|
|
|
|
 | ||
| ||
 | Blindsided is the authoritative guide to crisis management. This "how to" handbook gives essential advice that every manager needs to know when a crisis hits. Written by CMI Founder/CEO Bruce Blythe, it's a fascinating, easy-to-read guide that draws on Blythe's 20+ years of experience as a pioneer in crisis management.  | |
EXECUTIVE SUMMARY: CMI and representatives from the Sloan Foundation, InterCEP[1] and RIMS recently met in Washington, D.C. with senior representatives of the U.S. Senate, House and DHS in separate meetings. The intent of the meetings was to:
Update on the Private Sector Preparedness Law (PL 110-53) for Business Continuity and Disaster/Emergency Response
(Bruce T. Blythe, CEO, February 25 2008)
DHS Progress and Resolve: Congress has yet to provide funding to DHS for the development and implementation of the law. However, DHS is utilizing existing budget to address this initiative. DHS representatives report that they absolutely will implement this law because it is a Federal mandate. Presently, DHS is in final review of a required report to Congress due February 29th, 2008.
Updates: The Sloan Foundation has been funding projects to push the implementation forward. A major Sloan-funded accomplishment has been the development of a recently released report entitled “Framework for Voluntary Preparedness” (attached). Representatives of DRII, RIMS, NFPA and ASIS International[2] cooperatively produced the report that analyzed the commonalities among the various Standards, guidelines and best practices. This report calls for the freedom by private sector organizations to use existing Standards and guidelines for certification that adequately address the core components identified by the report. It is likely that this report will serve as the foundational guideline for certifying private sector organizations.
CMI recommended to the Sloan Foundation that a small core group of knowledgeable individuals be assembled to address the needs and desires of the private sector re: this new law. That group first met in October 2007, representing various businesses, professional associations, InterCEP, leading consultants and the American National Standards Institute (ANSI). In December, we expanded the group to include representatives from the U.S. Government, U.S. Chamber of Commerce and additional businesses.
Meanwhile, organizations such as The Conference Board’s Business Continuity Council have provided input from their corporate members. ISMA[3] has also provided a report with their input. Other grassroots feedback is emerging from a myriad of sources.
DHS representatives report that they want private sector "grass roots" business case incentives vs. coerced legislated compliance. InterCEP and other groups are expending significant effort exploring legitimate positive incentives that would demonstrate a clear rationale for preparedness.
Presently, companies are coming forward with interest in early involvement. Some Fortune companies are expressing an interest in pushing preparedness/certification down their supply chains. A few companies are expressing their disapproval, but most are "guardedly interested" if the law remains voluntary and provides benchmarking and guidance regarding adequate preparedness.
Future: The movement to standardize and certify organizational Business Continuity and Disaster/Emergency Response appears to be rapidly gaining international momentum, e.g., 60% of British companies are reportedly interested in becoming certified through the British Business Continuity Standard (BS 25999). Ultimately, it is CMI’s opinion that one ISO Standard will prevail internationally and throughout the U.S. The new release of ISO/PAS 22399 is the beginning evidence of this convergence. Interest is emerging from early corporate adopters. The Sloan Foundation is considering a possible educational awareness campaign in multiple cities throughout the U.S. later this year. Additionally, DHS is interested in promoting the private sector preparedness certification through their Sector Coordinating Councils. It is expected that a phased implementation will take place over the next few years and will include accommodations for small, medium and large businesses. Expect to see guidelines and tools for compliance, including a maturity model that will withstand the rigors of the auditing community.
The good news is that there is no indication this new law is intended to be anything other than voluntary and in conjunction with grass-roots input from the private sector. There is significant effort to establish a sound business case for preparedness vs. a program that is thrust upon us by the U.S. Government.
If you are interested in learning what your organization needs to do to comply with the new law and become prepared, The Conference Board Spring Seminar "Business Continuity & Security & Crisis Management" will be held in New York City, May 13-14. The theme will be "Private Sector Preparedness... What You Can Expect in the Near Future." Come join other corporate managers and executives to hear what is anticipated to be compliant for certification. You can register directly at www.conference-board.org. Mention code DS-1 and receive the Conference Board associate rate to save $360 on registration.Summary: CMI is maintaining the position of staying closely involved and actively monitoring every step of the developmental process related to PL 110-53. We will continue to keep you informed, trying not to over communicate. CMI is maintaining a leadership position on your behalf. If you have questions, input or feedback, we invite you to contact Bruce T. Blythe, CEO of Crisis Management International. He and the CMI professional staff will work diligently to address your questions and needs on a timely basis.
[1] International Center for Enterprise Preparedness, NYU, Bill Raisch, Director
[2] Disaster Recovery Institute International, Risk and Insurance Management Society, National Fire Protection Agency and American Society of Industrial Security International
[3] International Security Management Association, (Chief Security Officers)
