четверг, 12 февраля 2015 г.

Австралия. Внутренние правила организации по защите и преодолению последствий компьютерных правонарушений


Health & Safety Bulletin
Home | About UsTwitter LinkedIn

Are you prepared for an unexpected crisis?

Thursday, 12th February, 2015, by Alanna Furlan
In today's Health & Safety Bulletin:
  • Bob Jensen’s keynote tour
  • 4 key plans every business needs
Dear Reader,
In the coming weeks, former senior US government official Bob Jensen will be touring our major cities to speak about his experiences handling communications for major disasters and incidents.
His aim is to remind you to be prepared for unexpected events that may impact on and disrupt your daily operations.
His major concern is that, based on his extensive research of US organisations, many employers are “woefully unprepared”.
So what’s the problem?
Surveys reveal that about half of all small businesses are operating without a business continuity plan (BCP) in place - many believe that simply having insurance is enough.
He points out that “cyber threats are evolving into one of the biggest potential risk areas for businesses”, yet Jensen’s research reveals how few companies have a crisis action plan, crisis communication plan or adequate cyber security in place.
This is despite the fact that the majority of companies were aware “they were vulnerable to a wide range of events”.
Below, Jensen outlines his major concerns when it comes to unexpected crises and how you should be prepared to handle such incidents in your business.
Jensen’s keynote tour
The Risk Management Institution of Australasia (RMIA) is sponsoring Bob Jensen’s keynote tour. In it, he will:
  • outline four essential plans you need to address crises;
  • provide current perspectives on emerging threats;
  • share key lessons learned to help you develop and improve your plans; and
  • provide concrete actions and sources of information you can use to address the gaps and challenges in your organisation.
Take care,

Alanna Furlan
Editor
Health & Safety Bulletin
PS As a Health & Safety Bulletin subscriber, you have an exclusive discount to this event. Simply use the promo code crisis3 when you register!
4 key plans every business needs
By Bob Jensen
Senior managing director, Strat3 LLC and former senior US government official
Nearly all businesses and government organisations agree that it is necessary to be prepared for unexpected events, both small and large, that may impact and disrupt daily operations. However, when it comes to having the right kinds of plans in place to ensure their organisation can handle an incident, the fact is most are woefully unprepared.
What are the key plans every business needs? 
In order to adequately protect themselves in the event of an unexpected emergency, organisations should have four key plans in place:
  • a business continuity plan (BCP);
  • a crisis action plan;
  • a crisis communication plan; and
  • a cyber-security crisis response plan.
Business continuity plans
Most larger organisations have put BCPs in place, but a survey in 2012 by a major US insurance company found that about half of all small businesses were operating without a BCP, and many thought that simply having insurance was enough to protect them in case of a crisis. 
Even for those organisations with a BCP, many of the plans were inadequate. Some only focused on IT and technology, some only covered a single worksite of the business, while others had never been shared with key staff.
Crisis action plans
A major public relations firm survey found that nearly 35% of respondents didn’t have a crisis action plan in place. Even for those who did have a plan, many weren’t adequate, nor were they reviewed or exercised regularly.
Only about 20% of responding companies were well prepared for a crisis, even though a majority of companies agreed they were vulnerable to a wide range of events from criminal actions resulting in technical disruptions.
Crisis communication plans
Even fewer companies had crisis communication plans that supported the crisis action plans. The aim of crisis communication plans is to have clearly defined processes for identifying and reporting a crisis, as well as clearly defined roles, which will help organisations to manage a crisis if it occurs. 
Cyber-security crisis response plan
Cyber threats are evolving into one of the biggest potential risk areas for businesses, ranking much higher than natural disasters and terrorism. 
Yet surveys conducted recently show that 60% of respondents only had a partial process in place for cyber defence and 11% reported no process at all. Overall, only 15% reported they were well prepared for a data breach.
While 56% of larger businesses had a cyber-security crisis response plan, very few of them were integrated with their crisis communication plans and most were more technically focused.
Small businesses, which are being hit at a growing rate by cyber attacks, were even less prepared, with only 10% having an internal IT manager focused on technological issues and very few having a cyber-security plan of any kind.
Regards,
Bob Jensen
Senior managing director, Strat3 LLC and former senior US government official
Want to find out more?
If you’re interested in attending one of Jensen’s keynote addresses, you can find out more here. Don’t forget to use the promo code crisis3 when you register!


Like the Health & Safety Bulletin? Check out our other free bulletins:
Workplace BulletinWorkplace BulletinGet the very latest employment law tips, ideas, news and practical advice sent straight to your inbox. Click here to sign up now.
Self-Managed Super Fund
Self-Managed Super Fund Bulletin
Receive all the information, ideas and tips you need to manage your own super fund. Click here to sign up now.

Please whitelist the Health & Safety Bulletin to make sure you get every edition delivered to your inbox.
The information in this email is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, please return the message to the sender and delete it from your records. All content is © 2007-2015 Portner Press Pty Ltd All Rights Reserved.
Disclaimer: We research our recommendations and articles thoroughly, but disclaim all liability for any inaccuracies or omissions found in our publications. Click here to view our Privacy Policy and Terms and Conditions.
Queries: For general enquiries, email cs@portnerpress.com.au or call 1300 782 911.
Health & Safety Helpdesk: Paid subscribers to the Health & Safety Handbook can ask our experts for advice.
Syndication: To republish an Health & Safety Bulletin article, please email cs@portnerpress.com.au for information.
Health & Safety Bulletin ISSN 1837-6533
Portner Press Pty Ltd
96-98 Bridport Street
Albert Park VIC 3206
Australia