Setting the foundation
Establishing the process
Planning for Organizational Resilience
Business impact analysis
Implementing Organizational Resilience
The culture of organizational resilience and readiness
Evaluation and Maintenance
Training and exercising
Maintaining change and improvement
James J. Leflar, Jr. (MA, CPP, CBCP, MBCI) is the security administrator at Johns Hopkins Bloomberg School of Public Health with responsibility for crisis management, business continuity, and security administration. He was an active member of the technical committees and working groups of the ANSI/ASIS SPC. 1-2009 and ANSI/ASIS SPC. 4-2012 standards. He continues to be active in OR standards development and is an active member of the ISO, U.S. Technical Advisory Group (TAG) 223 for Societal Security, Working Group 4-Preparedness and Continuity. Currently, Leflar is an active member of the ASIS International Crisis Management and Business Continuity Council as well as a member of the Advisory Board and Editorial Board for the Disaster Resource Guide. Marc Siegel. PhD, is the commissioner heading the ASIS International Global Standards Initiative developing international and national risk management, resilience, security, and supply chain standards as well as providing training on their implementation. He is a RABQSA (Registrar Accreditation Board [RAB] Quality Society of Australasia [QSA]) international certified business improvement lead auditor as well as a certified trainer and skills assessor. As an adjunct professor in the College of Business Administration and the Master's Program in Homeland Security at San Diego State University, Dr. Siegel pioneered the concept of applying a systems approach to security and resilience management for organizations and their supply chains. His work includes providing training and guidance on the implementation of risk, resilience, and security management systems as well as risk management in regions of conflict and weakened governance for the protection of assets and human rights. Dr. Siegel chaired the technical committee and working group for the ANSI/ASIS SPC.1: 2009.
ANSI/ASIS SPC.1 is now the accepted standard for security
managers. Until now, however, there was not a reliable tool to use
to plan and implement it. Organizational
Resilience by Leflar and Siegel is that tool.
If anything, the book supplies almost too much information. Using it as a guide, any security manager can understand the standard for security preparedness and continuity in crisis planning, then put it back into effect.
For someone new to the standard, there is a section on disruptive events and management techniques for organizational resilience and adaptability. There are templates that are helpful and take the manager through the steps needed to implement the requirements within the standard.
Seasoned security managers who are already familiar with the ANSI/ASIS.SPC1 Standard can go straight to sections on preparing or reviewing existing continuity plans with step-by-step methods for getting started, implementing, reviewing, and renewing a plan.
The book's planning steps with charts are extremely helpful and easy to use. Additionally, the authors include a case study of a successful implementation of the standard, which is extremely valuable. Any security manager tasked with putting the standard into action should include this book in their library.
-Terry V. Culver, CPP, CMAS (Certified Master Antiterrorism Specialist), security program specialist, Georgia Tech Research Institute