2007 02 Global Assurance Magazine

February 2007 • Volume 4 • Issue 2

Taking theFear Out of BCExercises

N a t i o n a l N e w s • I n t e r n a t i o n a l N e w s • P r o d u c t s • E v e n t s

Where business continuity, security and emergency management converge.

Plus…

DHS Budget Increases

Building Resiliency in Human Capital

Bird Flu Alert: Indonesia

Defuse Disaster: CPM 2007 WEST

Taking theFear Out of BCExercises

2 | CPM-GA February 2007

GlobalAssurance

F E AT U R E S

3 DHS Announces Increase inBudget Request$46.4 billion shows 8 percent increase

12 Building Resiliency in HumanCapital Tools of the trade

15 Indonesia Again on Bird FluAlertNew outbreaks, new concerns, new measures

18 Taking the Fear Out of BCExercisesPart I.: Organization is key

Defuse DisasterCPM 2007 WEST

IN THIS ISSUE…3

15

CPM-Global Assurance is a monthly subscription-based newsletter. It addresses the strategic integration of business continuity, security, emergency management, riskmanagement, compliance and auditing to ensure continuity of operations in business andgovernment — all within the context of good corporate governance. To subscribe to thisunique resource, please fill out and fax back the subscription coupon on the back page.

CPM-Global Assurance (ISSN #1547-8904) is published monthly by The CPM Group, 243 North UnionStreet, Suite 202, Lambertville, NJ 08530. Subscription rates in the U.S. and Canada are $79 per year.All other countries $135 per year payable in U.S. funds.

© Entire contents copyright 2007. No portion of this publication may be reproduced in any form with-out written permission of the editor. Views expressed by the bylined contributors and sources citedshould not be construed as reflecting the opinions and/or advice of this publication. Publication ofproduct/service information should not be deemed as a recommendation by the editor. Editorial con-tributions are accepted from the contingency planning community. Contact the editor for details.Product/service information should be submitted in accordance with guidelines available from the edi-tor. Editorial closing date is two months prior to the month of publication.

The CPM Group publishes CPM-Global Assurance and produces the CPM trade shows. Printed in the USA.

Editor in Chief:DEVEN KICHLINE

[email protected]

Group Publisher:RUSSELL LINDSAY

[email protected]

Director, Event Planning & Marketing:KRISTIE O'KEEFE

[email protected]

Manager, Event Planning & Marketing: COURTNEY WITTER

[email protected]

CPM-GlobalAssurance Contacts

National News . . . . . . . . . . . 6

International News . . . . . . . 10

Events Calendar . . . . . . . . . 17

Products . . . . . . . . . . . . . . . . 22

D E P A R T M E N T S

The CPM Group243 North Union Street, Suite 202

Lambertville, NJ 08530www.contingencyplanning.com

Fax: 609-397-5520

Exhibit Sales/List Rentals: BRAD LEWIS

[email protected]

To order, see subscription form on last page.

SPECIAL INSERTBetween Pages 22-23!

www.ContingencyPlanning.com | 3

DHSAnnouncesIncrease in

BudgetRequest

$46.4 billion shows 8 percent increase

P resident George W. Bush’s fiscal year 2008 budget request forthe Department of Homeland Security (DHS) represents $46.4

billion in funding, which is an increase of 8 percent from the FY2007 level – excluding funds provided in emergency supplementalfunding. The request targets five areas.

CONTINUE TO PROTECT FROM DANGEROUS PEOPLEProtecting the nation from dangerous people continues by strength-ening border security; developing fraud resistant identification andbiometric tools; creating an interoperable architecture for theTransportation Worker Identification Credential (TWIC) program,the Western Hemisphere Travel Initiative (WHTI) and Real IDrequirements; and achieving full database interoperability betweenDHS, the FBI and the Department of State.• Total funding of $1 billion will support the SBInet program deploy-

ment and create an integrated infrastructure and technology solu-tion for effective control of the border that includes fencing andvirtual barriers to prevent illegal entry into the United States.

• Total funding of $778 million will provide for 3,000 additional bor-der patrol agents, as well as facilities to house the agents, supportpersonnel and equipment necessary to gain operational controlthe borders, keeping on track to achieve the President’s goal ofdoubling the border patrol by the time he leaves office.


• Total funding of $252 million is requested for implementation of theWHTI at land ports of entry. The requested resources will advancethe WHTI goal of ensuring that all people arriving at U.S. ports ofentry have a valid and appropriate means of identification and can beprocessed in an efficient manner.

• An increase of $146.2 million for the Unique Identity initiative willestablish the foundational capabilities to improve identity establish-ment and verification with the transition to 10-Print and AutomatedBiometric Identification System (IDENT) and Integrated AutomatedFingerprint Identification System (IAFIS) interoperability. The fundingwill provide the capability to biometrically screen foreign visitorsrequesting entry to the United States through the collection of 10-Print capture, rather than the current two, at enrollment. US-VISIT,along with the departments of State and Justice, will be able to con-tinue efforts to develop interoperability between DHS’ IDENT andJustice’s IAFIS systems.

• An increase of $224.2 million in (TSA) funding will support theTransportation Security Administration’s screening operations. Thisincludes the transportation security officers, document checkers,Career Progression Program and procurement and installation ofcheckpoint support and explosives detection systems. TSA hasevolved its TSO workforce to be highly responsive and effective inaddressing the variety of potential threats, such as those presented inAugust 2006 by liquids, aerosols and gels. In FY 2007 and FY 2008,TSA plans to add an important layer of defense for aviation securityby assuming responsibility for document checking.

• An increase of $38 million in funding will support development andinitial operating capability for the Secure Flight system. This includesfunding for hardware procurement, operations ramp-up and trainingand network interface engineering between the Secure Flight andU.S. Customs and Border Protection Advanced PassengerInformation System network. Secure Flight will strengthen watch listscreening and vet all domestic air travelers.

• An increase of $28.7 million for the ICE Criminal Alien Program(CAP) will ensure the safety of the American public through the addi-tion of 22 CAP teams. These teams will continue the mission of iden-tifying and removing incarcerated criminal aliens so they are notreleased back into the general population.

• An increase of $16.5 million in funding will support theTransportation Worker Identification Credential (TWIC), which willestablish an integrated, credential-based identity verification programthrough the use of biometric technology. In order to gain unescortedaccess to the secure areas within the nation’s transportation system,transportation workers who need access to these areas will gothrough identity verification, a satisfactory background check and beissued a biometrically verifiable identity card to be used with localaccess systems. The TWIC final rule has very recently been issued,and initial enrollment for this program is scheduled to begin in March2007.

• An increase of $788.1 million for the Coast Guard’s IntegratedDeepwater System. This funding will: complete the acquisition of fourNational Security Cutters; fund engineering and design costs for theReplacement Patrol Boat; and purchase four additional MaritimePatrol Aircraft. These long-awaited upgrades to its fleet will strength-en the Coast Guard’s ability to safeguard seaports from terrorists seek-

ing to enter the country or transport dangerous weapons or mate-rials.

• Total funding of $30 million for the Employment EligibilityVerification program will sustain the expansion of the program toprovide increased interior enforcement of our immigration lawsand more robust worksite enforcement, allowing employers toremove the guesswork involved with hiring new employees.

CONTINUE TO PROTECT FROM DANGEROUS GOODSDHS is working to improve maritime cargo security, includingenhancing domestic and overseas container scanning. In addition, itis dedicating funding to improve technology and reduce costs to theBioWatch program, a key element in its comprehensive strategy forcountering terrorism. The following initiatives are fundamental toDHS’ protection against dangerous goods:• Total funding of $178 million will provide for the procurement and

deployment of radiation portal monitors, including next-generationAdvanced Spectroscopic Portal systems. The requested resourceswill assist DHS in achieving its goal of screening 98 percent of allcontainers entering the United States by the end of FY 2008.

• An increase of $15 million is requested for the Secure FreightInitiative that is designed to maximize radiological and nuclearscreening of U.S. bound containers from foreign ports. SecureFreight includes a next-generation risk assessment screening pro-gram and an overseas detection network, while merging existingand new information regarding containers transiting through thesupply chain to assist customs and screening officials in makingsecurity and trade decisions.

• An increase of $47.4 million is requested for the Acceleration ofNext-Generation Research and Development program, which willincrease funding across multiple research, development and oper-ations program areas.

PROTECT CRITICAL INFRASTRUCTURECentral to DHS’ mission is supporting effective critical infrastructuresecurity investments at the federal, state and local levels. ThePresident’s budget requests funding for initiatives that continue tosupport strengthening national chemical plant security; protectinghigh risk rail shipments; and cultivating mutually beneficial partner-ships with industry owners and operators. Key funding requestsinclude:• An increase of $30 million will provide for the Securing the Cities

Implementation initiative. DHS will begin the implementation ofstrategies developed through the analytical work done in FY 2006and FY 2007 in support of the initiative in the New York region.Activities included in the development of regional strategiesinclude analyses of critical road networks, mass transit, maritimeand rail vulnerabilities. The Domestic Nuclear Detection Officewill engage state and local partners in additional urban areas begin-ning in FY 2008 to tailor strategies and lessons learned from theNew York region to meet requirements specific to these regions.

• An increase of $21.9 million will support the newly formedScience and Technology Office of Innovation to provide increasesto program development and leap-ahead technologies thataddress some of the highest priority needs of DHS. The technolo-


gies being developed will be used to create a resilient electric grid toprotect critical infrastructure sites, detect tunnels along the border,defeat improvised explosive devices and utilize high-altitude platformsor ground-based systems for detection and engagement of MAN-PADS in order to offer alternative solutions to installing systems onaircraft.

• An increase of $15 million for a total of $25 million will improvechemical site security and regulate security of chemical plants. Thefunding will be used to manage training of inspector staff, assist deskpersonnel and other administrative staff. Funds will also be spent onassisting chemical facilities with vulnerability assessments.

• An increase of $3.5 million will expand TSA’s National ExplosiveDetection Canine Team program by approximately 45 teams to sup-port the nation’s largest passenger transportation systems in both masstransit and ferry systems.

• An increase of $35.6 million for the Presidential Campaign willenable the U.S. Secret Service to provide the appropriate level ofresources to adequately protect the candidates and nominees duringthe 2008 Presidential Campaign while sustaining other protectiveprograms.

BUILD A NIMBLE, EFFECTIVE EMERGENCY RESPONSESYSTEM AND CULTURE OF PREPAREDNESSRemaining in a state of readiness is crucial to DHS’ ability to deter andrespond to acts of terror or other disasters. The following fundingrequests aim to strengthen the department’s ability to build an effectiveemergency response system and culture of preparedness.• An increase of $100 million will provide for the Federal

Emergency Management Agency’s (FEMA) Vision Initiatives thatwill enable the agency to intensify and speed the development ofcore competencies central to achieving disaster readiness,response and recovery. A combination of staffing increases, newtechnologies and targeted investment in equipment and supplieswill increase FEMA’s mission capacity in the areas of incidentmanagement, operational planning, continuity programs, publicdisaster communications, hazard mitigation, disaster logistics andservice to disaster victims. In addition, the requested increase willsupport FEMA’s plan to transform its approach to business oper-ations and project management, enabling the development andintegration of information systems, policies, internal controls andprocesses necessary to effectively build, manage and support theagency’s core competencies to ensure mission success.

• A total of $3.2 billion will be available for state and local prepared-ness expenditures, as well as assistance to firefighters in FY 2008. Ofthis amount, $2.2 billion is requested for DHS to fund grant, trainingand exercise programs. In addition, in coordination with the StatePreparedness Grant Program, DHS will be co-administering the $1 billion Public Safety Interoperable Communications grant pro-gram, in partnership with the Department of Commerce. Fundsrequested through these programs will (1) provide critical assistanceto state and local homeland security efforts, (2) support resourcesavailable through other federal assistance programs that center on firstresponder terrorism preparedness activities and (3) deliver ample sup-port to all state and local first responder organizations to obtain theequipment, training and other resources required to protect the pub-

lic in the event of a terrorist attack or other major incident.• A realignment of $132.7 million in base resources will establish a

deployable operations group and strengthen the Coast Guard’s over-all response capability. The alignment of Coast Guard’s deployable,specialized forces under a single command will improve and strength-en its ability to perform day-to-day operations and respond to mar-itime disasters and threats to the nation.

• A total of $48 million is requested to further professionalize FEMA’sdisaster workforce by converting Cadre of On-Call ResponseEmployee positions with four-year terms into permanent, full-timeemployees. This transition will stabilize the disaster workforce, allow-ing for the development and retention of employees with neededprogram expertise and increased staffing flexibility to ensure criticalfunctions are maintained during disaster response surge operations.

• An increase of $12 million for the Nationwide AutomaticIdentification System will continue funding for this vital project thatsignificantly enhances the Coast Guard’s ability to identify, track andexchange information with vessels in the maritime domain, especial-ly those vessels that may threaten our nation.

STRENGTHEN AND UNIFY DHS OPERATIONS ANDMANAGEMENTDHS is continuing to strengthen departmental operations to improvemission success. • An increase of $139 million in premium processing fees will trans-

form and improve United States Citizenship and ImmigrationServices (USCIS) business processes and outdated informationtechnology systems. This investment will support automation ofUSCIS operations and improve processing times, increase securityand fraud detection, improve customer service and the replacementof paper-based processes and antiquated technology. Additionally,$124 million in anticipated application fee revenue will be commit-ted to upgrade and maintain the USCIS information technologyenvironment.

• A total of $17 million in new funding within ICE and CBP willhelp improve the internal oversight of personnel. This oversight isespecially critical as the workforces of these organizations contin-ue to expand.

• An increase of $120 million for the DHS ConsolidatedHeadquarters Project will further consolidate executive programleadership of the Department in a secure setting. This will foster aone-DHS culture and enhance the flow of information while opti-mizing our prevention and response capabilities across the spec-trum of operations.

• An increase of $9.6 million for the Office of the Chief ProcurementOfficer will establish the staffing requirements necessary to proper-ly award and administer department-wide acquisition programs toensure effective delivery of services and proper procurement andcontracting procedures in compliance with all federal laws and reg-ulations governing procurements.

• A total of $99.1 million will continue to support the InspectorGeneral activities to serve as an independent and objective inspec-tion, audit and investigative body to promote economy, efficiencyand effectiveness in DHS programs and operations.

— U.S. Department of Homeland Security


NATIONAL NEWSDHS DESIGNATES STATE OF THEUNION ADDRESS AS A NATIONALSPECIAL SECURITY EVENTThe U.S. Department of HomelandSecurity Secretary Michael Chertoff des-ignated the President’s State of theUnion Address as a National SpecialSecurity Event (NSSE) and namedSteven C. Woodard, deputy assistantdirector of the U.S. Secret Service toserve as the principal federal official forthe event.

A number of factors are taken intoconsideration when designating an eventas a National Special Security Event,including anticipated attendance by dig-nitaries and the size and significance ofthe event. When an event is designated aNSSE, the U.S. Secret Service assumes itslegally mandated role as the lead federalagency for the design and implementa-tion of the operational security plan.Federal resources are deployed to main-tain the level of security needed for theevent.

The Secret Service is responsible forplanning, directing and executing federalsecurity operations at designated NSSEsand, together with state and local lawenforcement partners, develops the over-all security plan. The Washington, D.C.Metropolitan Police Department, theU.S. Capitol Police and a number ofother federal and local agencies playedan active role in providing security at thisevent. Assets from the Department ofDefense, including the North AmericanAerospace Command and the UnitedStates Northern Command, also support-ed the event.

Woodard has experience in the prepa-ration and coordination required forNSSEs, most recently serving as the prin-cipal federal official for former PresidentFord’s state funeral in Washington, D.C.a few weeks ago. In his role, Woodardwas responsible for ensuring overallseamless coordination of the federal

domestic incident management activities.Since 1998, the Secret Service has led

federal security operations at 24National Special Security Events, includ-ing former President Ford’s state funeral,the 2005 Presidential Inauguration, the2004 Republican and DemocraticNational Conventions, former PresidentRonald Reagan’s state funeral in 2004and the last three State of the UnionAddresses.

— DHS

CONTINUED FEDERAL ACTION ISNEEDED TO FURTHER MITIGATESECURITY RISKS EXPOSED BY 9/11Five years after the terrorist attacks ofSept. 11, 2001, the GovernmentAccountability Office (GAO) is takingstock of key efforts by the President,Congress, federal agencies and the 9/11Commission to strengthen or enhance

critical layers of defense in aviation andborder security that were directlyexploited by the 19 terrorist hijackers.

Specifically, the report discusses how:(1) commercial aviation security hasbeen enhanced; (2) visa-related policiesand programs have evolved to helpscreen out potential terrorists; (3) feder-al border security initiatives haveevolved to reduce the likelihood of ter-rorists entering the country through legalcheckpoints; and (4) the Department ofHomeland Security (DHS) and otheragencies are addressing several majorpost-9/11 strategic challenges.

While the nation cannot expect toeliminate all risks of terrorist attacksupon commercial aviation, agencies havemade progress since 9/11 to reduce avi-ation-related vulnerabilities and enhancethe layers of defense directly exploitedby the terrorist hijackers. In general,these efforts have resulted in better air-line passenger screening proceduresdesigned to identify and prevent knownor suspected terrorists, weapons andexplosives from being allowed onto air-craft. Nevertheless, the nation’s commer-cial aviation system remains a highly vis-ible target for terrorism, as evidenced byrecent alleged efforts to bring liquidexplosives aboard aircraft.

DHS and others need to followthrough on outstanding congressionalrequirements and recommendations byGAO and others to enhance security andcoordination of passengers and checkedbaggage and improve screening proce-dures for domestic flights, among otherneeded improvements. GAO’s workindicates that the government hasstrengthened the nonimmigrant visaprocess as an antiterrorism tool. Newmeasures added rigor to the process byexpanding the name-check system usedto screen applicants, requiring in-personinterviews for nearly all applicants andrevamping consular officials’ training to

GlobalAssurance

President George W. Bush receives applausewhile delivering the State of the Unionaddress at the U.S. Capitol, Tuesday, Jan. 23,2007. Also pictured are Vice President DickCheney and Speaker of the House NancyPelosi. White House photo by David Bohrer.


focus on counterterrorism. Nevertheless,the immigrant visa process may posepotential security risks and we arereviewing this issue.

To enhance security and screening atlegal checkpoints (air, land and sea ports)at the nation’s borders, agencies areusing technology to verify foreign travel-ers’ identities and detect fraudulent trav-el documents such as passports. DHS,however, needs to better manage risksposed by the Visa Waiver Program,whereby travelers from 27 countriesneed not obtain visas for U.S. travel.

For example, GAO recommends thatDHS require visa-waiver countries toprovide information on lost or stolenpassports that terrorists could use to gainentry. GAO also recommends that DHSprovide more information to Congresson how it plans to fully implement US-VISIT – a system for tracking the entry,exit and length of stay of foreign travel-ers.

While much attention has beenfocused on mitigating the specific risks of9/11, other critical assets ranging frompassenger rail stations to power plantsare also at risk of terrorist attack.Deciding how to address these risks –setting priorities, making trade-offs, allo-cating resources and assessing social andeconomic costs – is essential. Thus, itremains vitally important for DHS tocontinue to develop and implement arisk-based framework to help targetwhere and how the nation’s resourcesshould be invested to strengthen securi-ty.

The government also faces strategicchallenges that potentially affect over-sight and execution of new and ongoinghomeland security initiatives, and GAOhas deemed three challenges in particu-lar – information sharing, risk manage-ment and transforming DHS as a depart-ment – as areas needing urgent atten-tion. DHS and the Department of Statereviewed a draft of this report and bothagencies generally agreed with the infor-mation. Both agencies provided technicalcomments that were incorporated asappropriate.

The report reflects conclusions andrecommendations from a body of workissued before and after 9/11 by GAO,the Inspectors General of DHS, Stateand Justice, the 9/11 Commission andothers. It is not a comprehensive assess-ment of all federal initiatives taken orplanned in response to 9/11. GAO is notmaking any new recommendations atthis time since more than 75 prior rec-ommendations on aviation security, theVisa Waiver Program, and U.S. Visitorand Immigrant Status IndicatorTechnology (US-VISIT), among others,are in the process of being implemented.Continued monitoring by GAO willdetermine whether further recommen-dations are warranted.

— GAO

CDC AWARDS $3.7 MILLION TOIMPROVE HEALTHCAREINFORMATION SHARING FORDISEASE DETECTIONThe Centers for Disease Control andPrevention (CDC) has announced $3.7million in new grants designed toenhance healthcare information in aneffort to improve the detection andresponse to emerging public healththreats. The new grants will fund studiesat three new Centers of Excellence inPublic Health Informatics located at NewYork City Department of Health andHygiene; the University of Utah, SaltLake City; and Johns Hopkins University,Baltimore.

“The goal of this funding will be iden-tifying new tools and methods toenhance health information sharing andultimately lead to the adoption of anationwide, technology-based, integrat-ed healthcare surveillance system. Wehope we’ll be able to detect emergingpublic health threats earlier and moreefficiently,” says Steve Solomon, MD,director of the Coordinating Center forHealth Information and Service at CDC.

These Centers of Excellence will bedesigning new tools and methods toassist and enhance CDC’s BioSense pro-gram, which provides real-time biosur-veillance for potential health threats

through immediate access to data fromhospitals and healthcare systems inmajor metropolitan cities across thenation.

The studies will involve a variety pub-lic and private sector partners, includinguniversities, health departments andresearch organizations. The principalinvestigator, center and the studies are: • Joseph Lombardo, MS, Johns Hopkins

University Applied Physics Laboratory,Baltimore. The study will investigatenew technologies that will improve thetimeliness and accuracy of electronicdisease surveillance systems andenhance the development of a nationaldisease surveillance network.

• Farzad Mostashari, MD, New York CityDepartment of Health and MentalHygiene, New York. The goal of thisresearch is to implement and evaluate amodel Electronic Health Record systemthat incorporates public health priori-ties and epidemiological data.

• Matthew Samore, MD, University ofUtah, Salt Lake City. This study seeksto enhance the use of electronic med-ical surveillance in detecting and inves-tigating public health threats. The grants are part of CDC’s Health

Protection Research Initiative. The goalof the research initiative is to discoverstrategies and tools that increase the abil-ity of health departments, physicians andother health care providers to promotehealth and prevent diseases, injuries ordisabilities.

— Department of Health and Human Services

PROTECTING PUBLIC HEALTH FROMDISEASE, DISASTERS ANDBIOTERRORISMTrust for America’s Health (TFAH)recently released the fourth annual“Ready or Not? Protecting the Public’sHealth from Disease, Disasters, andBioterrorism,” which found that fiveyears after the 9/11 and anthraxtragedies, emergency health prepared-ness is still inadequate in America.

The “Ready or Not?” report containsstate-by-state health preparedness scores


GlobalAssurance National Newsbased on 10 key indicators to assesshealth emergency preparedness capabili-ties. All 50 U.S. states and the District ofColumbia were evaluated. Half of statesscored six or less on the scale of 10 indi-cators. Oklahoma scored the highestwith 10 out of 10; California, Iowa,Maryland and New Jersey scored thelowest with four out of 10. States withstronger surge capacity capabilities andimmunization programs scored higher inthis year’s report, since four of the meas-ures focus on these areas.

Half of the states scored six or less onthe scale of 10 indicators. Oklahomascored the highest with 10 out of 10;California, Iowa, Maryland and NewJersey scored the lowest with four out of10. States with stronger surge capacitycapabilities and immunization programsscored higher in this year’s report, sincefour of the measures focus on theseareas.

“The nation is nowhere near as pre-pared as we should be for bioterrorism,bird flu and other health disasters,” saysJeff Levi, PhD, executive director ofTFAH. “We continue to make progresseach year, but it is limited. As a whole,Americans face unnecessary and unac-ceptable levels of risk.”

“September 11, the anthrax attacks andHurricane Katrina were all wake-up callsto the country, putting us on notice thatthe nation’s response capabilities wereweak and that we needed to improvepreparedness,” continues Levi. “Butacross the board it is clear that wehaven’t learned the lessons from thesetragedies – we are still too vulnerable towhat might come next.”

The report also examines the need tostrengthen funding and accountability forpublic health preparedness.Preparedness is a shared responsibilityamong the federal, state and local gov-ernments, with the Centers for DiseaseControl and Prevention (CDC) andHealth Resource Services Administration(HRSA) at the U.S. Department ofHealth and Human Services (HHS) incharge for overseeing the use of federal

funds devoted to health emergencyreadiness.

Since 2004, more than $90 millionhave been cut from the CDC’s prepared-ness funds that are allocated to states,and more than $23 million have beencut from HRSA funds allocated for statehospital preparedness. These cuts haveoccurred before many basic prepared-ness goals have been met, as can be seenin some of the state scores. This threat-ens to halt or reverse progress. The fed-eral government currently does not con-sistently and objectively measure or pro-vide state-by-state information to helpAmericans and policymakers assess howprepared their communities are torespond to health threats.

For the state-by-state scoring, statesreceived one point for achieving an indi-cator or zero points for not achieving theindicator; therefore, zero is the lowestpossible overall score and 10 is the high-est. The data for the public health indica-tors are from publicly available scores orpublic officials in 2006.

The 10 indicators and the number ofstates receiving points for each categoryare as follows:1. Achieved “green” status for Strategic

National Stockpile delivery (15states)

2. Has sufficient BSL-3 labs to meetbioterrorism preparedness needs asoutlined in state plan (39 states)

3. Has enough lab scientists to test foranthrax or plague (46 states andD.C.)

4. Has year-round lab-based influenzasurveillance (46 states and D.C.)

5. Has two weeks hospital bed surgecapacity in moderate pandemic (25states and D.C.)

6. Increased or maintained seasonal fluvaccination rate for adults older than65 (37 states and D.C.)

7. At or above national median fornumber of adults older than 65 whohave ever received a pneumonia vac-cination (26 states)

8. Is compatible with the CDC’sNational Electronic DiseaseSurveillance System (38 states)

9. Does NOT have a nursing workforceshortage (10 states)

10. Increased or maintained level offunding for public health servicesfrom FY 2005 to FY 2006 (44 statesand D.C.)

Among the key findings:• Only 15 states are rated at the highest

preparedness level to provide emer-gency vaccines, antidotes and medicalsupplies from the Strategic NationalStockpile.

• Twenty-five states would run out ofhospital beds within two weeks of amoderate pandemic flu outbreak.

• Forty states face a shortage of nurses. • Rates for vaccinating seniors for the

seasonal flu decreased in 13 states. • Eleven states and D.C. lack sufficient

capabilities to test for biological threats. • Four states do not test year-round for

the flu, which is necessary to monitor

10

Oklahoma

9

Kansas

8

Alabama

Kentucky

Michigan

Missouri

Montana

Nebraska

South Dakota

Texas

Virginia

Washington

7

Delaware

Florida

Georgia

Hawaii

Idaho

Illinois

Minnesota

New Hampshire

New York

6

Colorado

Indiana

Louisiana

Massachusetts

Mississippi

Nevada

New Mexico

North Carolina

Oregon

Rhode Island

5

Alaska

Arizona

Arkansas

Connecticut

Washington, DC

Maine

Ohio

Pennsylvania

South Carolina

NUMBER OF INDICATORS


for a pandemic outbreak. • Six states cut their public health budg-

ets from fiscal year (FY) 2005 to 2006;the median rate for state public healthspending is $31 per person per year.

The report also offers a series of rec-ommendations to help improve pre-paredness. Some key recommendationsinclude:• The federal government should estab-

lish improved “optimally achievable”standards that every state should beaccountable for reaching to better pro-tect the public, and the results shouldbe made publicly available.Appropriate levels of funding shouldbe provided to the states to achievethese standards.

• Establishment of temporary health ben-efits for the uninsured or underinsuredduring states of emergency. This bene-fit is necessary to ensure that sick peo-ple will stay home, and the uninsuredand underinsured will seek treatmentin times of emergency, helping to pre-vent the unnecessary spread of infec-tious diseases, including resulting fromacts of bioterrorism or a pandemic fluoutbreak.

• A single senior official within the U.S.Department of Health and HumanServices should be designated to be incharge of and accountable for all publichealth programs. The senior officialwould streamline government effortsand be the clear leader during times ofcrisis.

• Emergency surge capacity capabilitiesshould be improved by integrating allhealth resources and partnering withbusinesses and community groups inplanning and increasing stockpiles ofneeded equipment and medications.

• The volunteer medical workforceshould be expanded and an investmentmust be made in the recruitment of thenext generation of the public healthworkforce.

• Technology and equipment must bemodernized and research and develop-ment must be strengthened.

• The public should be better included inemergency planning, and risk commu-nication must be modernized.

— Trust for America’s Health

The World at Your FingertipsWant the latest breaking business continuity news stories when it’s convenient for you?

Look no further than www.ContingencyPlanning.com.

Exclusive Web updates are added every weekday to ensure you don’t miss a step.

Log on today and get up to speed.

www.ContingencyPlanning.com


INTERNATIONAL NEWSU.S., JAPAN SIGN NUCLEAR POWERCOOPERATION PLAN, AGREE TOSTRENGTHEN EMERGENCYPREPAREDNESSThe United States and Japan will collab-orate on a plan to build new nuclearpower plants, say the nations’ top energyofficials.

U.S. Energy Secretary Samuel Bodmanand Japanese Minister of Economy Tradeand Industry Akira Amari say their coun-tries will collaborate on various aspectsof the civilian nuclear fuel cycle.

Bodman says that detailed plans willbe developed during the next threemonths but will include inviting Japaneseengineers to work on new nuclear powerplants in the United States.

He says Japanese scientists and nuclearengineers will offer technical expertise inadvanced, fast reactors, which usenuclear fuel more efficiently than currentreactors. Fast reactors yield more energywhile producing less radioactive waste.

Japan is in the process of developingsuch reactors to be operational on a trialbasis next year, Amari says.

The officials say their joint civiliannuclear energy action plan will be com-pleted by April 2007.

The plan will build upon the civiliannuclear energy technical cooperationalready underway between the twocountries and will include regulatory andnonproliferation-related nuclear ex-changes.

Japan has bilateral nuclear powercooperation treaties with six nations –the United States, Britain, France,Canada, Australia and China. Underthese agreements, the parties exchangeexpertise and information on the peace-ful use of nuclear power and provideand receive nuclear equipment, materi-als and services.

Bodman and Amari say the new planwill focus on research and developmentactivities under the Global Nuclear

Energy Partnership (GNEP) initiative,advanced by the United States.

Under the GNEP, the United Stateswill build a nuclear fuel recycling facilityand sell fuel for nuclear power plants toother countries.

While Japan has a nuclear fuel recy-cling facility, it currently ships much ofthe spent nuclear fuel from its 54 oper-ating nuclear power plants to France andBritain for reprocessing. The reprocessedfuel is shipped back to Japan for furtheruse.

While there has never been a disaster,the shipping of such large amounts ofradioactive material halfway around theworld has drawn objections from manycountries along the shipping routes aswell as from environmentalists whopoint out that the ships could be subjectto accident or terrorist attack that wouldrelease radioactivity into the environ-ment.

If Japan has its spent nuclear fuelreprocessed in the United States, theshipping distance would be roughly

halved. The GNEP, endorsed by President

George W. Bush, is now undergoing aprogrammatic environmental impactstatement process, which allows for pub-lic comment.

In the United States, 103 nuclear reac-tors supply nearly 20 percent of thenation’s electricity, but since the 1979accident at Three Mile Island and the1986 fire and explosion at Chernobyl inUkraine, safety concerns have stalledU.S. nuclear development. Only one U.S.plant has come on line recently, in 1996.

The Bush administration has encour-aged the nuclear industry, which nowhas 18 new nuclear power plants in var-ious stages of licensing and sitingapproval, according to the NuclearEnergy Institute, an industry association.

To ensure mutual energy security andaddress global climate change, Bodmanand Amari say both sides recognize theymust improve energy efficiency anddiversify their energy mix.

The two countries intend to make

GlobalAssurance


wider use of “clean and alternative ener-gy, such as clean use of coal, nuclearenergy and renewables,” the officials say.

Bodman welcomes Japanese participa-tion in the $1 billion FutureGen Project,a United States-sponsored initiative toconstruct the world’s first emission-freecoal fired electricity generation plant tobe constructed in the United States at asite yet to be selected.

The project will employ coal gasifica-tion technology integrated with com-bined cycle electricity generation and thesequestration of carbon dioxide emis-sions.

Japan will contribute expertise, fund-ing and information exchange on carboncapture and sequestration technology.

Both sides say they recognize that theengagement of emerging economies,particularly China and India, is “crucialfor ensuring global energy security.”

Bodman and Amari agree that inte-grating these growing energy consumersinto the global energy market and pro-moting responsible market-based policiesand energy use will be a priority for bothcountries.

And they have agreed to strengthentheir countries’ cooperation with Chinaand India on energy efficiency and emer-gency preparedness, saying the Five-Country Energy Ministers’ meeting inDecember 2006, in which ministersfrom China, India, Japan, Korea and theUnited States participated, was a goodexample of a coordinated engagementeffort.

— Environment News Service

BIRD FLU UPDATEA mother and daughter, who recentlydied in mysterious circumstances in

Lagos, Africa, have been suspected tohave died of the deadly bird flu disease,thus, giving rise to speculations of a pos-sible human-to-human infection of thedisease in the country. The two weresaid to have died within two weeks afterthey allegedly ate a chicken the motherbought for the family during theChristmas and New Year celebrations ata popular chicken market along IkoroduRoad, Lagos.

The mother died on Jan. 4, and thedaughter lost her life Jan. 17. After thedaughter’s death, the father was said tohave ordered an autopsy of the girl, aswell as his wife. The result of the autop-sy suspected bird flu disease as the causeof their deaths, and it was after this thatthe father also disclosed that one of thechickens they had bought during the fes-tive season had died mysteriously andthey had to quickly slaughter the restbefore they could face similar fate.

The family has since been quarantinedwhile further investigations are beingcarried out by officials of the WorldHealth Organization (WHO). WHOspokesman Austine Ogbide says thatWHO is “aware of the case of a womanand her daughter who allegedly diedafter consuming a chicken,” but is quickto warn that the “cause of their deathswas yet to be determined.” He also saysthe chicken is still being diagnosed andthat it may not be proper to concludethat the mother and daughter werekilled as a result of the chicken. He addsthat WHO is still waiting for the out-come of the investigations after which itwould make a definitive statement.

If the ongoing investigation confirmsthat both mother and daughter died as aresult of the disease, it would be the first

case of human-to-human transmission ofthe virus in the country.

And Russia has recorded its first casesthis year of the highly pathogenic H5N1strain of bird flu in dead domestic birds,the country’s animal and plant healthagency said recently. The RussianVeterinary and Phytosanitary OversightService Rosselkhoznadzor says the viruswas detected in dead birds found inthree domestic yards in the Krasnodarregion of southern Russia.

“Yes, it’s H5N1,” a spokesman for theagency says. Measures are being taken toprevent the spread of infection in thethree settlements where cases werefound – Labinsk, Upornaya andBorodinskaya. Rosselkhoznadzor saystests have been carried out in regionallaboratories, and further tests would beconducted in Moscow.

Russia recorded more than 90 cases ofbird flu last year. Most were in southernregions, particularly the North Caucasusarea that borders Georgia andAzerbaijan. Several cases were alsofound in the Siberian regions ofNovosibirsk and Omsk.

The outbreak of H5N1 avian influenzabegan in Asia in 2003 and outbreakshave been confirmed in about 50 coun-tries and territories. Bird flu has killed164 people from 270 cases recorded inhumans since 2003, World HealthOrganization data shows. At least 200million birds have been culled world-wide. No human cases have ever beenrecorded in Russia. Five people havedied from eight cases in neighboringAzerbaijan.

— RSOE HAVARIA Emergency andDisaster Information Service

COMING IN MARCH TO CPM-GA• TAKING THE FEAR OUT OF BC EXERCISES: PART II

• WHY PLANS FAIL

• PREDICTING HURRICANES


In dealing with the increasing probability of disasters that couldadversely affect the business, organizations the world over are

proactively implementing business continuity management systems.Regardless of the size of the organization, big or small, one area that

is universally neglected is human capital. Human capital, though oneof the building blocks of business continuity management systems(BCMS), lacks resiliency in most assignments and needs special atten-tion.

Using a Six Sigma tool – Quality Function Deployment (QFD) –builds up a framework that could be adapted to suit your needs ofbuilding resiliency in human capital.

RESILIENCY IN HUMAN CAPITALHuman capital comprises knowledge, skills, health, education andphysical ability. Resiliency is the ability to bounce back in the face ofadversity. The objective of human capital resiliency is to be able tocontinue business operations with available resources at a pre-deter-mined efficiency and effectiveness. This implies the availability of theright people at the right place at the right time.

QUALITY FUNCTION DEPLOYMENTQuality function deployment (QFD) is a comprehensive qualitydesign method that: • Seeks out spoken and unspoken customer needs from fuzzy “voice

of the customer” verbatim; • Uncovers “positive” quality that wows the customer; • Translates these into design characteristics and deliverable actions;

and • Builds and delivers a quality product or service by focusing the vari-

ous business functions toward achieving a common goal – customersatisfaction.

Basically, a QFD translates customer requirements into an appropri-ate company program and technical requirements at each phase ofthe product realization cycle. The figure below depicts how thevarious house of quality is built.

BuildingResiliency in

Human CapitalTools of the trade

By Sandesh Sheth

Building resiliency in human capital depends on three dimen-sions: people, procedures, and culture existing within the organ-ization. We will explore each of them in detail.

PEOPLE

1. Talent management• Have we identified the critical resources for each business

process that we perform?• Do we know the skill sets of the critical resources? Have we

created job descriptions for each resource that could be uti-lized if needed?

• Where can we get these skill sets and within what time framein case we were to need them?

2. Backups availability• Have we identified backups for the critical resources?• What is the backup depth (how many tiers)?• Have the backups been trained to assume the roles of the

critical resources?• Have the backups ever been tested?

3. Availability to function in case of disaster• How will people react to trauma, especially the one that

affects loved ones?

• What proactive measures will really help to face a real trau-ma?

• If resources have to operate from an alternate site: What if acritical resource is a single parent? What if the resource hasan elder at home who cannot be left alone for long dura-tions? What about pets who cannot be left alone for longdurations?

• What if social distancing is to be observed and reporting tothe primary/secondary location is not an option?

• Is teleworking an option? Have we defined and tested theprocedures to make it work?

4. Ability to communicate• How will people be contacted in case of a disaster, especial-

ly if the disaster occurs during non-working hours?• Is there a bulletin board? How much information needs to

be posted on it? Can a competitor take undue advantage ofit in case the board is public? Will the customer be alarmed?

• What if telecommunication networks are disrupted? What ifwe lose the ability to call or text message?

• Do we have a call-in number where employees can obtaininstructions? Will this number be available if the primaryfacility no longer exists?

• How will the decision-making process be affected if the cri-sis management team is not able to communicate? Who willmake the decision and inform the others?

5. Ability to travel• In case of an outage in mass rapid transportation systems will

people be able to travel to the primary or secondary loca-tion?

PROCEDURES


System Features(HOWs)

House of Quality

#1

Product Functionality(HOWs)

House of Quality

#2

System Characteristics(HOWs)

House of Quality

#3

Design Alternatives(HOWs)

House of Quality

#4

QFD HOUSE 1 Critical to Quality (CTQs)Internal Process/Product(How)

Customer Expectation (What)Recover the systems within the predefined time frame (RTO –recovery time objective)

Needs Resiliency in Human Capital People Procedures Culture

We build the first House of Quality based on the voice of the customer.

Cus

tom

er W

ants

(WH

ATs)

Syst

em F

eatu

res

( W

HAT

s)

Prod

uct

Func

tiona

lity

( W

HAT

s)

Syst

em C

hara

cter

istic

s(

WH

ATs)

QFD HOUSE 2 High-Level Process StepsSub Process/Product Characteristic (How)

Needs

MostInfluentialProcesses(NewWhat)People

Talentmanage-ment

1

Backupsavailability

2

Availabilityto function

3

Ability toTravel

4

Ability tocommun-icate

5


Needs

MostInfluentialProcesses(New What)Procedures

Documented

1

Comprehensive

2

Validated

3


1. Documented• Have we documented the following procedures?

• Backup• Recovery• Offsite shipment• Batch jobs• Print jobs• Passwords for all systems• Insurance reimbursement

2. Comprehensive• Are the above-mentioned procedures comprehensive?• Has everything that is vital been documented?• In case of knowledge based on experience, e.g. partitioning

of the LPAR, DADS settings on mainframe, etc., is the logicof allotment documented?

3. Validated• Have the procedures been validated for effectiveness by the

backup personnel?

CULTURE

1. Top management involvement• Is there a perception within the organization that the top manage-

ment is involved in BCMS?• Is the top management involved in formulation of the strategy and

review of various disaster related policies?• Do the audit reports and exercise reports get reported to the top

management?• Has the top management participated in disaster recovery exercis-

es?

2. Policies and systems• Have we defined and communicated the following policies?

• Crisis escalation policy• Disaster declaration policy• Teleworking policy• Leave policy

• Policy for individuals whose services would not berequired in case of disaster for a certain duration

• Policy for individuals whose services are required but whoare not able to report for recovery

• Reimbursement policy• For expenses related to administration arrangements for

people to move to alternate site and function from therefor a given period

• What is the overtime policy? Is there a comp-off policy?

• What is the disaster pay?• How are bills to be paid – by the individual or

centrally?• Is there a company credit card? Who uses it?

When? How much is the limit?• How are timesheets to be submitted from alter-

nate sites, and to whom? Who keeps track ofthe working hours?

• Insurance policy• Emergency procurement policy for restoration of primary

site after the disaster• Payroll policy in case of disaster

• Direct deposit• Payment shipped to home location/alternate

site• Policy for notification of casualties (in case of

accident/death on premises or while in duty)• Policy for disbursement of claims in case of casualty• Policies for third-party service providers in case of a disaster

• Do we have systems in place that could provide support andimplement policies in case of disaster?

• Do we have systems in place to ensure quality of policies andthe ability to monitor the updates?

3. Awareness and training• How many tiers of employees have been defined to create a

pool of resources for all critical job functions?• Have the employees been cross-trained in addition to their pri-

mary responsibilities?• Is there a mechanism to monitor conduct of effective mentor-

protégé trainings?• Are employees, including new joinees, aware of their roles and

responsibilities in case of a disaster?• Have these roles been rehearsed on a regular basis?• Is disaster recovery education materials available in an easy-to-

use package?

“The more you sweat in peace, the less you bleed in war” is trulyapplicable when it comes to disaster recovery planning. If the aspectsmentioned in this article are addressed, adequate resiliency inhuman capital is the natural outcome. The hard work that you investwill bear fruits if ever a disaster occurs.

About the AuthorSandesh Sheth is a business continuity consultant, a Six Sigma Black Beltand a certified information systems auditor presently working for StateJudiciary Information Systems. He has been developing and imple-menting business continuity management systems for organizationsworld-wide for more than five years and represents Enterprise RiskManagement Consulting Group of Satyam Computer ServicesLimited. Questions and comments may be directed to [email protected].


Needs

MostInfluentialProcesses(NewWhat)Organiza-tion Culture

TopManage-mentInvolvement

1

Policies andSystems

2

AwarenessandTraining

3

Support

4

Vision

5


IndonesiaAgain on Bird

Flu Alert New outbreaks, new concerns, new measures

After abating since the end of 2005, the bird flu, or avianinfluenza virus, is now rampant again in Indonesia since early

this year, and the disease has already killed 61 people, while themost recent deaths were two patients at Persahabatan hospital inJakarta.

In response, the central government has asked the authorities ofJakarta, Banten and West Java provinces, which under the currentcircumstances are posing a high risk of a bird flu outbreak, to issuethe regulations which would serve as a legal basis to make effortsto deal with avian influenza cases.

Due to the problem, the government has banned backyardfarms in Jakarta, Banten and West Java. “No backyard farm is nowallowed in high-risk areas. Hence, the provincial administrationsneed to issue the regulations,” Coordinating Minister for People`sWelfare Aburizal Bakrie says.

The senior minister says he has met with government officialsfrom the three provinces and asked them to draw up the neces-sary regulations by referring to Law No. 4/1984 on bird flu out-breaks.

Secretary General of the Home Affairs Ministry ProgoNurdjaman says the ministry has allowed the provincial govern-ments to issue regulations on controlling the spread of the bird fluvirus.

Health Minister Siti Fadilah Supari says the policy was taken to


anticipate a bird flu outbreak, citing that the spread of theH5N1 virus among fowls and humans in the past few weekshad led to an emergency situation.

H. Musny Suatmodjo, director of animal health of the direc-torate general of husbandry at the Agriculture Ministry, saysbackyard poultry farms could be abolished by culling fowls andkeeping them in cages. “There has been no exact regulation.But backyard farms with less than 20 fowls may be demolishedby compensating their owners. Farms with more than 20 fowlswill be maintained if they are located at least 250 meters fromtheir owners’ houses,” he says, adding the policy did not applyto pet birds that are kept in clean cages.

Suatmodjo says his office has asked regional administrationsto make an inventory of backyard poultry farms in their respec-tive areas.

Since early this year the country has had five confirmedhuman cases of bird flu with three of them leading to eventu-al death. This brings the country`s bird flu death toll to 61.

VOLUNTEERSMeanwhile, the Indonesian Red Cross (PMI) has also takenpart in dealing with avian influenza cases in the country bymobilizing 2,460 volunteers from 82 PMI branches in 10provinces that are considered vulnerable to bird flu outbreaks.

The 10 provinces are Jakarta, Banten, West Java, Central Java,North Sumatera, East Java, West Sumatera, South Sulawesi, Baliand Aceh, which are considered prone to bird flu outbreaks.

The volunteers are expected to launch campaigns on effortsto prevent the spread of the avian influenza virus to humans.

PMI says that efforts to prevent the spread of the deadlyvirus would be optimal if members of the community are fullyaware of the benefits of leading a healthy life which would pre-vent them from being infected with the bird flu virus.

“Through community awareness, we hope people [will] bevigilant against bird flu without panic,” head of PMI’s Divisionfor Social and Health Services, Dr. Lita Sarana says.

The campaigns include programs on providing informationon healthy living, community-based surveillance and biosecuri-ty. Community awareness should cover four groups, namelybackyard farmers, house wives, chicken traders at traditionalmarkets and children.

“We provide them with training and information about birdflu,” Coordinator for PMI`s Bird Flu Program Puji Astuti says.

On community-based surveillance, PMI provides training tovillage health volunteers on efforts of quick response to bird flucases found in their respective areas.

Community-based surveillance involves 27 village health vol-unteers at subdistrict level in six districts/cities – Bandung(West Java), Cirebon (West Java), Indramayu (West Java),Malang (East Java), Tulungagung (East Java) and Blitar (EastJava).

On biosecurity activities, PMI deployed its volunteers to givedirectives, especially to backyard farmers, to lead a healthy lifeby, among other things, cleaning up chicken coops with disin-fectants and throwing away leftovers from the coops.

CONSISTENCYRegardless of the measures taken to deal with bird flu cases,the government and all relevant parties are expected to beconsistent in applying rules in efforts to overcome the dead-ly cases.

Coordinator for the Indonesian Poultry Forum, Don P.Utoyo, says bird flu cases are still found in the countrybecause the government and relevant parties, as well as thepeople, have yet to pay constant attention to the problem.

Utoyo, however, hails the government’s initiative to banbackyard farming in residential areas in an effort to eradicatethe bird flu virus. “It indeed takes time, but the most impor-tant thing is consistency in dealing with the spread of the fatalvirus,” he says.

The government should also conduct a research on themechanism of the spread of the avian influenza virus becausethe pattern of its spread is still not clear. There is no empiri-cal evidence that human beings are directly infected withbird flu virus. Theroetically, such direct infection with thevirus to human beings is also illogical.

In 2007, the government set a budget of US$61 million forbird flu control, which was higher than the 2005 budget ofUS$55 million.

The budget for avian influenza control in 2007 may beincreased if the existing one is not enough and no otherbudget can be allocated for the purpose, Secretary General ofthe Finance Ministry Mulia P. Nasution says.

Chairman of the National Committee for Bird Flu Controland Anticipation of Avian Influenza Pandemic BayuKrisnamurthi says the budget for bird flu control in 2007 hasactually been raised compared to that for 2006.

According to Bayu, key international partners that provid-ed assistance worth US$35 million in 2006 were committedto increasing the assistance to US$65.5 million in 2007.

The assistance for bird flu control from the key partners,which was previously given through representatives of inter-national institutions in the country, would give 60 percent ofthe aid directly to the government.

“The increase in the budget for bird flu control is expectedto boost efforts in dealing with the spread of the H5N1 virusunder the 2007 bird flu control program,” Bayu says.

He points out that the budget from the government andassistance from the key partners would be used to finance theimplementation of the bird flu control program, which hadbeen proposed earlier.

DOCTORS ASK AGRICULTURE MINISTRY TO CONTROLBIRD FLUThe Indonesian Doctor Association (IDI) has asked the agri-culture ministry to be more serious in controlling bird fluvirus, which has affected poultry, following the increasingbird flu cases in human in the past few weeks.

The bird flu cases must be dealt with from the sources –namely poultry, says IDI Chairman Dr. Fachmi Idris.

The handling from the disease sources must include poul-


try surveillance, case early detection, restructuring of poultryhusbandry, affected poultry culls, compensation and poultryvaccination, which are the responsibilities of the agricultureministry.

As the concerned authorities, the agriculture ministry wasurged to intensify the effectiveness of the bird flu control pro-gram.

“Surveillances of poultry in resettlement areas must be inten-sified to prevent the virus from spreading to wider areas andaffecting people. Appropriate compensation must be given aspromised,” IDI says.

Indonesia has recorded the highest bird flu cases in humanbeings with the number of cases reaching 77 and 61 deaths.

The Indonesian Doctor Association asked the governmentand regional administrations, as well as the people, to partici-pate in the efforts to decrease the bird flu cases.

NUMBER OF BIRD FLU PATIENTS IN JAKARTA HOSPITALINCREASESPersahabatan Hospital in East Jakarta received three morepatients suspected to have contracted with the bird flu virusshortly after sending home five others.

With the new bird flu suspects, the hospital is handling sixpatients suspected to have contracted with the virus, includingthree others who were admitted several days earlier.

Chairman of the hospital’s Bird Flue Handling Team, Dr.Mochtar Ikhsan, says two patients are a father and a son whohad previously received medical treatment at a Bekasi hospital.Both of the patients, Ikhsan says, have had contacts with fowlsin their neighborhood where fowls death cases have takenplace since Dec. 25, 2006.

Mocthar says the husband of another patient – a bird flu sus-pect who died on Jan. 11 – had been allowed to go home. “Hisson, who has been confirmed bird flu positive, still has toresume the medical treatment at the hospital,” he says.

He also confirmed that the hospital had sent three bird flu suspectsto the Sulianto Suroso Infectious Disease hospital in north Jakarta.Ikhsan says two patients died of bird flu-induced lung inflammationthat had spread to all the other organs in their bodies.

Entering 2007, many bird flu cases have been found again.Since the outbreak of this disease in Indonesia in 2005, a totalof 77 patients have been confirmed to be infected with thevirus. Of the total, 61 have died.

— Antara News

GlobalAssurance

EVENTS CALENDAR 2007March 14-16: Do-It-Yourself Business

Continuity Management

Course

Singapore

www.bcpasia.com

23: Business Continuity

Management Seminar

Hong Kong, China

www.bcpasia.com

25-27: Continuous Availability

Summit 2007

Loew’s Royal Pacific Resort at

Universal Orlando; Orlando, FL

www.stratus.com/summit

25-27: European Security

Conference

Berlin, Germany

www.asisonline.org

26-28: Do-It-Yourself Business


Course

Beijing, China

www.bcpasia.com

April 22-25: Strohl Systems User

Group Conference

JW Marriott Desert Ridge Resort

& Spa; Phoenix, AZ

www.strohlsystems.com

24-25: Freedom of Information

Conference

Jurys Great Russell Street Hotel;

London, UK

www.foiconference.co.uk

25-27: Do-It-Yourself Business


Course

Manila, Philippines

www.bcpasia.com

May 22-24

CPM 2007 WEST

The Mirage; Las Vegas, NV

www.contingencyplanningexpo.com

July 8-11: World Conference on

Disaster Management

Toronto Metro Convention

Centre; Toronto, Canada

www.wcdm.com

September 12-13: Dealing with Disasters

Conference

School of Applied Sciences,

Northumbria University;

Newcastle upon Tyne, England

Graham Thompson:

[email protected]


Exercising contingency plans is a critical, and often under-addressed,component of business continuity, when, in fact, plan exercising

can be the key to ensuring awareness and preparedness.Business operations personnel have difficulty enough writing

business continuity plans, let alone exercising them. Performingannual exercises for an organization presents an interesting dilem-ma: where to begin, how to design, who to involve and, moreimportantly, how to engage personnel when their minds are onproduct delivery, product development, sales and marketing andhitting revenue goals.

This article is the first installment of a four-part seriesdesigned to walk you through the exercise process step by step,eliminating trial-and-error methods for successful results. Thesearticles will solve the mystery of building a successful blueprint,starting with organization, moving on to design and buildingconfidence for the plan and concluding with tips for success.So let’s get started.

GET IT TOGETHERThe key to a successful exercise starts with organization.

Taking the FearOut of BC

Exercises: ABlueprint for

SuccessPart I: Organization is key

By Telva Chase

Exercises can be overly complex logistically, so it is wise to beas organized as possible from the beginning stages. Organizingthe various components of the exercise also keeps the team ontrack to meet exercise goals and objectives. Whether you haveone exercise to perform or many, the following steps to willget you organized, save time and energy and eliminate theguesswork to exercise design.

STEP 1: DECIDE HOW MANY AND WHAT TYPES OF EXERCISES YOU NEED TO PERFORM ANNUALLY. This will depend on how many plans have been written, how manyteams are involved, how many third-party vendor contracts are inplace and how many locations you need to exercise. Make a list ofall completed plans and determine how you want to exercise themand whether to exercise them at the same time or separately.

Take baby steps before walking, and walk before running. Inother words, don’t try to exercise every part of the business onthe first attempt. Find your comfort level and what will best fityour organization by selecting from the following types ofexercises:


Orientation ExerciseParticipants: New staff and leadershipNumber of Participants: 2 to 20Goal: To help new personnel gain a full understanding of plans andprocedures.Description: This exercise begins with training, followed by a brief exer-cise to ensure that new personnel know and understand plans andprocedures.Time Needed to Exercise: 30 to 90 minutesTime to Prepare: 10 to 20 days

DrillParticipants: All personnel in one facilityNumber of Participants: 2 to 1,000Goal: To monitor actual field response of a single emergency responsefunction.Description: A drill involves all levels of responders in one location andis practiced under realistic conditions. Drill examples include fire drills,radio exercises and tornado and earthquake exercises.Time Needed to Exercise: 20 to 90 minutesTime to Prepare: 1 to 5 days

Table Top or Walk-Through Exercise Participants: Usually one recovery team that comes from the same busi-ness unit.Number of Participants: 3 to 10Goal: To meet, review and discuss the actions the team would takebased on the information contained in their plans, but they do notperform any of these actions.Description: A facilitator will drive the exercise and take notes, particu-larly in areas for improvement, or if there are errors and omissions.This is the perfect first exercise to perform on a newly developed plan.This type of exercise removes the fear of exercising and prepares theteam for more complex, future exercises. This exercise is approachinga more “reality-based” experience.Time Needed to Exercise: 1 to 2 hoursTime to Prepare: 5 to 10 days

Simulation or Mock Exercise Participants: Usually, this corporate-wide effort includes teams from alldivisions.Number of Participants: 10 to 150Goal: To assess the adequacy of current procedures, policies and plans.Description: Recovery teams are challenged to determine the actionsthey would take in the event of a specific, fully simulated disaster sce-nario. To ensure active participation by the recovery team, they areasked to perform some or all of the actions necessary in the event ofplan activation. This type of exercise may be performed at a singlelocation, or at many locations. Teams are expected to “role play”response, recovery and restoration activities. Teams may or may notmeet at an alternate location to recover, per plans. A simulation/mockexercise will typically operate on a compressed timeframe represent-ing many hours, or even days. This exercise can be logistically com-plex and will require a good amount of advanced planning. It is appro-

priate to perform this test after a table top or walk-through exercise.A simulation exercise involves more participants: simulators, evalua-tors and a bigger design team. This type of exercise will introducesophisticated messages and other media into the scenario.Time Needed to Exercise: 4 hours to 2 daysTime to Prepare: 2 to 4 months

Full-Scale or Operational ExerciseParticipants: Emergency response teamsNumber of Participants: 3 to 25Goal: To evaluate the operational capability of teams and/or systemsin an interactive manner, and to assess the allocation of resources andmanpower over a substantial period of time.Description: Like a simulation exercise, teams will execute some or allof the actions they would perform in the event of plan activation. Thisexercise, which may include one or more teams, is typically per-formed at the designated alternate location, using specific recoveryconfigurations under actual operating conditions. This is a particularlygood exercise for information technology exercise efforts. Events arein real time, complex and detailed. Mobilization of personnel andresources and the actual movement of emergency response teams,equipment and resources are required. This exercise is the mostexpensive to perform.Time Needed to Exercise: 8 to 48 continuous hoursTime to Prepare: 3 to 6 months

Example: The Altima Corporation“The Altima Corporation” is located in two facilities 1,000 miles apart.It is an annual requirement to exercise each location separately andthen exercise them together. A total of seven plans have been writtenfor Facility 1, and a total of six plans have been written for Facility 2.The Altima Corporation also has two hot-site agreements, one foreach location, where critical systems are located. There is one 24-testperiod allowed for each contract.

1. List all plans that have been completed (see Table 1).2. Determine the type of exercise to be performed for each.3. Determine the frequency of each exercise.4. Determine participants to be involved in each exercise.5. Determine which exercises may be combined or performed at the

same time.

This results in a comprehensive Exercise Requirements Matrixfor planning purposes. Add columns to this matrix during thenext few steps to begin to see the details of each exercise.

STEP 2: PREPARE AND PUBLISH AN EXERCISE CALENDARUsing the Exercise Requirements Matrix from Step 1, meet with sen-ior management schedule each of the proposed exercises for the com-ing year. Waiting to schedule until partway through the year usuallyresults in performing all exercises during the fourth quarter. Be sure toschedule exercises with third-party vendors of high-availability servic-es. Make corrections and publish the calendar monthly, and send itout to respective teams so expectations are set early in the year.


Example: The Altima Corporation Add columns to your Exercise Requirements Matrix, or track this sep-arately. (See Table 2.)

Next, organize a design team. Three to six months before an exer-cise, contact senior management and ask for potential design teammembers. Work with management to have a team in place no laterthan the time required prior to each exercise to design. Scheduleweekly one-hour design team meetings for the time needed to pre-pare, preceding the exercise date.

Example: The Altima CorporationAdd several columns to the Exercise Requirements Matrix, or trackthis separately. (See Table 3.)

STEP 3: PREPARE AN EXERCISE DOCUMENT TEMPLATEAn exercise document template will assist in organizing all the detailsof a particular exercise. Produce one exercise document from the tem-plate for each exercise that you perform.

The design team will use the document to outline the details, logis-tics and expected results of the exercise during team meetings. Theteam will also detail the goals, objectives, participants and scenariodetails. The exercise document is versioned from week to week aftereach design team meeting, with the final pre-exercise version beingpublished just prior to the exercise. It is not distributed outside of thedesign team. During the exercise, certain parts of this document areused as handouts, which will be discussed in next month’s issue ofCPM-GA in Taking the Fear Out of BC Exercises: A Blueprint forSuccess, Part II: Design for Results.

Following the exercise, this same document can then be used tooutline post-exercise findings, participant evaluations and, finally, aplan-update schedule and specific action item tracking. Publish thisdocument and present it to all interested stakeholders including sen-ior management.

The final exercise document includes all of the above, plus the finalupdates on the action item list: dates of review and completion.

A well-written exercise document should include the following sec-

Table 1 – The Altima Corporation Exercise Requirements Matrix

Test No. Facility – Plan Title Type of Exercise Frequency Participants1 Facility 1 – Occupant Emergency Plan (OEP) Fire Drill Biannual All Employees2 Facility 2 – Occupant Emergency Plan (OEP) Fire Drill Biannual All Employees3 Facility 1 – Incident Management Plan (IMP) Simulation Annual Local Incident Response Team4 Facility 2 – Incident Management Plan (IMP) Simulation Annual Local Incident Response Team5 Integrated Facility IMP Simulation Annual Local Incident Response Teams6 Facility 1 – OEP & IMP Orientation Biannual New Employees & Leadership7 Facility 2 – OEP & IMP Orientation Biannual New Employees & Leadership3 Facility 1 – Accounting – Payroll Plan Simulation Annual Business Unit Recovery Teams:

Accounting and IT3 Facility 1 – Sales & Marketing – Simulation Annual Business Unit

Communication Plan Recovery Team3 Facility 1 – Human Resources Plan Simulation Annual Business Unit Recovery Team4 Facility 2 – Human Resources Plan Simulation Annual Business Unit Recovery Team8 Facility 1 – Legal Plan (**NEW**) Table Top Annual Business Unit Recovery Team4 Facility 2 – Product Management Plan Simulation Annual Business Unit Recovery Team4 Facility 2 – Customer Service & Support Simulation Annual Business Unit Recovery Team9 Facility 1 – IT – Critical Systems Operational Annual Technical Operations Recovery

Teams10 Facility 2 – IT – Critical Systems Operational Annual Technical Operations Recovery

Teams

Table 2 – The Altima Corporation Updated Exercise Requirements Matrix

Facility –Plan Title Type Scheduled Date and TimeFacility 2 – Occupant Emergency Plan (OEP) Fire Drill 6/22/07 10:00 AM EDTFacility 1 – Incident Management Plan (IMP) Simulation 4/20/07 1:00 PM CTFacility 2 – Incident Management Plan (IMP) Simulation 8/30/07 9:00 AM – 1:00 PMIntegrated Facility IMP Simulation 11/8/07 9:00 AM – 1:00 PM


tions, although there may be other sections pertinent to a particularcorporation and its culture.

ExerciseScope of exerciseScheduled date and timeType of exercisePlan(s) to be exercised and scope of executionExercise goalsExercise objectivesExecution scenarioExercise artificialitiesExercise assumptionsExercise scenario, (including actual date/time, simulated date/time,

message or information, delivered how and delivered by)Instructions to the participantsCommunications protocol

ParticipantsFacilitatorExercise assistantDesign teamSimulation teamObservation teamRecovery team

Exercise/Debriefing SummaryWritten evaluation responses

Verbal evaluation responsesRecommendations for improvement (including description,

responsible party, due date, review date and completion date)

STEP 4: TIPS FOR SCHEDULING ROOMS AND RESOURCES • Schedule all design team meetings necessary to prepare for the exer-

cise type. • For the simulation/mock disaster exercise, schedule a room large

enough for the number of participants anticipated to attend.• For the simulation/mock disaster exercise, schedule a room large

enough to hold the design team.• For the table top/walk-through exercise, schedule a room large

enough to hold all participants.• Be sure to reserve audio/visual equipment, projectors, flip charts,

markers, extra tables and chairs to accommodate the exercise. (Someof this may not become clear until you are into the “design” phaseof planning.)

Don’t miss Taking the Fear Out of BC Exercises: A Blueprintfor Success, Part II: Design for Results in next month’s issueof CPM-Global Assurance.

About the AuthorTelva Chase has more than 27 years of software engineering and sevenyears of full-time BC/DR experience. In 2002 she created and current-ly is the director of the business continuity program office for ThomsonScientific & Healthcare (www.thomson.com). Questions and commentsmay be directed to [email protected].

Table 3 – The Altima Corporation Updated Exercise Requirements Matrix

Facility/Plan Title Type Scheduled Date Begin Design Teamand Time Design

Facility 2 – Occupant Emergency Plan (OEP) Fire Drill 6/22/07 10:00 AM EDT 6/15/07 BCPO Rep Facility MgrHR Mgr

Facility 1 – Incident Management Plan (IMP) Simulation 4/20/07 1:00 PM CT 1/20/07 BCPO RepFacilities RepHR RepSales RepIT Rep

Facility 2 – Incident Management Plan (IMP) Simulation 8/30/07 9:00 AM – 1:00 PM 5/31/07 BCPO RepFacilities RepHR RepProduct RepCS Rep

Integrated Facility IMP Simulation 11/8/07 9:00 AM – 1:00 PM 8/9/07 BCPO RepFacilities RepHR RepSales RepProduct RepCS RepIT Rep


GlobalAssurance

PRODUCTSTRACE-LEVEL DETECTION SYSTEMFOR BIOLOGICAL, CHEMICAL,EXPLOSIVE THREATSThe United Kingdom’s Mesophotonics,focused on reproducible detection surfaces,has refined its SE1000 Toolkit for use inhomeland security and defense applicationareas. Comprising a Mesophotonics Ramanspectrometer and the Klarite substrates, thisplatform enables faster, trace-level identifica-tion of explosive, chemical and biologicalsamples.

The SE1000 is based around the relative-ly new technique of Surface EnhancedRaman Spectroscopy (SERS), which increas-es the normally very weak Raman signals byas much as a million-fold, providing highsensitivity to detect molecules even at sub-picogram levels. Until now, Klarite effective-ly changes the applicability of the techniqueby using a substrate with a stable, uniformstructure.

The announcement comes soon afterfindings of a recent proceedings paper were

presented by the Army ResearchLaboratories at SPIE Optics East in October2006. This work demonstrates the use ofKlarite substrates to detect and identifydeadly spores from organisms, such asBacillus.

Mesophotonics is currently working withseveral partners in the homeland securityand defense arenas to synergize its SERSdetection technology with existing comple-mentary systems.

www.mesophotonics.com

NETWORK BACKUP, RECOVERYSOLUTION TO REPLACE STORAGETAPESCFC Technology Corporation, Minneapolis,Minn., has released the SafetyVAULT™Solution for local and remote data backupand recovery.

A bank or credit union, for instance, mustcomply with regulations regarding data man-agement and recoverability in the event itsnetwork fails. However, many financial insti-

tutions currently bet on older tape systemsto backup files from a network’s range ofdigital assets, including desktops and alltypes of servers. Backup tapes have apropensity for failing. In some cases, filledbackup tapes must be transported andstored in a warehouse. This exposure maycontribute to their vulnerability.

The solution mirrors and retains data,which is optimized to decrease the physicalstoring of a large amount of data. It eliminatestypical bandwidth issues and long transferrates, and it backs up and recovers Windowsdesktop and servers, Novell products andsolutions, Unix and Linux operating systems,check and document imaging solutions andbank or credit union core solutions.

SafetyVAULT features Disk-BasedRecovery Appliance from Data Domain,Santa Clara, Calif., which employ data dedu-plication technology to make restore andbackup functions faster and more reliablethan existing solutions.

www.cfcfs.com

Call For Papers Open!

Do you have what it takes to be part of the CPM 2007 EAST conference faculty?

We are looking for professionals in business continu-ity/COOP, emergency management and security to

deliver advanced-level lectures, case studies and inter-active workshops geared toward experienced plan-ners. CPM 2007 EAST will take place November 13-15 at the Gaylord Palms Resort in Orlando.

www.ContingencyPlanning.com/events/east

OVERVIEW

Welcome to CPM 2007 WEST

This premier training event will provide you with a

complete risk management education, as well as many

opportunities to network with your professional peers. CPM

is dedicated to the convergence of business continuity/

COOP, emergency management and security to enable you

to prepare a comprehensive and effective plan so your

organization prevails in the face of disaster.

10 Reasons to Attend4 Learn to Save Your Company! See pages 8-17

4 Hear Two Keynote Speakers! See page 3

4 Gain a Professional Peer Network! See pages 3-4

4 Increase Your Professional Worth! See pages 18-19

4 Participate in a Disaster Simulation! See page 11

4 Earn 29 CEUs or more! See page 19

4 Find a Solution! See page 5

4 Avoid Costly Mistakes! See pages 8-17

4 Get Certified! See pages 18-19

4 Attend Three Conferences in One! See pages 8-17

ww

w.C

on

tin

gen

cyPl

ann

ing

Exp

o.co

m

22

CONTENTSNetworking Events. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Exhibit Hall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

At-a-Glance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Training & Certifications . . . . . . . . . . . . . . . . . . . . . . 18

Hotel & Travel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

The Fine Print . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Registration Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Produced by

The CPM Group

3141 Fairview Park Dr., Suite 777

Falls Church,VA 22042

800.517.8966

703.876.5059 Fax

CPMEvents@ContingencyPlanning. com

www. ContingencyPlanningExpo. com

“Each conference builds upon the last in terms of

the quality of the presenters, timeliness of the

topics, and inclusiveness of the participants,

excellent networking opportunities, the effec-

tiveness of the conference settings, and the care

and attentiveness of the CPM staff from the reg-

istration process through conclusion of the

event. All first rate – I look forward to CPM 2007

WEST with the absolute belief that it will be the

very best yet.”

Richard Iselin,

Senior Advisor for Operations,

U.S. Department of State

Photo courtesy of The Mirage

NETWORKING EVENTS

Welcome Breakfast and Keynote AddressTuesday, May 22 • 8:00 AM – 9:30 AM

“Why Should Your Boss Should Listen to You?

How to Become a Trusted Strategic Advisor”

James E. Lukaszewski, ABC, APR,The Lukaszewski Group Inc.

Providing credible strategic advice and

thinking strategically is what most of us,

whether as a staff member or an outside

consultant, truly seek to accomplish. This

includes initiating and helping develop

strategic options for operational and orga-

nizational leadership. Being respected as a

strategist and trusted advisor ties into three of the crucial

questions this presentation answers: How do I get invited to

the table before all the decisions are made and before con-

sultants get in the way? How do I earn a continuous seat at

the strategy table? And what do I have to do to get that call

from the boss ahead of everyone else? Be ready to be called

on in this highly interactive keynote address!

James E. Lukaszewski is most frequently retained by sen-

ior management as a trusted outside advisor to directly

intervene and manage resolution of serious corporate prob-

lems and threats. He coaches CEOs, is a prolific author and

speaker and has been quoted in major business publica-

tions. The recipient of many academic and professional

awards, his name appears in Corporate Legal Times as one of

“28 Experts to Call When All Hell Breaks Loose,” and in PR

Week as one of 22 “crunch-time counselors who should be

on the speed dial in a crisis.”

*Breakfast will be served until 8:25 AM. Please be seated by this time.

Luncheon and Keynote AddressTuesday, May 22 • 12:30 PM – 2:00 PM

“Ten Avoidable Mistakes for Executives in Resiliency

Management”

Jon Murphy, CHS-V, PMP, CISSP, CBCP, Expedia

So you have a continuity plan.Think you

have resiliency covered? Think again.This

multi-media presentation, with real-world

examples and humorous anecdotes, will be

about more than just theoretical “best prac-

tices.”Practitioners’ and executives’ eyes

alike will open to the realities of what it

takes to be truly prepared and capable of responding in an all-

hazards approach.This session will look at the “hardening of

attitudes”disease befalling most top leadership that results in

the 10 most common mistakes corporate and governmental

entities face when implementing resiliency programs.

Jon E. Murphy is the Enterprise Compliance & Disaster

Recovery Manager for Expedia. He is a nationally well-

regarded technology and homeland security speaker and

writer. Holding CISSP, CHS-V, PMP, CBCP certifications, and an

active “secret” security clearance, Jon authored the BioWatch

Consequence Management Plan and was initiating Project

Manager for DR Planning in the largest U.S. coastal city.

Additionally, he has authored numerous continuity of opera-

tions, continuity of government, comprehensive emergency

management plans, counter-terrorism annexes to CEMPs,

and co-authored the nation’s first Unified Command Plan

under NIMS for Super Bowl XXXIX.

*Lunch will be served until 12:55 PM. Please be seated by this time.

ww

w.C

on

ting

encyPlan

nin

gExp

o.com

3

Exhibit Hall Grand Opening ReceptionTuesday, May 22 • 5:00 PM – 7:30 PM

Join one of our best-attended events as the

exhibit hall opens to reveal a showcase of

the industry’s hottest vendors! They have

the products and services you need to go

home with a solution. As you tour the offer-

ings, enjoy sampling various libations and

hors d’oeuvres.

Phot

o co

urte

sy o

f The

Mira

ge

NETWORKING EVENTS

Attendee Networking BreakfastWednesday, May 23 • 7:30 AM – 9:00 AM

An attendee favorite! This is your perfect

opportunity to meet exactly who you’re look-

ing for. Tables will be labeled by industry so

you can sit with others who face similar pro-

fessional challenges. This event is only avail-

able to paid conference attendees and

speakers.

Continental Breakfast and Prize RaffleThursday, May 24 • 8:30 AM – 10:00 AM

Rise and shine! Head down to the exhibit hallto begin your last day at CPM 2007 WEST. We’llprovide the caffeine and a continental break-fast. Find out if you’ll be taking home a prize,given by our generous exhibitors.w

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

4

Exhibit Hall LuncheonWednesday, May 23 • 12:00 PM – 12:45 PM

Don’t let hunger pains keep you from visiting exhibitors. Grab somelunch in the hall and use this dedicated exhibit hall time to chat withvendors and register for great giveaways!

Cake and CoffeeWednesday, May 23 • 1:45 PM – 2:15 PM

Sessions resume at 2:45 pm, so before you go back to class, find yourfavorite sweet! Discuss your challenges with vendors over a hot cuppajoe.

EXHIBIT HALLw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

5

Make the most out of

your time at CPM by

touring the exhibit hall and

speaking with the knowl-

edgeable vendors who serve

the industry. Discover new

solutions. Attend the special

events taking place in the

hall each day.

Exhibitors at CPM cover all

aspects of preventing, plan-

ning for and recovering from

disasters. Solutions in the

hall include:

• Emergency Notification and

Business Communication

Services

• Business Continuity

Planning and Disaster Recovery Software and Services

• Business Continuity Training and Education

• Enterprise Solutions for Disaster Recovery and Business

Continuity

• Disaster Restoration Services

• Pandemic Preparedness

• Hot Site Negotiations

• Disaster Ready Disk-Based Backups

• Temporary Office Furniture Rentals

• Decontamination Trailers and Accessories

• Personal Protection Equipment

• Security Solutions

Tuesday, May 225:00 PM – 7:30 PM

Exhibit Grand Opening Reception

Wednesday, May 23 12:00 PM – 2:30 PM

Exhibit Hall Luncheon from 12:00 PM – 12:45 PM

Cake and Coffee from 1:45 PM – 2:15 PM

Thursday, May 248:30 AM – 10:00 AM

Continental Breakfast and Prize Raffle

Phot

o co

urte

sy o

f The

Mira

ge

ww

w.C

on

tin

gen

cyPl

ann

ing

Exp

o.co

m

6

AT-A-GLANCE

Monday, May 21, 20072:00 PM - 6:00 PM Registration Open

Tuesday, May 22, 20077:00 AM - 5:00 PM Registration Open

8:00 AM - 9:30 AM Welcome Breakfast and Keynote Speaker

9:45 AM - 5:00 PM

BC1: Tutorial: Business Continuity 101 (100L)

9:45 AM - 11:00 AM

BC2: The Shifting Landscape of Business Continuity (300L)BC3: Roundtable: BC in the Insurance Industry (300R)EB4: Pandemic Influenza: The State of the Threat (300L)EB5: Calling 911… And No One Answers (300L)LB6: A New Model for Defending the Country and Enterprise Critical Infrastructure (300L)

11:15 AM - 12:30 PM

BC8: Corporate First-Responder Training (200L)SB9: Prioritizing Security Measures (400W)BC10: Putting the Business in Business Continuity (400L)SB11: Data Backup: A Lesson in Outsourcing (300C)LB12: Communicating in the Media Spotlight (300W)

12:30 PM - 2:00 PM Luncheon and Keynote Speaker

2:15 PM - 3:30 PM

BC14: Regulatory Expectations for Financial Institutions (200L)BC15: Business Impact Analysis - Lessons Learned (400L)BC16: Risk Management and Insurance Aspects of the BC Plan (300L)SB17: Protecting Your Network from E-mail and Messaging Threats (300L)EB18: Emergency Plans: Size Doesn’t Matter (300L)

3:45 PM - 5:00 PM

BC20: Establishing Mission-Critical Employee Programs and Policies (300L)BC21: Little Fire, Big Problems (500C)SB22: Security Zone Basics (300L)EB23: Emergency Preparedness and Continuity Planning: Ensuring an Enduring Congress (100L)LB24: Training Teams for Success (300L)

5:00 PM - 7:30 PM Exhibit Hall Grand Opening Reception

Wednesday, May 23, 20077:30 AM - 5:00 PM Registration Open

7:30 AM - 9:00 AM Attendee Networking Breakfast

9:15 AM - 12:00 PM

BC26: Disaster Simulation Exercise (300W)

9:15 AM - 10:30 AM

BC27: Does Your Plan Pass the WAIT Test? Advanced Methods for Lowering Business Recovery Timeframes (400C)SB28: Federal Rules Strengthen Stronger Ties for Legal Discovery (300L)EB29: Enterprise Incident Management: Your Biggest Challenge and Opportunity (500L)LB30: Ask the Consultants! (300P)LB31: Organizational Resilience: The 21st Century Solution (300L)

AT-A-GLANCE

10:45 AM - 12:00 PM

BC33: Consulting 101 (100L)BC34: Best Practices for Business Continuity Planning (200L)EB35: Developing and Implementing Continuity Plans for Local Government (300C)EB36: Planes, Trains and Automobiles: Security Tips for the Road Warrior (400L)LB37: Psychic Leadership: Teaching to the Models (400L)

12:00 PM - 2:30 PM Exhibit Hall Open

12:00 PM - 12:45 PM Exhibit Hall Luncheon

1:45 PM - 2:15 PM Cake and Coffee

2:45 PM - 4:00 PM

BC41: Global Standards in Business Continuity (300L)SB42: Physical Security: Your BC Partner (400L)EB43: Small Business and Pandemic Preparedness (100L)EB44: Achieving Emergency Preparedness: A Course for Healthcare Executives (200L)LB45: Using Consultants Wisely (200L)LB46: Awareness Program: What Do I Do? (300L)

4:15 PM - 5:30 PM

BC47: Financial Services Sector Public-Private Partnerships (100L)BC48: Critical Incident Management for BCP (300L)BC52: Risk Evaluation and Control: Guidance from the NIST (500L)SB49: Keeping Schools Safe for Learning (300L)EB50: Germ Warfare: Biosciences Mitigate Risks Through BCP (300C)EB51: Fiddling While Rome Burns - Lessons in Risk Financing (400P)

Thursday, May 24, 20078:30 AM - 10:00 AM Registration Open

8:30 AM - 10:00 AM Exhibit Hall Open

8:30 AM - 9:30 AM Continental Breakfast and Prize Raffle

10:00 AM - 11:15 AM

BC54: The Process of Exercising Plans (200W)BC55: Roundtable: Financial Industry Focus (300R)BC56: Conducting a Business Continuity Plan Audit (300L)SB57: Data Security in a Distributed World (400L)EB58: Supply Chain Risk Mitigation in the Developing World (300C)LB59: The Missing Link: Adding People to Your Contingency Planning (500L)

11:30 AM - 12:45 PM

BC61: Negotiating RTOs (300L)BC62: Corporate Incident Management and Emergency Response Integration (300C)SB64: To Beat the Terrorist, Think Like a Terrorist (300L)SB65: The Convergence of Security and Business Continuity (500L)EB67: What Haven’t You Considered? (400L)

ww

w.C

on

ting

encyPlan

nin

gExp

o.com

7

BC = Business Continuity IssuesSB = Security & Business Continuity Issues

EB = Emergency Management & Business Continuity Issues

LB = Leadership & Business Continuity Issues

C = Case StudyL = Lecture

W = WorkshopP = Panel Discussion

R = Roundtable Discussion

100 = Beginner200 = Intermediate300 = Intermediate

400 = Advanced500 = Advanced

Track Level Format

SESSIONSw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

8

Tuesday, May 22, 2007

TUTORIALBC1: Business Continuity 101 (100L)

Kelley Okolita, Hanover Insurance

9:45 AM - 5:00 PM

This popular all-day session provides a solid foundation for

understanding business continuity principles and processes.

This course is a starting point for all new planners and, when

combined with other sessions at the conference, builds a

framework for developing and implementing a business

recovery plan. Learn all about safety, incident response, risk

analysis, recovery strategies, plan development, plan testing

and maintenance and awareness programs. This is also a ter-

rific refresher course for more experienced planners.

Participants receive a manual and sample recovery plan.

Tuesday, May 22, 2007

BC2:The Shifting Landscape of Business Continuity (300L)

J.R. Hildreth, Wyeth Pharmaceuticals and Scott Ream, Virtual

Corporation

9:45 AM - 11:00 AM

Several trends in business continuity represent inevitable and

irrevocable shifts for the BC professional. Learn how to antici-

pate the shifting landscape. Organizations that fail to recog-

nize these shifting trends become vulnerable when faced with

a disruptive event. Get an overview of these macro variables

that include IT security, global travel, terrorist attacks, global

outsourcing and costly weather events.These shifting trends

will be the catalyst that restructures the business continuity

landscape and shape the way BC professionals and companies

rethink their planning.This approach to BC program design

will enable practitioners to create appropriate responses to

anticipated and unanticipated events.

BC3: Roundtable: BC in the Insurance Industry (300R)

Facilitator: Pamela Hughes, CISSP, CBCP, CRP, CCP, DTM, L3

Communications

9:45 AM - 11:00 AM

Are you responsible for business continuity planning within

an insurance company? Network and learn from other pro-

fessionals from your industry as you discuss the challenges,

solutions and current issues affecting your business.

EB4: Pandemic Influenza: The State of the Threat (300L)

Randall Terpstra, TAMP Systems

9:45 AM - 11:00 AM

The human race is at war. Our opposition, Mother Nature, has

concocted a nasty biological weapon in the form of H5N1, or

avian influenza.This session provides BC planners with addi-

tional tools to insure that their company plans can accommo-

date the potential impacts of an outbreak of avian influenza in

the United States.The eight essential components that have

been identified, including business continuity, critical supply

chain management, employee absenteeism, HR pandemic poli-

cies/procedures, technological impact planning and infectious

disease control, are all key subjects for expanded discussion

and presentation. Attendees will leave with a higher level of

awareness for BC planning to accommodate a potential pan-

demic incident. By adopting the methodology of assess - build

- test - train - respond, attendees will have a complete solution

from start to finish that can be practically used to protect

employees and organizations during a pandemic event.

EB5: Calling 911… And No One Answers (300L)

Stevan P. Layne, CPP, CIPM, Layne Consultants International

9:45 AM - 11:00 AM

Whenever there’s a major catastrophe or massive incident, the

possibility of overwhelming emergency lines and agencies

exists.This session addresses the minimal preparations busi-

ness and industry need to make to assure communications are

not interrupted, medical assistance is available, a law enforce-

ment response is forthcoming and fire suppression is available.

Regardless of the size of the organization, the budget or the

resources, preparations must be made to enhance life safety.

This session is appropriate for risk managers, security man-

agers, business managers and other administrators and

addresses basic preparations, as well as details that should be a

part of an advanced emergency operations plan.

LB6: A New Model for Defending the Country and

Enterprise Critical Infrastructure (300L)

Maitland Hyslop, Onyx Group

9:45 AM - 11:00 AM

The threats faced by OECD countries, according to their intelli-

gence agencies, are terrorism, weapons of mass destruction,

regional conlicys, organized crime and espionage.We need

new institutions, particularly public/private partnerships, to

SESSIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

9

effectively defend critical infrastructure.This session will review

the status quo, why partnerships are needed and ways in

which they can be effectively introduced.

BC8: Corporate First-Responder Training (200L)

Herve Riou, CEM, Montague Technology Management

11:15 AM - 12:30 PM

In case of an immediate emergency in your workplace,

someone will need to take the lead as your internal “first

responder” until the professionals arrive. What kinds of train-

ing do these people need and what are the most useful

“instincts” for this kind of position? This session deals with

sources of useful training for these employees and the kinds

of characteristics that make some people particularly suc-

cessful as corporate first responders. Learn effective tech-

niques to sell this concept to your senior management and

to your designated first responders.

SB9: Prioritizing Security Measures (400W)

Laura Nuzzo and Nick Owen, PA Consulting

11:15 AM – 12:30 PM

Attendees will gain an understanding of the importance of risk

assessment to the business continuity planning process. In a

workshop setting, attendees will learn how to evaluate the abil-

ity of specific security measures to reduce risk to critical busi-

ness process assets.This information will be used to perform a

cost/risk analysis, which will show how to derive maximum

value from a security improvement program. A sample sce-

nario will be introduced consisting of a business process asset,

and a specific threat to the welfare of the asset. Attendees will

then evaluate the risk level of the asset in terms of its criticality

and vulnerability, choose from a list of potential security meas-

ures that will help to mitigate the threat, and determine a new

risk level for the asset given the new protections. A cost/risk

analysis will also be performed to determine the best alloca-

tion of business continuity funding.

BC10: Putting the Business in Business Continuity (400L)

Steven Ross, CBCP, CISSP, CISA, Deloitte & Touche

11:15 AM - 12:30 PM

While we say business continuity, we generally mean conti-

nuity after a disastrous or disruptive incident. We must learn

from the myriad interruptions and delays that occur every

day, because the way in which we respond to them will cre-

ate learned behaviors that will be followed in the event of a

serious disruption. Moreover, understanding the causes of

and responses to relatively minor problems can help us to

improve business continuity and IT disaster recovery plans.

This sessions offers an approach to achieving continuity as a

day-to-day business objective and continually making plans

for recovering from real disasters better.

SB11: Data Backup: A Lesson in Outsourcing (300C)

Prabhakar Sonparote, Synovate Americas

11:15 AM - 12:30 PM

The growing global business at Synovate brought with it

new data backup and recovery challenges. As it expanded,

the firm was under pressure to avoid downtime, safeguard

increasing data volumes and comply with Sarbanes-Oxley.

The company lacked confidence that remote office or lap-

top data was backed up regularly or completely. Local back-

ups proved difficult for IT to supervise from a central loca-

tion. In this case study, learn business challenges, solutions

and results, including increased data availability and securi-

ty, improved productivity, IT time and costsavings and full

visibility into audit trails for regulatory compliance.

LB12: Communicating in the Media Spotlight (300W)

Jim Stanton, Jim Stanton & Associates

11:15 AM - 12:30 PM

When a crisis occurs, members of the media want answers

quickly. When dealing with the media, you need to know

what questions they will ask and how to answer them. Learn

the 12 steps to powerful crisis communications and how to

be “message driven.” Leave this session with proven tactics

that can be used in any situation.

BC14: Regulatory Expectations for Financial Institutions

(200L)

Peter Carter, Comptroller of the Currency

2:15 PM - 3:30 PM

The Federal Financial Institutions Examination Council hand-

book for corporate contingency planning is a key benchmark

tool for compliance in the banking industry.This session pro-

vides insight into what banking regulators look for during

exams and regulators’ approaches to auditing business conti-

nuity plans. Examination tools and techniques for evaluating

business continuity capabilities will be highlighted.

SESSIONSw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

10

BC15: Business Impact Analysis - Lessons Learned (400L)

Robert L. Moisoff, MBCP, ADP

2:15 PM - 3:30 PM

Unfortunately, no BIA formula or template fits all organiza-

tions, or an isolated industry. Although many tools and

guidelines are available, experience has shown that each

organization has specific goals and objectives it wishes to

achieve from the BIA. By concetrating on common areas and

processes, attendees of this session will gain tools and a

methodology to achieve the results that best serve their

organizations. Centering on good examples, this session

elaborates on best practices for anticipated adjustments,

philosophical conflict resolution, rollout walkthrough, user

handholding, draft reviews and adjustments, drop dead

dates, missed delivery deadlines, summary conclusions and

next steps. A free template will also be offered.

BC16: Risk Management and Insurance Aspects of the

BC Plan (300L)

Jim Olsen, Georgia State University

2:15 PM - 3:30 PM

Many people are familiar with the basics of business conti-

nuity planning, but few have a good understanding of the

insurance coverage that needs to be in place if disaster

should strike. For many business owners, the survival of the

entity will depend on whether or not they are adequately

insured. Join this briefing on risk management and insur-

ance requirements for an effective disaster recovery pro-

gram. Learn about time element coverages, such as business

income and interruption insurance, use and occupancy,

extra expense coverage, calculating maximum loss scenar-

ios, loss notification issues, duties of policy holders, valuable

papers and records issues and a host of other insurance

concepts that affect the claim recovery process. A useful

handout will be provided.

SB17: Protecting Your Network from e-Mail and

Messaging Threats (300L)

Paul Judge, Secure Computing

2:15 PM - 3:30 PM

The widespread adoption of e-mail has been accompanied

by the development of malicious code: that is e-mail viruses

and attacks. Networks have been breached by worms and

viruses, as well as by crackers, through the use of e-mail.

Hackers can easily circumvent the protection offered by a

firewall by tunneling through the e-mail protocol. Threats

such as spam, viruses, spyware and phishing continue to

grow in volume and sophistication. At the same time, new

communication channels, such as instant messaging,

Webmail and VOIP, are starting to suffer from the same secu-

rity problems. As these protocols experience rapid employ-

ee adoption and hackers become more adept, organizations

are trying to determine how to stay ahead of threats and

keep the messaging infrastructure secure. Learn real-life

implementation issues, challenges and best practices for

protecting today’s messaging infrastructures at this session.

EB18: Emergency Plans: Size Doesn’t Matter (300L)

Jeffrey Goldberg, CHS-III, DSD Laboratories, Inc.

2:15 PM - 3:30 PM

Is your emergency plan the size of the New York City tele-

phone book? Is it collecting dust because it is too heavy to

pick up? See what it takes to write an operational emer-

gency plan that is clear, concise and, most of all, light.

BC20: Establishing Mission-Critical Employee Programs

and Policies (300L)

Pam Buhr, CBCP, Blue Cross Blue Shield of Florida

3:45 PM - 5:00 PM

Learn the importance of, and the process to establish, a mis-

sion-critical employee program. Hear what a mission-critical

employee policy should include and what is involved in the

ongoing maintenance of such a program.

BC21: Little Fire, Big Problems (500C)

Geoff Turner, CBCP, Tribune Media Services

3:45 PM - 5:00 PM

When fire destroyed a building power switch, TV viewing for

millions of people was in jeopardy, movie theaters faced sig-

nificant financial hardships and newspapers feared loss of

advertising revenue. Interactive television guides, entertain-

ment Web sites and scrolling cable guides would have gone

dark were it not for good planning, good luck and the dedi-

cation of many people. This session will discuss the benefits

of working with local fire and utility officials, the need to

practice more than data recovery and the hidden strengths

of your core asset - people. The benefits and risks of home-

grown recovery solutions will be examined, as well as the

SESSIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

11

need to train senior management before the event hap-

pens. Learn why parts of your plan are only an outline, not a

script.

SB22: Security Zone Basics (300L)

Douglas Conorich, IBM

3:45 PM - 5:00 PM

Every year, hackers and virus writers discover and exploit an

increasing number of security vulnerabilities in corporate

and organizational information technology infrastructures.

Enterprise security programs need to address these new

threats, but many companies aren’t aware of the risks or the

potential losses posed by inadequate security. Learn about

the importance of security zone management in protecting

your information technology infrastructure and your enter-

prise. Topics include flow of information between security

zones, management of identity across security zones, han-

dling attacks and limiting potential for threats to security

zones containing highly valued assets.

EB23: Emergency Preparedness and Continuity

Planning: Ensuring an Enduring Congress (100L)

David A. Vignolo, US Senate Office of the Sergeant at Arms

3:45 PM - 5:00 PM

This session will provide an overview of the Senate’s organi-

zational structure and emergency response program, as well

as a history of the Senate’s continuity program since its

inception in September 2000. It will describe the structure

and operations within the Senate, including emergency

planning programs and continuity of operations program,

including the development and implementation of its vital

records program, employee alert and notification proce-

dures and continuity of operations guidance for member

offices, as well as COOP support personnel. Discussions will

focus on the vital role that testing, training and exercises

play in the ongoing continuity and security programs.

LB24: Training Teams for Success (300L)

W. Timothy Coombs, PhD, and Sherry Holladay, PhD,

Eastern Illinois University

3:45 PM - 5:00 PM

We expect a lot from teams in organizations, including han-

dling BC and crisis management, but often, we unknowingly

set teams up for failure. There are a number of myths that

shape how we use teams in organizations and inadvertently

promote failure. This session will identify and debunk five

common team myths. Participants will follow along with

checklists to see which myths and which product tech-

niques they are currently using. Learn ways to build a foun-

dation for team success and gain a greater understanding of

what helps and what hinders success.

Wednesday, May 23, 2007

BC26: Disaster Simulation Exercise (300W)

Jeffrey Goldberg, CHS-III, DSD Laboratories, Inc. and Andrea

Hollman, United Space Alliance

9:15 AM - 12:00 PM

Don’t be caught unprepared! Find out how you would per-

form in an actual disaster. This dynamic workshop will be

more interactive and real than ever before! Registration to

this popular workshop is limited – sign up early to reserve

your seat.

BC27: Does Your Plan Pass the WAIT Test? Advanced

Methods for Lowering Business Recovery Timeframes

(400C)

Frank Perlmutter, Strategic BCP

9:15 AM- 10:30 AM

Many organizations don’t know how their plans will fair

until it’s too late. Bad planning can be just as disastrous as

having no plan at all. This interactive session will explore

the plight of one organization that thought it had planned

well but encountered many pitfalls in the recovery effort. A

review of what went wrong in each stage of planning and

recovery and the organizational impacts will be offered.

Advanced planning and recovery techniques will also be

discussed to provide better measures of risk, employ more

efficient recovery strategies and significantly reduce recov-

ery timeframes.

SB28: Federal Rules Strengthen Stronger Ties for Legal

Discovery (300L)

John Gubernat, EMC Corporation

9:15 AM - 10:30 AM

With the new Federal Rules of Civil Procedure having taken

effect in December 2006, organizations need to ensure they

ww

w.C

on

tin

gen

cyPl

ann

ing

Exp

o.co

m

12

SESSIONS

can appropriately and efficiently produce electronic evi-

dence (documents, e-mails, etc.) in lawsuits. The ongoing

penetration of information technology into the enterprise

enables tremendous efficiencies, but also generates

unprecedented volumes of information that must be prop-

erly managed, retained and discovered. Previously

addressed as separate issues, information management and

legal discovery must now align to address issues like litiga-

tion requests. Attendees will learn why the new federal rules

will motivate organizations to map sources and responsibili-

ties around a proactive process. In addition, attendees will

learn why legal and IT departments must work in unison to

ensure appropriate record retention and archival practices

are in place in order to adhere to regulatory requirements

and litigation best practices.

EB29: Enterprise Incident Management: Your Biggest

Challenge and Opportunity (500L)

Gerald T. Varney and Douglas Weldon, FBCI, Vigilant Services

Group

9:15 AM - 10:30 AM

Most business continuity plans include documentation of

teams/procedures for response to disaster events that pro-

vide for timely activation of business/IT continuity/recovery

teams/procedures. Documentation to respond directly to

threats, evacuate facilities and manage the full life-cycle of

any potential crisis event, however, is often not incorporated

into planning activitites. In many cases, such planning for

the full life-cycle of an incident is spread around the enter-

prise or not performed at all, leaving many potential gaps in

the ability of the enterprise to effectively manage a major

incident. The challenges for the BC professional in this larger

planning/coordination role are daunting, but the opportuni-

ty to improve incident management capabilities is

immense, as is the opportunity to increase the influence of

the BC role. This session will outline the structure and strate-

gies for overcoming challenges and fulfilling the opportuni-

ty of the enterprise incident manager.

LB30: Ask the Consultants! (300P)

Ted Brown, CBCP, KETCHConsulting

9:15 AM - 10:30 AM

In this attendee-driven session, a panel of experts will answer

all of your burning questions.The priceless advice you receive

could be worth the cost of the entire conference.

LB31: Organizational Resilience: The 21st Century

Solution (300L)

Jim Nelson, MBCP, Business Continuity Services, Inc.

9:15 AM - 10:30 AM

Twenty-first century organizations are taking on the new chal-

lenge of designing resilience into organizations so they can

bounce back from any kind of setback. Learn to design

resilience into the management of people, places, infrastruc-

ture and work processes necessary to meet the challenges of a

21st-century world.This session explores the 10 disciplines

that support resilient organizations of all kinds and identifies

the elements necessary for developing a resilient organization.

BC33: Consulting 101 (100L)

Patrick Dunn, SunGard Availability Services

10:45 AM - 12:00 PM

Designed for the person new to consulting or thinking

about going out on their own, this session will discuss

strategies for going “native” at a customer site, how to

behave and how to achieve maximum customer satisfaction

by being a professional, even if your customer is not.

BC34: Best Practices for Business Continuity Planning (200L)

Courtenay Enright, Symantec Corporation

10:45 AM - 12:00 PM

Interruptions to routine processes can have a major impact on

an organization and its interconnected web of business part-

ners. Most notable is the potential for lost revenue. But out-

ages can impact employee productivity and customer rela-

tionships, and they may have legal consequences.The most

effective business continuity plans are comprehensive in

nature, covering everything an organization must do and

implement, from conducting process reviews to developing a

resilient IT architecture. It is equally critical for organizations to

know what not to do as part of their business continuity plan-

ning efforts. Learn the most common pitfalls in BC planning

and how organizations can steer clear of these hazards.

EB35: Developing and Implementing Continuity Plans

for Local Government (300C)

D'arcy Elliott, Delta Factor and Richard Kirke, Strathcona County

10:45 AM - 12:00 PM

Strathcona County, one of Alberta’s largest and fastest grow-

SESSIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

13

ing mid-sized municipalities (urban/rural), embarked upon a

modest BCP pilot project four years ago, with only limited

corporate awareness, understanding and support. Today, the

program is embedded within the organization’s basic roles

and functions. It was not, however, a high-profile, big-bang

project, but rather an organizational approach that proved

its value step by step. In this session, learn the process fol-

lowed, the lessons learned and the critical factors to be

aware of to build a successful program in your own public

sector organization.

EB36: Planes, Trains and Automobiles: Security Tips for

the Road Warrior (400L)

Sherrye Ramirez, Universal Weather and Aviation

10:45 AM - 12:00 PM

Business travel is a constant. In order to conduct business for a

global company, that need will always exist. Security has been

heightened since 9/11 and continues to increase with each

additional like incident.What should you do to make travel as

safe and secure as possible? Learn valuable tips and advice to

help you with hotel safety, international travel and protecting

yourself and your property while on the road.

LB37: Psychic Leadership: Teaching to the Models (400L)

Stacy Willett, The University of Akron

10:45 AM - 12:00 PM

Business and government agencies are using crisis models

and simulations to teach crisis response. Can we actually

predict the demands of a crisis? How far do models take us

into the reality of managing a crisis situation from start to

end? This session will explore the questions not often asked

and commonly left out of practice.

BC41: Global Standards in Business Continuity (300L)

Paul Kirvan, FBCI, CBCP, CISSP, Prevalent Networks LLC

2:45 PM - 4:00 PM

This session provides a definitive update on all relevant

business continuity standards worldwide. Attendees will

gain a unique perspective on domestic and international

standards, such as NFPA 1600 and BC 25999, and their over-

all relevance to the business continuity profession.

SB42: Physical Security: Your BC Partner (400L)

Dennis A. Morgan, Honeywell Aerospace and Jim Nelson,

MBCP, Business Continuity Services, Inc.

2:45 PM - 4:00 PM

Ideal for both physical security and business continuity per-

sonnel, this session will explore the role of physical security

within a resilient organization as seen through the eyes of a

business continuity planner and a physical security manag-

er. Physical security is a vital partner to the BC program.

Learn how to partner with physical security when develop-

ing and activating emergency notification procedures,

establishing the incident command center, developing

emergency communications procedures and securing the

disaster site. Understand how physical security personnel

can serve as liaisons with local emergency agencies, assist in

physical recovery efforts, and re-establish the security base-

line at the recovery site. We will review the essential ele-

ments of a BC plan and the role that physical security can

take in order to build a resilient program.

EB43: Small Business and Pandemic Preparedness (100L)

Ralf Itzwerth, National Centre for Immunisation Research

2:45 PM - 4:00 PM

More than half of all employees in the United States work in

5 million small- to medium-size businesses (SMBs) and

organizations and produce about 70 percent of the gross

domestic product. Not many SMBs have the skills or

resources to be prepared for major process disruptions. The

imminent pandemic influenza poses a high-infection risk for

a large proportion of workers and could result in 30 to 50

percent absenteeism rates. This could force scores of SMBs

out of business. But SMBs are responsible for the health of

their often highly specialized staff and provide critical serv-

ices and products as part of highly integrated supply chains.

Which SMBs are most at risk? What can be done to better

prepare them? How can this be done? Learn first results

from a recent study.

EB44: Achieving Emergency Preparedness: A Course for

Healthcare Executives (200L)

James E. Paturas, CHS IV, Yale New Haven Health Center

2:45 PM - 4:00 PM

This session presents a high-level organizational view of

the roles and responsibilities of healthcare executives, as

SESSIONSw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

14

they pertain to their organization’s obligations to corpo-

rate, community and regulatory compliance. We will

examine key requirements, planning strategies and com-

pliance-related issues surrounding emergency prepared-

ness and disaster response. Attendees will be able to

review the elements of situational leadership and effec-

tive communications during a crisis, define the compo-

nents of an organization readiness assessment and dis-

cuss the importance of conducting a stakeholder analy-

sis. They will also be able to identify the responsibilities

of the healthcare executive when creating and executing

an incident command structure and the integration with

a community unified company system, define emer-

gency management stategic objectives and regulatory

requirements and identify the elements of surge capaci-

ty planning and response.

LB45: Using Consultants Wisely (200L)

Kathleen Lucey, FBCI, Montague Technology Management

2:45 PM - 4:00 PM

Overcome any fears you may have about hiring consultants

at this session. Learn how to use consultants effectively,

what situations are appropriate for consultants versus inde-

pendent subcontractors and how to find the very best.

Learn critical contractual provisions you should insist upon

and how to make sure you and your consultant have the

same expectations. Hear tricks of the trade to keep your

project on target and how to manage change when it

inevitably occurs.

LB46: Awareness Program: What Do I Do? (300L)

Pamela Hughes, CISSP, CBCP, CRP, CCP, DTM,

L3 Communications

2:45 PM - 4:00 PM

Everyone knows “awareness and training” is an accepted

professional practice that should be ongoing, but how do

we do it? Why is it important? Does one size fit all? These

questions and more will be addressed in this interactive ses-

sion. Each attendee will leave with ideas on how to create or

spice up their awareness program.

BC47: Financial Services Sector Public-Private

Partnerships (100L)

Kenneth Wright, DTCC

4:15 PM - 5:30 PM

This session includes a discussion on the roles and evolv-

ing partnership between the Financial Services Sector

Coordinating Council for Critical Infrastructure

Protection and Homeland Security and the Financial and

Banking Infrastructure Information Committee in plan-

ning for and coordinating efforts to better protect the

critical financial infrastructure of the United States.

BC48: Critical Incident Management for BCP (300L)

Randall Terpstra, TAMP Systems

4:15 PM - 5:30 PM

“Not all incidents are disasters but all disasters started as

incidents.” This pithy statement reflects a need in the

development of BCPs. It is imperative in today’s business

environment that BCP development expands its horizons

to include the “pre-disaster” management of an incident

before it escalates into a disaster that would require

“pulling the trigger” of the recovery portions of the BCP.

This presentation addresses the need to include human

resources, security and operations into the initial

response paradigm. Development of incident-specific

response plans (fire, terrorism, health emergency, etc.) is

discussed and tools that identify the critical point for

management decision for execution of the BCP.

Attendees will receive the best current industry thinking

on the development of initial incident response plans as

a component of the BCP.

SB49: Keeping Schools Safe for Learning (300L)

Stevan P. Layne, CPP, CIPM, Layne Consultants International

4:15 PM - 5:30 PM

Uncover the findings of the Secret Service and Department

of Education’s 2002 Safe Schools Initiative, which studied

targeted violence in schools and looked for ways to identify

and prevent these attacks. Learn the 10 key findings of this

important study and how it can be used to prevent these

tragic events. Central to the study’s findings was that while

there is no useful profile for would-be shooters, there are

identifiable behaviors that can provide educators and

administrators advance warning that a student or students

may be planning an attack. Preventing these violent acts

requires a concerted effort on the part of school officials

and law enforcement. While this study focuses on schools, it

also has applications to recognizing pre-attack behaviors in

the workplace.

SESSIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

15

EB50: Germ Warfare: Biosciences Mitigate Risks Through

BCP (300C)

Steven P. Craig, Consortium Business Continuity

Professionals, Inc. and George Paganini, BD Biosciences

4:15 PM - 5:30 PM

Learn about the improvements made to BD Biosciences’

operations as a result of implementing its BCP. The biomed-

ical company has implemented both tactical and strategic

options to mitigate potential risks exposed through the

process of developing its plans. Resultant recovery solutions

have had positive benefits on daily operations and longer

range strategic plans. BD Biosciences plans to address and

fully integrate emergency management, business recovery,

disaster recovery and crisis management.

EB51: Fiddling While Rome Burns: Lessons in Risk

Financing (400P)

Gregory V. Serio, Park Strategies, LLC

4:15 PM - 5:30 PM

Right now, insurers and insurance trade associations are bat-

tling one another for the “best idea” in financing risk,

whether through catastrophe reserves, federal funds, etc.

But are private businesses and the government on the short

end of this equation as insurers argue over the best

approaches? A panel of experts will explore different

approaches to risk mitigation financing; why it is important

to risk managers, BCP specialists and emergency respon-

ders; and what the root causes of the disagreements seem

to be. This session will also explore whether it is time for all

insurers to join forces to become a more prominent voice in

risk management activities of companies, building code

development and related matters.

BC52: Risk Evaluation and Control: Guidance from the

NIST (500L)

Mark Spreitzer, CBCP, CGI Federal Enterprise Security Practice

and Douglas Weldon, FBCI, Vigilant Services Group

4:15 PM - 5:30 PM

Risk evaluation and control is one of 10 standard practices

upon which professional certification is based for business

continuity professionals according to both the DRI

International and the Business Continuity Institute. Yet this

practice is one of the least understood, despite its critical

role in identifying requirements for developing BC solutions.

The National Institute of Standards and Technology (NIST) of

the U.S. government has developed comprehensive and

process-based guidance for conducting this practice in its

sp800-30 document, Risk Management Guide for IT Systems,

which is broadly applicable to all forms of risk assessment

and mitigation. This session provides a walkthrough of this

guidance to point out the key steps that facilitate excellent

risk management and control. Handouts will be provided

that will help map the risk assessment and mitigation

process using the NIST approach.

Thursday, May 24, 2007

BC54: The Process of Exercising Plans (200W)

John Kotas, CBCP, Allstate Insurance Company

10:00 AM- 11:15 AM

Allstate has created an enterprise-wide process that puts a

new spin on the old “crawl, walk, run”method of disaster

recovery and business continuity exercises.The process uses

strict guidelines to help a facilitator in each phase of the test-

ing process: preparation, execution and post-exercise activity.

Five different levels of exercises will be introduced, with each

having set prerequisites and objectives that must be achieved

to be successfully executed. Each application of business area

must pass all five levels to become enterprise operational

ready. Participants will receive tools including an exercise

worksheet, a fully functional scorecard and an issue log.

BC55: Roundtable: Financial Industry Focus (300R)

Facilitator: Peter Carter, Comptroller of the Currency

10:00 AM- 11:15 AM

Are you responsible for business continuity planning for a

bank or financial institution? Network and learn from other

professionals from your industry as you discuss the chal-

lenges, solutions and current issues affecting your business.

BC56: Conducting a Business Continuity Plan Audit

(300L)

Ted Brown, CBCP, KETCHConsulting

10:00 AM - 11:15 AM

In a recent survey, 37 percent of CFOs perceived their firms

to be most vulnerable in the area of disaster preparedness

and recovery. Just as companies conduct regular audits of

their financial controls, they should also examine their busi-

SESSIONSw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

16

ness continuity plans, ensuring that critical business

functions can be conducted in the event of a disaster, or

other major disturbance. This session will discuss ques-

tions that can be used in assessing a company’s BC pos-

ture.

SB57: Data Security in a Distributed World (400L)

Frank Brick, Arsenal Digital Solutions

10:00 AM - 11:15 AM

Data security was once a topic for IT staff’s eyes only

because data was generally confined to mainframes in well-

protected data centers. Today, business-critical information,

whether used for processing orders, scheduling production

or completing transactions, is forever on the move from the

data center to notebook computers to on- and off-site back-

up systems. This distributed world brings with it new data

risks. We’ve seen first hand that data is more vulnerable than

ever to loss, mishandling and black hats. Learn important,

often-hidden data security challenges, as well as regulatory

and business drivers for distributed data security. Discuss

why, with penalties so high and immediate, data security is

now essential for IT and business directors, up to and includ-

ing the corporate board.

EB58: Supply Chain Risk Mitigation in the Developing

World (300C)

David M. Einolf, ERM

10:00 AM - 11:15 AM

Explore the challenges of maintaining crucial business

relationships with suppliers operating in the developing

world, with a specific focus on Asia. This session reviews

the challenges of establishing reporting and planning

relationships with affiliates, joint ventures and suppliers

in Asia. We will examine case studies from several manu-

facturers that have established exclusive supply arrange-

ments and joint ventures with key suppliers overseas.

Learn about the contingency plans they have put in

place to address a wide range of hazards, ranging from

power outages to avian flu. We will review the impor-

tance of emergency planning for key employees, repre-

sentative offices and wholly owned subsidiaries operat-

ing in Asia.This session addresses some of the key risk

factors of business in the developing world and discuss-

es mitigation strategies with the audience to formulate

successful programs to address these risks.

LB59: The Missing Link: Adding People to Your

Contingency Planning (500L)

Liz Guthridge, Connect Consulting Group

10:00 AM - 11:15 AM

While many business continuity plans focus mainly on

dimensions, all crises touch people, and people make

organizations run. For organizations to recover quickly,

maintain their reputations and mitigate risks, especially

workers’ compensation claims, employees need to be

physically and emotionally ready to return to work.

Include this missing link in business continuity planning

by learning what employee actions will provide the

highest positive return on your plans; what leadership

qualities and competencies people most respond to;

why HR professionals are becoming more involved in

business continuity planning; how to partner with HR to

improve the planning process and better manage disas-

ters; and why employee assistance plans are a critical

ingredient.

BC61: Negotiating RTOs (300L)

Lisa Skalecki, CBCP, PMP, ACP Northern Ohio Chapter

11:30 AM - 12:45 PM

How do you set recovery time objectives (RTOs) so that

both the business units and IT agree on the priorities? Find

out in this session where you’ll learn why RTOs set jointly

are most likely to result in realistic priorities, how this is an

iterative process and how to drive a consensus on RTOs.

Also included are guidelines on key things to standardize

related to RTOs, how to identify gaps and the hierarchy of

RTOs.

BC62: Corporate Incident Management and Emergency

Response Integration (300C)

Telva Chase, Thomson Scientific and Healthcare and

Gerald T. Varney, Vigilant Services Group

11:30 AM- 12:45 PM

This case study outlines how Thomson Scientific and

Healthcare integrated classic incident command and

emergency response for multiple locations on a global

basis. Attendees will be given an appreciation of how

incident management concepts were utilized to increase

emergency response, disaster recovery and business

continuity capabilities in the corporate setting.

SESSIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

17

SB64: To Beat the Terrorist, Think Like a Terrorist (300L)

Jeffrey Goldberg, CHS-III, DSD Laboratories

11:30 AM - 12:45 PM

Terrorism is a threat that will remain with us for the foresee-

able future. As the ancient Chinese General Sun Tzu said,

“Know our enemy and know yourself and in 100 battles you

will never be in peril.”The best way to prevent terrorist

attacks is to know how terrorists work and to know our own

vulnerabilities. Past terrorist attacks are instructive about

how these criminals work and can teach us the places most

vulnerable to attack. The session will cover some past attacks

that illustrate the basics of a terrorist organization, the plan-

ning steps terrorists painstakingly take in planning an attack

and how to identify the most likely targets of attack.

Attendees will also learn indicators of terrorist planning for

attack and what steps they should take.

SB65: The Convergence of Security and Business

Continuity (500L)

Steve Lines, SAIC

11:30 AM - 12:45 PM

Be led through the evolution of a security organization into

a mature, risk-based model. The goal of any business conti-

nuity program is to be able to identify the risks, the impact

potential of a threat and to mitigate where needed. By

bringing a business continuity approach to both computer

and physical security, the organization can achieve better

business resilience. Learn how to build an effective gover-

nance model that aligns program goals with business objec-

tives. This approach uses the commonly accepted principles

of business continuity planning into a combined, integrated

security program.

EB67: What Haven’t You Considered? (400L)

Rodney Cyr, Readyness

11:30 AM - 12:45 PM

A cache of new information is crucial to successful all-hazard

strategies. Learn from the past experiences of others what

can disable a preparedness plan. Properly prepare to assure

you don’t go from the Jetsons to the Flintstones in 24 hours.

Hear relevant stories with innovative solutions and conclu-

sions to what works best, items not considered, including

problems encountered, and how they can be prevented.

Testimonials

“Very well organized, professional, and great train-

ing. It is obvious a lot of very good planning went

into this conference.”

Jimmy W. Williamson, Vice President,

The American National Bank of Texas

“I attended the conference and greatly enjoyed

and benefited from it.”

Frank Lady, CBCP, PMP,

VP, Technology Risk Management,

Midland Loan Services, Inc.

“Breakout sessions were timely for my current

needs.”

Steve Woodward, BC/DR Program Manager,

PHH Mortgage

“…I found there were far more interactions

among the attendees [than at a competing con-

ference] which I found useful. The overall organi-

zation [of the event] facilitates networking a great

deal.”

A contingency planner from a major airport

“I liked the atmosphere and the social activities...

there were more opportunities to network.”

BC planner from a major mortgage company

TRAINING AND CERTIFICATIONSw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

18

Become a More Valuable EmployeeGet certified! Only CPM offers you the ability to choose

among multiple organizations for pre- and post-confer-

ence training and certifications. Earn even more continu-

ing education units for attending additional training.

Increase your professional worth!

Upgrade to FBCIThe BCI

The Business Continuity Institute (BCI) was established in

1994 to provide opportunities to obtain guidance and

support from fellow professionals. The Institute provides

internationally recognized accreditation in relation to an

individual’s experience as a business continuity practi-

tioner.

The BCI will conduct upgrade interviews during CPM

2007 WEST. Any MBCI interested in qualifying for an

upgrade to FBCI, please e-mail [email protected].

DRP – 501 Business Continuity PlanningReview with ExamDRI International

This course is intended for those individuals experienced

in business continuity or disaster recovery planning.

Major topic areas identify most parts of a contingency or

recovery plan, and also address areas included in the

CBCP examination.

Topics include:

• Business interruption risk analysis

• Risk assessment

• Selection of alternate recovery methods

• Communications recovery planning for voice and data

• Managing and developing recovery plans

• Maintenance and testing of recovery plans

Date: Saturday, May 20 – Monday, May 22

Time: Saturday and Sunday from 8:30 AM –

5:00 PM and

Monday from 8:30 AM – 12:00 PM

Fee: $1225 for CPM conference attendees.

$1295 for all others.

Exam-only cost is $250.

Register: www.drii.org and click Register for DRI

Courses

Hot Site Training ProgramFind out everything you wanted to know about hot sites

but were afraid to ask. Join Ted Brown, CBCP, at the con-

clusion of CPM 2007 WEST for an afternoon dedicated to

all things “hot site!” DRI International awards 4 CEUs for

attending this training.

This post-conference training includes the following topics:

• Negotiating a hot site contract

• What’s happening in the hot site industry

• Creating an RFP for hot/alternate site services

• Human concerns of hot site operations

Case studies will be shared throughout this class. Sample

RFPs will be available for your review and you will even go

home with one! Visit www.ContingencyPlanningExpo.com

for complete information on this course.

Date: Thursday, May 24

Time: 1:45 PM – 5:00 PM (Arrive at 1:30 PM for a

discussion of hot site-related terms and

meanings.)

Fee: $395

Register: Add this program to your CPM 2007

WEST conference registration.

Questions: [email protected]

Certified Data Center ProfessionalInternational Center for

Organizational Resilience

Join the elite group of certified data center profession-

als! The certified data center professional course is

designed to expose IT, facilities, or data center opera-

tions professionals working in and around the data ccen-

ter to the key components of the data center. It will

address how to set up and improve key aspects such as

power, cooling, security, cabling, safety, and more to

ensure a hi-available data center.

The course concludes with a certification exam. Attendees

who pass the exam will receive the official Certified Data

Center Professional certificate accredited by ICOR and in

addition earn 1.4 CEU credits for ICOR and 16 CEPs of educa-

tion credit for The DRI International and BCI.

Date: Sunday, May 20 and Monday, May 21

TRAINING AND CERTIFICATIONSw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

19

Time: 8:00 AM – 5:00 PM

Fee: $1495 or $1345.50 for ICOR members.

Register: http://www.theicor.org/pages/store/

courses/instructor.html#fai


Advanced Business ContinuityProgram Audit (BC-402)Sentryx

The objective of this course is to teach students how to

assess a company’s ability to maintain continuity in the

event of a business disruption. It provides 3 days of

intensive business continuity program audit training to

enable students to determine the effectiveness, adequa-

cy, and quality of an organization’s business continuity

program. Become a Certified Business Resilience Auditor

(CBRA). Students will have the opportunity to write the

optional CBRA exam.

At the end of this course students will know how to:

• Conduct a business continuity program audit based on

a well-founded audit framework.

• Review the organization’s business continuity program

process.

• Identify strengths and weaknesses of a business conti-

nuity program.

• Formulate recommendations to strengthen a business

continuity program.

• Avoid common auditing mistakes.

• Follow a structured approach to a BC audit.

• Present and explain audit analysis to senior manage-

ment.

Date: Saturday, May 19 – Monday, May 21

Time: Saturday and Sunday from 8:30 AM –

5:00 PM and

Monday from 8:30 AM – 12:00 PM

Fee: $2610 for CPM conference attendees.

$2900 for all others.

Register: http://www.sentryx.com/pdf/

CourseRegistrationForm.pdf


Continuing Education UnitsAre you a member of the DRI International? If so, you

already know they award 29 CEUs for CPM’s full confer-

ence registration. But they also award CEUs for partici-

pating in pre- and post-conference training. Learn more

at www.drii.org.

Visit theCPMBookstoreBrowse the CPM

bookstore and

pick up the

resources that

have shaped

the business

continuity,

emergency

management

and security

industries. The

book store will

be located near

the Grand

Ballroom.

ww

w.C

on

tin

gen

cyPl

ann

ing

Exp

o.co

m

20

Educate your Mind. Prepare your Organization.

Save our Future.

From information assurance and homeland security to auditing and corporate governance, The CPM Group offers a unique and thought-provoking approach to risk management.

Dedicated to the convergence of business continuity, emergency management and security, CPM provides critical training and education for the everyday hero.

• Conferences • Publications• Web Products • List Rentals

CPM’s Conferences and Exhibitions are the

industry’s premier training events.

CPM’s Web site is full ofindustry news stories, anonline Vendor Directory,

Resource Center and more.

CPM Global Assurance is amonthly e-newsletter full ofupdates on new regulations,

programs and services.

Gaylord Palms Resort •Orlando, FL • Nov 13-15, 2007

www.ContingencyPlanning.com

The Mirage • Las Vegas, NVMay 22-24, 2007

HOTEL & TRAVELw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

21

The Mirage3400 Las Vegas Boulevard South

Las Vegas, NV 89109800.627.6667 or 702.791.7111

www.mirage.com

The Mirage, a sophisticated paradise in the

heart of the “strip,” is the official host hotel for

CPM 2007 WEST. The Mirage is now smoke free

in most public spaces, including meeting and

convention areas, hallways, elevators and more!

The entire CPM 2007 WEST Conference &

Exhibition will take place at The Mirage. When

you stay at The Mirage, all CPM 2007 WEST

events are only minutes away from your hotel

suite! A discounted rate of $184 per night

(plus tax) has been negotiated for CPM 2007

WEST attendees for the nights of May 18 –

May 24, 2007. To reserve a room at the dis-

counted rate, call the Mirage at 800.627.6667

and mention that you are attending CPM 2007

WEST. This discounted rate is available if you make your

reservation by the deadline date of April 18, 2007. It is

strongly recommended that you make your hotel reser-

vation early and prior to April 18, 2007. Reservations

requests received after this date will be accepted on a

space and rate availability basis.

The Mirage offers you a glimpse into the exotic elegance

of paradise. Lush foliage, towering waterfalls, sparkling

lagoons and newly redesigned guest rooms are sure to

provide an atmosphere of luxury and comfort. The

Mirage provides exceptional service and amenities, along

with exquisite restaurants, renowned entertainment, and

convenience to all Las Vegas has to offer! For a complete

list of hotel and guest suite amenities, please visit

www.mirage.com.

Air Travel/Ground Transportation:

McCarran International Airport services the Las Vegas

area. It is approximately 1 mile from The Mirage and is

utilized by 40 different airlines. For a complete descrip-

tion of ground transportation options available to and

from McCarran International Airport, visit

www.McCarran.com and click on “Ground Transportation”

found at the menu on the top.

Car Rentals:

On-airport rental car customer counters are located in the

center of the baggage claim area. A bank of free telephones,

also located in baggage claim, may access some off-airport

rental car services. All cars are located outside of the termi-

nal area and every rental agency provides their own airport

courtesy shuttle to transport customers to/from their lots.

Taxicabs:

Taxicabs are available outside on the east side of bag-

gage claim, outside door exits 1-5. Airport personnel are

available on the taxi curb to assist passengers.

Shuttles/Limo Service:

There is a variety of shuttle/limousine services available

at McCarran located on the north and west sides of bag-

gage claim, outside door exits 8-14. Please note that

there are both group shuttle and “for-hire” stretch limou-

sine services.

Attire:

The suggested dress code for all CPM 2007 WEST events is

business casual. Since meeting room temperatures vary

we suggest bringing a sweater or light jacket to the con-

ference. The average daily temperature for Las Vegas in

May is 74˚.

Photo courtesy of The Mirage

THE FINE PRINTw

ww

.Co

nti

ng

ency

Plan

nin

gEx

po.

com

22

Register online:www.ContingencyPlanningExpo.com

Register early. Save more!4 Register by March 23 and save $200 off a full conference pass!4 Register by May 6 and save $100 off a full conference pass!4 Payment must accompany your registration form.

General Information: 800.517.8966

Exhibit Sales/Sponsorships: 609.397.5506

Registration Fax: 703.876.5059

OnlineSubmit your registration electronically on the CPM 2007WEST Web site: www. ContingencyPlanningExpo. com. Simplycomplete the registration page, provide credit card informa-tion, and hit “submit.”Your registration must be received bythe cutoff date to qualify for the early registration discounts.

Snail MailReturn your completed registration form to: E GOV/CPM 2007WEST, Accounting Dept, Attn: Bill Burgin, 3141 Fairview ParkDr. , Suite 777, Falls Church,VA 22042 with payment by compa-ny check or money order.Your registration must be post-marked by the cutoff date to qualify for the early registrationdiscounts.

FaxFax your completed registration form with credit card pay-ment. Your fax must by received on the cutoff date to qualifyfor the early registration discounts. Fax registration forms to703.876.5059.

PaymentThe CPM Group accepts company checks, American Express,Visa, Mastercard, and Discover. Please note that E GOV willappear on your credit card statement.

Government RateThe government rate is available for local, state, and federalgovernment employees. Registration must be paid for by agovernment agency. Call 800.517.8966 for your promotionalcode. Rate not available without a promotional code.

Group RatesRegister with your colleagues and save on conference registra-tion fees! Groups of five or more will receive a 15 percent dis-count provided the registration forms are submitted at thesame time from the same company. Call 800.517.8966 forgroup registration instructions.

Confirmation and Cancellation• All registrations received by May 16, 2007 will be con-

firmed via email.• All cancellations are subject to a $100 processing fee. No

full refunds will be given. “No-shows” are absolutely non-refundable and non-transferable.

• The CPM Group must receive a written cancellation notice.Cancellations received after March 23, 2007 are 50 percentrefundable, regardless of when the registration was sub-mitted.

• Because seating is limited, no refunds will be given for can-cellations received after April 12, 2007.

• Refunds will be processed after the conclusion of the con-ference.

• Substitutions, including those made on-site, are allowedwith the written permission of the original registrantbefore the start of the conference.

• Conference registration applies to one registered individ-ual and cannot be shared by two or more people.

• Conference sessions and speakers are subject to changewithout prior notice.

ProceedingsAll conference registrants will receive a copy of the proceed-ings on CD. A printed volume may be purchased for $30 –place order during registration process. Not guaranteed tocontain all presentations.

Continuing Education UnitsThe DRI offers 29 CEUs for CPM 2007 WEST full conferenceregistrants. Available only to DRI-certified attendees. Visitwww.drii.org for details.

Photo Release/Company ReleaseShow management occasionally uses photographs or com-pany names of show participants in event promotionalmaterial. By virtue of your attendance you automaticallyagree to usage of your likeness in such materials.

REGISTRATION FORMw

ww

.Co

ntin

gen

cyPlann

ing

Expo.co

m

23

1. Please type or print clearly.

______________________________________________________________

______________________________________________________________

______________________________________________________________

______________________________________________________________

______________________________________________________________

______________________________________________________________

______________________________________________________________

______________________________________________________________

2. CPM 2007 WEST Conference Fees. Please circle your choices.

First Name Last Name Certifications

Title

Company

Address Mail Stop

City State/Province

Zip Code Country

Phone (with country code if applicable) Fax

E-mail

Promotional Code ________________________

CPM 2007 WEST Conference Fees Early-Bird Pre-Show After By March 23 By May 6 May 6

Full Conference Pass $1095 $1195 $1295Admission to any conference session (one class per time period), exhibit hall, special events, CD Proceedings.

Full Conference Pass-Government $795 $795 $795Valid for a full conference pass as above. See page 22 for details. Must call 800.517.8966 for your promotional code.

One-Day Pass $650 $700 $725Admission to conference sessions (one class per time period), exhibit hall and special events on specified day.Includes CD Proceedings.

Exhibits Only $50 $75 $75Admission to the exhibit hall only.

Guest Pass $125 $125 $125Admission to exhibit hall and all special events. Can only be purchased with a Full Conference Pass.

Proceedings $30 $30 $30Conference registrants receive conference proceedings on CD. A printed volume may be purchased – place order during registration process. Not guaranteed to contain all presentations.

Hot Site Training Program $395 $395 $395Thursday May 24, 1:30 PM – 5:00 PM.Must be purchased with a full conference pass.

The Complete Package $1615 $1715 $1815Includes a Full Conference Pass, Guest Pass, Hot Site Post-Conference Training and FREE Printed Proceedings

Dates and Times SessionsTuesday, May 22

8:00 AM - 9:30 AM SE1 - Welcome Breakfast and Keynote Address

9:45 AM - 5:00 PM BC1

9:45 AM - 11:00 AM BC2 BC3 EB4 EB5 LB6

11:15 AM - 12:30 PM BC8 SB9 BC10 SB11 LB12

12:30 PM - 2:00 PM SE2 - Luncheon and Keynote Address

2:15 PM - 3:30 PM BC14 BC15 BC16 SB17 EB18

3:45 PM - 5:00 PM BC20 BC21 SB22 EB23 LB24

5:00 PM - 7:00 PM SE3 - Exhibit Hall Grand Opening Reception

Wednesday, May 23

7:30 AM - 9:00 AM SE4 – Attendee Networking Breakfast

9:15 AM - 12:00 PM BC26

9:15 AM - 10:30 AM BC27 SB28 EB29 LB30 LB31

10:45 AM - 12:00 PM BC33 BC34 EB35 EB36 LB37

12:00 PM - 2:30 PM SE5 - Exhibit Hall Open (Lunch and Dessert)

2:45 PM - 4:00 PM BC41 SB42 EB43 EB44 LB45 LB46

4:15 PM - 5:30 PM BC47 BC48 BC52 SB49 EB50 EB51

Thursday,May 24

8:30 AM - 10:00 AM SE6 - Exhibit Hall Prize Raffle & Continental Breakfast

10:00 AM - 11:15 AM BC54 BC55 BC56 SB57 EB58 LB59

11:30 AM - 12:45 PM BC61 BC62 SB64 SB65 EB67

3. Scheduling. Seating is limited. Please circle the session you want to attend in each timeslot. No more than one session in each time slot is permitted. Complete seminar descriptions can befound beginning on page 8. Sessions and speakers are subject to change without notice.

4. Payment. Payment must accompany registration. Company checks payable in U. S. fundsdrawn on a U. S. bank must be made payable to The CPM Group. Credit card payment requires cardnumber, expiration date, and signature. See confirmation and cancellation policies on previous page.Credit card charges will appear as E GOV on your statement.

Payment Method: nn AMEX nn VISA nn MC nn Discover nn Company Check

Name on Card: ______________________________________________________________________

Card Number: ______________________________________________________________________

Expiration Date: _____________________________ CVV Code:_______________________________

Cardholder's Signature: ______________________________________________________________

The following questions must be answered in order to process your registration:

5. Which describes your company’s primary type of business at this location?(Please check only one. )

nn Financial/Banking nn Insurancenn Manufacturing/Industrial nn Retail/Wholesalenn Computer Mfg/Electronics nn Educationnn Transportation Services nn Building/Property Managementnn Utilities nn Travel/Entertainmentnn Telecommunications nn Consulting/Auditingnn Healthcare nn Other (list) ___________________nn Government/Military

6. Which best describes your job function? (Please check only one. )nn Corporate/General Mgmt nn Industrial Security/Safetynn Contingency Planning/Business Recovery/ nn Fire/Rescue/Public Safety

Disaster Planning Safety nn Consultant nn Information Security/Assurance nn Internet/Interactive/New Mediann Financial/Accounting nn Records Managementnn Risk Management nn HR/Legalnn Facilities/Building Management nn Sales/Marketingnn IT/MIS Network/DP nn Other (list) ___________________nn Telecommunications ___________________________

7. I use,recommend,approve,or purchase the following products and/or services:(Please check all that apply. )

nn Alternative Sites nn Information Securitynn Business Continuity Software nn Insurancenn Communications Backup/Recovery nn Physical Securitynn Consulting Services nn Power Protectionnn Storage Software/Hardware nn Print and Mail Recoverynn Data/Media Storage (Physical,Offsite) nn Education/Professional

Development nn Hardware Replacementnn Data Backup/Recovery,Software/Hardware nn Restoration Servicesnn Emergency Communications nn Transportation/Shipping Servicesnn Emergency Equipment

8. Which best describes your field? (Please check only one. )nn Business Continuity/Continuity of Operations nn Auditing/Compliancenn Emergency Management nn Academicsnn Physical Security nn Other (list) ___________________nn IT Security

9. What is the number of employees in your organization (all locations)?nn 1-250 nn 501-1000 nn 2501-5000 nn 10,101-50,000nn 251-500 nn 1001-2500 nn 5001-10,000 nn 50,000+

10. Is this your first CPM conference?nn Yes nn No

11. How did you hear about CPM 2007 WEST? (Please check all that apply. )nn Trade Magazine Ad:_________________________ nn Association: ___________________nn E-mail Advertisement nn Vendornn Web Advertisement nn Search Enginenn Direct Mail nn Other:_______________________nn Through a Colleague

nn I would not like to periodically receive e-mail from companies supplying business continuity products and services.

nn Please check here if you have a special need that requires attention. (describe)

_____________________________________________________________________

Mail or fax (not both) with payment to:E GOV/CPM 2007 WEST

Accounting Department, Attn: Bill Burgin3141 Fairview Park Dr., Suite 777

Falls Church, VA 22042FAX: 703.876.5059

If registering for a One-Day Pass please check date below:

nn Tuesday, May 22 nn Wednesday, May 23 nn Thursday, May 24

TOTAL

NEW!

(3-4 digit code on back of card)

NEW!

Could You Recover from Calamity?

The CPM Group3141 Fairview Park DriveSuite 777Falls Church, VA 22042

PRSRT STD

US POSTAGE

PAID

Permit No. 4416

Columbus, OH

Dedicated to the survival of business and government, CPM provides a complete educational and network-ing experience for business continuity/COOP, security and emergency management professionals. Learnhow to defuse any disaster that comes your way.

Register by March 23 for Early-Bird Pricing!

“Each conference builds upon the last in terms of the quality of the presenters, timeliness of the topics, inclusive-

ness of the participants, and excellent networking opportunities… All first rate – I look forward to CPM 2007

WEST with the absolute belief that it will be the very best yet.”

Richard Iselin, Senior Advisor for Operations, U.S. Department of State

www.ContingencyPlanningExpo.com


Name: ____________________________________________

Title: ______________________________________________

Company: _________________________________________

Address 1: _________________________________________

Address 2: _________________________________________

City/County/Province:________________________________

State_____________ Zip/Postal Code:__________________

Country:___________________________________________

Phone: ____________________________________________

Fax: ______________________________________________

*E-mail:____________________________________________

Get a full year of the NEW CPM-GlobalAssurance NOW for just $79.Your 12-monthsubscription gets you all the latest develop-ments in business continuity, security andemergency management. Order today!

Complete and mail or fax to:CPM-Global Assurance

The CPM Group243 N. Union St., Suite 202Lambertville, NJ 08530 USA

609.397.5500 • Fax 609.397.5520 www.ContingencyPlanning.com

Priority Code: 09GA06

GlobalAssurance

SUBSCRIPTION OFFER

p My check for $79, payable to The CPM Group, is enclosed.

p Charge $79 to my: p VISA p MasterCard p American Express p Discover Card

Account: Exp:__________________ Signature:__________________________________(Required for all orders)

*Required for newsletter delivery

Documents

2007 02 Global Assurance Magazine