Moving towards resiliency is more than just implanting policy and procedure; it is a process that takes organizations on a winding path requiring patience and tolerance. A good deal of learning will have to take place during the trip and that is why it is necessary to have patience and tolerate the learning process. Organizational Resilience: Managing the Risks of Disruptive Events - A Practitioner’s Guide provides essential management tools that ensure you will succeed in moving an organization towards becoming more resilient.
The book explains organizational resilience and how to manage risk through the use of the ANSI/ASIS SPC.1-2009 Standard. It outlines a concise, clearly understandable approach to successfully addressing the various challenges and techniques necessary to plan, prepare, and implement organizational resilience management in any organization. The authors cut through the complexities and identify the key issues and methods for successful implementation. They focus on organizational resilience management as an integral component of an overall business and risk management strategy. They also explore how organizational resilience creates value for the organization and can be applied to both the private and public sectors.
Building a resilient organization is a cross-disciplinary and cross-functional endeavor; therefore "practitioners" may come from a variety of disciplines, all of which contribute to helping the organization achieve its objectives. This book provides valuable and much-needed guidance that enables practitioners to achieve the desired goals of effective organizational resilience through cost-effective methods.
Table of Contents
Understanding Organizational Resilience
Setting the foundation
Establishing the process
Planning for Organizational Resilience
Business impact analysis
Implementing Organizational Resilience
The culture of organizational resilience and readiness
Evaluation and Maintenance
Training and exercising
Maintaining change and improvement
James J. Leflar, Jr. (MA, CPP, CBCP, MBCI) is the security administrator at Johns Hopkins Bloomberg School of Public Health with responsibility for crisis management, business continuity, and security administration. He was an active member of the technical committees and working groups of the ANSI/ASIS SPC. 1-2009 and ANSI/ASIS SPC. 4-2012 standards. He continues to be active in OR standards development and is an active member of the ISO, U.S. Technical Advisory Group (TAG) 223 for Societal Security, Working Group 4—Preparedness and Continuity. Currently, Leflar is an active member of the ASIS International Crisis Management and Business Continuity Council as well as a member of the Advisory Board and Editorial Board for the Disaster Resource Guide.
Marc Siegel. PhD, is the commissioner heading the ASIS International Global Standards Initiative developing international and national risk management, resilience, security, and supply chain standards as well as providing training on their implementation. He is a RABQSA (Registrar Accreditation Board [RAB] Quality Society of Australasia [QSA]) international certified business improvement lead auditor as well as a certified trainer and skills assessor. As an adjunct professor in the College of Business Administration and the Master’s Program in Homeland Security at San Diego State University, Dr. Siegel pioneered the concept of applying a systems approach to security and resilience management for organizations and their supply chains. His work includes providing training and guidance on the implementation of risk, resilience, and security management systems as well as risk management in regions of conflict and weakened governance for the protection of assets and human rights. Dr. Siegel chaired the technical committee and working group for the ANSI/ASIS SPC.1: 2009.
ANSI/ASIS SPC.1 is now the accepted standard for security managers. Until now, however, there was not a reliable tool to use to plan and implement it. Organizational Resilience by Leflar and Siegel is that tool.
If anything, the book supplies almost too much information. Using it as a guide, any security manager can understand the standard for security preparedness and continuity in crisis planning, then put it back into effect.
For someone new to the standard, there is a section on disruptive events and management techniques for organizational resilience and adaptability. There are templates that are helpful and take the manager through the steps needed to implement the requirements within the standard.
Seasoned security managers who are already familiar with the ANSI/ASIS.SPC1 Standard can go straight to sections on preparing or reviewing existing continuity plans with step-by-step methods for getting started, implementing, reviewing, and renewing a plan.
The book’s planning steps with charts are extremely helpful and easy to use. Additionally, the authors include a case study of a successful implementation of the standard, which is extremely valuable. Any security manager tasked with putting the standard into action should include this book in their library.
—Terry V. Culver, CPP, CMAS (Certified Master Antiterrorism Specialist), security program specialist, Georgia Tech Research Institute