14th Annual Time Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301 A BCM journey from variance to consistency The Road to Resilience
Speaker Information Rachelle Loyear Enterprise Director of BCM at TWC MBCP, AFBCI, PMP, CISM, Vice Chair of ASIS Crisis Management / BC Council Rachelle.Loyear@TWCable.com Lynnda Nelson President, ICOR CORP, ISO 22301 Lead Auditor, Lead Implementer, Assessor Lynnda@theICOR.org 2
Outline Overview of TWC s BCMS Why align to ISO 22301? Decision to self-declare conformity Roadmap to declaring conformity What s next? Review of the self-declaration of conformity process 3
Business Continuity at TWC A Brief History Before Multiple BCM Coordinators implementing all program components in local footprints: BIA / Risk Assessment BCM and DR Planning BCM Training and Personal Preparedness Plan Testing and Exercising Crisis Response Coordination Public / Private Partnerships BCM Management Software 4
Business Continuity at TWC A Brief History Challenges Decreased uniformity of program across enterprise. Inconsistent messaging / implementation. BCM team continually switching across program components. Functional Area SMEs are not BCM experts Non-Uniform planning (levels of detail / effort) Changing SMEs / retraining issues 5
Business Continuity at TWC A Brief History Then A (Literal) Sea Change 6
Business Continuity at TWC A Brief History 7
Business Continuity at TWC A Brief History After Uniform Program across enterprise Functional Department Alignment Standardized BCM Management Program Crisis Response Program BCM Planning BIA Risk Assessment Universal Plans / Checklists Function / Team Specific Plans Interview Methodology Training and Testing 8
Why ISO 22301? Why Align With a Standard? Critical Infrastructure Ex: NYC Mayor s Office Climate Change Task Force Government Contracts Proof of Program Commercial Services SLAs Why ISO? Internationally recognized standard Limited existing gaps 9
Commercial Services / Government Contracts Statement of Conformity 10
Roadmap to Conformity Self-Assessment Self-Declaration External Audit 11
ISO 22301 Self-Assessment Low Barrier to Entry Worksheet from The ICOR Training / Ease of Use Self Awareness for Whole Team / Program Program Changes / Improvements 12
ISO 22301 Declaration of Conformity Audit Dry Run Continued Program Improvements Proof of Program Quality Levels 13
ISO 22301 External Audit? Ready! Documentation / Proof Full understanding of Standard 14
Methods of Certification Under ISO 22301 First-Party Self- Declaration of Conformity Third-Party Certification 15
Steps to Self-Declaration of Conformity 1. Complete Self-Assessment using Maturity Model 2. Complete Online Application 3. Submission reviewed by credentialed ISO 22301 Lead Auditor 16
1. ISO 22301 Maturity Model Self-Assessment
2. Online Application Biographical Data Who is declaring conformity & qualifications Company name, etc. The statement of conformity 18
2. Online Application BCMS Information Purpose of organization Scope statement, exclusions BCMS budget Identification of: Relevant interested parties and their needs Legal and regulatory requirements Roles and responsibilities Top management support BC objectives 19
2. Online Application Required Documents (may remove company name) BCM Policy Risk Assessment Report BIA Report One Plan Document (supporting at least one critical activity within the scope of the BCMS) Exercise Report (that validates the plan document submitted) 20
3. ISO 22301 Lead Auditor Review Submission reviewed by auditor Verification Issued or Nonconformity Provided Valid for 3 Years Total cost: $2,495.00 USD $995.00 Self-Assessment $1,500.00 Application For more information: http://theicor.org/iso22301sdoc/information/
Questions?!? 22