ISO 22301: A Gap in the Defenses - Everbridge · ISO 22301: A Gap in the Defenses David&Lindstedt,&PhD,&CBCP,&PMP&& Founder(Readiness(Analy0cs(BillScerra ... • Document what happens

ISO 22301: A Gap in the Defenses

David Lindstedt, PhD, CBCP, PMP Founder Readiness Analy0cs

Bill Scerra Learning Officer and Worldwide Best Prac0ces Everbridge

Agenda

•  ISO 22301 and its emphasis on measurement

• How to use ISO 22301 to evaluate preparedness

• A model to help us meet ISO 22301 requirements

• What ISO 22301 means to you.

• Q&A

2

LinkedIn Member? Join our LinkedIn Everbridge Incident Management Professionals Group

Use the Q&A func0on to submit your ques0ons.

3

Housekeeping

Follow us at @everbridge and tweet insights with your friends during the webinar using the hashtags #everbridge and #ISOGap.

We’ll send out a recording aHer the event

4

Bill Scerra Learning Officer and Worldwide Best Prac5ces Everbridge

David Lindstedt, PhD, CBCP, PMP Founder Readiness Analy0cs

David Lindstedt, PhD, CBCP, PMP, Founder, Readiness Analytics

ISO 22301: A Gap in the Defenses

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

Bill Scerra, Everbridge Learning Officer, World Wide Best Practices

Gap Analysis and Incident Communication

ISO 22301 One Area for a GAP

ISO 22301 – Section 8.4.3

Establish disruption warning and communication procedures.

−  Establish procedures for detecting and monitoring incidents when they occur.

−  Establish procedures for sharing information during a disruption.

−  Establish procedures for recording information about incidents.

−  Establish procedures for ensuring that your means of communication will be available during a disruption.

−  Implement and maintain your warning and communication procedures.

63

8.4.2 Incident Response 8.4.3 Warning and Communica0on 8.4.4 Business Con0nuity

Dr. David Lindstedt’s - RPC Model of Recoverability

64

Competencies

Procedures Resources

Equipment Hardware Software Staffing

Assessments Communication Mobilization Reestablishing

Services

Leadership Performance Team Work

•  The Resources you use may help you to establish the Procedures and ease the Competency level required for users

•  How can the resources features help “plug the gaps?”

Simplify the scheduling of communication broadcasts

−  Document and use team member schedules and on/off call dates and times.

−  Alert the team members on-call with the right skills, using email, phone, SMS, pager, and mobile push notifications.

−  If the communication resources can do this from your schedule – crucial time is saved. 65

Monday Tuesday Wednesday Thursday Friday Saturday

3/17/2014 3/18/2014 3/19/2014 3/20/2014 3/21/2014 3/22/2014

Sanders , KathyHead Nurse Cardiac Care

Day ShiftCardiac Care

7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM

White, AnnaRN

Cardiac Care


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PMVacation Vacation


7:00 AM -‐ 3:00 PM

Carrada, EmanuelRN

Pediatric Acute Care

Day ShiftPediatric Acute Care7:00 AM -‐ 3:00 PM

Jury DutyDay Shift

Pediatric Acute Care7:00 AM -‐ 3:00 PM




Avorie, IdaRN

Cardiac Care

Day ShiftSurgery Intensive Care

7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM

Anduril, MerribethRN

Cardiac Care


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM


7:00 AM -‐ 3:00 PM

Stanley, CeliaHead Nurse

Pediatric Acute Care





Shandler, Sarah RN

Emergency Room

Day ShiftEmergency Room7:00 AM -‐ 3:00 PM


Day Shift

Emergency Room7:00 AM -‐ 3:00 PM



Employee

Who is available when the crisis hits?

Automatically Handle the Communication Process via Escalation

•  Set up a resource driven escalation in case there is no response to a broadcast from a team or locale −  Confirmation that the team that can fix the problem gets notified −  “Global” delivery for distributed IT teams −  Reports to establish employee accountability

66

Level 1 Triage

Officers

Level 2 On Duty

Triage Team

Level 3 Off Duty

Triage Team

Metrics of Success

•  Reports to provide the metrics needed to gauge the degree of success meeting the target in the time desired

•  Review of the results provides areas to refine in resource use, competency training, and procedures

67

Level 1

Level 2

Level 3

Community and Enterprise Wide Notifications

•  Promote more automatic support for community and enterprise wide notifications −  Massive accidents or outbreaks −  Emergencies −  IT system outages −  Business continuity issues with a global corporate affect

68

Multi-modal Global Reach

•  Have resources that support a global notification reach – worldwide delivery of phone, SMS, email, and mobile push notifications

•  If one delivery path fails, the next automatically starts

69

❶ ❷ ❸ ❹

Unified Platform

•  Use a unified communication platform –

−  One resource provides a full suite of critical communication services in a consistent interface

−  Single resource handling incidents and notification procedures

−  Easier to achieve competency than different platforms sources with different interfaces 70

EMERGENCY RESPONSE

IT INCIDENT RESPONSE

BUSINESS CONTINUITY

OPERATIONAL INCIDENT RESPONSE

SITUATIONAL AWARENESS

mobile app | mobile phone | SMS | email | voice | land line | social media | IPAWS SMAS/WEA | fax | numeric/tap pagers | web post | desktop | satellite phone | outdoor alerts

CONTACTS availability | scheduling | escala5on

groups | hierarchies | roles profile | preferences

MOBILE mobile member | mobile manager |

loca5on services | adap5ve UI

MAPPING precisionGIS | open geo-‐coding

layer management

COMMUNICATION local presence | local data | local SMS codes communica5on modes | repor5ng | analy5cs

SECURE INFRASTRUCTURE elas5city | failover | redundancy

remote wipe | security services | encryp5on

UNIFIED PLATFORM

SMARTweather INTERACTIVE VISIBILITY MASS NOTIFICATION

PLANNING and

RECOVERY

INCIDENT COMMUNICATIONS

Run Field Tests and Exercises

•  Test initially to be sure everyone understands the procedure and can perform the actions they are expected to perform.

•  Document what happens during the exercise. 71

Active Shooter!!

Test before the incident happens

72

February 19, 2014 8:30 AM

University of New Haven, a private university in West Haven, Connec0cut with more than 6,400 undergraduate and graduate students, recently used Everbridge to accomplish a campus-‐wide lockdown. On Dec. 3, 2013, the University received word of a person with a gun near campus, and alerted faculty, staff, and students to shelter-‐in-‐place un0l further no0ce.

New York Daily News December 4, 2013

Competency Training

•  Have training available, broken down into roles your team is expected to perform

•  Track who has taken the training, certify team members who will send messages

•  You can use a combination of

−  On-site, regularly scheduled training

−  On-line training that can be taken any time, any place, and at any pace. 73

http://www.readinessanalytics.com/research-and-resources

•  For more information on continuity planning, preparedness and recoverability, I recommend Dr. David Lindstedt’s course in iTunes University

•  It provides an in-depth overview of “How do I know we will survive the disaster?”

•  And it is free! 74

Use the Q&A func0on to submit your ques0ons.

Q&A

75

Note: Presenta0on slides will be available on our blog at blog.everbridge.com

Thank you for joining us today!

See Everbridge Interactive Visibility In Action

Visit our blog to see upcoming webinars. Everbridge Resources On-‐Demand Webinars: www.everbridge.com/webinars White papers, case studies and more www.everbridge.com/resources Follow us: www.everbridge.com/blog

@everbridge

Linkedin

Documents

ISO 22301: A Gap in the Defenses - Everbridge · ISO 22301: A Gap in the Defenses David&Lindstedt,&PhD,&CBCP,&PMP&& Founder(Readiness(Analy0cs(BillScerra ... • Document what happens