BCP Certification for the Public Sector...

May 2013

Walter E. Washington

Convention Center

Washington, DC

www.govsecinfo.com #GovSecInfo

Daniel Mikulsky, MBCP

DRI International

BCP Certification for the Public Sector Professional

http://www.govsecinfo.com/


DRI International

A Global Non-Profit Organization founded in 1988

The Industry’s Premier Education & Certification Program Body

Committed to:

- Promoting a base of common knowledge for the continuity management industry

- Certifying qualified individuals in the discipline of Business Continuity

- Promoting the credibility and professionalism of certified individuals



DRI International – Who Are We?

A Global Non-Profit Organization Committed to:

• Promoting a base of common knowledge for the continuity management industry

• Certifying qualified individuals in the discipline of Business Continuity

• Promoting the credibility and professionalism of certified individuals

• The Industry’s Premier Education and Certification Program Body

DRI International was established in 1988.



DRI International – Truly International

• DRI has Certified INDIVIDUALS in over 100 Countries

• DRI conducts training courses in over 45 countries

• Since 2009-DRI taught more students outside the US than within the US

• More individuals are certified by DRI International than all other organizations in our industry combined (Over 10,000 active individuals as of December 2012)

• Since 1988, more than 25,000 individuals have held a DRI certification

• DRI Certifies individuals in English, Spanish, French, Japanese, Mandarin and Russian

• DRI International teaches in English, French, Spanish, Portuguese, Mandarin, Japanese, Italian and Russian



DRI International – US Government Collaboration

• Chaired the Alfred P. Sloan Committee that drafted the Framework for Preparedness (foundation for the Title IX Implementation)

• Member U.S. Chamber of Commerce Homeland Security Task Force

• Member of the Council of Experts for ANSI-ANAB who will set the credentialing standard for certifying bodies for PS-Prep

• Member of FEMA National Advisory Council Private Sector Subcommittee

• Member of Advisory Committee for Congressionally funded Project for National Security Reform

• Meeting with Special Assistant to The President for Homeland Security Standards Policy

• Member National Preparedness Month Coalition



DRI International – International Government Collaboration

• Signatory to Japanese Joint Aid Agreement

• Member Standards Review Team UAE

• Member Standards Review Team Mexico



Non-Governmental Organization Collaboration

• ASFHS – Education and Sponsorship

• CPE – Sponsorship

• ACP – Sponsorship

• CPM – Joint Sponsorship

• Chaired Drill Down for Safety - Safe

America

• Habitat for Humanity

• Second Harvest

• The Mahila Partnership

• World BCM Glossary Project

• National Foundation for Women

Legislators (NFWL)

Other Partnerships

• Member of the NFPA 1600 Technical

Committee

• Member of the BS25999 – ASIS

Technical Committee

• Participant RIMS (Risk Insurance

Managers Society) PERK (Professional

Exchange of Risk Knowledge) Program

• Cooperative Education Credit Sharing

with ISACA (Information Systems Audit

and Control Association)

• Cooperative Education Credit Sharing

with IC2

• Audit Course Development and

Training for Auditors with NFPA

(National Fire Prevention Association)

Non-Government Collaboration



DRI International Foundation



DRI Certification

• Levels of Certification

– Associate Business Continuity Professional (ABCP)

– Certified Functional Continuity Professional (CFCP)

– Master Certified Business Continuity Professional (MBCP)



BCM Education

• As Part of Higher Education Curriculum

Emergency Management Enterprise Risk Management

• Undergraduate • Graduate • Executive Certificate Program • In Class • Distance Learning

Future State of BCM Education

• Fragmented

Professional Organizations

Training Centers

• Higher Education

• Lacks Consistency

• Relies on Local Interpretation

• Rarely Contains Recognized Standards

• Acceptance is Localized

Current State of BCM Education



Importance of Individual Certification

• Greater Marketplace Recognition

–Job Pre-Requisites

–Distinguishes Candidate

• HR Key Words

–MBCP, CBCP, ABCP

• Financial Gain – certification is correlated with higher wages



BCM Led By DRII Certified Professionals

• Deloitte & Touche • Booz Allen • PricewaterhouseCoopers • Ernst & Young • KPMG • Marsh • Accenture • Navigant • Computer Sciences Corporation • IBM • Johnson Consulting • Jefferson Wells • EDS • Protiviti • SAIC • Perot • SunGard • 5 Guys

• AIG • Morgan Stanley • American Express • AG Edwards • Citigroup • Wells Fargo • Bank of America • Wachovia • Washington Mutual • JPMorgan Chase • Nationwide • Fidelity • Vanguard • Merrill Lynch • Franklin Templeton • VISA • NY Life • McKesson • Microsoft

• Pfizer • Goodyear • Genetech • Georgia Pacific • Nokia • Hitachi • Verizon • Shering Plough • Fujitsu • AT&T • BP • Sprint • Chevron Texaco • Ericsson • Raytheon • Siemens • Starbucks Coffee Company • Nestle



BCM Led By DRII Certified Professionals

• The University of Texas • Penn State • Columbia • Yale • Northwestern • University of Illinois • University of Miami • Vanderbilt • DePaul • University of Oklahoma • Carnegie Mellon • LSU • Michigan State • Drexel University • George Washington University • University of Connecticut • NC State • University of South Carolina • Ohio State

• US Senate • State of Oklahoma • City Of Austin Texas • NYC Housing Authority • US Army • Department Of Energy • Oregon State Treasury • State Of California • Dept. of the Air Force • City of Philadelphia • Federal Reserve • State Of Ohio • US Navy • FBI • IRS • Department of Veterans Affairs • Port Authority of NY & NJ • State of Minnesota • U.S. Nuclear Regulatory Commission • U.S. Treasury



Why Is Certification Important?



Why Is Certification Important?

76.86% of responders hold DRI certification



Industry Demand for Certified Professionals

25 Hot Careers That Didn't Exist 10 Years Ago

by JoVon Sotak, FindtheRightSchool.com

“What did you want to be when you grew up? Astronaut? Movie star? Superhero? Whatever made

your list, green marketer probably wasn't on it--but that job may be on the lists of today's youngsters.

Here's a list of emerging careers that you (and your inner child) can get excited about. You couldn't have

daydreamed about any of these jobs when you were a child--because they didn't exist then. In fact,

they're so new that, although they're starting to be recognized, the U.S. Bureau of Labor Statistics doesn't

yet have data on them. If you've been looking for a new dream job or haven't decided what you want to

be when you "grow up," these are 25 new options”.

Business:

1. Business continuity specialists plan and implement recovery solutions to keep businesses

functioning during disasters and emergency situations



Industry Demand for Certified Professionals

Business Priorities

1. Computerized Physician Order Entry (CPOE)

2. Electronic Medical Record (EMR)

3. Clinical Decision Support (CDS)

4. Clinical Information Systems

5. Health Information Exchange

6. Billing/Coding

7. Data Security

8. Business Continuity/Disaster Recovery

IT Priorities

1. Reducing Medical Errors

2. Delivering Clinical Knowledge to Physicians

3. Implementing/Upgrading Clinical Information Systems

4. Delivering Clinical Knowledge to Physicians

5. Implementing an EMR

6. Improving Departmental Workflow

7. Disaster Recovery

8. Enterprisewide Clinical Information Sharing



Reasons for Business Continuity



Reasons for Business Continuity

External Drivers Impacts

• Pressure from audit committees

• Pressure from financial institutions

• Pandemic concern

• New threats & risks since 9/11

• Demands from customers

• Increased regulatory and self-regulated requirements

• Loss of customers or inability to attract new customers

• Loss of revenue

• Decrease in stock value

• Increase of insurance premiums

• Loss of assets and employees

• Regulatory sanctions



Consumer Credit Protection Act

OMB Circular A-130

FEMA Guidance Document

Paperwork Reduction Act

ISO 27002 (Previously ISO17799)

FFIEC BCP Handbook

Computer Security Act

12 CFR Part 18

Presidential Decision Directive 67

FDA Guidance on Computerized Systems

used in Clinical Trials

ANSI/NFPA Standard 1600

Turnbull Report (UK)

ANAO Best Practice Guide (Australia)

SEC Rule 17 a-4

FEMA FPC 65

CAR

JHACO

Pre-9/11

1991-2001

Sarbanes-Oxley Act of 2002

HIPAA, Final Security Rule

FFIEC BCP Handbook -2003/ 2008

Fair Credit Reporting Act

NASD Rule 3510

NERC Security Guidelines

FERC Security Standards

NAIC Standard on BCP

NIST Contingency Planning Guide

FRB-OCC-SEC Guidelines for

Strengthening the Resilience of US

Financial System

NYSE Rule 446

California SB 1386

Australia Standards BCM Handbook

GAO Potential Terrorist Attacks

Guideline

Federal and Legislative BC

Requirements for IRS

Basel Capital Accord

MAS Proposed BCP Guidelines (Singapore)

NFA Compliance Rule 2-38

FSA Handbook (UK)

BCI Standard, PAS 56 (UK)

Civil Contingencies Bill (UK)

2002 Safety Act

FCD-1/2 NYS Circular Letter 7

ASIS State of NY FIRM White Paper on CP NISCC Good Practices (Telecomm)

Australian Prudential Standard on BCM HB221 HB292

BS25999 SS507 – SS540

TR19 CA Z1600

ISO/PAS 22399 HiTech Act of 2009

DRI

Title IX – 110-53

Post-9/11

2002-2011



The DRI Standard

• Project Initiation and Management

• Risk Evaluation and Control

• Business Impact Analysis

• Developing Business Continuity Strategies

• Emergency Response and Operations

• Developing and Implementing Business Continuity Plans

• Awareness and Training Programs

• Maintaining and Exercising Plans

• Crisis Communications

• Coordination with External Agencies

The Ten Professional Practices for Business Continuity Professionals

DRI International is an ANSI-Accredited Standards Development Organization

Download the full text for free on our website: www.drii.org



DRI Professional Practices

PP1 – Program Initiation and Management

PP2 PP3

PP4

PP5 PP6 PP8 – Exercise, Maintain, Audit PP9

PP7 – Awareness & Training

PP10 – Coordination with External Agencies

PP2 - Risk Analysis and PP3 - Business Impact Analysis

PP4 - Develop

Business

Continuity

Strategy

PP5 – Emergency Response Plans

PP6 – Business Continuity/Disaster Recovery Plans

PP9 – Crisis Management Plans



DRI Outreach


BCP Certification for the Public Sector...

Documents

Transcript of BCP Certification for the Public Sector...