iso 22301: a gap in the defenses - everbridge · iso 22301: a gap in the defenses...
TRANSCRIPT
ISO 22301: A Gap in the Defenses
David Lindstedt, PhD, CBCP, PMP Founder Readiness Analy0cs
Bill Scerra Learning Officer and Worldwide Best Prac0ces Everbridge
Agenda
• ISO 22301 and its emphasis on measurement
• How to use ISO 22301 to evaluate preparedness
• A model to help us meet ISO 22301 requirements
• What ISO 22301 means to you.
• Q&A
2
LinkedIn Member? Join our LinkedIn Everbridge Incident Management Professionals Group
Use the Q&A func0on to submit your ques0ons.
3
Housekeeping
Follow us at @everbridge and tweet insights with your friends during the webinar using the hashtags #everbridge and #ISOGap.
We’ll send out a recording aHer the event
4
Bill Scerra Learning Officer and Worldwide Best Prac5ces Everbridge
David Lindstedt, PhD, CBCP, PMP Founder Readiness Analy0cs
Bill Scerra, Everbridge Learning Officer, World Wide Best Practices
Gap Analysis and Incident Communication
ISO 22301 One Area for a GAP
ISO 22301 – Section 8.4.3
Establish disruption warning and communication procedures.
− Establish procedures for detecting and monitoring incidents when they occur.
− Establish procedures for sharing information during a disruption.
− Establish procedures for recording information about incidents.
− Establish procedures for ensuring that your means of communication will be available during a disruption.
− Implement and maintain your warning and communication procedures.
63
8.4.2 Incident Response 8.4.3 Warning and Communica0on 8.4.4 Business Con0nuity
Dr. David Lindstedt’s - RPC Model of Recoverability
64
Competencies
Procedures Resources
Equipment Hardware Software Staffing
Assessments Communication Mobilization Reestablishing
Services
Leadership Performance Team Work
• The Resources you use may help you to establish the Procedures and ease the Competency level required for users
• How can the resources features help “plug the gaps?”
Simplify the scheduling of communication broadcasts
− Document and use team member schedules and on/off call dates and times.
− Alert the team members on-call with the right skills, using email, phone, SMS, pager, and mobile push notifications.
− If the communication resources can do this from your schedule – crucial time is saved. 65
Monday Tuesday Wednesday Thursday Friday Saturday
3/17/2014 3/18/2014 3/19/2014 3/20/2014 3/21/2014 3/22/2014
Sanders , KathyHead Nurse Cardiac Care
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
White, AnnaRN
Cardiac Care
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PMVacation Vacation
Day ShiftCardiac Care
7:00 AM -‐ 3:00 PM
Carrada, EmanuelRN
Pediatric Acute Care
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Jury DutyDay Shift
Pediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Avorie, IdaRN
Cardiac Care
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Anduril, MerribethRN
Cardiac Care
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Day ShiftSurgery Intensive Care
7:00 AM -‐ 3:00 PM
Stanley, CeliaHead Nurse
Pediatric Acute Care
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM
Shandler, Sarah RN
Emergency Room
Day ShiftEmergency Room7:00 AM -‐ 3:00 PM
Day ShiftEmergency Room7:00 AM -‐ 3:00 PM
Day Shift
Emergency Room7:00 AM -‐ 3:00 PM
Day ShiftEmergency Room7:00 AM -‐ 3:00 PM
Day ShiftEmergency Room7:00 AM -‐ 3:00 PM
Employee
Who is available when the crisis hits?
Automatically Handle the Communication Process via Escalation
• Set up a resource driven escalation in case there is no response to a broadcast from a team or locale − Confirmation that the team that can fix the problem gets notified − “Global” delivery for distributed IT teams − Reports to establish employee accountability
66
Level 1 Triage
Officers
Level 2 On Duty
Triage Team
Level 3 Off Duty
Triage Team
Metrics of Success
• Reports to provide the metrics needed to gauge the degree of success meeting the target in the time desired
• Review of the results provides areas to refine in resource use, competency training, and procedures
67
Level 1
Level 2
Level 3
Community and Enterprise Wide Notifications
• Promote more automatic support for community and enterprise wide notifications − Massive accidents or outbreaks − Emergencies − IT system outages − Business continuity issues with a global corporate affect
68
Multi-modal Global Reach
• Have resources that support a global notification reach – worldwide delivery of phone, SMS, email, and mobile push notifications
• If one delivery path fails, the next automatically starts
69
❶ ❷ ❸ ❹
Unified Platform
• Use a unified communication platform –
− One resource provides a full suite of critical communication services in a consistent interface
− Single resource handling incidents and notification procedures
− Easier to achieve competency than different platforms sources with different interfaces 70
EMERGENCY RESPONSE
IT INCIDENT RESPONSE
BUSINESS CONTINUITY
OPERATIONAL INCIDENT RESPONSE
SITUATIONAL AWARENESS
mobile app | mobile phone | SMS | email | voice | land line | social media | IPAWS SMAS/WEA | fax | numeric/tap pagers | web post | desktop | satellite phone | outdoor alerts
CONTACTS availability | scheduling | escala5on
groups | hierarchies | roles profile | preferences
MOBILE mobile member | mobile manager |
loca5on services | adap5ve UI
MAPPING precisionGIS | open geo-‐coding
layer management
COMMUNICATION local presence | local data | local SMS codes communica5on modes | repor5ng | analy5cs
SECURE INFRASTRUCTURE elas5city | failover | redundancy
remote wipe | security services | encryp5on
UNIFIED PLATFORM
SMARTweather INTERACTIVE VISIBILITY MASS NOTIFICATION
PLANNING and
RECOVERY
INCIDENT COMMUNICATIONS
Run Field Tests and Exercises
• Test initially to be sure everyone understands the procedure and can perform the actions they are expected to perform.
• Document what happens during the exercise. 71
Active Shooter!!
Test before the incident happens
72
February 19, 2014 8:30 AM
University of New Haven, a private university in West Haven, Connec0cut with more than 6,400 undergraduate and graduate students, recently used Everbridge to accomplish a campus-‐wide lockdown. On Dec. 3, 2013, the University received word of a person with a gun near campus, and alerted faculty, staff, and students to shelter-‐in-‐place un0l further no0ce.
New York Daily News December 4, 2013
Competency Training
• Have training available, broken down into roles your team is expected to perform
• Track who has taken the training, certify team members who will send messages
• You can use a combination of
− On-site, regularly scheduled training
− On-line training that can be taken any time, any place, and at any pace. 73
http://www.readinessanalytics.com/research-and-resources
• For more information on continuity planning, preparedness and recoverability, I recommend Dr. David Lindstedt’s course in iTunes University
• It provides an in-depth overview of “How do I know we will survive the disaster?”
• And it is free! 74
Use the Q&A func0on to submit your ques0ons.
Q&A
75
Note: Presenta0on slides will be available on our blog at blog.everbridge.com
Thank you for joining us today!
See Everbridge Interactive Visibility In Action
Visit our blog to see upcoming webinars. Everbridge Resources On-‐Demand Webinars: www.everbridge.com/webinars White papers, case studies and more www.everbridge.com/resources Follow us: www.everbridge.com/blog
@everbridge