|Tuesday Workshops - 3:00 - 5:30 p.m.|
Workshop Session 1
ABC’s of Operational Resilience
Nader Mehravari, CERT Cyber Resilience Ctr
Organizations, large or small, public or private, civilian or federal, continue to invest in a variety of independent preparedness planning activities including IT disaster recovery (DR), business continuity (BC), crisis management (CM), pandemic planning (PP), and emergency management (EM). However, given the extreme complexity of today’s business processes, and the global socio-economical challenges faced by organizations, a traditional disjointed stovepipe approach to preparedness planning is no longer viable; neither operationally nor financially. Successful protection of one’s enterprise now requires a fully integrated approach that incorporates unification, standardization, automation, and training while balancing affordability and risk management. Such an integrated approach to protection and sustainment of business operations is being referred to as “Operational Resilience.”
Operational Resilience is the emergent property of an organization that can continue to carry out its mission in the presence of operational stress and disruptive events. It is the overarching risk management practice of planning, developing, integrating, executing, and governing activities.
This interactive tutorial-style workshop is intended to provide the audience with a comprehensive overview of modern operational resilience and associated concepts.
Dr. Nader Mehravarii, MBCP, MBCI, is a subject matter expert and experienced practitioner in disaster recovery, business resiliency, continuity of operations, preparedness planning, information security, and associated operational risk management. He is currently with CERT Cyber Resilience Center of the Software Engineering Institute at Carnegie Mellon University.
Workshop Session 2
Practical and Tactical Strategies To Implement Resiliency
Sudhir Gadepalli, Director - IT Architecture and Engineering at OCLC, Inc
In this workshop, participants will learn the fundamental tools and techniques required to stand up a sustainable resiliency program. If you are tasked with building a resiliency program from the ground up, or if you have inherited a BC/DR program that requires a major reboot, this hands-on workshop will provide tactical and practical strategies to implement a resiliency program that is truly aligned with the goals of your enterprise. Key learning outcomes include:
This interactive, hands-on workshop is ideal for novice-intermediate practitioners looking for proven techniques to advance their own BC/DR and resiliency programs.
Sudhir Gadepalli is the associate director of IT service continuity management with the Office of the Chief Information Officer at The Ohio State University. In this role, he is responsible for the establishment, planning, implementation and governance of the enterprise IT service continuity and resiliency management program, and for providing leadership and strategic direction in the creation of a resilient computing architecture to support the University’s research and academic initiatives. He holds a Masters degree in computer science and engineering, as well as certifications in project management, business continuity, disaster recovery planning, enterprise architecture and IT service management.
Workshop Session 3
Violence a Preventable Disaster: Understanding and Reducing the Risk
David Smith, Prof Workplace Int
Far too often, there is misunderstanding about what organizations can or should do to reduce and manage the risk of violence in the workplace. The good news is that much can be done to reduce the risk. Research on workplace violence has shown that warning signs and detectable inappropriate behaviors usually precede acts of violence.
This workshop will prepare participants to recognize the basic danger signals, enabling them to provide intervention or seek assistance before problems escalate. Participants will receive proven methods to combat the rising tide of workplace violence and proactive steps that can dramatically reduce the risk of litigation and future legal claims.
David A. Smith, founder of Professional Workplace Interaction, Inc., (PWI) is an author and highly experienced dynamic speaker.
Smith has extensive experience in executive management, field operations, product launch and financial management at the corporate and small business levels.
He has conducted extensive leadership, behavioral risk management, business continuity and disaster planning training for the insurance industry, corporations, private businesses, university personnel, and government agencies across the United States and Canada
Smith currently serves as chairman of the non-profit Honor Flight San Diego and has served on the Board of Directors of various corporate, marketing and other charitable organizations.
Smith’s corporate experience and expertise has been combined with PWI’s professionals including backgrounds in psychology, psychiatry, legal, law enforcement and education to develop PWI training and consultative programs.
Workshop Session 4
Build an ISO 22301 Management System to Capture Executive Attention
Robert Giffin, Avalution Consulting
Management Systems concepts have been included in nearly every business continuity standard written in the last four years – including ISO 22301 – but remain relatively unknown in our profession. This workshop will introduce management systems processes and their unique benefit of forcing/enabling alignment with your executives’ and customers’ expectations. Management systems processes include defining scope and objectives, engaging management and other interested parties, identifying business continuity obligations, documenting a policy, establishing personnel competencies, performing recurring internal audits and management reviews, managing corrective actions – and above all, continual improvement. Workshop attendees will come away with an understanding of management systems principles and processes as well as the value of management system standards. Each management system component and process will be introduced using examples and case study content, as well as specific, practical ways to implement these processes in any environment.
Robert Giffin (CBCP, CISA) is a co-founder and director of technology for Avalution Consulting, a firm specializing in business continuity consulting.
Over the past 10 years, he has consulted with organizations of all sizes and in nearly all industries. Giffin specializes in developing and implementing customized business continuity programs and designing software solutions that enable effective and efficient program execution.
In addition to being a frequent author and speaker, he has served on the Editorial Advisory Board of the Disaster Recovery Journal and the board of the Association of Contingency Planners’ Northern Ohio Chapter.
Workshop Session 5
BCP Metrics: Resiliency Through Measurement
Michael Herrera, MHA Consulting
Joseph Zammit, Nestle USA
If you are charged with continuity planning you can get support from senior management by developing metrics and demonstrating value to the bottom line. Do you have regular audits by customers and others of your program to determine if you can continue to support their business should you have a disruption? Do you know how compliant your program is with industry standards and/or your level of recoverability? Is management asking you how the program compares to others? Is management not supporting your program?
Knowing how compliant your program is with industry standards and most importantly, how resilient it is, brings value to the bottom line of the organization. In this session, we will review the use of metrics and MHA’s Tier 1 and Tier 2 metrics to comprehensively assess a continuity program’s compliance with standards as well as resiliency. Discover that by using comprehensive metrics to assess compliance and resiliency, you can make steady, well rounded improvements in your continuity planning program. Most importantly, showing management where you stand on a regular basis is crucial to gaining their support and funding to heighten the sophistication and capability of your program.
Michael Herrera founded MHA Consulting Inc in 1999 after a 15-year career in the world of banking. Since founding MHA, he has led the organization to become an industry leader serving top clients around the world.
Joseph Zammit, MBA, CBCP, is the business continuity management lead for Nestlé USA and has more than 30 years of business experience in the prepared food industry..
Workshop Session 6
Command and Control: A Framework for Crisis Management
Raychel Oshea- Patino, PVH Corp.
Sean Murphy, Lootok
Many organizations fail by planning for an event before it happens and consequently, try to fit the crisis into the plan.
In the complex and chaotic environment that is characteristic of a crisis, however, we can only rely on plans as a starting point. The real planning must happen at time of event.
This session will introduce a decision-making model called Command and Control, and demonstrate how one of the world’s largest global apparel companies has applied this framework in training its leaders.
Learn how to build tacit knowledge among leadership, develop solutions around the specific context of a crisis, and get executive buy-in for your crisis management program.
Since 2006, Raychel O’Shea Patino manages the business continuity program for PVH Corp. from its corporate headquarters in New York City.
PVH is one of the largest global apparel companies, with 2011 revenues of over $5.9 billion and combined global retail sales of over $16.6 billion. PVH owns a diversified portfolio of brands, including its global designer lifestyle brands Calvin Klein and Tommy Hilfiger, as well as Van Heusen, IZOD, ARROW, and Bass.
Sean Murphy is the CEO of Lootok, a specialized business continuity management (BCM) consulting firm headquartered in New York City.
As a former vice president at Marsh and McLennan Risk Consulting and a senior consultant at Ernst and Young, Murphy has managed some of the most highly regarded business continuity practices in the industry.
He has more than 20 years of contingency experience, with 13 years of consulting in business continuity and seven years of military contingency planning.
These interactive sessions allow attendees to explore topics in-depth . Choose one session and mark your preference on page 17. Sessions are rated according to experience levels.