Time Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301

Size: px

Start display at page:

Download "Time Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301"

Alvin Singleton
8 years ago
Views:

1 14th Annual Time Warner Cable s (TWC) Path to Declaring Conformity to ISO A BCM journey from variance to consistency The Road to Resilience

2 Speaker Information Rachelle Loyear Enterprise Director of BCM at TWC MBCP, AFBCI, PMP, CISM, Vice Chair of ASIS Crisis Management / BC Council Rachelle.Loyear@TWCable.com Lynnda Nelson President, ICOR CORP, ISO Lead Auditor, Lead Implementer, Assessor Lynnda@theICOR.org 2

3 Outline Overview of TWC s BCMS Why align to ISO 22301? Decision to self-declare conformity Roadmap to declaring conformity What s next? Review of the self-declaration of conformity process 3

4 Business Continuity at TWC A Brief History Before Multiple BCM Coordinators implementing all program components in local footprints: BIA / Risk Assessment BCM and DR Planning BCM Training and Personal Preparedness Plan Testing and Exercising Crisis Response Coordination Public / Private Partnerships BCM Management Software 4

BCM and DR Planning BCM Training and Personal Preparedness Plan Testing and

5 Business Continuity at TWC A Brief History Challenges Decreased uniformity of program across enterprise. Inconsistent messaging / implementation. BCM team continually switching across program components. Functional Area SMEs are not BCM experts Non-Uniform planning (levels of detail / effort) Changing SMEs / retraining issues 5

BCM team continually switching across program components.

6 Business Continuity at TWC A Brief History Then A (Literal) Sea Change 6

7 Business Continuity at TWC A Brief History 7

8 Business Continuity at TWC A Brief History After Uniform Program across enterprise Functional Department Alignment Standardized BCM Management Program Crisis Response Program BCM Planning BIA Risk Assessment Universal Plans / Checklists Function / Team Specific Plans Interview Methodology Training and Testing 8

Program Crisis Response Program BCM Planning BIA Risk Assessment Universal

9 Why ISO 22301? Why Align With a Standard? Critical Infrastructure Ex: NYC Mayor s Office Climate Change Task Force Government Contracts Proof of Program Commercial Services SLAs Why ISO? Internationally recognized standard Limited existing gaps 9

Task Force Government Contracts Proof of Program Commercial

10 Commercial Services / Government Contracts Statement of Conformity 10

11 Roadmap to Conformity Self-Assessment Self-Declaration External Audit 11

12 ISO Self-Assessment Low Barrier to Entry Worksheet from The ICOR Training / Ease of Use Self Awareness for Whole Team / Program Program Changes / Improvements 12

13 ISO Declaration of Conformity Audit Dry Run Continued Program Improvements Proof of Program Quality Levels 13

14 ISO External Audit? Ready! Documentation / Proof Full understanding of Standard 14

15 Methods of Certification Under ISO First-Party Self- Declaration of Conformity Third-Party Certification 15

16 Steps to Self-Declaration of Conformity 1. Complete Self-Assessment using Maturity Model 2. Complete Online Application 3. Submission reviewed by credentialed ISO Lead Auditor 16

17 1. ISO Maturity Model Self-Assessment

18 2. Online Application Biographical Data Who is declaring conformity & qualifications Company name, etc. The statement of conformity 18

19 2. Online Application BCMS Information Purpose of organization Scope statement, exclusions BCMS budget Identification of: Relevant interested parties and their needs Legal and regulatory requirements Roles and responsibilities Top management support BC objectives 19

Relevant interested parties and their needs Legal and regulatory

20 2. Online Application Required Documents (may remove company name) BCM Policy Risk Assessment Report BIA Report One Plan Document (supporting at least one critical activity within the scope of the BCMS) Exercise Report (that validates the plan document submitted) 20

(supporting at least one critical activity within the scope of the

21 3. ISO Lead Auditor Review Submission reviewed by auditor Verification Issued or Nonconformity Provided Valid for 3 Years Total cost: $2, USD $ Self-Assessment $1, Application For more information:

22 Questions?!? 22

Using an Integrated Management System Approach to Increase Resilience

Using an Integrated Management System Approach to Increase Resilience The World is Getting Riskier Traditional corporate strategies are no longer protecting us from unexpected events. The imperative to