minutes - MidAmerica Contingency Planning Forum

THE FORUM ESTABLISHED TO FACILITATE THE EXCHANGE AND
DISSEMINATION OF INFORMATION REGARDING ALL ASPECTS OF
CONTINGENCY PLANNING IN BOTH THE PRIVATE AND PUBLIC
SECTORS, INCLUDING BUSINESS INTERRUPTION AVOIDANCE,
BUSINESS RESUMPTION PLANNING, CONTINGENCY
OPERATIONS, AND DISASTER RECOVERY PLANNING.
MINUTES
General Membership Meeting
April 15, 2010 2:00 p.m.
Scottrade
Attendees:
Member ............................ Company
Backer, Cindy ................... MasterCard Worldwide
Bathon, Anna .................... Bank of America
Bonno, Tim ....................... Consulting
Bowker, Kim ..................... MasterCard Worldwide
Cannon, Michael............... Centene Corporation
Chesson, Jehu ................. MasterCard Worldwide
Dolgin, Harlan ................... Bick Group
Drescher, Dan .................. Charter Communications
Fuhrmann, BJ ...................
Kimball, Catherine ............ MasterCard Worldwide
Kriegshauser, Herman...... Salvation Army Midland Division
Luu, Brian ......................... Scottrade
McDonough, Shawnee ..... Anheuser-Busch
Althoff, Sandra .................. MasterCard Worldwide
Member ........................ Company
Russenberger, Lara ...... Scottrade
Schmidt, Warren ........... MasterCard Worldwide
Singer, Laura ................ Graybar Electric
Smallwood, Lisa ............ CEMP, LLC
Steingruby, Jacob ......... Scottrade
Thomas, Jr., Paul R. ..... City of Kirkwood
Turner, Catherine .......... Orscheln Management Co.
Van Zanten, Helena ...... MasterCard Worldwide
Westrich, Eric ................ Express Scripts
Guests:
Grincavich, Cindy .......... Edward Jones
McGehee, Victoria......... Monsanto
The April General Membership Meeting of the MidAmerica Contingency Planning Forum was held on Thursday,
April 15, at the Scottrade facility beginning at 2:00 p.m.
MCPF President Ann Bathon welcomed all and thanked Scottrade for hosting the meeting. Introductions by all in
attendance followed.
A.
Previous Meeting Minutes
The March General Membership Meeting minutes are not yet available for distribution.
B.
Program Updates
The following upcoming meeting dates and topics are planned:
May 20 – Gaining Executive Support and Raising BCP Awareness – Randy Till @ Forest Pharmaceuticals
June 17 – Continuity Strategies: “How Virtualization and Cloud Technologies can solve your biggest BC/DR
Issues” – David Linthicum/Kevin Bloom (Bick Group) @ Bick Group
July 15 – Lessons Learned – Addressing Human Impact – TBD @ Express Scripts
Offers to assist with future meeting sites and speakers should be directed to Program Director Pat
McDonald at [email protected]. President Bathon encouraged members to submit suggestions for
future meeting topics, speakers, meeting sites, or any concerns/comments regarding the Forum.
C.
Treasurer’s Report
The Treasurer’s Report was provided by Helena van Zanten. The group has a balance of $ 3,588.85 in the
checking account.
D.
Membership Report
Current members have until the end of June to renew for 2010 before their membership will be dropped.
-1-
THE FORUM ESTABLISHED TO FACILITATE THE EXCHANGE AND
DISSEMINATION OF INFORMATION REGARDING ALL ASPECTS OF
CONTINGENCY PLANNING IN BOTH THE PRIVATE AND PUBLIC
SECTORS, INCLUDING BUSINESS INTERRUPTION AVOIDANCE,
BUSINESS RESUMPTION PLANNING, CONTINGENCY
OPERATIONS, AND DISASTER RECOVERY PLANNING.
E.
Upcoming Activities
Upcoming activities that may be of interest to MCPF members include:
• DRJ Webinars - http://www.drj.com/special/webinars/
•
Missouri SEMA Training Schedule http://training.dps.mo.gov/sematraining.nsf/TrainingSchedule?OpenForm
F.
New Business / Announcements / Miscellaneous
There were no items presented for New Business discussion.
G.
Featured Topic – The Voluntary Private Sector Preparedness,
Accreditation and Certification Program (PS-Prep)
Lisa Smallwood, President and Owner
Comprehensive Emergency Management Professionals, LLC
Business Continuity Program Review (Which standard should we use?) –
—
Definitions
— Regulations: “mandatory authoritative rules dealing with details or procedures having the force
of the law, which are issued by and authority of government.” Examples include FCPA, FFIEC,
GLBA.
—
Standards: “a setup of voluntary criteria, voluntary guidelines and best practices, used to
enhance the quality, performance, reliability, and consistency of products, services and or
processes.” Examples include NFPA 1600, BS 25999, ASIS SPC 1, NERC CIP-009-1, ISO
27001.
—
The DRJ provides a Rules, Regulations, & Standards Repository on their website at
http://www.drj.com/index.php?option=com_content&task=view&id=713&itemid=328
—
Public Law 110-53/PS-Prep standard – Department of Homeland Security:
— Implementation of recommendations of the 9/11 Commission.
— Creation of a new program targeted at “all-hazards” business emergency preparedness and
continuity.
— http://www.govtrack.us/congress/billtext.xpd?bill=h110-1&show-changes=0
—
NFPA 1600 (2010) – National Fire Protection Agency:
— Disaster/Emergency Management and Business Continuity programs which take an “allhazards approach” to prepare for any incident, including human, natural or technological
events.
— Http://www.mfpa.org/assets/files/pdf/nfpa16002010.pdf
—
BS25999:2007 – British Standards Institution:
— Code of practice – the process, principles and terminology of business continuity management
(BCM).
— PDCA model – available in the presentation
— http://www.bsiamerica.com/en-us/assessment-and-certification-services/managementsystems/standards-and-schemes/bs-25999/
-2-
THE FORUM ESTABLISHED TO FACILITATE THE EXCHANGE AND
DISSEMINATION OF INFORMATION REGARDING ALL ASPECTS OF
CONTINGENCY PLANNING IN BOTH THE PRIVATE AND PUBLIC
SECTORS, INCLUDING BUSINESS INTERRUPTION AVOIDANCE,
BUSINESS RESUMPTION PLANNING, CONTINGENCY
OPERATIONS, AND DISASTER RECOVERY PLANNING.
—
ASIS SPC 1-2009 – American Society for Industrial Security (ASIS) International:
— An “all-hazards” practical management systems approach to security, preparedness, response,
business/operational continuity and recovery for disruptive incidents resulting in an emergency,
crisis or disaster.
— http://www.asisonline.org/guidelines/or.xml
—
Standards Comparison Maturity Pyramid:
— Refer to the presentation for the Maturity Pyramid and the Steps to Maturity.
—
The attendees participated in a couple of exercises:
1. Determining where a company is on the Maturity Model using a handout comparing the NFPA
1600:2010, ASIS SPC 1-2009, BS 25999 and ISO 27001:2005.
2. Identifying supporting documentation and evidence for an audit.
—
Ms Smallwood gave an overview of assessment documentation used to pre-assess your business
continuity program based on the standard chosen.
—
Compliance – an informal industry term generally accepted to mean the system provides support for
some or all of a given standard. Vendors of compliant systems are generally expected to offer
documentation describing which parts of the standard are supported and which are not.
—
Certification - recognition of formal testing to prove that a system provides 100% support for a given
standard. Certification is given to an organization after an official accredited certification body has
reviewed not only the results of formal testing, but formal conformance documentation, as well as
assessing their management system against the requirements of a standard and the organization’s own
internal requirements proving effectiveness.
— Benefits of Certification:
— Competitive advantage
— Process improvement – continual improvement achieved through regular assessments
— Costs of Certification:
— Auditors
— Expense of transforming the business to meet the standards of program
— Average re-assessment occurs every 3 years
President Bathon thanked Lisa Smallwood for the informative and interactive session.
Following the conclusion of the presentation, the attendance drawing was held. The winners were:
• Michael Cannon
• Victoria McGehee
• Lara Russenberger
The next meeting will be on Thursday, May 20, 2010, starting at 2:00 pm at Forest Pharmaceuticals.
There being no additional business, the meeting adjourned at 4:00 pm.
Recorded by:
Shawnee McDonough
MCPF Secretary
Office: 314.577.4856
-3-