ebook img

Business Continuity Management: Building an Effective Incident Management Plan PDF

387 Pages·2009·3.33 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Business Continuity Management: Building an Effective Incident Management Plan

BBuussiinneessss (continued from front flap) PRAISE FOR BLYTH $75.00 USA/$90.00 CAN BBuussiinneessss CCoonnttiinnuuiittyy MMaannaaggeemmeenntt (cid:127) Emergency situation management (cid:127) Crisis Leadership BB Building an Effective Incident Management Plan Business (cid:127) Over 40 different crisis scenarios uu Developing and utilizing a business continu- ss CCoonnttiinnuuiittyy Continuity ity plan protects your company, its personnel, “In Business Continuity Management, Blyth has once again produced a comprehensive guide ii Management nn facilities, materials, and activities from the to the subject. Whether a multinational organization looking to counter the threat of global broad spectrum of risks that face businesses terrorism or a local business planning against loss of sensitive data, this book provides a well ee and government agencies on a daily basis, structured and useful guide to construction and implementation of Incident Management ss BUILDING AN EFFECTIVE whether at home or internationally. Business Plans. Blyth provides not only the theory and background to his subject but also invaluable ss INCIDENT MANAGEMENT PLAN template guidelines for many of the incidents which we all should prepare for.” Continuity Management presents concepts MMaannaaggeemmeenntt —J oe Pugh CC Few businesses can afford to shut down that can be applied in part, or full, to your Head of European Project Management, Panasonic for an extended period of time, regard- business, regardless of its size or number of oo “Business Continuity Management: Building an Effective Management Plan very effectively less of the cause. If the past few years employees. The comprehensive spectrum of details how and what a company should include in composing and executing a crisis nn have taught us anything, it’s that disaster can useful concepts, approaches and systems, as management plan. This book is a must read for both laymen and experts alike because it tt strike in any shape, at any time. Be prepared well as specific management guidelines and itemizes the most relevant facts within silos that are comprehensive enough for the expert ii nn with the time-tested strategies in Business report templates for over forty risk types, will to fi nd value in, yet written in a manner that a layman can derive tangible value. The Continuity Management: Building an Effective enable you to develop and sustain a continu- incident response guidelines, broken down by the event type, provide an extremely useful uu ity management plan essential to compete, tool that bring immediate value to the reader.” ii Building an Effective Incident Management Plan and protect your tt employees while ensuring your company win, and safely operate within the complex —R obert G. Molina Jr. Global Security Manager yy Incident Management Plan survives the unimaginable. and fluid global marketplace. LyondellBasell Written by Michael Blyth—one of the world’s “For a business of any consequence to not have a business continuity plan is like a Boy Scout MM MICHAEL BLYTH is Director not having a fi rst aid kit. Advanced preparation and planning enable a business to deal with foremost consultants in the field of business of Risk Strategies for RSM a crisis and sooner or later every business will face a crisis of some nature. Author Michael aa contingency management—this book pro- Consulting, a risk management Blyth hits the nail on the head with his well organized book that weaves together business nn vides cost-conscious executives with a struc- and training company. He holds continuity planning, incident management, and dealing with risks.” aa tured, sustainable, and time-tested blueprint a master's degree in security —J ohn P. Chamberlain gg toward developing an individualized strategic management and has eighteen Executive Director ee business continuity program. This timely ESC years of management and operational book urges security managers, HR directors, “Mike Blyth has produced another book, which is thought-provoking and a clear example of mm experience within over thirty-two countries, program managers, and CEOs to manage the multilayered guidelines that companies should be encouraged to incorporate into their providing strategic advisory services and man- ee nonfinancial crises to protect your company BCP. A worthy read for anyone in business, irrespective of managerial level. The business agement training for large multinationals and model and structure achieved will help determine the time and shape of any crisis. The nn and its employees. Discussions include: government agencies. He is highly experi- individual knowledge and understanding so achieved, interlinked with a robust BCP, will tt (cid:127) Incident management versus enced in providing corporate risk mitigation determine the optimum time and cost to recover from crisis.” crisis response and vulnerability assessments, multi-billion —S tephen Ackroyd dollar market entry program risk solutions BMI Security Manager, Middle East/Africa/Asia INC (cid:127) Crisis management structures and national crisis management plans, as “In the global economy, the guidelines presented by Michael Blyth are an essential component IDE BU (cid:127) Crisis flows and organizational responses well as a wide spectrum of strategic policies for doing business worldwide. He has thought of every angle. In ultra-sensitive environments NT ILD (cid:127) Leveraging internal and and plans within high-risk environments for like Afghanistan, his recommendations will be widely applied.” MIN external resources G ambassadors, major oil and gas programs, —D r. Thomas Stauffer AN A (cid:127) Effective crisis communications President/CEO, American University of Afghanistan A N development organizations and communica- GE E (cid:127) Clear decision-making authorities tions network corporations. He can be con- M F F E E (cid:127) Trigger plans and alert states tacted at: [email protected] N C T T PIV (cid:127) Training and resources Jacket Image: © Getty Images L E A (cid:127) Designing and structuring policies N and plans (cid:127) Monitoring crisis management programs MICHAEL BLYTH (cid:127) Stages of disasters (cid:127) Emergency preparedness (continued on back flap) P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome More Praise for Business Continuity Management “Can my company afford not to be prepared? Should we allow our destiny to be dependent upon luck or put in the hands of others? A company well prepared for a disaster WILL weather the storm. Mike has provided not only the substance to develop a plan that addresses all types of incidents, but the “ground zero” detail requiredtomakeiteffective.Youhaveeverythingheretodesignaplanthatworks— practice and communicate that plan across your company at all levels will prepare you for the next storm.” Glenn W. McLea CPP, Corporate Security Director, Parsons Corporation “Anyone operating in the international market place, either as a commercial or government organization, knows that you will face crisis incidents. How well you weather that storm is a reflection of how effective your policies, plans and training area. This book adds real value to the understanding of your vulnerabilities and the development of effective mitigation plans.” Timothy Bowen Director of Global Investigations and Security, BearingPoint, Inc. “Business Continuity Management is a rare, uniquely valuable resource, cleverly managingtobepracticalandcomprehensivewhilesimultaneouslythoughtprovok- ing and inventive. Truly terrific.” Garett Seivold Editor, IOMA’s Security Director’s Report Author, Disaster Preparedness 2008: The Guide to Building Business Resilience “Another blockbuster by Mike Blyth and a most useful companion to his earlier work RiskandSecurityManagementProtectingPeopleandSitesWorldwide. This is anexcellentbookforthesecuritypractitionerandforthosewhohaveaninterestin managing risk.” Tom Mulhall Director of Security Programmes, Loughborough University, UK “Lots of people talk about crisis management and business continuity, but Michael Blyth’sbookprovidesreal,tangibledetailsforcrisismanagementplanning.Whether you’re a security professional or a senior manager, you will find his guidance prac- tical and – particularly should you ever need to use it – incredibly valuable.” Joe Gleason Director of Global Security and Operations, National Democratic Institute P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome “This experienced and talented author has again produced a comprehensive and very useable manual on how to protect people as well as insulate companies from liabilityrisks.Thisbookisessentialreadingforanyoneinvolvedinriskmanagement and is a crucial point of reference for any company executive who should, by now, knowthatmanagingriskinanuncertainworldisafeatureofoureverydayexistence and the basis of commercial success.” Martin Guyll-Wiggins Senior Partner, Great Western Solicitors “Mike Blyth presents not only a comprehensive strategy for creating an effective IncidentManagementPlanbuthaslaidoutthetacticalcomponentsthatwillensurea multi-functionalapproachthathastheessentialelementsforcontinuityplanningfor any organization. This book should be required reading for experienced Business Continuity Planners as well as for new comers to the field. Mike has given us a valuable resource.” Gerard A. McEnerney, COL, USA (Ret.) Assistant Vice President and Executive Director, St. John’s University–Staten Island Campus & University Emergency Management Former U.S. Army Chief Regional Emerg. Prep. Liaison Officer—FEMA Region II “In the context of increasingly uncertain economic times, Michael’s astute emphasis on Risk Management should be particularly relevant to security executives and managers. Mapping, evaluation, and assessment of risk are exceptionally valuable tools to demonstrate the need for investment in key security programs to mitigate against the potential for catastrophic financial loss.” Greg Hoobler Senior Global Security Analyst “Mikehastakenusalltothenextstage,helpingusmovefrom‘TheRisk’into‘Doing SomethingAboutIt’.Aneasytousebookwhichhelpsalllevelsofpersonnelwithin International Organisations along the Business Continuity Learning curve. I look forward to working alongside Mike in the future and maybe some of his readers.” Paul Harries Police Inspector, Central London UK “InBusinessContinuityManagement,MikeBlythhasdeliveredanotherencyclopedic security reference. This should be required reading for all private sector security managers, who today are confronted with adversaries ranging from transnational terrorist and criminal organizations to natural hazards. Mike has developed a do- it-yourself guide to business continuity planning based on his wealth of practical experience and decades of lessons learned.” Ian Conway CEO, Helios Global, Inc. P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome Business Continuity Management Building an Effective Incident Management Plan MICHAEL BLYTH JohnWiley&Sons,Inc. P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome Copyright(cid:1)C 2009JohnWiley&Sons,Inc.Allrightsreserved. PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PublishedsimultaneouslyinCanada. Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinany formorbyanymeans,electronic,mechanical,photocopying,recording,scanning,orotherwise, exceptaspermittedunderSection107or108ofthe1976UnitedStatesCopyrightAct,without eitherthepriorwrittenpermissionofthePublisher,orauthorizationthroughpaymentofthe appropriateper-copyfeetotheCopyrightClearanceCenter,Inc.,222RosewoodDrive,Danvers, MA01923,978-750-8400,fax978-646-8600,orontheWebatwww.copyright.com.Requeststothe PublisherforpermissionshouldbeaddressedtothePermissionsDepartment,JohnWiley&Sons, Inc.,111RiverStreet,Hoboken,NJ07030,201-748-6011,fax201-748-6008,oronlineat http://www.wiley.com/go/permissions. LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorhaveusedtheirbest effortsinpreparingthisbook,theymakenorepresentationsorwarrantieswithrespecttothe accuracyorcompletenessofthecontentsofthisbookandspecificallydisclaimanyimplied warrantiesofmerchantabilityorfitnessforaparticularpurpose.Nowarrantymaybecreatedor extendedbysalesrepresentativesorwrittensalesmaterials.Theadviceandstrategiescontained hereinmaynotbesuitableforyoursituation.Youshouldconsultwithaprofessionalwhere appropriate.Neitherthepublishernorauthorshallbeliableforanylossofprofitoranyother commercialdamages,includingbutnotlimitedtospecial,incidental,consequential,orother damages. Forgeneralinformationonourotherproductsandservices,ortechnicalsupport,pleasecontact ourCustomerCareDepartmentwithintheUnitedStatesat800-762-2974,outsidetheUnitedStates at317-572-3993orfax317-572-4002. Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsin printmaynotbeavailableinelectronicbooks. FormoreinformationaboutWileyproducts,visitourWebsiteathttp://www.wiley.com. LibraryofCongressCataloging-in-PublicationData: Blyth,Michael,1972– Businesscontinuitymanagement:buildinganeffectiveincidentmanagement plan/MichaelBlyth. p. cm. Includesindex. ISBN978-0-470-43034-7(cloth:acid-freepaper) 1.Crisismanagement. 2.Emergencymanagement. 3.Businessplanning. I.Title. HD49.B592009 658.4(cid:2)77–dc22 2008048334 PrintedintheUnitedStatesofAmerica. 10 9 8 7 6 5 4 3 2 1 P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome Dedicated to my wife Kristen, who is the Crisis Team Leader for our family, both at the point of every emergency event, as well as when undertaking the post incident reviews with the cause for most of our emergencies...our children Alexander, Amber, and Christopher. P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome Contents Preface xv AbouttheWebSite xxi CHAPTER1 Business Continuity Management Plan 1 Crisis Management 4 The Value 5 Common Failings 7 Business Continuity Goals 9 Defining a Crisis 10 Mapping Risks 11 Critical Dependencies 12 Tactical Risk Evaluations 13 Determining Risk Tolerances 15 Incident Response versus Crisis Management 15 Stages of Incident Management and Crisis Response 17 Understanding Risk 17 Immediate Response and Impact Levels 21 Risk Management 22 Response Trigger Points 24 Decision and Authority Matrixes 27 Structuring Business Continuity Management Plans 29 Resourcing 33 Design and Development 36 Integrated and Compartmentalized Policies 39 Reporting and Record Keeping 39 Implementing the Business Continuity Management Plan 39 The Communications Plan 47 Organizational Interface Plans 53 Medical Response and Repatriation Plan 58 Public Relations Plan 59 Resource and Procurement Management Plans 62 Project Initiation Plans 67 Business Recovery Plans 68 Postincident Reviews 74 Summary 75 vii P1:OTA/XYZ P2:ABC FM JWBT066-Blyth February20,2009 12:1 PrinterName:YettoCome viii Contents CHAPTER2 Incident Management Plan 77 Incident Management versus Crisis Response 78 Principles of Incident Management 79 Incident Management Plan Risk or Threat Overview 80 Objectives of the Incident Management Plan 80 Incident Management Sequence 81 Crisis Management Flow 82 Incident Management Sequencing 82 Incident Management Stages 84 Macro and Micro Crises 85 Understanding the Incident Management Plan Needs 86 Incident Management Plan Design and Implementation 90 Design and Development 91 Reviewing and Testing 92 Adjustment and Implementation 92 Incident Management Plan Policies and Procedures 93 Information Security 94 Resourcing the Incident Management Plan 94 Structuring Incident Management Plans 95 Incident Management Plan Policies and Instructions 96 Incident Management Plan Cover Letter 97 Immediate Resource Mapping 98 Incident Management Plan Communications and Tactical Resource Plan 99 Initial Verbal Reporting 101 Incident Management Plan Decision and Authority Matrix 102 Incident Management Plan Alert States and Trigger Response Plans 102 Alert Notification Systems 106 Incident Management Plan Information Capture Reports 107 Incident Management Plan Crisis Response Guidelines 107 Destruction Plans 108 Incident Management Plan Risk Assessments 109 Summary 109 CHAPTER3 Crisis Management Structures 111 Interorganizational Management 112 Crisis Leadership 114 Organizational Crisis Leadership 116 Approach Methodologies 117 Education and Training 118 Supporting Crisis Management Groups 119 Response Buildups 121 Crisis Management Structures 122 Corporate Crisis Response Team 123 Country Crisis Response Team 124

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.