: DRI Webinar Series, Supply Chain

LGU Initiatives to Promote Zero Casualties During Disasters

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Joe Sarte Salceda

Rep. Joe Sarte Salceda, 2nd District, Province of Albay, discusses initiatives to promote zero casualties during disasters.

Tags: Collegiate Conference - De La Salle University, Asia

West Valley Fault Threat in Manila

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Renato U. Solidum, Jr.

Renato Solidum, Jr. discusses the implications of the magnitute 7.2 earthquake for Metro Manila and Nearby Provinces.

Tags: Collegiate Conference - De La Salle University, Earthquakes, Asia

Enhancing Private Sector Support to Government's Disaster Risk Reduction and Management Through Strategic Human Resource Management Initiatives

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Rachel Quero

Dr. Rachel A. Quero presents on enhancing private sector support to government's disaster risk reduction and management through strategic human management initiatives.

Tags: Collegiate Conference - De La Salle University, Public-Private Partnership, Asia

Business Resilience and Humanitarian Logistics

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Brian Gozun

Dr. Brian Gozun, DLSU College of Business, discusses disaster risk reduction and business logistics.

Tags: Collegiate Conference - De La Salle University, Asia

Business Continuity Initiatives of the Central Bank of the Philippines

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Dickenson Y. Africa

Dickenson Y. Africa, CPA, CISA, MBA, CBCLA, discusses BCM initiatives of the Bangko Sentral NG Pilipinas.

Tags: Business Continuity Program, Collegiate Conference - De La Salle University, Asia, Banking/Financial Sector

Business Community Uniting to Mitigate Disaster Impact

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Butch Meily

Butch Meily, PDRF, discusses uniting the business community to mitigate disaster impacts.

Tags: Collegiate Conference - De La Salle University, Public-Private Partnership, Asia, Community Resilience

Healthcare Continuity and Resilience

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Angeli Medina

Angeli Medina, NYHHS, NYC, presents on business continuity in the healthcare sector.

Tags: Collegiate Conference - De La Salle University, Healthcare

Current Issues and Careers in Business Continuity

Event: DRI Collegiate Conference, De La Salle University - Mar. 16, 2017

Author: Chloe Demrovsky

DRI Executive Director Chloe Demrovsky's presentation on current issues and careers in business continuity.

Tags: Collegiate Conference - De La Salle University

Monday Afternoon Plenary: A Conversation with Christine Springer

Event: DRI2017

Author: Christine Springer, John Franchy

Join us for an enlightening and interactive conversation with Christine Springer, Professor and Founding Director, Executive Master of Science in Crisis and Emergency Management, University of Nevada, Las Vegas. DRI Board Member John Franchy will facilitate the discussion.

Tags: DRI2017

Case Study: The Energy Authority and Hurricane Matthew

Event: DRI2017

Author: Pauline Williams-Banta

As Hurricane Matthew marched towards Florida, The Energy Authority (TEA) in Jacksonville was getting ready to respond. Attend this session to hear how TEA prepared for and weathered the storm — one that caused widespread flooding, damage, and power outages across the state. The Energy Authority (TEA) provides public power utilities with access to advanced resources and technology systems. TEA is a public power-owned, nonprofit corporation with offices in Jacksonville and Bellevue, WA. A national portfolio management company, TEA evaluates challenges, manages risks, and executes solutions to serve more than 50 public power clients.

Tags: Case Study, DRI2017, Hurricanes

Governing Your Controls: Placing a Sound Bet

Event: DRI2017

Author: Michele Turner

Controls are meant to reduce/mitigate risk, but what happens when they actually introduce more risk into the environment? What bets should be covered, and do you ever decide to just let it ride? It’s a tough call but one that has to be made when the cost of mitigation (resources, finances, operations, etc.) outweighs the customer and corporate value add. During this session, we’ll explore ways that organizations balance that spinning “risk vs. reward” wheel through activities such as common control language, alignment to risk universe, and a solid change management framework to pivot from when the deck gets reshuffled. While nothing is a “sure thing” and there always will be risk, identifying the right controls, and the most appropriate tools to drive the most impactful action is the key. Play your cards right and come out a winner!

Tags: DRI2017

Are Traditional Disaster Recovery Plans Still Relevant?

Event: DRI2017

Author: Bobby Williams

In today’s world of Cyber thieves, Distributed Denial of Service (DDoS) attacks, application outages in addition to data center losses, shouldn’t out technology plans be more robust than just the traditional data center losses? Banks and OCC regulated financial institutions are now “expected” to follow the FFIEC Cybersecurity Assessment Tool which is loosely based on the NIST Cybersecurity Framework. Could we institute a contingency plan based on NIST 800-34 to cover multiple regulatory assessments and to enhance our own technology recovery program? What is the difference between your DR plans and a NIST based Contingency Plan? Let’s look at the NIST 800-34 (rev 1) and see how the controls line up to a help evaluate our technology recovery program and to see how it could help with creating a robust Information Security program based on the NIST 800-53 controls. It would be a great starting place for some programs that haven’t gained much traction (or that don’t exist), but it could also be a great evaluation tool for any current program that is already in place. Attend this session, do a deep dive, and see what it could mean to you. We might even have a guest appearance by one of the authors of the 800-34 (rev 1)!

Tags: DRI2017

Technology Track Kickoff: Emerging Cyber Threats and Business Continuity

Event: DRI2017

Author: Troy Wilkinson

Kick off DRI017’s technology track with this session, exploring headline-making risks to continuity programs everywhere, and then continue on with the topic by attending the Technology Track panel discussion and working group sessions for a better understanding of the threats your organizations faces and how to meet them.

Tags: Cybersecurity, DRI2017

A Terrorist Attack Experience via Learning Technologies

Event: DRI2017

Author: Jim Wexler, Tony Tran

Do you have what it takes to lead in a crisis? In this session, two riveting learning simulations immerse executives in best practices for crisis leadership — and assess their predisposition to succeed. First, hackers are attempting to damage or destroy the computer network at one of the world’s biggest global banks, and your job is to manage the response. Next, as you serve on the bank’s crisis management team, terrorists release ricin on subway trains during morning rush hour. Join this session to experience these self-led “virtual tabletop exercises” and take the continuity preparedness challenge! These new learning technologies measure whether continuity preparedness executives are right for the job, through a crisis readiness diagnostic that predicts for attributes that are effective in crisis situations. The session will present research that confirms that having the right people with the attributes to do well in a crisis is far more effective than investing in training those who do not.

Tags: DRI2017

Case Study: Tailoring a Risk-Based Approach to Mission Assurance

Event: DRI2017

Author: Jerry Vevon, Carol Grigg

Implementing a mission assurance program for a large government agency always has it challenges. Getting senior level support using a risk-based approach required adapting a traditional model to terms that resonated with both senior and middle managers. But how do you actually execute this formula in your program? A traditional risk formula or model looks at Threats, Vulnerably, and Intentions to determine risk. (T * V * I = R). We looked at Threat and Vulnerability in terms that were understandable and manageable to the MA practitioner and also the agency leadership. Our approach which resonated with upper management. focused on People, Process, Technology, and Facilities and looked at the agency by sectors.

Tags: Case Study, DRI2017

Case Study: Keep Pace with Business, BCM in a Fast-evolving Company

Event: DRI2017

Author: Beatrice Turrini

Imagine yourself as a fresh appointed BC Manager: you setup an ambitious program, plan your work in detail for the next years, analyze amounts of data, produce reports, plans, discuss processes, train people. From the best practices perspective, you have everything in order. Then one day, when you meet your management, you realize they are not interested in all that information. They ask you the very question you are not ready to answer... yet. You feel too slow in a fast company. In this session you will hear some lessons learned from first-person experience, and some suggestions on how to adapt your language, your role and re-think your BCM program objectives, to stay as close as possible to business speed and priorities.

Tags: DRI2017, Case Study

An Exploration of Women in Business Continuity: Trends, Challenges, and More

Event: DRI2017

Author: AnneMarie Staley, Linda Conrad, Naeemah Luckey, Lisa Reshaur, Melody Wen

While female business continuity professionals are continuing to rise to higher positions within their organizations and secure greater visibility in the profession, there is still much work to be done. The national conversation around whether women can indeed have it all is just as relevant to women pursuing a career in this traditionally male-dominated field. Last year, DRI International created a Women in Business Continuity Management Committee and committed to several research projects last year to draw attention to the unique needs, interests and challenges that face women in this profession. Now, AnneMarie Staley, the Chair of that committee, will lead a discussion of our findings. Whether you are a woman or you are an individual who works with, supports, or manages women in this field, this session is sure to ignite thought-provoking discussion around an issue that has not been extensively covered.

Tags: DRI2017, Women in BCM

Workshop: Creating Realistic Disaster Scenarios for Exercises (Handouts)

Event: DRI2017

Author: Jeanne Powell

Do you remember back in school when your teacher taught what you needed to pass the exam versus how that knowledge could be applied in real life to solve real problems? As business continuity professionals, we know there’s a big difference between a being regulatory compliant and the business’ preparedness and readiness to actually survive a real disaster situation. There are outages, emergencies, and disasters. Surviving the consequences of an actual disaster requires full-fledged disaster preparedness and readiness. Preparedness includes creating and executing exercises with realistically complex disaster scenarios focused on recovery ability and testing the readiness of capabilities. Creating that kind of an exercise scenario script is not intuitively obvious. In this hands-on collaborative session, we will look at a conceptual roadmap of what it takes to create realistically complex exercise scenarios intended to better prepare your organization to survive and mitigate an actual disaster. Come learn from a speaker with a rich background and experience in disasters. Everyone is encouraged to contribute their experience and imagination as together we walk through the creative process of identifying disaster scope and scale, ripple and cascading effects, players and their responsibilities/effects, and creating credible disaster recovery timelines during this session.

Tags: Disaster Scenarios, DRI2017

Workshop: Creating Realistic Disaster Scenarios for Exercises (Part 2)

Event: DRI2017

Author: Jeanne Powell

Do you remember back in school when your teacher taught what you needed to pass the exam versus how that knowledge could be applied in real life to solve real problems? As business continuity professionals, we know there’s a big difference between a being regulatory compliant and the business’ preparedness and readiness to actually survive a real disaster situation. There are outages, emergencies, and disasters. Surviving the consequences of an actual disaster requires full-fledged disaster preparedness and readiness. Preparedness includes creating and executing exercises with realistically complex disaster scenarios focused on recovery ability and testing the readiness of capabilities. Creating that kind of an exercise scenario script is not intuitively obvious. In this hands-on collaborative session, we will look at a conceptual roadmap of what it takes to create realistically complex exercise scenarios intended to better prepare your organization to survive and mitigate an actual disaster. Come learn from a speaker with a rich background and experience in disasters. Everyone is encouraged to contribute their experience and imagination as together we walk through the creative process of identifying disaster scope and scale, ripple and cascading effects, players and their responsibilities/effects, and creating credible disaster recovery timelines during this session.

Tags: Disaster Scenarios, DRI2017

Workshop: Creating Realistic Disaster Scenarios for Exercises (Part 1)

Event: DRI2017

Author: Jeanne Powell

Do you remember back in school when your teacher taught what you needed to pass the exam versus how that knowledge could be applied in real life to solve real problems? As business continuity professionals, we know there’s a big difference between a being regulatory compliant and the business’ preparedness and readiness to actually survive a real disaster situation. There are outages, emergencies, and disasters. Surviving the consequences of an actual disaster requires full-fledged disaster preparedness and readiness. Preparedness includes creating and executing exercises with realistically complex disaster scenarios focused on recovery ability and testing the readiness of capabilities. Creating that kind of an exercise scenario script is not intuitively obvious. In this hands-on collaborative session, we will look at a conceptual roadmap of what it takes to create realistically complex exercise scenarios intended to better prepare your organization to survive and mitigate an actual disaster. Come learn from a speaker with a rich background and experience in disasters. Everyone is encouraged to contribute their experience and imagination as together we walk through the creative process of identifying disaster scope and scale, ripple and cascading effects, players and their responsibilities/effects, and creating credible disaster recovery timelines during this session.

Tags: Disaster Scenarios, DRI2017

The Often Misunderstood Business of Risk Management

Event: DRI2017

Author: Rakesh Pande

Risk Management as a subject is often misunderstood — and therefore mismanaged — by risk professionals, with “risk owners” having very little say in decision making. Such a situation is a recipe for a disaster. During this session, we will discuss the key weaknesses and gaps in the present day risk management, with an objective to propose a sound risk management framework and practices for business to consider and adopt. Since complexity is the biggest enemy of security and risk management, key concepts and solutions will be discussed in a simple, yet effective manner. This session will help risk professionals and business owners connect at meaningful level and move their programs forward together.

Tags: DRI2017, Risk Management

Technology Track Working Group: The Cloud Solution Experiment - Hero or Zero

Event: DRI2017

Author: Jack Orlove

The cloud can make you a hero and provide all the upside of a cloud managed solution such as automation, scalability, and reducing cost; or, it make you regret a cloud decision with numerous privacy, security, and ownership issues. In this session we will explore actual “war” stories and discuss concerns that were either solved by the cloud or exacerbated by transferring the risk to a third-party vendor. We’ll also discuss how to provide assurances that your critical products, services, and data will survive in the cloud. This workshop will target technical issues as well as the compliance issues of concern to the disaster recovery expert.

Tags: Cloud Technology, DRI2017

Could Lack of System Resiliency or a Cyber Incident Be Your Next BCP Event?

Event: DRI2017

Author: Doreen Norako

The BCP risk impact landscape has changed significantly over the past decade. The continuous availability of systems and data have never been more in demand. Your next business interruption may not come from the usual risk factors of losing a building or IT hardware component. Today’s challenges include BCP managers considering systems downtime due to design flaws, coding issues, or a cyber event to name a few. This session will walk you through the questions you should consider when reviewing these potential impacts for your organization, your vendors, and supply chain.

Tags: Cybersecurity, DRI2017

Taking Care of Your Own: The Human Side of Emergency Response and Business Continuity

Event: DRI2017

Author: Penny Neferis, Yuri Pacheco

The airline industry has been faced with several emergency incidents that require it to take care of “people” after a traumatic experience. See how JetBlue has adapted our Family Assistance Center plan and applied it day to day to support the Customers, Crewmembers (employees) and the communities we serve. And learn how you can apply airline industry best practices in your organization.

Tags: DRI2017, Emergency response

Case Study: Lessons Learned from the Chennai Disaster of 2015

Event: DRI2017

Author: Arunabh Mitra

Weeks of torrential rains in November of 2015 caused the worst flooding the southern India city of Chennai has seen in 100 years. More than 500 people were killed with the estimates of damage and losses ranging from US$ 3 billion — US$15 billion. The floods were amongst the costliest natural disasters of 2015 and left a significant impact on the city and its people. Chennai is the second largest exporter of software in India and is home to some of the world’s leading information technology companies including HCL. This session will detail HCL’s significant presence in Chennai and the speaker’s first-hand experience in managing this disaster. Key takeaways for attendees include real-world, frontline, actionable information gleaned during and after the incident. They are: Incident response and crisis management in action: The Top 5 Leadership Lessons on Crisis Management Business continuity in the context of globalization: The nuances of “recovery” in the paradigm of a globalized and outsourced environment. The human aspects of continuity and resilience

Tags: DRI2017, Asia, Case Study

Quantifying Risk for Preparedness and Continuity: University of Texas Medical Branch at Galveston

Event: DRI2017

Author: Mike Mastrangelo

Given the high level of risk at the UTMB Campus, we work to eliminate the subjectivity of the risk assessment process as much as possible and to quantify that risk where possible. The risk assessment process is the foundation of UTMB’s Preparedness Program and it affords officials the the best information to optimize preparedness and respond to incidents. An overview of the Preparedness Program will be provided — looking at specific examples of risk quantification including hurricanes and chemical incidents (Hydrofluoric Acid incidents in particular).

Tags: DRI2017, Healthcare

Risk Management Track Working Group: Aligning Business Continuity and Risk Management

Event: DRI2017

Author: Chris Mandel

We all know that business continuity and risk management must be aligned in every organization. The disciplines are natural allies and when they join forces they contribute exponentially more to the greater good. So, let’s stop talking about why it’s a good idea (that’s preaching to the choir). Let’s talk about HOW to make it happen. Attend this interactive session for a tactical exploration of the way BC and risk can and should interface on a day-to-day basis and what you can do to make that happen in your organization.

Tags: DRI2017, Risk Management

Removing the Administrative Burdens of Continuity Programs

Event: DRI2017

Author: Marc Kantor

Many firms have relied on a legacy network of individuals, processes, tooling and documentation that have organically evolved to fit their Business Continuity needs and concerns. These disparate activities are often not centrally organized, managed, or sometimes not universally known, and have a tendency to become outmoded and ineffectual. Using a defined methodology that extends itself to virtually any organization, firms can create a holistic and centrally managed continuity program, encompassing of crisis management. A robust program, that in its end state will not require substantial funding or resources. Drawing on available enterprise IT resources, leveraging tools every firm has readily available, creative use of human capital, refined data collection & aggregation, and well defined messaging can effectively create a resilient firm-wide continuity program. Enact foundational aspects that will cast the program on a forward path of continuous improvement, adding value to HR, Finance and other parts of the organization as information consumers. This is a replicable formula that works. With the right people involved and a defined course of action, this plan helps institute an enterprise wide continuity program using minimal budgetary and human capital resources. A winning formula that speaks to most firms’ needs.

Tags: Business Continuity Program, DRI2017

How To Provide Management with the Cost/Benefit and ROI of Risk Management Controls

Event: DRI2017

Author: Michael Kadar

How do you currently justify the cost for investments in operational risk controls? Do risk assessment results you currently report to management actually give them useful information they can use to cost-effectively manage risk? Although risk heat maps and prioritized risk lists provide some guidance, do you provide management with information to justify the cost of proposed controls? Perhaps they require something different than what you have been reporting. This session will present a step-by-step method that guides you through the implementation of the RAMxyz risk assessment tool in MS Excel. You will learn how the tool’s Impact Assessment is used to prioritize facilities and processes. You will learn how the Risk Assessment spreadsheet is used to perform the Threat Analysis, Vulnerability Analysis, and Impact Analysis. You will see how this data is used to calculate the Annual Risk Score and the Annual Financial Risk for each threat. Finally, you will learn how the Decision Analysis section produces the Cost/Benefit Ratio and Return on Investment (ROI) data that can allow management to determine the financial feasibility of controls proposed for each threat. Bonus: Session attendees that request the RAMxyz tool for their BCM program will receive the Excel file within two weeks after the conference.

Tags: DRI2017, Risk Management

Case Study: Riots, Relocation, & Resiliency: Exelon Corporation’s Response to & Recovery from the Baltimore Riots

Event: DRI2017

Author: Erin Holloway, Kathy Bosse

On April 12, 2015, Baltimore man Freddie Gray sustained injuries following his arrest by police and subsequently died one-week later of a spinal injury. In the afternoon of April 27, 2015, following Gray’s funeral, rioting erupted in West Baltimore, resulting in the Governor of Maryland declaring a state of emergency and implementing a city-wide curfew. This event impacted 11 Exelon facilities in its downtown Baltimore location. The protests and riots lasted for eight days and affected more than 4,000 Exelon employees within three critical operating companies. This presentation will discuss how Exelon’s Business Continuity & Crisis Management team managed the event through effective communication, coordination with Exelon Business Functions to ensure those impacted had the resources necessary to successfully recover, and the subsequent year to follow as six officers stood trial. This was the largest business disruption in Exelon’s history there were no employees injured, no Exelon property damaged and little to no loss of revenue. By providing appropriate guidance and collaborating efforts, Exelon’s Business Continuity team effectively prepared the company to continue maintaining the highest standards of safety and reliability for its people, customers, and communities.

Tags: Case Study, DRI2017, Resiliency

Building a BC/DR Control Library and Regulatory Response Program

Event: DRI2017

Author: David Garland

With the ever-changing landscape of Business Continuity, it’s more important than ever before to truly understand your obligations, responsibilities, and where you stand. Learn how to build a regulatory response function, align your BCDR program with regulations and standards, and begin to think about controls that will help you achieve operational goals and compliance with laws, regulations and internal policies.

Tags: DRI2017, Governance/Regulatory Response and Compliance

World Economic Forum 2017 Risk Report Overview

Event: DRI2017

Author: Mary Gardner

This session will provide an overview of the 2017 World Economic Forum (WEF) Risk Report. 2017 marks the twelfth year that the WEF surveys over 800 global leaders to determine their top ten risks. In recent years, societal, geopolitical and environmental threats have come to supplant economic risks as issues of greatest global concern. As our world continues to be more interconnected, a holistic risk management approach needs to consider the interdependencies between risks. The 2016 WEF Risk Report called for actions to build resilience. This session will identify practical examples of how this could be done.

Tags: DRI2017, Resiliency, Global Strategy, Risk Assessment, Risk Management

The Future Vision Committee: A Chance to Debate the Key Issues of Today

Event: DRI2017

Author: DRI Future Vision Committee

The FVC is tasked by DRI to look a business trends and issues that might affect the resilience community. As well as webinars, blogs, and white papers, they also deliver an annual Trends and Forecast Report — from which the Committee Chair Lyndon Bird will briefly present the main conclusions for 2017. In a Q&A format, the chair and other attending FVC members will take questions from the audience on any subject that delegates feel important to our future security and prosperity. These can range from political uncertainty across the globe (civil wars, terrorism, nuclear proliferation, economic downturn) to the practical issues of cyber criminality, societal security, and law enforcement in local communities. Whatever your concerns, the FVC will have a strong opinion, and we want to hear your opinions too.

Tags: DRI2017, Future Vision Committee, Trends and Predictions

From Lincoln to Pumpkins to Sundaes to Tractors: Preparedness through the Eyes of an Illinois Medical Center

Event: DRI2017

Author: Troy Erbentraut

Attend this session for an up-close, case study look at hospital preparedness in the state of Illinois. From humble beginning to the current continuity and Hospital Preparedness Program (HPP), we will explore lessons learned that can be applied to any organization with an evolving program and attendees will come away with an understanding of how a plan rooted in emergency response has grown to encompass business continuity. OSF HealthCare, owned and operated by The Sisters of the Third Order of St. Francis, Peoria, Illinois, includes OSF Healthcare System consisting of 11 acute care facilities and two colleges of nursing. It also has a primary care physician network consisting of over 1000 primary care, specialist physicians, and advanced practice providers. OSF HealthCare is a multi-state corporation, operating facilities in Illinois and Michigan, providing state-of-the-art, compassionate care to nearly 3 million people in the communities we serve.

Tags: DRI2017, Healthcare

Risk Management Track Kick Off: Integrating Risk Management & Business Continuity

Event: DRI2017

Author: Mike Epstein

Kick off DRI017’s risk management track with this session which Mike Epstein, Sr. Director, Risk Management & Business Continuity for The E.W. Scripps Company likes to call “Tales from the Local News.” Scripps serves audiences and businesses through a growing portfolio of television, radio and digital media brands. Epstein will explore the lessons, benefits, and challenges of integrating and evolving a risk management and business continuity program. From responding to a landscaping truck being used as a “master key” at a TV station to working with authorities on security issues in today’s political and social media environments, Epstein will explain the relationship between risk management and business continuity using real-life examples…ripped from his company’s very own headlines.

Tags: DRI2017, Risk Management

Public Agencies and Private Organizations: Incident Management Interfacing

Event: DRI2017

Author: John Driscoll II, Brock Holowachuk, Scot Phelps

We all know that relationships between public agencies and private sector organizations must be established prior to a crisis situation. While it doesn’t always happen, there seems to be a concerted effort by both sides to reach out. Now let’s go beyond that basic concept and get down to the nitty gritty. How exactly should and can public agencies and private organizations interface during an incident? How best to provide mutual aid? How can everyone do their respective jobs without getting in each other’s way? What do you need to know about preserving a scene/protecting evidence? Attend this session for real-world examples and practical advice.

Tags: DRI2017, Public Sector, Public-Private Partnership

Risk Management Track Panel Discussion

Event: DRI2017

Author: Louis Drapeau, Mitch Simon, Chris Summerrow

Join our panel as they speak from their varied backgrounds to the intersection of business continuity and risk management. Risk doesn’t respect silos and really knows no bounds. Come hear from our panel of experts and bring your questions for what is sure to be an information-packed Q&A.

Tags: DRI2017, Risk Management

BCM and Climate Change

Event: DRI2017

Author: Linda Conrad

Everyone is aware of climate change, but how many of us really understand climate change as a business risk? Attend this session or a discussion of emerging risks and impacts of climate change on your business, evolving resilience and insurance solutions, and a demonstration of new technology visualization of disaster and flood risk and recovery.

Tags: Climate Change, DRI2017

Leading From the Front: Executive-Level Engagements in Crisis Management

Event: DRI2017

Author: Larry Chase, Crystal Witt

Attend this session for a unique and proven approach to smashing through traditional barriers and earning a sustained executive buy-in, especially where crisis management is concerned. The presenters will share logistics of key successes in gaining significant ground in program maturity and execution through proven and thoughtfully targeted training/awareness programs. Learn more about this winning strategic model which results in a unprecedented cultural gains. See what happens when you color outside the lines and challenge everything so as to closely align a rapid program elevation agenda to a company’s most treasured values.

Tags: DRI2017, Executive Support

The BREXIT Vote: Nine Months On

Event: DRI2017

Author: Lyndon Bird

The DRI Future Vision Committee Chair Lyndon Bird is a UK citizen living in London. Listen to what has happened since the vote that stunned the business and political worlds at home and abroad. Hear Bird’s views on the future for the UK relationships with Europe, the U.S. and the developing world – not only in trade but also in crime prevention, defense, and environmental cooperation. Understand the issues that will impact resilience professionals directly and how these might vary depending on the model of departure negotiated. Bird also will reflect on its wider significance, as trust in the ruling elites seem to be breaking down across the traditional western democracies.

Tags: DRI2017, Europe, Future Vision Committee

Where’s the Exit? How to Escape a Boring Culture of Resilience!

Event: DRI2017

Author: Ray Bonilla, Julia Kundred

Why should building a culture of resilience be boring? You need all levels of the organization to be engaged and embrace their role in preparedness and resiliency. So, it isn’t something we do just once a year — it can be a fun, engaging, on-going process of building that “muscle memory” on what to do when business disruptions occur. This session will teach business continuity, crisis management, and disaster recovery professionals how to engage their audience to make sure your resiliency and continuity management messages stick. Business continuity planning and emergency preparedness are important but that doesn’t mean the messaging needs to be dry and boring. In this session, we will teach valuable tips and guidelines on how to create compelling content which will engage audiences and inspire them to embrace their role in becoming resiliency leaders.

Tags: DRI2017

DRI2017 Opening Remarks

Event: DRI2017

Author: Al Berman

Join DRI President Al Berman as he welcomes DRI2017 attendees to Las Vegas and sets the tone for the conference with an informative and engaging presentation that will address both important news from DRI International, as well as developments that concern our profession as a whole.

Tags: DRI2017

Case Study: How eBay Measures Resiliency Success and Quantifies the Qualitative

Event: DRI2017

Author: Scott Baldwin

As resiliency professionals, our goal is to achieve “readiness.” However, how well do we actually measure readiness, and what are the metrics that we use? Oftentimes, our KPIs include things like the number of BIAs/BCPs/DRPs, a score on a maturity model, or exercise results. While these can all be important indicators, they do not always provide an accurate measurement of actual readiness. In this presentation, we will hear how eBay developed ways to identify and measure true engagement and readiness — the ability to effectively respond to a disruption — and not just their ability to write plans or carry out exercises. Join us for the lessons learned on eBay’s journey to measure this essence and quantify the qualitative.

Tags: Case Study, DRI2017

Case Study: Exercise Innovations and Lessons Learned from Silicon Valley’s Applied Materials

Event: DRI2017

Author: Bobby Cook, Raeline Anderson

Applied Materials, a $9.7 billion technology giant, takes business continuity and emergency response seriously. Applied Materials is the leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. At the center of the company’s overall program is a robust test and exercise strategy and schedule. Designed to protect 14,000+ employees, 10,200+ patents in 81 sites and 18 countries, it all starts at the company’s Silicon Valley headquarters. It is here that our commitment from top executives makes excellence and innovation possible. Attend this session for an in-depth case study detailing two massive recent exercises — from start to finish. The presenters spent decades in the public sector and have translated their experience, knowledge, and training into a world-class global program for use in any public or private organization.

Tags: DRI2017, Business Continuity Program, Case Study, Exercises

Understanding Criminal Threats to the Supply Chain and How to Develop Risk Mitigation Strategies

Event: DRI2017

Author: Ross Albert

The growth of supply chains in size and complexity has led not only to increased efficiency and profits but also increased threats. This session will identify significant supply chain security concerns faced by companies with an international footprint. Of particular focus will be areas of the supply chain most vulnerable to criminal threats such as kidnapping, extortion and cargo theft as well as the growing concern over insider threats. Mitigation planning is needed to address security and safety risks to the supply chain. As such, we will discuss how to mitigate these risks and threats through numerous supply chain procedures and recommendations. Available intelligence will be analyzed in order to present the most realistic and predictive models to various and potentially disruptive incidents.

Tags: DRI2017, Supply Chain

Trends and Predictions from DRI’s Future Vision Committee: How to Prepare for a Volatile 2017

Event: DRI Webinar

Author: Lyndon Bird, Chair, DRI Future Vision Committee

Lyndon Bird, Chairman of DRI International’s Future Vision Committee, discusses the findings of two recent reports (also available in the Resource Library): Trends in 2016 and Predictions for 2017. Discover how your job will be impacted by world events – including cyber threats, supply chain, and the environment – and what you can do about them.

Tags: Cybersecurity, DRI Webinar Series, Future Vision Committee, Resiliency, Risk Management, Supply Chain, Technology, Global Strategy, Trends and Predictions

Second Annual DRI Future Vision Committee 2017 Predictions Report

Author: DRI Future Vision Committee

From politics to technology to the environment, the DRI Future Vision Committee examines the current global landscape to learn what we can expect and prepare for in 2017.

Tags: Future Vision Committee, White Paper, Global Strategy, Resiliency, Risk Management, Technology, Trends and Predictions

DRI Webinar: The Professional Practices - What's Changed and What It Means For You

Event: DRI Webinar

Author: DRI International

DRI's Professional Practices, the most used standard in the world and the heart of DRI's teachings, have been revised. During this hour-long webinar you'll hear about the revision process and the outcome, while learning what has changed and why.

Tags: DRI Webinar Series, Professional Practices

Second Annual Future Vision Committee 2017 Trends Report

Author: DRI Future Vision Committee

The Future Vision Committee 2017 Trends Report looks at how accurate the committee's predictions were for 2016, what significant changes have occurred since it made those predictions, and how the committee sees the political, economic, social, technological, environmental, and legal landscape from a risk and resilience perspective.

Tags: Future Vision Committee, White Paper, Global Strategy, Resiliency, Risk Management, Trends and Predictions

Taming “the Beast”:  Alberta’s Coordinated Response to the 2016 Wood Buffalo Wildfires

Event: DRI Collegiate Conference, Centennial College - Oct. 21, 2016

Author: Shane Schreiber

Shane Schreiber, Managing Director of the Alberta Emergency Management Agency, outlines the agency's response to wildfires that hit Fort McMurray beginning May 2, 2016.

Tags: Collegiate Conference - Centennial College, Emergency response

Crisis Communications Lessons Learned

Event: DRI Collegiate Conference, Centennial College - Oct. 21, 2016

Author: Suzanne Bernier

Suzanne Bernier, CEM, CBCP, MBCI and author of "Disaster Heroes" presents on communications lessons to be learned from recent disasters and the public responses to them.

Tags: Collegiate Conference - Centennial College, Communications/Crisis Communications, Emergency response

DRI Plans Activated Resilience Proved in Response to Chelsea Bombing

Event: DRI Collegiate Conference, Centennial College - Oct. 21, 2016

Author: Chloe Demrovsky

DRI Executive Director Chloe Demrovsky presents on DRI's response to the Sept. 17 pipe bomb explosion near its NYC office in Chelsea.

Tags: Collegiate Conference - Centennial College, Emergency response, Resiliency

DRI Webinar: Organizational Certification

Event: DRI Webinar

Author: Al Berman, President and CEO, DRI International Joseph Easter, MBCP, Sr. Director, Risk Management Testing & Validation, Products & Practices, Business Continuity, and Crisis Management, Capital One Mitch Simon, CBCP, Director of Business Continuity and R

Long the leader in certifying individuals, DRI International now offers accreditation for organizations with the Hub of Resilience and Resilient Enterprise designations, as well as assessment of organizational resilience with the Resilient Enterprise Assessment Process (REAP). You’ll hear from organizations that have earned these designations, learn what makes them truly resilient, and find out how they’re spreading education and leadership within their communities and industries.

Tags: DRI Webinar Series, Resilient Enterprise

Current Issues and Careers in BCP

Event: DRI Collegiate Conference, Saint Louis University - Sept. 15, 2016

Author: Al Berman

Al Berman will cover the realities and trends in supply chain, as well as other issues facing risk managers and business continuity management. In addition, he will discuss issues surrounding supply and the rash of recent cyber security events. Finally, he will talk about the field of business continuity from a career perspective.

Tags: Business Continuity Program, Collegiate Conference - Saint Louis University, Cybersecurity

Local Opportunities to Expand BC/DR Skills

Event: DRI Collegiate Conference, Saint Louis University - Sept. 15, 2016

Author: Bill Darte

Learn how business continuity and disaster recovery are positioned with the body of knowledge of two important security certifications popular with the community — CompTIA Security+ and ISC2 Certified Information Systems Security Professional (CISSP). The SLU Center for Workforce & Organization Development offers a variety of programs and certifications for professionals, some of which include academic credit for students.

Tags: Business Continuity Program, Collegiate Conference - Saint Louis University, Security, Technology

Regulations, Laws and the Plan to Overcome Disruption

Event: DRI Collegiate Conference, Saint Louis University - Sept. 15, 2016

Author: Patricia H. Lee

Organizations need to better understand regulations and laws that affect their operations in order to overcome disruptions in their business. This workshop will provide a review of local, state and federal regulations and selected case law to develop a framework for your organization’s preparedness. Additionally, steps to engaging staff and key shareholders into a sustainable plan will also be discussed.

Tags: Collegiate Conference - Saint Louis University, Emergency preparedness, Regulations and Standards

Bridging the Divide between Private and Public Sectors

Event: DRI Collegiate Conference, Saint Louis University - Sept. 15, 2016

Author: Mike Schormann

Private and public sectors are continually discovering new ways to evolve from the traditional emergency response mind-set to a fully integrated response in a joint operational environment. Too often an incident impacts multiple parts of our community with only a limited amount of stakeholders responding. As a result of recent incidents, private and public sectors have capitalized on opportunities that have been uncovered through working together. This presentation will highlight those opportunities.

Tags: Collegiate Conference - Saint Louis University, Public Sector, Public-Private Partnership

Building a BC/DR Control Library & Regulatory Response Program

Event: DRI Collegiate Conference, St. John's University - Sept. 12, 2016

Author: David Garland

With the ever-changing landscape of Business Continuity, it’s more important than ever before to truly understand your obligations, responsibilities, and where you stand. Learn how to build a regulatory response function, align your BCDR program with regulations and standards, and begin to think about controls that will help you achieve operational goals and compliance with laws, regulations and internal policies.

Tags: Business Continuity Program, Collegiate Conference - St. John's University, IT/DR, Regulations and Standards

Beyond the War Story: NYU Langone Medical Center’s Business Continuity Case Study

Event: DRI Collegiate Conference, St. John's University - Sept. 12, 2016

Author: Mitchell Simon

On October 29, 2012, Hurricane Sandy barreled through the northeast, leaving unprecedented damage and a devastated NYU Langone Medical Center in her wake. Attend this session for more than just the "war story." You'll find out what happened (hundreds of faculty, staff, and students - in partnership with the FDNY, NYPD, Office of Emergency Management, and volunteers - evacuated 322 patients from a building that had no power, lights, or functioning elevators) as well as what has happened since the NYU Langone reopened and reimagined business continuity program. Find out about the critical success factors in making BCP work in a healthcare setting and learn about the challenges BC professionals face in transitioning into a healthcare environment at this informative session.

Tags: Business Continuity Program, Case Study, Collegiate Conference - St. John's University, Healthcare, Hurricanes

The Volkswagen Diesel Disaster 2015: A Case Study of Corporate Fraud

Event: DRI Collegiate Conference, St. John's University - Sept. 12, 2016

Author: Dr. Chelsea Binns, Ph.D.

Major frauds are an important, yet sometimes overlooked, aspect of business continuity planning. The recent case of major corporate fraud at Volkswagen exemplifies the risk that organizations face due to fraud. This session will examine the Volkswagen fraud, and explore how organizations may recover from such a disaster.

Tags: Case Study, Collegiate Conference - St. John's University

Current Issues and Careers in BCP

Event: DRI Collegiate Conference, St. John's University - Sept. 12, 2016

Author: Al Berman

Al Berman will cover the realities and trends in supply chain, as well as other issues facing risk managers and business continuity management. In addition, he will discuss issues surrounding supply and the rash of recent cyber security events. Finally, he will talk about the field of business continuity from a career perspective.

Tags: Business Continuity Program, Collegiate Conference - St. John's University, Cybersecurity, Emergency response

Business Continuity Meets Healthcare: From Zika to Patient Care to Ransomware and Beyond

Event: DRI Webinar

Author: Mike Mastrangelo, Brad Gair, John Molnar, James Mitchell

Faced with regulatory requirements, increasingly-complex technology, ransomware attacks, and now the Zika virus, continuity professionals in healthcare have their hands full. Hear from them about those challenges and more.

Tags: DRI Webinar Series, Healthcare

Casos Practicos en Data Center: Lecciones Aprendidas en Continuidad de los Servicios

Event: Conferencia Internacional de Continuidad de Negocio, Madrid, May 24, 2016

Author: Agustin Lopez

Presentation by Augustin Lopez, CBCP and DRI Espana representative, on data center best practices from the IX Conferencia Internacional de Continuidad de Negocio. (Spanish language)

Tags: Case Study, Spanish Language

Cybersecurity: Issues and Answers

Event: DRI Collegiate Conference, University of St. Thomas, April 23 2016

Author: Vern Williams

During a disaster, the security requirements for our people and data have not changed. How do we ensure a rapid recovery and adequate security during a disruption to normal processes? As technology changes both business continuity and cyber security have to adapt these advances. It is essential as we adopt new technology to consider the impact on both of these key functions or we will end up with a "Resume generating event" as in the case of Target and numerous other companies and organizations. We will consider some of these technology changes and the affect both pro and con on cyber security and recovery capability.

Tags: Collegiate Conference - University of St. Thomas, Cybersecurity

Quantifying Risk Continuity of Healthcare

Event: DRI Collegiate Conference, University of St. Thomas, April 23 2016

Author: Mike Mastrangelo

Given the high level of risk at the UTMB Campus, we work to eliminate the subjectivity of the risk assessment process as much as possible and to quantify that risk where possible. The risk assessment process is the foundation of UTMB's Preparedness Program and it affords officials the the best information to optimize preparedness and respond to incidents. An overview of the Preparedness Program will be provided - looking at specific examples of risk quantification including hurricanes and chemical incidents (Hydrofluoric Acid incidents in particular).

Tags: Collegiate Conference - University of St. Thomas, Healthcare, Higher Education, Risk Assessment

Continuity in the Face of Hurricanes: What Every Business Needs To Know

Event: DRI Collegiate Conference, University of St. Thomas, April 23 2016

Author: Cameron Self

Hurricanes and tropical storms can pose a serious threat to the well-being of any business located in an area vulnerable to these storms. It is imperative that vulnerable businesses make preparations before a hurricane strikes in order to mitigate any storm induced interruptions to operations. In this presentation, we will talk about the type of conditions and impacts a business owner can expect from a tropical cyclone that is bearing down on their community. There will be a discussion regarding the role of weather service aid to businesses and why businesses should care about the forecast. We will also take a first look at what the upcoming hurricane season may hold.

Tags: Collegiate Conference - University of St. Thomas, Hurricanes

Addressing Vulnerabilities By Integrating Your Incident Response Plans

Event: DRI Collegiate Conference, University of St. Thomas, April 23 2016

Author: Brian Coates

Oil and gas companies face unique environmental and human risks that require immediate response and reporting. Due to these risks and requirements, organizations have developed mature emergency response and/or incident response procedures. However, non-production risks tend to be treated as isolated events that have limited impact to the organization as a whole. In this presentation, we will talk about the need for an integrated approach to coordinate notification, escalation and response activities among all parties, including Information Technology, third party vendors, financial services, etc., to accelerate incident response, enforce playbook-driven standard operating procedures, and streamline investigative workflows.

Tags: Collegiate Conference - University of St. Thomas

Business Continuity - A Career and a Profession

Event: DRI Collegiate Conference, University of St. Thomas, April 23 2016

Author: Al Berman

Al Berman will cover the realities and trends in supply chain, including strategies currently being implemented by Japanese manufacturers, as well as other issues facing risk managers and business continuity management. In addition, he will discuss issues surrounding supply and the rash of recent cyber security events. Finally, he will talk about the field of business continuity from a career perspective.

Tags: Business Continuity Program, Collegiate Conference - University of St. Thomas

A Culture of Continuity

Event: DRI2016

Author: Lynn McKinney

Join FEMA for an up-close look at the Continuity of Operations Division. The lessons learned from such catastrophic events as Hurricane Sandy and the Boston Marathon Bombing demonstrate the need to emphasize continuity as a "good business practice" to be incorporated into day-to-day planning, in order to reduce vulnerability and ensure continuity.

Tags: DRI2016

Risk Management Keynote

Event: DRI2016

Author: Chris Wegman

Kick off our always popular risk track with the keynote presentation. This year's track focus is on the multi-disciplinary nature of risk.

Tags: DRI2016, Risk Management

DRI2016 Welcome Address

Event: DRI2016

Author: Al Berman

Join DRI President Al Berman as he welcomes DRI2016 attendees to Atlanta and sets the tone for the conference with an informative and engaging presentation.

Tags: DRI2016

Cyber Resilience Through Military Readiness

Event: DRI2016

Author: John Gelinne and Pete Renneker

Through military and commercial cyber incident experiences, this session will reveal how a cyber incident unfolds, introduce new business continuity challenges presented by extended cyber outages, and explore how the application of military readiness techniques can help build Cyber Resilience.

Tags: Cybersecurity, DRI2016

Advancing the Profession Through Global Standards: ISO/TC 292

Event: DRI2016

Author: Dr. Wolfgang Mahr

ISO, the International Organization for Standardization, has developed a range of standards in the continuity and resilience fields. Developed by experts from dozens of countries and adopted by a solid majority of national standards associations, these standards advance the profession by providing practitioners, regulators, management and customers with valuable implementation and auditing tools. Find out about the deliverables provided by this Technical Committee and how they may support you.

Tags: DRI2016, Regulations and Standards

Use Your IT Service Management Tool to Enhance Resiliency and Manage Risks

Event: DRI2016

Author: Dan Stavola and Luke Miller

Resiliency programs can enhance and complement the traditional methodology, unifying the BC/DR landscape to identify dependencies and feed into the enterprise risk profile. In this session, we will talk about industry perspective, practical scenarios, critical success factors and about tools that can be homegrown or integrated with existing IT service Management toolsets to support and enhance resiliency programs.

Tags: DRI2016, IT/DR, Resiliency

The Tide Is High...and Rising: Exelon Corporation's Response & Recovery from Corporate Headquarters Flood

Event: DRI2016

Author: Erin Holloway

What is the likelihood that a crisis could happen at work? This question is posed often by exelon's Business Services Company, the leadership and support services of the entire enterprise. This session will cover Exelon's coordinated response to the incident, impacts and business unit recovery, and collective collaboration through use of a pre-established Incidence Response Team. Additionally, best practices and key lessons learned following the incident will be presented.

Tags: Case Study, DRI2016, Emergency response

The Millennials Are Coming: Techniques for Effectively Engaging the next Great Generation and Ensuring Your Team's Success

Event: DRI2016

Author: Michael Janko

Regardless of what company you work for, your people are your most valuable asset. Today's workforce is undergoing a substantial shift in how they communicate and in their personal priorities. Join us to learn why the planning, training and testing you do now may need to change to get the most effectiveness out of your workforce and your critical partners.

Tags: DRI2016, Millennials, Training

The First Annual Future Vision Committee Report

Event: DRI2016

Author: Lyndon Bird, Wolfgang Mahr, Linda Conrad

Members of DRI's prestigious Future Vision Committee discuss major resilience trends expected in 2016. Topics include risk management and business continuity, cyber security, supply chain, and global recovery.

Tags: Cybersecurity, DRI2016, Future Vision Committee, Global Strategy, Supply Chain, Trends and Predictions

Surpassing Best Practices at Warp Speed

Event: DRI2016

Author: Larry Chase

Larry Chase, DRI's 2015 Business Continuity Program Manager of the Year, will share his repeatable secret sauce and game-changing winning practices that have earned numerous international honors during his two decades of private sector successes. If you are looked to or expected to deliver the wow factor with your program by your executives, staff/team members, stakeholders and partners.

Tags: Best Practices, DRI2016, Executive Support

Supply Chain and the Most Serious Global Risks

Event: DRI2016

Author: Linda Conrad and Chloe Demrovsky

During this session, DRI's Executive Director Chloe Demrovsky will facilitate a conversation with Linda Conrad, director of strategic business risk for Zurich, who reviews the conclusions of the World Economic Forum Global Risk Report as it relates to both developed and developing countries. They also discuss why this year's report marks a change in the list of top global risks.

Tags: DRI2016, Supply Chain

Security Breach: What Does Business Continuity Have to Do With It?

Event: DRI2016

Author: Pauline Williams-Banta

This presentation will give an overview of the threat horizon, a comprehensive review of the "kill chain" and address the changing role of the BC practitioner in the process. Takeaways include a grasp of the lingo, working with security incident vendors, preserving evidence, and dealing with external agencies.

Tags: Business Continuity Program, DRI2016, Security

Risk and Compliance, Liaisons, Engineers and the Business: The Mechanics of Safely Navigating GRC

Event: DRI2016

Author: Michele Turner

GRC in a world of beating time to market, competitive advantage, and "getting stuff out the door" can be quite the challenge. During this session, we will discuss leveraged best practices (the mechanics), which tie requirements and requests from a Governance, Risk and overarching compliance perspective.

Tags: DRI2016, Risk Management

Recovering from Violence: Best Practices for Mitigating, Responding to, and Recovering from Workplace Violence

Event: DRI2016

Author: Michelle Cross and Lorie Alioto

Violence of any kind is a disrupting event; the more severe the violence, the greater the disruption. How to companies survive workplace violence and what are the best practices that take a company beyond survival to full recovery and back to business?

Tags: DRI2016, Active Shooter/Workplace Violence, Best Practices

Power Up Your Program with Positive Messaging: Essential Marketing Tips to Drive Stakeholder Buy-In and Employee Management

Event: DRI2016

Author: Gina Manos and Ray Bonilla

You and your teams put a lot of effort into contingency planning to ensure your business functions endure even when faced with challenges. Attend this workshop to get simple, yet powerful tips on how to transform your message and materials into compelling content your audience will embrace.

Tags: DRI2016, Executive Support

NYU Langone Medical Center: A Case Study

Event: DRI2016

Author: Louis Wetwstein

Attend this session to hear how NYU Langone Medical Center's Real Estate and Facilities team led the massive effort to rebuild the Medical Center following the destructive aftermath of Hurricane Sandy.

Tags: Case Study, DRI2016, Resiliency

Messaging Apps and Continuity: What You May Be Missing

Event: DRI2016

Author: Scot Phelps

There are so many communication apps out there that it's difficult to know which to use for what. In this session, we will discuss the relative benefits of apps like Facebook Messenger, WhatsApp, Viber, Skype, and more as tools for group communication, information gathering, exercises, and even providing education to colleagues around the world.

Tags: Communications/Crisis Communications, DRI2016, Technology

Lessons Learned from Navy Nuclear Power Applied to Disaster Recovery Exercises

Event: DRI2016

Author: Vern Williams

One of the most successful training programs in an area of significant risk is the Navy Nuclear Power program. There is a lot we can learn from the methodology initiated by Admiral Rickover, the father of the Nuclear Navy in all high risk endeavors. Learn some of the lessons that have enabled the safe operation of many nuclear reactors on Navy submarines and carriers.

Tags: DRI2016

ISO 31000, A Risk Management Standard for Decision-Makers

Event: DRI2016

Author: Alex Dali

Risk management is now a management framework and the ISO 31000 Risk Management standard is a tool for better decision making. Managers of operational and support functions in the organization are empowered to harmonize vocabulary, principles, framework and processes each time they refer to the management of risk.

Tags: DRI2016, Risk Management, Process, Regulations and Standards

Information Sharing Sounds Nice, But What Does It Really Mean?

Event: DRI2016

Author: Susan Rogers

Information sharing is essential to your organization's ability to respond when there's a crisis, no matter if it's physical, cyber, or somewhere in between. This session will explain why information sharing during an event goes way beyond your basic emergency notification processes and procedures.

Tags: DRI2016

Improving Your Business Continuity Plan using the Federal Financial Institution Examination Council (FFIEC) IT Handbook

Event: DRI2016

Author: Donis Heard

This presentation will look at how to simply turn the FFIEC's IT Workbook into an outline for BC planning as well as looking at the FFIEC Examination Procedures. It will also look at how to leverage the FFIEC's IT Handbook Appendix A to make your business better prepared for your FFIEC Audit.

Tags: Business Continuity Program, DRI2016

How to Determine Appropriate BCM Program Metrics for Your Executive Management Audience

Event: DRI2016

Author: Michael Kadar

This session is a continuation and expansion of the Business Continuity Management Risk Index (BCM-RI) concept introduced at DRI2012 and returning the next two years. Continued interest in program metrics for executive management has resulted in another return, expanding beyond risk and preparedness to include compliance and program maturity.

Tags: DRI2016, Executive Support, Case Study

From the CDC: The U.S. Global Health Security Agenda and International Emergency Response

Event: DRI2016

Author: Jennifer Brooks and Dr. David Bull

Attend this exciting session for an overview of the CDC's Global Health Security Agenda (GHSA), including the goals of the GHSA, major partners and contributors, and plans for helping countries to achieve GHSA targets.

Tags: DRI2016, Global Strategy, Healthcare

Exercise Considerations for Outage, Emergency, and Disaster Plans

Event: DRI2016

Author: Jeanne Powell

Outages, emergencies, and disasters each have a different magnitude of business disruption. Designing and executing exercises that reflect situational dynamics and ripple effects will help highlight overlaps, dependencies, and gaps as scenario dimensions require.

Tags: DRI2016, Emergency preparedness, Emergency response

Empowered by Emotions

Event: DRI2016

Author: Lisa Welsher

Participants attending this highly interactive session will learn how scientific research is revealing how emotions are behind every decision we make. They will also receive a process workflow depicting the multi-step process for understanding emotions which helps people to make better decisions, navigate life with greater agility, conserve wasted energy, and significantly improve interpersonal relationships across all areas of life!

Tags: DRI2016

Disaster Heroes: The Human Factor

Event: DRI2016

Author: Suzanne Bernier

During this unique session, Suzanne Bernier will share some of her personal stories and insights on the many "helpers" she met and interviewed for her book: Disaster Heroes - Invisible Champions of Help, Hope, and Healing.

Tags: DRI2016, Emergency response

Digging Deep: A Real-World Exploration of BCP and DR Audit

Event: DRI2016

Author: Silvio Pezzo

Attend this session for an in-depth business continuity audit case study of one of the largest global retailers. Discover what lessons were learned during that audit process, explore the benefits of audit, discuss real BC risks, examine control methods, and review examples of audit procedures.

Tags: Case Study, DRI2016, Audit, Business Continuity Program

Cyber Attack Simulation Experience: Results Revealed!

Event: DRI2016

Author: Jim Wexler

This session will look at how to immerse participants in best practices for crisis leadership - challenging them to develop the critical thinking and judgment skills required to respond to, and lead, during a crisis. The Cyber Attack Simulation Experience gathers user data to gauge effectiveness and deliver personalized coaching feedback.

Tags: Cybersecurity, DRI2016, Technology, Training

Continuity Beyond Compliance

Event: DRI2016

Author: Vladimir Lodkin

This presentation explores how State Street evolves its continuity program to address new challenges to the financial sector by incorporating a more risk-focused approach in addition to compliance. We will discuss the significance of building strong and effective relationships with regulators and internal audit, collaborating across internal divisions and business lines, and embedding a continuity mindset into everyday business operations and decisions.

Tags: DRI2016, Banking/Financial Sector

Professionals of Tomorrow: Risk and Resilience

Event: DRI2016

Author: Nina White

Building the BCP mindset in youth and inspiring professionals of tomorrow.

Tags: Millennials, Resiliency

DRI/Marsh International Business Resilience Survey

Event: International Business Resilience Survey 2015

Author: DRI/Marsh

Marsh, in collaboration with DRI, surveyed nearly 200 C-suite executives, risk professionals and business continuity managers from large and medium-sized corporations internationally about their organizations’ attitudes toward business risks and the risk mitigation processes they have in place. The survey results indicate that organizations are better positioned to address traditional than non-traditional risks and that risk managers and CEOs have different perceptions about the severity and control measures in place for various risks facing their organizations.

Tags: Business Continuity Program, Resiliency

Q: What Keeps You Out of Jail? A: Using a Mature Risk Assessment and Assurance Process

Event: DRI Collegiate Conference, Dominican University of California, July 10

Author: Ingela and Jack Orlove

The scope of this discussion will include using compliance as a tool for risk mitigation, glimpsing the standards and regulations of compliance and DRP/BCP, and finding the balance between what is required and what is possible. Where are the risks in the market and how do you rationalize other cases of due diligence with the requirements of the auditor/regulator?

Tags: Business Continuity Program, Collegiate Conference - Dominican, Regulations and Standards, Governance/Regulatory Response and Compliance

Crisis Planning & Strategy: Using Earthquakes as a Case Study

Event: DRI Collegiate Conference, Dominican University of California, July 10

Author: Matt Bogaard

Earthquakes and numerous other passive threats to business continuity are challenging from a planning perspective because we can't predict when they might strike and how severe the impact will be. However, nearly all of the downstream, post-incident impacts can be anticipated and addressed pre-incident. A cutting-edge, comprehensive program at DreamWorks (the first of its kind in southern California) will provide attendees with tangible, specific examples of how to proactively prepare for crisis. Earthquakes provide a very topical and relevant foundation for this discussion, but the strategic framework put forth in this presentation can be overlaid onto virtually any crisis.

Tags: Business Continuity Program, Collegiate Conference - Dominican, Emergency preparedness, Emergency response, Earthquakes, Case Study

Aligning With ISO in a Non-Regulated Environment

Event: DRI Collegiate Conference, Dominican University of California, July 10

Author: Ed Clayton

How do companies in a non-BCP-regulated environment attain alignment with ISO 22301? The presentation will discuss the Chevron Business Continuity Program, the link to its Operational Excellence Management System Process (MSP), and the benefits this creates in providing a sustainable program that aligns with BCM best practices and ISO 22301.

Tags: Business Continuity Program, Collegiate Conference - Dominican, Best Practices, Regulations and Standards, Governance/Regulatory Response and Compliance

Addressing Gaps in Current Capabilities for Regional Integrated Risk to Enhance Resilience/Business and Operational Continuity

Event: DRI Collegiate Conference, Dominican University of California, July 10

Author: Paula Scalingi, PhD

This presentation looks at current gaps in defining resilience, using a case study of the aftermath of the 2014 Napa Valley earthquake as an example.

Tags: Business Continuity Program, Collegiate Conference - Dominican, Resiliency, Risk Management, Case Study, Earthquakes

Current Issues and Careers in BCP

Event: DRI Collegiate Conference, Dominican University of California, July 10

Author: Al Berman

Al Berman covers the realities and trends in supply chain, including strategies currently being implemented by Japanese manufacturers, as well as other issues facing risk managers and business continuity management. In addition, he discusses issues surrounding supply and the rash of recent cyber security events. Finally, he talks about the field of business continuity from a career perspective.

Tags: Business Continuity Program, Collegiate Conference - Dominican, Cybersecurity, Supply Chain

Successful Business Continuity Planning and Risk Management within the Financial Sector

Event: DRI Collegiate Conference, University of Maryland, April 10

Author: Lorie Alioto

The financial sector is highly regulated and Business Continuity Planning and Risk Management expectations are higher for this sector with a great deal of scrutiny which is increasing each year. Learn about how a financial organization is not only meeting regulatory requirements but exceeding them to ensure recoverability and resiliency under any circumstances.

Tags: Business Continuity Program, Collegiate Conference - UMD, Banking/Financial Sector, Risk Management

Business Continuity in a Public Sector Environment

Event: DRI Collegiate Conference, University of Maryland, April 10

Author: John Franchy

John Franchy provides a high-level overview of some of the supply chain challenges in the federal space and the organizational challenges faced by government business continuity practitioners in managing those risks. John alsos describe how a public sector continuity program works and ways to increase program efficiency and effectiveness through the implementation of a workforce training, certification, and process framework.

Tags: Collegiate Conference - UMD, Public Sector, Process, Supply Chain

The Intersection of Business Continuity and Risk Management

Event: DRI Collegiate Conference, University of Maryland, April 10

Author: Randy Jouben

Jouben explores the intersection between two key disciplines – business continuity (BC) and risk management (RM).

Tags: Business Continuity Program, Collegiate Conference - UMD, Risk Management

Cyber Supply Chain Risk Management: Revolutionizing the Strategic Control of Critical IT Systems

Event: DRI Collegiate Conference, University of Maryland, April 10

Author: Dr. Sandor Boyson

Cyber supply chain risk management (CSCRM) is a new discipline designed to help business continuity executives address the challenges of the rapid globalization and outsourcing of IT systems. CSCRM combines elements of cybersecurity, supply chain management, and enterprise risk management into a new and powerful concept to exert strategic control over the end-to-end processes of a focal organization and its extended enterprise partners. This seminar will provide a survey of the field, as well as the results of a five-year research project on CSCRM, conducted by the Robert H. Smith School of Business Supply Chain Management Center for the National Institute of Standards and Technology.

Tags: Collegiate Conference - UMD, Cybersecurity, Risk Management, Supply Chain

Current Issues and Careers in BCP

Event: DRI Collegiate Conference, University of Maryland, April 10

Author: Al Berman

DRI President Al Berman covers the realities and trends in supply chain, including strategies currently being implemented by Japanese manufacturers, as well as other issues facing risk managers and business continuity management. In addition, he discusses issues surrounding supply and the rash of recent cyber security events. Finally, he talks about the field of business continuity from a career perspective.

Tags: Business Continuity Program, Collegiate Conference - UMD, Cybersecurity, Supply Chain

Public-Private Partnerships are essential to attaining the next level of resilience in Japan and the greater global community

Event: United Nations World Conference on Disaster Risk Reduction, Sendai, Japan, Mar. 14-18

Author: Chloe Demrovsky, Executive Director, DRI International

This white paper, developed based on a presentation at the U.N. World Conference on Disaster Risk Reduction, discusses the need for partnerships between the public and private sectors and how to work together to plan for a disaster event, using the 2011 earthquake in Japan as a recent example.

Tags: Public-Private Partnership, White Paper, Asia, Earthquakes

Building a Business Continuity Program the Crawl-Walk-Run Way

Event: DRI 2015

Author: Raymond Seid, David Evangelista

Learn how McKesson's Service Continuity Office approached the challenge of establishing a BC program with a major internal customer Learn how they leveraged the DRI Professional Practices to implement a robust cyclical business continuity program! The session will provide practical ways to implement a solid BC program that establishes a safety team, working committee, and executive governance committee.

Tags: Business Continuity Program

Event Management: Got the Right Tools?

Event: DRI 2015

Author: Tonya York, Kathryne Estrada, Jayne Johnson, Jared Gouldy

In this session, the McKesson service Continuity Office team shares the processes and tools it uses to manage semiannual exercises and actual events. Learn how McKesson created a SharePoint-based event and exercise-management tool that is flexible, real-time, and allow the team to successfully manage 24-hour contiguous exercises with over 200 participants from two data centers, work-from-home locations all over the U.S., and outsourcers' locations in India and Mexico.

Tags: Exercises

Launching a Sustainable Business Continuity Program in a Higher Ed Culture (Without Getting Eaten Alive)

Event: DRI 2015

Author: Melanie Lucht

From obtaining executive-level buy-in to applying industry best practices in a higher education environment to selecting and implementing an online tool, learn how Carnegie Mellon University launched a sustainable business continuity program that fits the culture of the institution (and can perhaps apply to yours).

Tags: Executive Support, Higher Education

Determining Risk Appetite: What's the Recipe, Who Are the Cooks, and Which Ingredients Are Right for You?

Event: DRI 2015

Author: Michele Turner

During this session, we'll discuss considerations for developing organizational risk appetite and determining risk tolerance. While impact, likelihood, and level of management control can be seen as basic ingredients, additional criteria can be included to shape a better understanding of inherent and residual risk, policies to set the stage, and baseline monitoring requirements to determine effectiveness.

Tags: Risk Management

Homeland Security, Corporate Security, and Continuity

Event: DRI 2015

Author: Joseph Gulinello

Homeland security is a relatively new discipline that broadens the scope of responsibilities formerly under the national Security mandate. Attend this session for an innovative approach in marrying homeland and corporate security, as well as recommendations for business continuity and risk professionals working with their security counterparts.

Tags: Emergency preparedness, Security

Resilience Revealed!

Event: DRI 2015

Author: Pete Renneker

The word 'resilience' is used a lot. What does it mean? What are the characteristics of resilient people, organizations and societies? This interactive session will reveal what it means to be resilient and how you can increase resilience at home, work, and in the community

Tags: Resiliency

The BORP Strategy: Improving Community Resilience Through Public-Private Partnerships

Event: DRI 2015

Author: Matt Bogaard, David Cocke

What is a BORP and how can having one help your organization? This session covers all the details. A BORP (Building Occupancy Resumption Program) is achieved by bringing together public and private entities to facilitate safe, expedited re-occupancy of structures following a disaster. The session explores who to involve and how to accomplish this important and beneficial program, including how it was implemented at DreamWorks Animation in southern California.

Tags: Community Resilience, Public-Private Partnership

The Need for speed: A Case Study in Speedy Recovery!

Event: DRI 2015

Author: Pauline Williams-Banta

Need to reduce the time to recovery based on a mandate from the organization? The Energy Authority did too, and it was challenging based on the sheer number of critical business functions that needed to be recovered across the enterprise This session will show how the BC/DR team turned to technology to drastically reduce the recovery process time.

Tags: Resiliency

Implementing Effective Travel Management During Major Global Incidents

Event: DRI 2015

Author: Chris Summerrow, Mike Janko, Frank Slater

Many global organizations have travelers from multiple regions who travel to or are located in an area which may experience a large-scale, or escalating major incident. Do you have redundancy in ways to contact them? Who can assist in the communications process? What services are available for providing medical, evacuation and financial assistance? How do you get consensus on stopping travel to a specific area? What are some proven methods to accomplish all of this in an effective travel management process?

Tags: Risk Management

Cloud and Big Data: Business Continuity for Outside of the Enterprise

Event: DRI 2015

Author: Daniel Mikulsky

Business continuity for a global company could be complex, intricate; almost insurmountable. Yet the enterprise was definable with a boundary that delineated what was inside the enterprise, and wath was outside. Today, we now think "outside in" when it comes to IT. The boundaries for disaster recovery are now more porous than ever, and every business continuity planner needs to devise strategies for cloud and big data within the business continuity management framework.

Tags: Cloud Technology, Cybersecurity, IT/DR

Clearing Up the Cloud

Event: DRI 2015

Author: Damian Walch

Confused about "the cloud"? You're not alone. This session will help clear up cloud confusion and shed light on key issues around cloud technology.

Tags: Cloud Technology, Cybersecurity, IT/DR

Enabling BCM Program Success Through Lean Thinking

Event: DRI 2015

Author: Milen Kutev

While many practitioners seek to identify factors that can help organizations achieve resilience, questions regarding how resilience and BCM program management fit with "lean thinking" remain unanswered. This presentation aims to fill that gap and is based on a year-long study of lean enablers for complex programs by PMI and MIT.

Tags: Resiliency, Supply Chain

Risk Management Track Keynote

Event: DRI 2015

Author: Chris Mandel

This keynote address delves into the relationship between risk management and business continuity. Attendees left DRI2014's Risk Management Working Group wanting more, so expect a thought-provoking session.

Tags: Risk Management

Your Supply Chain: Only As Strong As Its Weakest Link

Event: DRI 2015

Author: Linda Conrad

This session examines supply chain exposures and implications of deficiencies in supply chain risk management from a financial, legal, reputational and social perspective. Risk assessment, management strategies, and insurance alternatives will be explored, including a protocol for evaluating an organization's readiness for dealing with and funding a supply chain disruption.

Tags: Supply Chain

Insider Threat Program: Protecting the Crown Jewels

Event: DRI 2015

Author: Frank Slater

An insider threat is not just an HR or security problem but rather an operational risk that can compromise the actual survivability of an organization and cause irreparable damage to your organization's reputation and trustworthiness. This presentation presents exemples of information assets at risk by vertical market and how BCP tools can be used to identify and protect the information assets that are most critical to your organization.

Tags: BIA, Cybersecurity

How to Determine Appropriate BCM Program Metrics for Your Executive Management Audience

Event: DRI 2015

Author: Michael Kadar

This session will present a step-by-step method that guides you through the identification of the most appropriate metrics to report to executive management. This includes basic foundational issues related to deciding whether to focus metrics reporting on risk, preparedness, compliance, and/or maturity.

Tags: Emergency preparedness, Executive Support, Metrics

IT/DR and the Ostrich Syndrome: Lessons Learned in India, Applied Everywhere!

Event: DRI 2015

Author: Rakesh Pande

DRI India's Rakesh Pande builds on his DRI2014 presentation on the state of business continuity and risk management in India. He also talks about IT/DR lessons learned in India that can be applied everywhere! Attend this session to learn what can go wrong, how to make it right, and how to manage IT/DR -related risks in this hard-hitting, thought-provoking, "I-can't-believe-he-just-said-that!" session!

Tags: IT/DR, Asia

Beyond the War Story: NYU Langone Medical Center's Business Continuity Case Study

Event: DRI 2015

Author: Mitchell Simon, Steve Kral

Find out about the critical success factors in making BCP work in a healthcare setting, and learn about the challenges BC professionals face in transitioning into a healthcare environment at this informative session.

Tags: Emergency response, Healthcare

The New Normal

Event: DRI 2015

Author: Kevin Cunningham

From Superstorm Sandy and her winter-weather cousin Nemo to telecommunications failures and the Boston Bombing, business continuity and crisis management professionals are changing their thinking from "What if?" to "When?" This session covers 10 of the most important lessons learned from recent events and how practicing professionals can immediately use and apply these lessons in their programs.

Tags: Hurricanes

Toward Resilience: The Relationship Between Risk Management and Business Continuity

Event: DRI 2015

Author: Chloe Demrovsky, Jorge Escalera

New demands upon BC Planners and Risk Managers are changing the approach to both disciplines nad creating a convergence of them. This session will analyze how these disciplines interact, their current practices, and how to set up a strategy in your BC or RM program that allows a convergence toward a higher resilience of your organization.

Tags: Resiliency, Risk Management

How to Assess Vendor Resiliency: An Advanced Supply Chain Session

Event: DRI 2015

Author: Melinda Rahe

This presentation provides guidance on how to formulate a vendor resiliency strategy, and will equip attendees with practical solutions for effectively and efficiently assessing the risk exposures introduced by outsourcing business functions.

Tags: Resiliency, Supply Chain

The Resiliency Yardstick: Winning BIAs and Exec Buy-In

Event: DRI 2015

Author: Larry Chase

Larry Chase shares his criticality matrix as well as executive fiduciary statements, as he explains how to take the BIA product to create an organizational "value chain" for mapping the critical path in people, process, and technology resilience.

Tags: BIA, Executive Support, Resiliency

Technology Track Keynote Session

Event: DRI 2015

Author: Dr. Gregory White

Kick off DRI2015's Technology Track with Dr. Gregory White, who serves as the Director of the Center for Infrastructure Assurance and Security and is a Professor of Computer Science at the University of Texas at San Antonio.

Tags: Cybersecurity, IT/DR

ISO22301-DRI Professional Practices Crosswalk

Author: DRI International

This document highlights the connections between the ISO22301 and the DRI Ten Professional Practices.

Tags: BIA, Process, Best Practices, Professional Practices, Regulations and Standards

Managing Crisis Situations as Part of Resiliency

Event: KL2014

Author: Kanryu Nagase

This presentation details Mr. Nagase's experience managing crises and the lessons learned for resiliency.

Tags: Case Study, Emergency response, Executive Support, Infrastructure, Asia, Resiliency

Sample Case - Training for Disasters in the Healthcare Industry

Author: --

In this two-page sample case, learn how Texas hospitals responded to Tropical Storm Allison in June, 2001. Then download the complete report!

Tags: Emergency preparedness, Emergency response, Facility Management, Healthcare, Resiliency

Training for Disasters in the Healthcare Industry: 6 Cases Prove Its Value

Author: --

This case study report looks at some of the most recent and devastating emergency situations to learn how healthcare facilities and staffers prepared for -- and reacted to -- catastrophes that put enormous strain on their facilities, their workforces, and their patients.

Tags: Case Study, Emergency preparedness, Emergency response, Healthcare, Training

An Overview of Enterprise Risk Management

Event: DRI 2014

Author: Chris Mandel

An overview of Enterprise Risk Management and lessons learned from the financial crisis.

Tags: Resiliency, Risk Management

Risk Management Track: Panel Discussion

Event: DRI 2014

Author: Randy Jouben, Jeff Dato, Ross Olson, and Drew Buchanan

Continue our exploration of the intersection of risk management and business continuity by attending this panel discussion. Speakers will provide a real-world perspective and actual exaples of what works in their organizations. This session will be led by Randy Jouben, Director, Risk Management at Five Guys Enterprises, LLC who has a diverse risk management background, with more than 25 years of experience. He is also a member of the RIMS National Standards & Practice Committee and serves as Chairman of the Professional Development Committee for DRI International.

Tags: Risk Management

Business Continuity Management At RSI: A Case Study

Event: DRI 2014

Author: Davide Barca

BCM is an important component of enterprise security for a media company, such as the Swiss National Television (RSI). The session is aimed to illustrate the RSI approach to business continuity and crisis management and more specifically the innovative exercising program designed by Barca. Crisis simulations are periodically performed taking in consideration even challenging scenarios, such as the AMOK one.

Tags: Case Study, Emergency preparedness, Resiliency

Atlanta Up Close Panel Discussion

Event: DRI 2014

Author: Michele Guido, Gus Hudson and Aston Greene

Attend this session to hear from a cross-section of public and private sector officials and continuity professionals to get a feel for what continuity and preparedness are all about in our host city, Atlanta!

Tags: Public-Private Partnership, Resiliency

Travel Risk Management

Event: DRI 2014

Author: Frank Slater

Every organization has a legal responsibility to provide a reasonable standard of care and achieve due diligence when sending employees abroad or even employing foreign workers; organizations that don't are risking their employees, reputation, financial liability, and potential criminal charges under legislation. In an emergency the organization has to have prepared their travelers, their home-based staff, and their response protocols. This presentation will cover the four pillars of a robust travel risk management program (Plan, Prepare, Prevent, Respond) as used by U.S. Federal authorities and how to integrate with your business continuity plans and health and safety policies.

Tags: Risk Management

How to Develop and Implement The Business Continuity Management Risk Index

Event: DRI 2014

Author: Michael Kadar

How to Develop and Implement The Business Continuity Management Risk Index

Tags: Metrics, Risk Management

The Euro Exit Crisis: Get Current on this Currency Conundrum and its Continuity Concerns

Event: DRI 2014

Author: Corrado Zana

The Euro Exit Crisis: Get Current on this Currency Conundrum and its Continuity Concerns

Tags: Europe, Global Strategy

What You Need to Know About the Strategic National Stockpile

Event: DRI 2014

Author: Greg Burel

Hear from Greg Burel, Director of the Division of Strategic National Stockpile (SNS), in this informative session. What is the SNS? It’s the U.S. national repository of antibiotics, vaccines, chemical antidotes, antitoxins, and other critical medical equipment and supplies. In the event of a national emergency involving bioterrorism or a natural pandemic, the SNS has the capability to supplement and re-supply local health authorities that may be overwhelmed by the crisis, with response time as little as 12 hours. The SNS is managed by the Centers for Disease Control and Prevention (CDC) with support from other agencies in the Department of Health and Human Services and the U.S. Government. The SNS represents a pillar of the United States biological defense program.

Tags: Public-Private Partnership

The New Normal

Event: DRI 2014

Author: Kevin Cunningham and Scot Phelps

The New Normal

Tags: Global Strategy, Process, Resiliency

Something's Gotta Give: Defining the Strategic Objectives of the International Glossary for Resiliency

Event: DRI 2014

Author: Chloe Demrovsky and Bobby Williams

Defining the Strategic Objectives of the International Glossary for Resiliency

Tags: Global Strategy, Resiliency

Business Continuity Resiliency: Believing It Can Be Achieved

Event: DRI 2014

Author: Raymond Seid

Business Continuity Resiliency: Believing It Can Be Achieved

Tags: Process, Resiliency

Current Situation of BCM in Mexico

Event: DRI 2014

Author: Eduardo Escalera

An exploration of business continuity practices in Mexico.

Tags: Resiliency

Risk Management Track: Keynote Address

Event: DRI 2014

Author: Lou Drapeau

Risk Management Track: Keynote Address

Tags: Resiliency, Risk Management

How to "Norm" a Disparate Workforce and Create a Team

Event: DRI 2014

Author: John Franchy

How to "Norm" a Disparate Workforce and Create a Team

Tags: Process, Training

Cyber Security for Improved Resilience Against Threats

Event: DRI 2014

Author: Damian Walch

This presentation will give resilience leaders a guide for integrating incident response and continuity. It will describe how an organization should build security, vigilance and resilience into their support processes. The discussion will go describe the anatomy of a cyber-incident. We will touch on: - alignment with forensic incident response - data breach management - effective tools for threat management - ability to use cyber insurance

Tags: Cybersecurity, IT/DR, Resiliency

Beyond the Storms: Strengthening Homeland Security and Disaster Management to Achieve Resilience

Event: DRI 2014

Author: Dan Egli

Since 9/11, hurricane Katrina, Superstorm Sandy, and the Boston Marathon attacks there has been a wave of workshops to collect the lessons learned in preparedness and crisis response. The talk has focused on the role of public-private-academic partnerships as well as critical infrastructure protection. What are the major findings from these events and how do we, as a nation, move "beyond the storms" of reacting to disruptive events, cataloging more lessons, and submitting FEMA grant requests to operationalize critical infrastructure resilience? Attend this session to find out. Egli authored the book, Beyond the Storms (published in November 2013) to prepare a new generation of leaders to help bridge the gaps between public and private sectors and shift the focus of local and regional leaders to long term risk mitigation and a response posture that supports smart resilience.

Tags: Hurricanes, Infrastructure, Process, Resiliency

A Business Case for Healthcare Continuity

Event: DRI 2014

Author: Dennis Schrader

Come to this session to learn about the key trends shaping the continuity healthcare environment, as well as the business issues influencing healthcare preparedness planning, including: Regulatory Compliance Risk Management and Patient Safety Revenue Disruption Impact Analysis Accreditation Processes and Cost Cost Avoidance Attendees also will hear about a number of actual case studies and lessons learned.

Tags: Facility Management, Resiliency, Governance/Regulatory Response and Compliance, Healthcare, Risk Management

Comparison of Threat Assessment Methods

Event: DRI 2014

Author: Donald Byrne

Comparison of Threat Assessment Methods

Tags: Process

BIA for Experienced Continuity Professionals

Event: DRI 2014

Author: Karol Cordero

You have the credentials and experience, but do you have what it takes to conduct an effective business impact analysis? An inadequate BIA yields wrong and useless data leading to a disastrous business continuity plan. Learn important tips such as: Using the "SMART" method Defining and setting reachable objectives Engaging the C-suite Knowing what and how to get the data for a productive business impact analysis Identifying key players in your organization Distinguishing what may be essential to upper management may not be critical to your business continuity plan This session will explore these topics and more on how to conduct a thorough and productive BIA. Improve the efficiency of your BIA for positive results!

Tags: BIA, Process

GRC, BCP, ERM, Policy- COOPetition vs. COMPetition: Leveraging for Efficiency, Governing for Success

Event: DRI 2014

Author: Michele Turner

GRC, BCP, ERM, Policy- COOPetition vs. COMPetition: Leveraging for Efficiency, Governing for Success

Tags: Process, Governance/Regulatory Response and Compliance, Risk Management

Terms of DRI-ment: Join Us in Finalizing the DRI BCM Glossary for Certified Professionals

Event: DRI 2013

Author: Bobby Williams and Chloe Demrovsky

Clear communication is critical to effective crisis management. Yet even among our own professionals, there are discrepancies in how we describe what we do including some of our most basic activities. This presentation will explain how a group of DRI volunteers has pulled industry terminology from 22 reference documents including standards and regulations from around the world as well as professional glossaries to create a comprehensive global resource. The presenters invite you to participate in what promises to be a lively discussion about industry terminology and sources. We want to hear from you about which definitions you use, what we are missing, and how you would like to participate in this process moving forward. After we have incorporated your feedback, the glossary will be made public as a free resource on the DRI website.

Tags: Process

Globalization and Concentration of Risk

Event: DRI 2013

Author: Vikrant Varshney and Raghuram Tellapragada

With the unprecedented changes in natural and geo-political risks, the possibility of incidents disrupting a zone is becoming more commonplace. In 2011, we saw massive earthquakes, political coups, agitation against governments, and floods impacting countries nationwide. The archetypical Business Continuity planning and response are falling short to minimize (or mitigate) the business impact in such situations. This session focuses on the identification, assessment, and mitigation of concentration risk.

Tags: Global Strategy, Risk Management

Cyber Impact Readiness: What to Do as a BC Manager

Event: DRI 2013

Author: Susan Rogers

It is overwhelming to consider a combination of physical event impact and technology failure that could result from a cyber-attack. There are practical activities that are being put in place to respond to this emerging threat. This session discusses how BC managers can strengthen the contingency plans of their organizations to increase the speed and capability with which their companies respond to a cyber-risk event.

Tags: Cybersecurity, Security

Business Continuity Issues for Operational Risk Management: Financial Supervision Case Study

Event: DRI 2013

Author: Andro Kull

This case study session shows how business continuity issues may be mixed with other issues (IT) to ensure information security, i.e. availability, integrity and confidentiality. The IT supervision approach will be presented, as it was developed for the financial market in Estonia. The main idea is to consider the requirements for IT governance, information security, business continuity and outsourcing and use the layered approach to implement this approach. Estonia is an interesting country to apply such ideas starting with its market concentration, the situation with main service providers, the connections with group level enterprises, etc.

Tags: Banking/Financial Sector, Europe, IT/DR, Risk Management, Security

Recovery to Resilience: A Haiti Case Study

Event: DRI 2013

Author: Angela Devlen

Thanks to sponsorship from the DRI International Foundation, Mahila Partnership has expanded its project in Haiti to improve post-disaster economic and health outcomes for women and girls, as well as building long-term resiliency. This presentation discusses the overarching principles of effective recovery but in the context of an active post-disaster initiative. Attendees will understand how post-disaster relief and recovery programs must promote long-term risk reduction, as well as how investments rather than aid yields both short-term and long-term sustainable results.

Tags: Community Resilience, Emergency preparedness, Emergency response, Resiliency, Case Study, Earthquakes

Case Study: Responding to a Drug Shortage Crisis

Event: DRI 2013

Author: Robert Munro

This case study focuses on lessons learned from a national drug shortage due to a global supplier and just in time delivery failure. In February, 2012, Manitoba Health received a letter from SANDOZ Canada Inc. stating that effective immediately they would be scaling back production of approximately 239 critical injectable medications that would affect the health sector in Manitoba and across Canada. This session outlines how the Office of Disaster Management handled this incident to ensure the stability of the drug inventory for the Health System of Manitoba, and what would steps would be implemented to prevent such a situation from occurring in the future. The key lessons learned relate to global supplier dependence and just in time delivery.

Tags: BIA, Canada, Case Study, Process

Organizational Governance: Developing the Governance Program Script

Event: DRI 2013

Author: Michele Turner

This session builds on the highly successful session Michele Turner delivered at DRI2012! As discussed during session one, a solid governance structure is key in effectively driving substantial change throughout an organization. Identifying and documenting clear roles and responsibilities was the crux of last year's discussion. These roles and responsibilities are essential in creating a sustainable and repeatable governance process.

Tags: Regulations and Standards, Governance/Regulatory Response and Compliance

Managing Organizational Change

Event: DRI 2013

Author: Peter Renneker

Earthquakes! Fire! Security Breaches! Acquisitions! New Service Offerings! What do these events have in common? They all represent major organizational changes requiring change management proficiency. External events force us to change; understanding how people respond is critical to a successful BCP. As BC professionals, we are in the business of managing immediate and often catastrophic changes. Basic project management can deal with the discreet tasks required to make a change, but it does not account for the human experience. This presentation introduces the structure of change, what we experience when forced to change, and strategies for managing the process.

Tags: Organizational Resilience, Process

Let's Get It Wrong Quickly

Event: DRI 2013

Author: Robert Synak

The goal of this session is to consider novel approaches to developing recovery capabilities. Let's talk about how to shortcut the BIA/Strategy/Assessment process through inductive, rapid assessment, to kick start recovery capabilities from zero.

Tags: BIA, Process

The Perfect Storm

Event: DRI 2013

Author: Manny O'Bryant

This case study reviews the lessons learned from working on the support of the critical infrastructure for an NSSE (National Special Security Event), the Republican National Convention, while simultaneously preparing for the impact of a tropical storm (Isaac). The presenter will share lessons learned and feedback from departmental, enterprise-wide, and community-wide perspectives.

Tags: Cybersecurity, Emergency preparedness, IT/DR, Security, Utilities

Continuity Planning on a Budget: A Guide to Surviving and Thriving in Challenging Economic Times

Event: DRI 2013

Author: Paul Marksteiner

Despite the best intentions of business continuity professionals, organizations will invariably do less with less (not more), unless they change the manner in which they conduct their continuity planning. This presentation will identify costly mistakes organizations make in their continuity planning and how to stretch scarce resources.

Tags: Emergency response, Process

The Business Continuity Management Risk Index (BCM-RI) Implementation Case Study

Event: DRI 2013

Author: Michael Kadar

Is there a metric that clearly can demonstrate to executive management the overall value of the business continuity management (BCM) program to the organization? Can BCM professionals quantitatively measure current risk levels that can be compared with established risk tolerances and report them to management in a meaningful way that drives both risk management and BCM initiatives? How could such a metric actually be implemented successfully in a large organization? This session explores these questions and presents a case study of how the BCM-RI was developed and implemented at DTE Energy. You will learn how the BCM-RI was implemented to measure the overall risk/preparedness level of DTE Energy business units, departments, subsidiaries, and the entire organization. You will see how gap analyses were performed to effectively compare BCM-RI levels to risk tolerance levels previously defined by management. Finally, you will learn how DTE Energy plans to expand the BCM-RI to develop risk indices for use by enterprise risk management and business resilience management programs.

Tags: Executive Support, Metrics, Process, Resiliency, Risk Management

Possibility Thinking in Global Business Continuity: ""They Stopped Saying 'No'"

Event: DRI 2013

Author: Ann Hepenstal

Possibility Thinking in Global Business Continuity: ""They Stopped Saying 'No'"

Tags: BIA, Emergency response, Executive Support

How Resilient is Your Organization?

Event: DRI 2012

Author: Jerry Vevon

Currently a Vice President in Cyber Technology at Booz Allen Hamilton, Mr. Vevon has over 30 years of operational experience and over a decade directly supporting continuity of operations and business recovery planning. His primary clients include the National Geospatial-Intelligence Agency (NGA), the Office of the Director of National Intelligence (ODNI), National Reconnaissance Office (NRO) and the Department of State. He has considerable experience within the Intelligence Community, DoD, Joint Staff and Congress. Mr. Vevon manages over 300 geographically dispersed staff supporting numerous Federal Agencies and Intelligence Community clients with Mission Assurance, Business Continuity Planning, Critical Infrastructure Protection, Risk Management, Antiterrorism/Force Protection and Disaster Preparedness Exercises.

Tags: Process, Resiliency

NYSE Euronext: A Case Study

Event: DRI 2012

Author: Mitchell Simon

This session explores the challenges faced by NYSE Euronext in developing business continuity and disaster recovery platforms. NYSE Euronext is a company that does not manufacture anything, doesn't sell anything, and provides no tangible goods. Yet, it is one of the most regulated companies in the world. With a direct influence over global economic well-being, NYSE Euronext needs solid business continuity plans that are thought-out and tested, address any type of crisis, and ensure operability and communications. This session will review how plans are developed, crisis management is addressed, and communication is ensured. Attendees will benefit from statistics on efforts, lessons learned, and how NYSE Euronext plans to plan going forward.

Tags: Process, Banking/Financial Sector

End-to-End Concepts Applied to Business Continuity

Event: DRI 2012

Author: Susan Rogers

This session explores the relationship between end-to-end concepts, business continuity and application development.

Tags: Process

Facility Management and Business Continuity: Two Sides of the Same Coin!

Event: DRI 2012

Author: Anthony Pizzitola

This session explores the relationship between facility management and business continuity.

Tags: Facility Management, Process

Rebuild, Redirect, Restructure: Turning Your Program into What Your Organization Needs

Event: DRI 2012

Author: Greg Pinchbeck

Rebuild, Redirect, Restructure: Turning Your Program into What Your Organization Needs

Tags: Metrics, Process

Ensuring Resiliency through Shelter-in-Place Planning

Event: DRI 2012

Author: James L. Paturas

Healthcare facilities at risk for coastal storm flooding need to consider capabilities, operational requirements, and continuity resources associated with sheltering in place all, or some, of their patients, staff, and visitors. State and local health departments also require an understanding of these assessments to inform regional planning and the allocation of scarce resources before, during, and after a coastal storm. A Yale New Haven-CEPDR team consisting of clinical, emergency management, structural engineering, business continuity, and evaluation specialists conducted comprehensive reviews of healthcare facilities and provided assistance to these facilities in assessing their ability to manage critical care patients on site during a coastal storm. The team also provided guidance that will assist facilities in developing a plan for enhanced resiliency. Each facility report consisted of findings, current and potential ability to shelter in place, and a prioritized list of short- and long-term options to consider. The report includes evacuation capabilities and provides a foundation for the development of a unified regional plan for continuity of operations through the sheltering in place of critical care patients. While the case study is healthcare based, any and all organizations grappling with shelter-in-place issues will benefit from this detailed and informative presentation.

Tags: Emergency preparedness, Emergency response, Hurricanes, Transportation

Best Buy Does It Better!: A Case Study

Event: DRI 2012

Author: Ross Olson

What happened and what did Best Buy do about it? That's the question that will be answered during this informative session. Attendees will hear lessons learned from crises that have impacted Best Buy over the last few years. At Best Buy, disasters are addressed in the following priority order: people, community, and business. This session will identify successes as well as areas for improvement in each of the three areas for crisis response.

Tags: Case Study, Emergency response, Process

Business Continuity Metrics

Event: DRI 2012

Author: Dan Newton

This session explains and explores business continuity metrics. Find out all about the "what" -- common metric types for program tracking - and explore the hows and whys too! Learn strategies for understanding your audience, because you have to know with whom you are communicating and what they're concerned about if your metrics are going to mean anything. Gathering lots of data is impressive, but even more amazing is showing stakeholders how tracking and measuring performed by business continuity professionals can inform business decisions. Attendees all will discover how to use deficiencies to their advantage and why being "red averse" can be detrimental to your program.

Tags: Metrics, Process

Gaming for Learning Inter-Agency Cooperation in Disaster and Emergency Management

Event: DRI 2012

Author: Daniel Mikulsky

Experience is always the best teacher for any disaster recovery or incident commander. Yet, the practicality of experience for large-scale mega-disasters can often only be achieved by chance, and only by an unselect few. This session investigates trends in advanced learning strategies of multi-user computer gaming simulations and applicability to disaster and emergency management. Computer gaming provides a venue to increase learning and knowledge for incident commanders, and inter-agency colleagues that team and cooperate with them under unified command. This presentation will survey disaster and emergency management games already in practice and present a NIMS/ICS compatible framework for comprehensive disaster management for large scenarios that depend upon the commercial and non-profit private sector. Most importantly, the heuristic element of "fun" will be investigated for its value and contribution to the learning experience. While gaming does carry the stigma of being fun and frivolity, games provide the opportunity for safe and consequence-free learning. Exercises, simulations, and games provide the ability to practice in safety and to perform "what if" experimentation. Failure (along with lessons learned) after a gaming experience is not to be feared, but embraced.

Tags: Emergency preparedness, Emergency response

Stack the Deck in Your Favor

Event: DRI 2012

Author: Kelly Discount and Erin Meyer

Emergency managers today have the challenge of tasking staff with ever-increasing responsibilities in an environment of diminishing financial resources. Rapid technological advances in commercial off-the-shelf (COTS) software create capabilities and efficiencies that have never before been possible. Our organization's emergency management team leverages existing COTS technology such as Microsoft Office, Google Earth, and SharePoint, along with vendor-provided emergency notification systems, to capture, access, manage, and disseminate data critical for incident response. Learn how five EM professionals use affordable labor-saving technology to prepare for and respond to emergencies impacting 25,000 staff in more than 200 locations world-wide.

Tags: Emergency response, Process, Risk Management

Enterprise Risk Management and Business Continuity Management

Event: DRI 2012

Author: Randy Jouben

This session explores the integration of Enterprise Risk Management and Business Continuity Management.

Tags: Risk Management

Social Engineering, Security and Continuity

Event: DRI 2012

Author: Lori Jamison-Bellegarde

Security is everybody's business. What can you, as an individual, do to help stop the constant cyber-attacks aimed at you and your organization? Learn who "social engineers" are and how they manipulate individuals into performing risky actions and/or divulging confidential information. And, most importantly, learn how you can prevent it. Take the skills you learn in this session back to your organization. By educating staff you'll make an immediate difference in security and bolster your business continuity program to boot!

Tags: BIA, Security

From Mega-Disasters to Marathon Recovery: What's Going on in Japan? Lots!

Event: DRI 2012

Author: Shinji Hosotsubo and Nathan Rhoden

An earthquake. A tsunami. And a nuclear crisis. The $300 billion disaster shocked Japan and the world. In its aftermath, the Japanese are responding to an improbable situation with some impossibly intelligent solutions! This session explores Japan's complex, multi-layered supply chain, how your organization likely is dependent upon it, and how Japanese business continuity thought leaders are pairing traditional risk mitigation strategies (like geographic diversification) with new-fangled thinking (including reciprocal agreements that really work!) to create a win-win for suppliers big and small as well as the countless companies around the world that rely on them.

Tags: BIA, Emergency preparedness, Asia, Risk Management, Supply Chain, Earthquakes

BCP and PMP: Together They Spell Success!

Event: DRI 2012

Author: Abby DeLotto

Project management professionals (PMP) manage resources they don't control to predefined objectives on a daily basis, often for multiple projects, simultaneously. Sound familiar? Most business continuity management programs begin with one or more projects that stage the organization for long-term success. Over time, other "initiatives" are required to improve awareness, upgrade training, expand testing, evaluate strategies, integrate acquisitions, etc. How well have you juggled the time, resources, and scope to deliver these "projects" on time and within budget? This session explores how using PMP techniques may improve your program's effectiveness. And discover how your business continuity experience may help you achieve another practical, career-enhancing certification.

Tags: Risk Management, Training

From the Field: Lessons Learned on the Front Lines

Event: DRI 2012

Author: Angela Devlen

Many of our profession's most experienced and talented business continuity professionals have never experienced true disasters first-hand. That's a good thing because it means their plans are working (or they've been really lucky!). However there's nothing like being in the field, and in the thick of it, to give continuity professionals a feel for what it's really like to be on the scene during a response and recovery effort. Angela Devlen who founded the Mahila Partnership -- a grassroots non-profit organization serving the unmet needs of communities by investing in education, public health, and sustainable development initiatives while promoting disaster risk reduction and gender equality - has been in the boardroom and crisis command center as well as in the field. Devlen shares her first-hand experiences in responding to disasters in the U.S. and abroad, including impacts, lessons learned, and suggestions to take back and implement in your organization.

Tags: Community Resilience, Emergency preparedness, Global Strategy, Security

Why Small Business Preparedness Matters to You!

Event: DRI 2012

Author: Joseph Booth

How resilient is your supply chain when disaster strikes? Small businesses employ more than half of the U.S. private sector workforce and likely play a critical role in the success of your organization. If one of your critical suppliers is wiped out after a disaster, your supply chain will be interrupted. This session discusses the importance of small businesses being prepared for disasters and how their preparedness can affect your bottom line. Joseph Booth, Executive Director of the Stephenson Disaster Management Institute, has over 25 years of experience in preparedness and response to disasters.

Tags: Emergency preparedness, Resiliency, Supply Chain

How to Tame a Dragon: BCP, Security, and Intellectual Property at DreamWorks

Event: DRI 2012

Author: Matthew Bogaard

DreamWorks Animation SKG creates high-quality family entertainment, including computer-generated (CG) animated feature films, television specials and series, and live entertainment properties. With world-class creative talent and technological capabilities, DreamWorks Animation releases two or three CG animated feature films a year that deliver great stories, breathtaking visual imagery and a snesibility that appeals to both children and adults. With each release, DreamWorks' goal is to tell great stories. This session shares yet another great story from DreamWorks, as Director of Studio Operations and Corporate Security Matt Bogaard tells attendees how he strives to protect this hybrid entertainment-technology company and its assets. Bogaard oversees facility operations and security including business continuity planning, intellectual property protection, global threat assessment, workplace violence prevention, travel security, executive protection, and safety. Additionally, he works collaboratively with the other major movie studios in content protection and ongoing anti-piracy efforts.

Tags: Emergency preparedness, Global Strategy, Infrastructure, Public-Private Partnership, Security