Download presentation
Presentation is loading. Please wait.
Published byAshanti Gamlin Modified over 9 years ago
1
BS-25999: Business Continuity Management System PS-Prep: The Voluntary Private Sector Preparedness Program Kathleen Lucey, FBCI Practice Manager, EMC 516-384-6437 Lucey_Kathleen@emc.com 1
2
BS 25999: Overview 2
3
BS 25999: Part 1 BS 25999-1: 2006 Code of Practice for Business Continuity Management. A code of practice that takes the form of guidance and recommendations. Establishes the process, principles and terminology of BCM, providing a basis for understanding, developing, and implementing business continuity within an organization and to provide confidence in business-to- business and business-to-customer dealing. “Should” 3
4
BS 25999: Part 2 BS 25999-2: 2007 Specification for business continuity management. A specification that provides requirements for establishing, implementing, operating, monitoring, reviewing, exercising, maintaining and improving a documented Business Continuity Management System within the context of managing an organization’s overall business risks. It is to this specification that an organization (or part of it) is audited: “Shall”= auditable. 4
5
Establish the Need for BS 25 999 1 Set Policy 2 Establish Awareness 3 Perform BIA, CRRA, and RA 4 Develop Strategy 5 Implement Strategy in a BCM Plan 6 Test and Improve 7 Embed the BCMS in the Culture 8 Ready for BS 25999 Certification Get Ready for Certification 5
6
What to do if you are interested 1. Purchase BS 25999 Parts 1 and 2; read them carefully. 2. Set the scope of your BCMS 3. Think about self-assessment and/or an external gap analysis 4. Consider training needs and consultant options When you consider yourself ready to be certified: 1. Submit an application to BSI 2. Consider an optional pre-assessment 3. Achieve certification 4. Implement annual assessment visits. 6
7
Other Information Part 1 and Part 2 are still available in the US at the reduced price of $19.99 each until publication by PS- Prep of the selected standard(s) in the Federal Register (normal price is $132.00 each). Over 40 organizations have certified at least some of their operations. For more information go to: http://www.bsiamerica.com/en-us/Assessment-and- Certification-services/Management-systems/Business- areas/Business-continuity-management/ 7
8
For Discussion: WHY would you want to become certified?? 8
9
The Voluntary Private Sector Preparedness Accreditation and Certification Program 9
10
History of the PS-Prep Program Basic requirements from Title IX of Public Law 110-53 (Recommendations of the 9/11 Commission) nationwide resilience Purpose: To enhance nationwide resilience in an all-hazards environment by improving private sector preparedness in disaster management, emergency management, and business continuity. Set up governance Select an Accreditation Entity and Program Adopt Standard(s) Oversee the certification of private sector entities Continuous program monitoring Special consideration to the needs of small businesses is mandated by Title IX 10
11
What is PS-Prep? – A Review Assigned to DHS/FEMA Focuses on private sector organizations Addresses operational risk including disaster/emergency management and business continuity Provides for an independent third party certification Voluntary; no “incentives” 11
12
DHS/FEMA is responsible for: 1. Selecting standards for use in the program 2. Supporting the development of the certification process by designating and funding the accrediting body 3. Developing and communicating the business case for the program to the private sector. 12
13
Current Status & History Accrediting body (ANAB – ANSI/ASQ National Accreditation Board) designated Substantial outreach by DHS/FEMA and ANAB to private sector entities Small and Medium-Size Business Advisory Council was to be set up by ANAB Criteria to be used in designating preparedness standards have been announced in Federal Register 13
14
Current Status Oct. 16, 2009: Federal Register Notice Nov. 4, 2009: Public Announcement of Selected Standards Announced a series of 10 public meetings were to be held to discuss PS-Prep across the country. Comment period extended to January 15, 2010. 14
15
Standards Selected ASIS SPC.1-2009 Organizational Resilience: Security Preparedness, and Continuity Management Systems – the American Society for Industrial Security. ASIS SPC.1-2009 British Standard 25999-2:2007 Business Continuity Management – the British Standards Institute (BSI). British Standard 25999-2:2007 National Fire Protection Association 1600:2007/10 Standard on Disaster/Emergency Management and Business Continuity Programs – the National Fire Protection Association. National Fire Protection Association 15
16
PS-Prep: Where Are We Now?? Likely next steps include the following: Formal designation of standard(s) in Federal Register ANAB finalizes its accreditation processes Certifying bodies are accredited by ANAB Businesses could then seek voluntary certification from certifying bodies. 16
17
PS-Prep: Remaining to be Done… Formal adoption of standards: Spring 2010 Develop accreditation and certification program (ANAB): Summer 2010 Perform initial accreditation of certifying bodies: Winter 2010 Begin voluntary certifications: Winter 2010-2011 17
18
PS-Prep: Where Are We Now?? Formal adoption of standards: Spring 2010 Develop accreditation and certification program (ANAB): Summer 2010: Delayed Perform initial accreditation of certifying bodies: Winter 2010: Probably Delayed Begin voluntary certifications: Winter 2010-2011: Probably Delayed 18
19
Where are We Now? Waiting for an announcement of the selected standard(s). Note: ANAB requires that any standard that it certifies have an ISO-accepted auditor training entity. Only BS 25999 has such training at the moment. No Federal Register announcement yet… Count on the Deepwater Horizon oil spill to have diverted FEMA resources and government attention! 19
20
References BS 25999: http://www.bsiamerica.com PS Prep: www.fema.gov/privatesector/preparedness/ 20
21
Questions for Discussion What are the implications of the PS-Prep Program for small businesses? What are the implications of the cost of certification? Ideas? What are the most important factors for the Critical Infrastructure and Key Resources Sector? What is the business case for implementing the PS-Prep Program? 21
22
22 For more information: Kathleen Lucey, FBCI Practice Manager, EMC (MAS) Tel: 516-384-6437 Email: Lucey_Kathleen@emc.comLucey_Kathleen@emc.com
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.