We are pleased to announce the initial release of the 2017 programme. There is much more to be added so please keep checking back...
There are three streams/tracks in the programme which indicate how the subject will be handled, so that you can pick sessions to suit your requirements. This conference programme is designed to have something for everyone!
These sessions are all about practical advice and key technical aspects of business continuity and resilience. This stream includes lots of ‘how to’ and will help develop skills and methodology that can be utilised as soon as you get back to work!
This stream is for shared experiences, case studies and reviewing current practices with an eye on improvement and consolidation. You will hear lots of excellent personal stories, consider the challenges facing the modern resilience professions and hear some expert views.
This is a stream that is intended to move thinking and discussion beyond the immediate future and will include some robust debate! The intention is to provide programme space for thought leadership and to welcome the opportunity to consider where resilience is heading.
Day 1: 7th November 2017
09.10 - 10.00 Plenary Keynote Address
Speaker: Sir Bernard Hogan-Howe
10.00 - 10.30 Keynote Address
11.00 - 11.50
Designing credible terrorism threat scenarios to inform business continuity exercises
Richard Bond, Senior Consultant, Protective Intelligence, Arup
Terrorism poses a dynamic and diverse set of threats to businesses. Moreover, information on current and future terrorist threats is often unverified, incomplete or contradictory, which complicates efforts to accurately assess the risks. Nevertheless, many businesses are obliged to evaluate their exposure to terrorist attack, at minimum to fulfil their duty of care responsibilities to their employees and for some businesses, to satisfy regulatory requirements. In some businesses, the task of assessing the threat and designing an appropriate response falls to a business continuity manager.
In this presentation, attendees will hear about techniques that they could apply to monitor changes in the terrorism threat to their business. Attendees will then hear how the outputs from this activity can be used to inform the design of credible threat scenarios that underpin exercises intended to validate businesses' continuity plans. Finally, attendees will hear about best practice for conducting terrorism scenario-based exercises to validate their business continuity plans.
11.55 - 12.30
Terrorism and the challenges for continuity in context of Metro Trains, Melbourne
David Crompton-Guard, Manager, Business Continuity, Metro Trains Melbourne
The presentation explores the dynamic and constantly shifting threat environment and the challenges faced by government and business.
Using case studies from Metro Trains Melbourne, various aspects of the terrorist threat will be examined, including:
- The proliferation of 'lone actor' attacks; rapid radicalisation through the internet; 'crowd sourcing' terrorism.
- Prevailing tactics: Sophisticated coordinated attacks remain a threat, (IED/ VBIED/ armed attack/ mixed mode), in addition to basic attack methodologies, (hostile vehicles, edged weapons, fire): A transition away from suicide attacks; the desire to get away, causing confusion/ community anxiety.
- The challenge faced by law enforcement and intelligence agencies in determining what information to distribute to operator communities: The thirst for knowledge vs the risk of 'cry wolf' and complacency
- Relationships with authorities/ law enforcement agencies: The role of organizations in the police response operation
- The need for robust planning arrangements, Case studies of multi agency terrorism exercises conducted between surface transport operators and Victoria Police.
12.30 - 14.00 Lunch
14.00 - 14.50
Risk Management and Business Continuity Working Together To Address Common Objectives
Brian Zawada FBCI, co-founder and Director of Consulting, Avalution Consulting
When done correctly, the business impact analysis (BIA) serves as a foundation process for business continuity and resilience managers to determine and seek endorsement of business continuity requirements. However, starting from scratch is often unnecessary and doing the work in a silo is unacceptable. Have you considered the wealth of information already collected and analysed by your organization’s risk management function? And have you ever considered the value of the BIA and risk assessment outcomes to the risk management function? Join Brian Zawada as he explains why it is so important for risk managers and business continuity professionals to collaborate and coordinate their work, and how organizations of all sizes can share information to manage a broad range of risks as well as bring efficient clarity to the BIA and other business continuity planning efforts. Key takeaways include:
- How risk management activities that already exist within an organization can be used to reduce the burden when performing the BIA and risk assessment process
- How to set up longer term collaboration with the risk management function to drive a higher level of resilience – that is to say the sum of the parts is stronger than the individual efforts.
14.55 - 15.30
Goodbye Functions, Hello Resilience Capabilities!
Andreas Hedskog, Founder, Head of Products and Innovation, 4C Strategies
For many years, risk, compliance and resilience professionals working in the 2nd Line of Defence (LoD) have worked in silos in terms of how they structure, resource and manage the frameworks, programmes and reporting outputs for which they are responsible.
This presentation will demonstrate how this traditional "functional" approach to resilience creates barriers to success.
Using an illustration of the traditional functional approach to cyber resilience, delegates will be able to determine for themselves the extent to which their organizations experience these challenges.
Attendees will be encouraged to consider how to move away from the traditional functional approach to resilience and move towards an enterprise-wide approach that centres upon "capabilities" and the supporting subject matter experts required to build, verify and track them.
16.00 - 17.00
Fire & Rain: Managing Invocations
Conor Litchfield, AFBCI, Head of Group BCM, AIB Bank
The presentation will bring the audience through an invocation from the initial phone call, setting up the recovery site to recovery back to normal operations, using four specific real-life examples.
Key areas to be covered are:
- First actions and areas of risk that might derail the invocation
- Areas of focus during an invocation, including roles & responsibilities
- The role of the BCM Manager
- Managing day to day operations in the recovery site
- Involving key stakeholders
- How an invocation can improve your existing BC process