Recensies

Business Continuity Management – Building an effective Incident Management Plan.

admin

Author: Michael Blyth

In this book the author works steadily towards his goal in the first three chapters: demonstrating the importance of Incident Management Plans (IMP), in addition to a BCP.

In addition, in chapter 4 he describes the inevitable: “what if?” Is the key question for some 40 cases, each of which is explained in text form, with chapters 5 and 6 providing the promising basis for the elaboration plans and questionnaires.

Chapter 5 gives the guidelines of the plans, in which there is a principle of a triptych: a first table is filled in to get an idea of ​​which (part of) the organization is involved. An outline of entity, place, time … Then the steps to take are taken: these have been drawn up as a so called “Guideline”, not to follow slavishly, but by interpretation. The third part of the guidelines forms the framework with suitable organizations / key persons that can be contacted.

Chapter 6 provides questionnaires, one per IMP, that can be used to estimate the situation, in addition to the questions of “SAD CHALETS”, the mnemonic used by the English Police to get a view of the situation. In addition, this chapter also contains a template for a risk assessment, which can be used during the crisis, to estimate the evolution of the crisis.

The book also contains a URL with password, where you can find the English text of chapters 5 and 6 in a word document for further development tailored to your own organization.

The book is thus actually a book for doers, with, to a limited extent, an introductory theoretical exposition.

However, in terms of IMP for cybersecurity it has not been worked out enough (which I think could have been a separate piece). Other threats have been worked out. Some threats are becoming more and more relevant for affiliates in the USA and elsewhere with current climate changes. Other are more universal in nature.

A Guide to Business Continuity Planning

admin

Author: James C. Barnes

In this book, the author brings together his wisdoms that he collected during the execution of his work as a consultant in the business continuity branch. They are not high-flowing theories, rather a collection of facts that he illustrates very extensively with fairly complete examples, which, after interpretation of their own business and possible adaptation to their own templates, are ready for use.

Specifically, the author gives examples of:

–     a work plan
–     an offer,
–     a policy statement
–     a BIA
–     crisis procedures
–     Other…

In addition, he goes through the development of BCM as through a project. Each phase of the project is a chapter, seasoned with practical examples that provide inspiration for the ‘own work’ of the reader.

That is why the book is interesting for a practical person, regardless of whether he / she is a consultant or has to set up BCM for his or her own organization.

The Changing Face of Strategic Crisis Mngt

admin

Author: OECD – OECD

Governments play a crucial role in improving the resilience of populations, communities, and critical infrastructure networks; managing crises is an essential part of this. Recent crises such as industrial accidents, major floods, global pandemics, earthquakes and tsunamis have challenged political leadership and risk managers in many countries.

In four chapters, this OECD book tells us which crises exist, what their characteristics are, how the government can change its approach to changes in crises, how strategic crises can be tackled with early warning systems, what is expected of leaders in strategic crises. , and that strategic crisis capacities must be practiced.

Some key messages are:

–    Governments must develop crisis management capabilities.
–    Emergency plans are a necessary tool with regard to past events and work fine for “routine crises”. New approach is needed for “black swan” events.
–    National government frameworks for crisis management are needed to ensure the necessary structures and institutional frameworks to cope with both classic and new crises.
–    Multi-disciplinary expertise is needed to gain a timely understanding of the crisis.
–    Leadership is necessary for restoring trust. Professionalism is acquired through specialized training.
–    Multi-stakeholders and multi-formal public, private and non-governmental organizations must be able to lead their response in order to strengthen (their) crisis response.
–    (International) cooperation can support many functions of crisis management and must be strengthened.
–    The development and purchase of early warning systems is becoming increasingly important.
–    Experts’ opinions must be drawn up in plain language (without too many jargon and acronyms, etc.) and must offer an answer to opposite glances to the crises and their solutions.
–    Concept-forming processes must be adapted to the crises, prevent overloading of information, observe time pressure and the stress levels of the people, and leave room for reflection and assessment by the strategic leader (s).
–    The crisis management teams should be given the opportunity to put their conceptual and warning skills into practice through exercises.
–    Strategic crisis management exercises are essential for the development and stress testing of the capacities of the leaders.
–    Exercises should focus on the leaders and be convincing to involve the leaders in the exercises.
–    Good exercises should seem simple, while masking their complexity. Surprise elements must be installed.
–    Crisis management exercises must be carried out together with governments and the private sector in order to increase mutual trust.
–    Performing international exercises is necessary to improve the handling of complex, large-scale crises across national borders.

Icoon

The changing face of strategic crisis mngt - presentation

1 file(s)   130.58 KB

Boosting Resilience through Innovative Risk Governance

admin

OECD, Rolf Alter

Chapter 1 discusses the rationale for increasing resilience against future disasters despite the financial constraints due to the economic crises in OECD countries in recent years. It shows that not only the frequency but especially the possible damage caused by disasters has steadily increased in recent years. In addition, many variations on social and economic factors are at the forefront of this trend.

Even if the resources are limited, investments in resilience are necessary because disasters can cause unforeseeable indebtedness, as well as causing major problems for the government, the business world and households. The chapter also indicates that high uncertainty undermines the making of good policies. This is because the ‘yield’ is not directly visible to the government, and is often only indirectly useful for businesses and citizens.

In chapter 2, the report evaluates the resilience of OECD countries as well as the success of measures to increase them. OECD countries are relatively resilient against major events compared to other countries. Much of this is due to economic and institutional progress. There is room for improvement, however. A number of institutional shortcomings prevent full acceptance of investment in resilience by public and private stakeholders. The strategic causes of this failure can be explained as a poor adjustment of the drives of actors, which has led to failed actions. The chapter proposes to address these shortcomings a framework.

Chapter 3 aims to emphasize a number of measures that governments can take to increase their own resilience as well as those of private and non-governmental stakeholders.

In a first step, this chapter shows that non-action is not an option and can even be very expensive. The same applies when a government is mainly reactive. A reactive approach often leads to the wrong investments and thus to a higher cost for society. The chapter provides advice to be proactive and to work cost efficiently. It also shows the importance of trust in the government.

Many governments have had to take very expensive measures in the past due to the loss of confidence caused by the economic crises.

Rather than losing confidence, crises should become an opportunity for governments that show long-term commitment and demonstrate a prospective policy. Transparency in shaping the policy also leads to trust. In order to increase transparency and accountability, citizen participation in the decision-making process of increasing resilience may be an option. Finally, it is important to actively manage conflicts of interest between all parties.

Some of the author’s opinions are:

–    Ensure the ownership of risks.
–    The adjustment to each other of the drives of actors.
–    Strengthen the role of rewards.
–    Facilitate the private sector action.
–    Encourage collaboration between all actors.
–    Increase the collection and sharing of risk information and use the benefits of ‘Big Data’.
–    Mobilize all stakeholders: public services, private sector, and citizens. Awareness is important here.

Explorations in Monte Carlo Methods

admin

Undergraduate texts in mathematics.

Authors: Ronald W. Shonkwiler and Franklin Mendivil.

The Monte Carlo method is a technique for analyzing phenomena by means of computer algorithms that use random numbers. This method basically owes its existence to the existence of computers.

In this book the authors give an introduction. It is a book of examples, with every step that is made in theory. In their book, they use the Matlab product to develop program examples, although other programming languages ​​(C, C ++, Pascal, Delphi) can be called just as suitable or more suitable. This approach with program examples makes it very tangible for exact scientists.

Monte Carlo techniques are useful in a wide variety of domains: from estimates of the number Pi, on calculations of mutations in cells, to the running of financial risks when playing in casinos or the evolution of the market.

This book is a very general book for the introduction to Monte Carlo, in the sense that it gives no advantage to a certain type of subject. Although it is a very good book to have a general idea of ​​how Monte Carlo can be used in all kinds of fields, it is not a book that you immediately benefit from as a risk manager. The application of Monte Carlo in the case of machine breakdown, or in financial decisions at a high level is not discussed. This requires more specialized literature.

But as didactic introductory mathematical work to know exactly what Monte Carlo techniques are capable of, it is definitely recommended. If you pass through this book, you are still more layman than specialist, but you are no longer an absolute beginner. You get an idea of ​​the importance of the central limit theorem, and of the Markov chains, and a whole bunch of other things.

For managers who have not enjoyed mathematics for a long time, I have the following advice: try it, your experts might even appreciate it. But if you are lost: no worries, there are still mathematicians out there who are happy to look after your case.