1

Issue No. 1 December 2015

W elcome to the first edition of Continuity & Resilience Australasia, the magazine for

Australian and New Zealand based Business Continuity and Resilience practitioners and

professionals.

Produced as a regular e-Magazine by Continuity Forum on behalf of the BCI Australasian Chapter, Continuity & Resilience

Australasia is the only publication of its kind in the region, covering all aspects of Business Continuity and Resilience. The

magazine will be produced initially three times a year, with the aim of going quarterly by the end of 2016.

Full of useful content including upcoming events (both

national and at each of the 8 Area Forums across the

region), case studies, thought leadership articles, results

of surveys and general comment and articles of interest,

we believe this will become the go to publication for

Continuity and Resilience professionals.

This will be an Australasian publication, focusing on

events, issues, concerns and developments across our

region. There will be opportunities for all members to

submit papers, articles and comments, and everyone is

encouraged to do so.

It has been a big year for both the BCI Chapter and Continuity Forum, with the acquisition of Continuity Forum by BCI

Australasia in May generating considerable opportunities to expand coverage and enhance benefits to a wider base of

members. We have seen Continuity Forum corporate members renew their memberships as they have become due and we’ve

welcomed some new organisations to membership.

We are also working closely with sponsors and potential

sponsors to provide a range of benefits and engagement

opportunities that will benefit both them and the

membership, thereby enabling the growth and awareness

of the Business Continuity and Resilience discipline across

Australia and New Zealand. We are very happy to

welcome RSA and Dynamiq as Diamond sponsors of the

BCI, and look forward to working with them to enhance

member benefits across the region. We will bring you

updates on sponsors as they come to fruition so you can

keep up to date on what’s out there by whom and who to

contact if you have a need for a quality product or service.

Check out the contents in this issue and enjoy! We truly

hope there is something here that you find stimulating,

interesting or informative. And remember, Continuity & Resilience Australasia is your magazine - please contact us (details on

the last page) with any ideas or submissions of content.

See page 8 for more information on this great diagram ...

2

Letter from the President & Chair BCI Australasia

Welcome to the first Issue of Continuity and Resilience Australasia! Whilst it has been some months in the making, it adds to the fulfillment of our promise to continue, and enhance, the facilities and benefits previously provided to Continuity Forum members across the region.

Since the acquisition of Continuity Forum by BCI Australasia in May this year, an awful lot of activity has been happening in the background to stabilise and reinvigorate the offerings and benefits of

membership, and the consequent value proposition to incorporate, SME and sponsor organisations.

Reflecting Upon 2015

As we complete the first 6 months, and as we run into the Christmas & New Year period, I'd just like to reflect on a few of the key milestones we have achieved or delivered on:

May BCI Australasia announces purchase and acquisition of Continuity Forum (CF)

Jun Legals, financials and administration settled for the purchase of CF and initial systems and processes in place

Jul Lisa Riordan MBCI appointed as Membership Manager

First BCI Area Forum events opened up to CF members

Aug BCI Australasian Awards held in Melbourne with free entry to Continuity Forum member

Sep New Corporate membership program released with extensive new and additional benefits at the same cost levels as previous

Oct New Sponsor program released with extensive additional benefits. Australasian Regional Corporate Partnership (ARCP) program announced to replace CF membership over time, with even further benefits to members including alignment and affiliate membership of the global peak body Continuity and Resilience - The BCI

Nov CF and ARCP members and their staff to be treated as Affiliates of the BCI for the upcoming BCI Summit Australasia 2016, thereby entitling them to generous member discounts tickets

Dec Release of the first edition of Continuity and Resilience Australasia magazine

Looking Forward

So, it's been a busy time. A time we believe is well worth the effort. The aim and vision of BCI Australasia is to support practitioners, professionals and supporters of the discipline across Australia and New Zealand, to further the awareness and understanding of business continuity and resilience across corporate, business and the wider communities, and to make the BCI the Institute of choice for Business Continuity and Resilience practitioners and professionals. The work and effort we are investing in the acquisition of CF and the expansion and enhancement of benefits and assistance provided under the BCI banner goes a long way to helping us fulfill this aim and vision.

We do hope you agree, and that you find your membership useful and valuable. It is your support as members that makes it possible for us to deliver and, especially when considering the aim of expanding awareness and understanding to a much wider community, that will help all of us.

But there's lot's more to come! We are already well down the track in planning the BCI Summit Australasia 2016, the region's largest and most respected Conference and Exhibition focused on Business Continuity and Resilience. The annual BCI Awards Australasia is in planning stage and currently scheduled for late August or early September 2016. New and exciting inclusions are being planned for some of the local Area Forum events. And there will be at least 3 issues of Continuity and Resilience Australasia during 2016!

So let us know what you think of this first issue.

And have a fun, safe and joyful festive period!

Howard Kenny FBCI MAICD President & Chair, BCI Australasia

In this Issue:

Letter from the President 2

The BCI Globally 3

The Five Weakest Links of Business Continuity Management

4

Turning the BIA Inside Out 6

BCI Summit Australasia 2016 7

How do you assure the safety of 24,000 people in a new CBD suburb without going BSERC

9

Roundup on Local & International Standards

10

About the Trusted Information Sharing Network (TISN)

11

2015 Australasian BCI Awards 12

Special Interest Group in the

Spotlight 13

Build Organisational Resilience to Terrorism & Critical Security

13

SECUREAustralia 2016 Event 14

Membership Matters 15

Upcoming Events 16

3

The BCI Globally

Dear All, I would like to take this (rather belated) opportunity to formally welcome CF Members to the Business Continuity Institute. I have been listening to members that have made suggestions about things that we could learn from the old Continuity Forum meetings and

I have passed these ideas on to the Australasian BCI Board. Thank you to those that have taken the time to provide feedback, it is very important to us and I encourage all previous Continuity Forum members to continue to communicate what is on your mind. We are delighted to have you on board and we want to ensure that the best possible experience is a feature of our joint body. BCI World 2015 It was great to see so many new faces attend this year’s BCI World Conference. I am proud to say that 40% of the delegates were from overseas. The feedback we have received so far is that it was the best BCI World Conference that we have had. We had over 400 registered delegates and a footfall of over 1,000 people over the two days at the Conference and Exhibition. Planning is already under way for BCI World 2016 and we can confirm it will be on the 8th and 9th November 2016 at the Lancaster Hotel in London, Super early-bird rates are available until the 31st December, so why not book now for huge discounts? Even better, the call for papers for next year’s event will be announced in the coming months – it’s a great place to showcase your organisations Business Continuity achievements and get some profile on the world stage.

Global Awards The BCI Global Awards 2015 were presented at the Grand Gala Dinner to those

individuals and organisations that were judged to be the best in the world for their Business Continuity success stories and contributions. They were all winners on the night as to even make it to the Global Awards ceremony is an exceptional feat. I am delighted to say that Australasia featured very well, please visit the BCI website www.thebci.org to see all the finalists.

Strategy and Events 2016 The BCI Board and Central Office staff have stepped up to progress the

Institute’s strategic objectives for 2016. Many of these centre around continued thought leadership and continually increasing the value proposition for members. I will keep you posted in this area.

Following feedback from the business continuity and resilience community, the theme for Business Continuity Awareness Week (16th - 20th May 2016) will be Return on Investment. I encourage you to use this opportunity to demonstrate to organizational management the valuable by-products that are borne from a BCM program as well as the long term financial and reputational contribution that BCM makes. I look forward to meeting and speaking with more members as this year ends and we enter 2016. Please contact me if you have suggestions or ideas that will make our products and services more effective or valuable. David James-Brown FBCI Global Chair of The BCI

4

It's one thing to have a plan in place should disaster strike, but is that plan tailored to the business? Has it been tested? How does it get updated in the face of changing best practices and regulations?

At RSA, we've seen quite a few things in Asia-Pacific and Japan as we've helped organisations mature their business continuity plans, but there are five aspects we continually see come up time and time again. Does your organisation suffer from any of the below five? For each, we've offered some practical advice on how to best tackle them.

1. Inability to prioritise

When a disaster or crisis hits, organisations are hurt the most when they don't know which of their processes, technologies and other infrastructure components should be prioritised for recovery, according to their criticality to the business. Tackling the priority issue requires a hard, often uncomfortable, look at the business's risks to identify and evaluate risks that exist not only to the organisation, but also their locations, processes and partners.

Does the business know which processes are most critical? What are the right recovery objectives? What IT assets support which business processes and, as a result, inherit the same recovery needs? These are all questions that need to be answered in the course of determining recovery priorities, strategies, testing and activation.

Finally, business continuity and disaster recovery plans need to be linked to the business' repository of processes, assets, facilities and contacts. This enables its plans to be aligned with business priorities and begins the process of establishing accountability. Following a risk and business impact analysis, we've seen some organisations see a return on investment on their business continuity management tool investment within the first year.

2. Poor coordination between teams

Whose job is it to ensure the safe and efficient return to normal operations? Business continuity, disaster recovery, or the crisis team? In a prepared organisation, the answer is all of them.

A lack of communication between these teams and the business results in a lack of visibility in to new or emerging IT, or risks that ultimately can affect the continuity and/or resilience of the business during a disaster. As part of a risk and business impact analysis, organisations should engage key groups, such as operations, finance, IT, risk, and security to understand the roles and responsibilities, company-wide, of each individual during a disaster.

This allows crisis personnel to efficiently respond to crisis events with documented, step-by-step procedures. Depending on the size and complexity of the business, organisations can opt to roll out resiliency solutions slowly. For some we've helped them focus initially on crisis management, then move through to business continuity on the same platform, rather than set up yet another discrete management system.

There are many things that a business can do post-disaster, but mapping out what order

recovery should proceed in, as well as who is accountable for them can make the difference between failing over gracefully, or as a public

spectacle.

The Five Weakest Links of Business Continuity Management By RSA - Diamond Sponsor

5

3. Poor, ad hoc and uncoordinated processes

In many cases, some businesses may have a level of awareness around the need for continuity plans. However, these are frequently uncoordinated, ad hoc processes, often differing in creation, approval, maintenance and testing methodology across internal stakeholders, if they are created at all. As a result, practical recovery efforts are chaotic, with only parts of the business

having a limited insight into what to do. In these cases, businesses often rely on "heroic" measures, and there is an overall lack of confidence in surviving interruptions to business.

Even when businesses do have business continuity, disaster recovery or crisis management disciplines developed in some form, they are often not integrated.

The use of a centralised platform for all disciplines to feed into improves coordination and standardises plans and processes. Furthermore, they provide visibility into current state of the organization’s plan statuses, review dates, test results, test remediation statuses and crisis tasks, enabling collaboration across all teams and stakeholders.

4. Static plan documentation

Constantly changing regulations, such as the recent introduction of ISO 22301:2012 Societal security - Business continuity management systems - Requirements, means that more organisations are required to address business continuity, demonstrate continuity capability, and continually improve on their controls and measures. Some businesses initially address this requirement through static plan documentation, captured using multiple tools and systems, but these often prove to be inflexible and are costly to customize and upgrade. Furthermore, as changes continue, relatively simple changes can create exponential changes in complexity to the business, and increase exposure to non-compliance. Best practices, which can change as fast as the industry does, can be implemented using a business continuity management tool's predefined settings, but often the resources available through a business continuity community can provide another level of insight.

5. Failure to assess and report on plans

Plans, whether for recovery or continuity, are only proven to work if they can be tested. Additionally, making practical improvements are impossible without thorough assessment of existing processes. These reports are critical to demonstrating business resilience to the stakeholders, without all the misfortune of having to live through one.

In cases where plans and processes are not up to par, assessment and reporting is critical in demonstrating to senior management what continuity risks exist, and provide an insight into what budget requirements are necessary to achieve the level of confidence and continuity capability if a crisis does occur. Senior management has an understanding of the continuity risks, insight into needed budget requirements and confidence that a plan is in place if a crisis occurs.

A single automated, up-to-date repository for business continuity and disaster recovery plans for

the organization’s latest environments and business processes ensures that these are easily accessed during a disruption of service. It also provides a

single location where changes can be easily managed through a standardised panel.

This article brought to you courtesy of :

6

Turning the BIA Inside Out We live in a world where customer loyalty is becoming a thing of the past. Consumers of products and services require rapid, if not instantaneous, responses via their chosen channel. Organisations need to determine what their customers see as acceptable restoration timeframes in the event of a disruption to one or more of their business processes.

Recognised business continuity methodology says that a comprehensive Business Impact Analysis (BIA) is the cornerstone of a robust business continuity programme. My experience supports this view, does yours? The BIA enables an organisation to identity the levels of criticality of its various processes, their required restoration time frames, and their dependence on other processes, business units, facilities, suppliers and systems.

Common practice is for an organisation to analyse their own processes and priorities as the foundation for determining its business continuity strategies, and ultimately its business continuity plans. This approach is

fine where the organisation is both the supplier and

consumer of the process which could include payroll and many internal finance functions. As a profession we are also becoming more conscious of understanding the risks

and continuity arrangements of our external suppliers. But do we consider the needs of the customers?

Failure to take these needs into account can have a direct impact on achieving business objectives and ultimately on the organisation's bottom line. Over the

last few years many organisations have introduced strategies encouraging customers to interact with them, initially by phone, and more recently online, with the ultimate aim of reducing overall cost and therefore increasing profit. What is the impact on the customer of those channels and technologies not being available; and because of the impact on the customer, on the organisation?

The answer to that question largely depends on the age of the customer. My parents would revert to interacting face-to-face, while my kids would (where possible) find an alternate online supplier; ultimately both choices impact organisational costs and profit.

The way we do business has changed because technology has changed. Despite using this changing technology when we conduct our BIA we have not fundamentally altered our approach in the ten years I've been in the industry.

When was the last time that you directly involved customers when conducting a BIA? When did you last ask customers about the impact of not being able to supply the services they require? Have you considered that you could be spending more money than you need, aiming to have services restored sooner than customers demand?

Organisations form part of their customers' supply chain. Would you be happy if your suppliers didn't ask about your expectations for their restoration timeframes? I doubt it.

Glen Redstall MBCI

@GRedstall

When was the last time that you directly involved customers when conducting a

BIA?

When did you last ask customers about the impact of not being able to supply

the services they require?

Have you considered that you could be spending more money than you need,

aiming to have services restored sooner than customers demand?

nz.linkedin.com/pub/glen-redstall-mbci/20/876/a9b

7

Planning is well underway for the BCI Summit Australasia 2016. The Summit will be taking place on Wednesday 4th and Thursday 5th of May and educational workshops will also be run on Friday 6th

.

This is our 10th annual event which we are looking to celebrate in style. A new venue has already been announced, Rydges World Square in the Sydney CBD, and planning is underway to deliver at least three streams of presentations. The annual BCI Summit Australasia is the principal Business Continuity and Resilience conference in Australia and New Zealand, with a vibrant and informative programme designed and delivered by subject matter experts.

The theme for the 2016 Summit is “From Practice to Profession”. This theme is designed to capture the development of business continuity and resilience practitioners in terms of their professional and co-requisite skills need to effectively deliver their business continuity / resilience message.

To achieve this the Summit will consist of keynote presentations and three concurrent streams, each containing sub-themed groups of presentations.

The three streams are:

Business Continuity Lifecycle: these presentations will link to the BCI’s Good Practice Guidelines (GPG) where presenters will share their experiences in a thought provoking way that will change the way you do business.

Thought Leadership: this stream would give attendees no answers, but prompt them to think about the concepts discussed and how they might be relevant to their organisation or to their delivery of BCM

Professional Development: this stream will look at the co-requisite skill that BC/resilience practitioners need to effectively deliver their message. See the diagram over the page.

8

In addition, we are also hoping to offer a number of vendor demonstrations, as a separate electable stream within the Summit.

The 2016 Summit will provide opportunities for our members to present to their peers. The organising committee will identify headline speakers for each sub-stream, then we will call for papers that complement and support those topics. Our intended timeframe for this call for papers is during January.

To supplement your learning opportunities we are planning to provide up to four workshop options for Friday 6th May. Stay tuned to find out more as details become available. Like the Summit, the workshops will be held at Rydges World Square.

As always the Summit will provide a great Social Programme, this year with pre-conference drinks, Cocktails & Canapés, and the Conference Dinner all included in the ticket price. The Summit also provides

great networking opportunities with the chance to catch-up with colleagues from around the Australasian region, and to establish new friendships.

Another mainstay of the Australasian Summit over the years has been the vendor exhibitions, where you can view and discuss the latest offerings for our sponsors and vendors in the extensively refurbished Conference and Event space at Rydges World Square.

The Summit organising committee are pleased to announce that RSA Archer and Dynamiq are already confirmed as our two Diamond Day Sponsors. There are plenty of other sponsorship opportunities available and any organisation interested in sponsoring and / or exhibiting at the Summit can gain more information from info@thebci.org.au or to keep up with all the latest information on twitter @BCI_Summit_Aust

The Professional

Development

stream will look

at the

co-requisite skill

that a BC/

resilience

practitioner

needs to

effectively deliver

their message.

9

Westpac recently moved 6,000 of our Sydney CBD staff into Tower Two at Barangaroo, the newest suburb in Sydney. Barangaroo has been described as one of the most ambitious urban renewal projects in the world today and will include three commercial towers (known as International Towers Sydney), two residential apartment blocks, an international hotel, and a large number of shops, cafes and restaurants. By the time it is completed, some 24,000 people will live and work at Barangaroo with an estimated 30,000 visitors per day.

It goes without saying that the development of this mixed use precinct will provide a number of challenges from an emergency management perspective. The key focus for Westpac had to be the safety of our staff moving into Tower Two, with an additional focus on how we will interact with the precinct as a whole during an emergency.

Westpac was fortunate enough to be the first tenant to move into the Barangaroo which gave us the opportunity to work in collaboration with the developers, Lend Lease, building management, Jones Lang LaSalle and International Towers Sydney Security to develop and implement emergency management procedures for the site. Westpac's commitment to the safety of our staff and to being a good tenant of Tower Two motivated us to work with these stakeholders to achieve the same standards we have in place at our other corporate locations. This included the

establishment of a skilled Emergency Control Organisation and emergency procedures for the site which were developed to include management of the external assembly area and reoccupation of the Tower following an evacuation.

During our staggered move process, we recruited and provided site-specific training to approximately 300 Wardens, which provided our tenancy with the Westpac Group standard of 1 Warden per 20 staff. We communicated the emergency procedures to our incoming staff prior to their move by way of neighbourhood tours and again by email during their first week working at the new site. This training was followed by a series of evacuation exercises.

In order to enhance the safety, security and resilience of the Barangaroo precinct, an overarching Committee has been developed which will serve as both a governing body and an incident response team. This is called the Barangaroo Security Emergency & Risk Management Committee (BSERC). The Committee will consist of representatives from LendLease, Jones Lang Lasalle, International Towers Security, tenants from the three commercial towers as well as external stakeholders from Sydney City Council, NSW Police Force and Transport NSW.

Whilst the responsibility for developing and maintaining individual plans and procedures lies with each stakeholder, the design and implementation of the BSERC framework will allow a coordinated precinct-wide approach. The aim is to ensure effective communication of all incidents and impacts to all stakeholders which gives the Westpac Group comfort at how emergencies will be managed in the already iconic Barangaroo.

This article brought to you by:

How do you assure the safety of 24,000 people in a new CBD suburb without going BSERC? By Nicola Mitchell MBCI

Nicola has been in the Westpac

Group since 2006 and is

currently responsible for the

Emergency Management framework across the

group, including the implementation of

emergency management training, procedures

and reporting globally for both retail and

corporate sites. Nicola is an expert in facilitating

emergency exercises and has supported the

Group’s crisis during a number of incidents and

business disruptions. During 2015, Nicola has

been part of the operational readiness project

team which was responsible for implementing

security, emergency and crisis management at

Westpac’s newest site, Barangaroo.

About the Author

10

The purpose of the BCI (to promote a more resilient world) is underpinned by three goals:

To deliver a consistent “BCI experience” for members to develop and enhance their qualifications and expertise

To strengthen BCI’s role as “the global thought leader” for continuity and resilience

To increase BCI’s global influence within both mature and emerging markets which will be reflected by a growth in membership

One of the strategic ways the BCI pursues these goals is by influencing the development and review of local and International Standards. The family of standards owned by the International Standards Organisation (ISO) that we are most interested in are managed by ISO Technical Committee 292 called Security and Resilience. Each participating country has a mirror committee that contributes to local and international standards.

I have a seat on the Australian mirror committee and represent the interests of the BCI Australia. For example, one of my goals is to have the suite of ISO BCM standards (e.g. ISO22301 etc.) adopted in Australia.

As standards and technical specification are promoted to international level, I then represent Australia at the ISO world conference. The last ISO World conference was in Japan where I spent 3 days as a technical expert working with 15 or so BCM experts (most of which were BCI practitioners) from around the world finalising ISO/TS22317 Business Impact Analysis. A hugely rewarding experience delivering the latest edition to the BCM family of standards.

On occasion, I will request the BCI Australia committee issue an invitation to all MBCI and FBCI Australian members with the opportunity for interested members to review a draft standard. I'll collate the responses and then take them to the next Standards meeting for actioning. I also collaborate with my BCI counterparts in other countries ensuring we're collectively speaking with one voice.

Week one of December sees me at the next ISO World Conference in Indonesia where I will represent BCI Australasia and support the BCI Globally in the working group focused on the draft standard for Organisational Resilience - ISO22316.

Wish me luck - it'll be a tough three days.

By Saul Midler FBCI

Roundup on Local and International Standards

11

About the Trusted Information

Sharing Network (TISN)

The Trusted Information Sharing Network, or TISN, was established by the Australian Government in 2003 and is the primary national engagement mechanism for business-government information sharing and resilience building initiatives for critical infrastructure (CI). The TISN supports the Australian Government’s Critical Infrastructure Resilience Strategy. It provides a secure, non-competitive environment where critical infrastructure owners and operators across the seven CI sector groups meet regularly to share information and cooperate within and across sectors to address resilience, security and operational continuity challenges.

The sector groups of the TISN include Banking and Finance, Communications, Energy, Food and Grocery, Health, Transport and Water Services. There are also specialist groups, such as the Resilience Expert Advisory Group or REAG, which assist in the exploration of cross-cutting issues. Further information about the TISN and the Critical Infrastructure Resilience Strategy can be found here: www.tisn.gov.au

The viability and sustainability of organisations are continually tested. A resilience approach assists organisations to manage unforeseen or unexpected risks. This approach builds capabilities within your organisation to not only respond effectively, but also to adapt and learn from adversity, gain a competitive edge and become more profitable.

The Resilience Expert Advisory Group (REAG) provides input, especially strategic thinking and considering a practical dimension into development of concepts, and encouragement of business to embrace organisational resilience activity. REAG provides guidance and advice on tools and other initiatives, consistent with its work program, to assist owners and operators of critical

infrastructure adopt a resilience approach to their operations.

REAG comprises representatives from Australian, state and territory governments, critical infrastructure owners and operators, academia, specialist practitioners and research organisations. Australia is a world leader in developing and promoting the organisational resilience approach and the focus of the REAG for the near future is on deepening our understanding of the dimensions of organisational resilience and maturing resilience practice.

Some key bodies of work for REAG over the next twelve to 24 months include:

The development and delivery of workshops and programs on organisational resilience

Further research on organisational resilience, its benefits and the underpinning resilience indicators

The development of relevant, practical and user-friendly tools and guidance material to assist businesses to implement an organisational resilience approach. This includes maintaining, improving and promoting the Organisational Resilience website and establishing it as the primary authoritative source of information on organisational resilience.

Undertake work to explore and establish links between critical infrastructure, community and disaster resilience, and complement activities under the National Strategy for Disaster Resilience. REAG meets at least quarterly to discuss, develop and

http://www.organisationalresilience.gov.au/resources/Documents/

AdversityLeadership.pdf

Organisational Resilience and the Resilience Expert Advisory Group (REAG)

state Organisational resilience is a business's ability to adapt and evolve as the global market is evolving, to respond

to short term shocks be they natural disasters or to long term challenges.

By Peter Brouggy Hon FBCI, Chair

Resilience Expert Advisory Group (REAG)

continued over the page

12

promote organisational resilience activities and developments across public and private sector industries.

Organisational Resilience HealthCheck

The Organisational Resilience HealthCheck was developed by REAG and is a free appraisal that can be applied across various areas of your organisation. Whether you’re a business continuity manager, risk manager, human resource officer, a team leader or a senior executive, the HealthCheck can help you and your team develop a shared understanding of your organisation’s progress towards resilience, and identify possible treatment actions and inhibitors. The Federal Attorney General’s Dept. hosts a dedicated Organisational Resilience Website featuring the HealthCheck which can be completed either online or via a downloadable excel version.

The Organisational Resilience Website and HealthCheck can be found here:

www.organisationalresilience.gov.au/Pages/default.aspx

About the Author

Peter Brouggy is an Executive Manager in the Group Protective Services team at Westpac. Peter’s prior role was seven years as Project Manager for the Banking and Finance Sector Group with a focus on crisis management and business continuity. Peter is co-chair of the Resilience Expert Advisory Group. Due to

the outstanding contribution Peter has made in the areas of Business Continuity and Resilience he was recently awarded the prestigious

Honorary Fellow of the BCI.

Once again, the Victoria & Tasmania Area Forum team put on a great show and

hosted a wonderful Awards gala evening in Melbourne. This year saw Continuity

Forum members invited free of charge for the first time, an opportunity that a

number took up.

Each year, the BCI Australian Awards recognizes the cream in the industry

throughout Australia and New Zealand. There are 8 judged categories and 1

public vote Award. Winners of the Australasian Awards automatically progress to the Global Awards held in November each

year in London. We had 2 of the Global Awards winners this year—David Porter MBCI and Linus Information Security Systems

for their respective categories below. Well done to David and to Linus—it’s not easy to become the best in the world!

Brilliant organising committee 2015

13

Special Interest

Group in the Spot-

light

ITSCM

Special Interest Group (SIG) Team Members include:

Marea Foley NSW, NBN Co Ltd, IT DR Manager

Brett Jeppersen QLD, Australian Taxation Office, Service Continuity,

Availability & Capacity Manager

Greg Hoffman NSW, Veda, Manager - Change, Problem and

Disaster Recovery

Katherine Simpson NSW, Westpac, DR Manager

Sharon Buckland VIC, Bendigo & Adelaide Bank, IT Service Continuity

Manager

To date the SIG have held three events, the first hosted by Deloitte in

Melbourne during BCAW, March 2015. The topic for our inaugural pres-

entation was ‘An Anatomy of a Hack’ presented by ex CEO Carl Woerndle,

of Distribute IT, a successful Melbourne based start-up. Carl spoke of his

experience of an IT hack that resulted in the demise of his Company in just

15 days.

Our second event hosted by NEXTDC in August 2015 was presented by Debra Smith, Head of Service Operations, Service Integration & Operations focussed on Australia Post. Debra’s spoke to the group about capability uplift and supporting 24x7 services and maturing of IT Service Continuity. Our hosts NEXTDC also provided a tour of its flagship data centre in Mel-bourne.

Our third and final event of 2015 was hosted by Continuity Matters and presenters from Amazon Webs Services, Adam Beavis, Commercial Sales Manager; Shiva Narayanaswamy, Solutions Architect and Tom Bernadou, Managing Director and Founder of Data Solutions Group. The presentation took us through innovation of scale and disaster recovery on AWS.

Events planned for 2016 include: dependencies on IT Change Management process and IT Service Continuity within the emergency services.

If you have you would like a specific topic to be discussed in your

State please get in touch via info@thebci.org.au. The team will be

pleased to assist in bringing your ideas together for the benefit of

our members.

The SIG will focus on the following:

Good practices

Governance

IT Resilience & Relationships

New and emerging technologies

Tools

Testing and Exercise Management

Members have experience in BCM and

IT Service Continuity Management

Special Interest Group

in the Spotlight

ITSCM

Security leaders and experts to discuss how to build organisational resilience to terrorism and critical security breaches

The threat of physical terrorist attacks and malicious cyber-attacks on Australian organisations is growing in line with the global increase in security breaches, with the recent spate of attacks in Europe highlighting the vulnerability of western nations in particular. For Australian security professionals this means the urgent need to review and update practices and technologies to meet these growing threats and also to stay abreast of emerging threats.

In light of this evolving and heightened threat environment, the 2nd annual SECUREaustralia 2016 conference, being held at the Powerhouse Museum Sydney, from 15 – 17 March 2016, will bring together public and private organisations in order to improve their detection and prevention capabilities and provide them with the ability to mitigate and minimise the catastrophic consequences of a physical or cyber breach.

At the event, an elite group of business continuity, security and organisational resilience managers and a high level group of representatives from government organisations, police and international experts will share experiences and strategies in a closed door event.

With speakers from the Australian Crime Commission, Australian Federal Police, Department of Defense, ANZ Stadium, NBN Co, Thales, Origin Energy and the Head of Security for Copenhagen International Airport, this unique program is set to address the key challenges facing security professionals today. For more details on this event, see overleaf. BCI & Continuity Forum Members Receive a 10% Discount!

14

15

Continuity Forum was recently acquired by Business Continuity Institute (BCI) Australasia. This provides a whole raft of new and additional benefits to existing Continuity Forum members and we look forward to working with you to ensure you achieve maximum return on your investment.

We are currently transitioning Continuity Forum Members across to the new BCI Australasian Regional Corporate Partnership Program as part of the renewal process. We are also taking on NEW organisational members under this program.

The BCI Australasian Regional Corporate Partnership Program enables organisations to work closely with the BCI to: develop their own people and benefit their organisation, raise the profile of business continuity management and be a be a key contributor to the development of business continuity and organisational resilience best practice.

Membership Matters

Premium Standard Associate

Large Organisations Medium-sized Organisations and Large Government Departments

Small and Not for Profit Organisations

Employing more than 250 staff Employing less than 250 staff Employing less than 20 staff Up to 30

Named and Registered Affiliates 10

Named and Registered Affiliates 5

Named and Registered Affiliates AUD $ 2,995.00 AUD $ 1,540.00 AUD $ 770.00

NZD $ 3,290.00 NZD $ 1,690.00 NZD $ 845.00

THREE LEVELS OF PARTNERSHIP

KEY BENEFITS

Registration of Partner Affiliates to directly receive all the available benefits

Partner Affiliates are invited to and are able to bring guests along to regional forum meetings

Partner Affiliates will be given access to the BCI Members Only area of the BCI website

Receive BCI Global and Australasia e-newsletters and magazines

Receive substantial discounts to local and global events where a fee is charged (such as the

Australasian BCI Summit, training opportunities, BCI World)

Priority involvement in global surveys, whitepaper reviews and questionnaires

Reduced entry to local third party conferences endorsed by the Australasian Chapter

THREE LEVELS OF SPONSORSHIP

Gold, Silver & Bronze

Organisations who have BCM products and services to sell or promote can become Australasian Regional Corpo-

rate Sponsors and benefit from the excellent packages which are available. Entitlements include: Advertising ,

access to BCI Forum events, discounted exhibition stands, logo placement on BCI website, dedicated page on the

BCI virtual exhibition global website, marketing opportunities, project sponsorship opportunities and much more!

If you would like to know more about partnership or sponsorship benefits or how to join please email

cfmembership@thebci.org.au

16

Brisbane Forum Meeting 21st January

Wellington Meeting

@Breakfast 17th February

Brisbane Forum Meeting 17th February

NSW Forum Meeting 25th February

SECUREaustralia 2016 15 - 17 March

BCI Summit 2016 4 - 6 May

Business Continuity

Awareness Week 16 - 20 May

Upcoming Events

Forum Activities & Events in Your

About this Publication Continuity & Resilience Australasia Magazine is a

publication of the Australasian BCI Chapter. The

magazine is published three times per year and is an

excellent source for all things Business Continuity

and Resilience related. Articles include thought

leadership pieces, case study presentations,

discussion papers, top tips, upcoming events and

professional advice on a wide range of business

continuity topics designed to keep you in the loop as

well and get you thinking.

Continuity & Resilience Australasia

Continuity Forum Pty Ltd

264 George Street

Sydney NSW 2001

Continuity Forum Pty Ltd., a wholly owned subsidiary of

the Business Continuity Institute Australasia Ltd

Membership Manager & Editor: Lisa Riordan

Administration & Research Assistant: Charlotte Goodsir

The views expressed in this magazine are not necessarily

those of the Business Continuity Institute Australasia. All

efforts have been taken to ensure the accuracy of

information published. The publisher accepts no

responsibility for any inaccuracies or error and omission in

the information provided in this publication. All original

content in this magazine is protected by copyright and

cannot be used, reprinted, distributed, or republished for

any commercial use without prior written consent.

Continuity and Resilience Australasia Magazine is only

responsible for the copyright of original material published

in this newsletter. In the case of materials submitted by

members it is assumed that the original source has

secured copyright and/or obtained permission to publish

the materials.

Coloured “Continuity Band” Logo created by Joel Foffani

for enquires please email joelfoffani@gmail.com To view all upcoming events go to

http://events.thebci.org.au

Continuity Forum and The BCI

Australasia wish to thank its

members and sponsors who

contributed to this first edition of

Continuity & Resilience Australasia

If you would like to contribute, have

feedback or have ideas for our

future editions please contact us via

email info@thebci.org.au.