DRJ's Fall 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 31, Issue 1

Full Contents Now Available!

Sunday Workshop Session 1

Birds of a Feather BC Management Roundtable Discussions


Robbie Atabaigi, KPMG

Robbie Atabaigi, KPMG BCI Certified SpeakerFacilitated discussions on business continuity trends and key topics of interest coordinated within industry roundtables. Participate in dynamic dialogue with fellow conference participants having similar backgrounds and expertise.

Experienced BC professionals will lead these structured, yet flexible BC roundtable discussion. You will gain solutions, while having the opportunity to build relationships and solve problems among BC planners in similar situations.

This session will enable you to explore solutions, address concerns, ask questions, and dialogue about BC planning strategies and practices being used at other organizations.

Potential Topics:

  • Recent Events – Planning and Response
  • Crisis Management Planning
  • BC/DR Planning
  • Risk Assessment and BIA
  • BC Governance and Commitment
  • BCM Exercises and Testing
  • Supply Chain Management
  • Other Topics Selected by Participants

Moderator: Robbie Atabaigi, MBCI, MBCP, CISA , ITIL Foundation - KPMG LLP

Potential Industry Roundtable Facilitators could include:

  • Martin Myers, MBCP, HP
  • Raychel Oshea-Patino, Phillips-Van Heusen Corporation
  • Barney Pelant, MBCP, Barney F. Pelant & Associates
  • Lisa Smallwood, MBCI, MBCP, CBCLA, ITIL
  • Bobby Williams, MBCI, MBCP, Fidelity Inventments
  • other industry leaders

Sunday Workshop Session 2

COOP Templates for Success


Linda Han-wacker, LSH Group

Linda Han-wacker, LHS GroupWhat Continuity of Operations Plan (COOP) templates are necessary for success? The Continuity of Operations Plan is designed to ensure stability and continuation of essential program services to the public during a wide range of potential events. What information is required, what methodology to consider and what templates to apply in creating a successful COOP plan is the focus of this workshop. Furthermore, planning for major disasters is important. Unfortunately, the less severe emergencies that might occur more frequently are often overlooked. These minor and more frequent events can wreak havoc on an agency’s ability to continue operations. A sampling of these events will be addressed and discussed in the planning process.

The COOP specific objectives that will be addressed are:

  1. To ensure the continuous performance of essential functions during an event.
  2. To ensure employee safety.
  3. To protect essential equipment, records and other assets.
  4. To reduce disruptions to operations.
  5. To minimize damage and losses.
  6. To achieve an orderly recovery.
  7. To identify relocation sites and ensure operational and managerial requirements are met before an event occurs.

This workshop focuses on these seven specific objectives of COOP planning utilizing more than 20 templates that are core to developing a successful COOP and how to compile this information in a plan.

Linda Hanwacker is the president and founder of The LSH Group, LLC. The LSH Group is a professional services group of business continuity, continuity of operations, emergency management and IT disaster recovery specialists. Hanwacker is an experienced executive leader with more than 25 years addressing IT, BC/DR planning initiatives. Hanwacker has held several executive positions in BC/DR, and network/IT security.

Sunday Workshop Session 3

How to Align IT with the Goals of Your DR Program


Sudhir Gadepalli, Enterprise Resiliency Services

Sudhir GadepalliSo you completed the BIA. You identified critical business processes and determined recovery priorities. Are you confident that your technology recovery capabilities are fully aligned with the recovery requirements of you BC/DR program?

Technology recovery is a critical part of BC/DR planning, and a comprehensive IT service continuity management strategy will ensure resiliency in a risky world.

As the saying goes - “Computers don’t recover from disasters, people do. But people need computers to recover from disasters”. Within the context of BC/DR planning, technology recovery is integral to continuity of business operations. Our job, as BC/DR practitioners is to “Understand the cost of saying yes and the risk of saying no” and build a comprehensive technology recovery infrastructure that is fully aligned with the goals of your BC/DR program.

This workshop will take a vendor/technology agnostic view of the technology landscape and current state of IT disaster recovery offerings and walk attendees through the process of building a “target state IT DR architecture” that is fully aligned with the goals of an enterprise’s business continuity objectives. Key learning outcomes include: How to conduct a technology impact analysis; How to create “tiers of recovery” that map to “business process recovery priorities”; and How to create a “cost model” for each tier and assign that to each “recovery tier”.

Sudhir Gadepalli is a well recognized BC/DR and resiliency planning thought leader, speaker and trainer. Gadepalli’s approach to resiliency planning encourages practitioners to adopt the concept of BC/DR and resiliency planning as a way to “understand the cost of saying yes and the risk of saying no”. He serves as the chief mentor and strategy officer of enterprise resiliency services, a major BC/DR, risk management and resiliency services training and consulting firm.

Sunday Workshop Session 4

The Future of Business Resiliency Testing


Troy Neville, Millersville University

Ginnie Stouffer, Afore-thought

Troy Neville, Millersville University Ginnie Stouffer, Afore-thought BCI Certified SpeakerThe past decade has seen huge changes in the technology business continuity professionals use to enhance business unit resiliency, create plans, and manage the organization response to a crisis, disaster or emergency. However, the testing methods used by most organizations have changed little: boring and unrealistic tabletop exercises or costly and disruptive full-scale exercises. We should not be surprised to learn that many organizations feel the emergency response plans and exercises in their business continuity program do not adequately prepare them for an actual emergency.

In this session, we will review the current state of business resilience testing, the challenges organizations have in conducting realistic exercises, and the role virtual reality simulation can have now – and will have in the future - to provide the next generation of testing and validation for organizations and their planning efforts. The session will explore the weaknesses in current exercises, demonstrate the potential of this technology, and examine the future potential of virtual reality in other aspects of testing.

The key component of the workshop is the live virtual reality simulation of two emergencies. Collectively, the attendees will act as the Incident/crisis management team leader. Key decisions made by the group will play out in the simulator. Attendees will also log the actions they would take to manage the simulated emergency. At the conclusion of each emergency, there will be a hot wash to review the strengths and weaknesses of the selected strategy and tactics.

Troy Neville is an instructor at the Center for Disaster Research and Education at Millersville University, deputy emergency management coordinator for planning in Manheim Township, Lancaster, PA, and systems engineer for Design Data Corporation.

Ginnie Stouffer is the owner/president of Aforethought Consulting, LLC, a business continuity consulting company. She has 30 years of experience in developing business continuity programs and plans.

Sunday Workshop Session 5

Build an ISO 22301 Management System to Capture Executive Attention


Rob Giffin, Avalution

Rob Giffin, Avalution Management systems concepts have been included in nearly every business continuity standard written in the last six years – including ISO 22301 – but remain relatively unknown in our profession.

This workshop will introduce management systems processes and their unique benefit of forcing/enabling alignment with your executives’ and customers’ expectations.

Management systems processes include defining scope and objectives, engaging management and other interested parties, identifying business continuity obligations, documenting a policy, establishing personnel competencies, performing recurring internal audits and management reviews, managing corrective actions – and above all, continual improvement.

Workshop attendees will come away with an understanding of management systems principles and processes, as well as the value of management system standards. Each management system component and process will be introduced using examples and case study content, as well as specific, practical ways to implement these processes in any environment.

Workshop at a Glance:

  • Introduce ISO 22301
  • Define the management system concept and value
  • Discuss the 10 key elements of a management system
  • Outline implementation strategies
  • Present case studies

Robert Giffin, CBCP, CISA, is a co-founder and director of technology for Avalution Consulting, a leading provider of business continuity and IT disaster recovery consulting and software solutions. Over the past 10 years, he has consulted with organizations of all sizes and in nearly all industries. Giffin specializes in developing and implementing customized business continuity programs and designing software solutions that enable effective and efficient program execution. In addition to being a frequent author and speaker, he has served on the Editorial Advisory Board of the Disaster Recovery Journal and the board of the Association of Contingency Planners’ Northern Ohio Chapter.

Sunday Workshop Session 6

Mock Disaster Exercise: Real World Risk


Sponsored By Mail-Gard

Session limited to 200 participants.

Mail GardEvery disaster or business interruption brings new insights and unforeseen issues to the forefront. Our mock disaster will highlight some of these impacts, without the heartache of managing through a real event. Based on an actual disaster scenario, and company events – this mock disaster will explore the impact of a disaster declaration on areas of a company previously overlooked in most other disaster drills.

The effects from a shutdown to your operations center reach longer and deeper into a company’s core than you may realize. The outage experienced from a disaster may be wide spread or limited to certain areas of your business. How will you deal with accounting, administrative, facilities, and operations issues that affect a company unable to communicate with their most important resource… their customers? How will you respond to impacts to facilities, financial and compliance issues? These are just some of the issues that will be highlighted. Attending this mock disaster may expose some of the weak points in your recovery planning.

As with all prior mock disaster exercises there will be unexpected situations and incidents that will challenge participants to collaborate and respond to emerging events while staying focused on the recovery goal. This lively and interactive exercise will test your knowledge as you work together to respond to the immediate demands of keeping your company in business when and interruption occurs.

Mail-Gard is the nation’s leading provider of critical communication recovery services specializing in print and mail recovery solutions, along with email, crisis notification and document management recovery solutions.