Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Career Options and the PS-Prep Program 27 July, 2010.

Published byJosef Haggar Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Career Options and the PS-Prep Program 27 July, 2010."— Presentation transcript:

1 1 Career Options and the PS-Prep Program 27 July, 2010

2 PS-Prep is Based on the 9/11 Report 2

3 3

4 4 www. iso.org

5 5 Agenda  Introduce our hosts and sponsors  Meeting logistics  Introduce our panelists  Begin the presentations  Questions from the attendees

6

7 7 www. continuitycompliance.org

8 8 www. NorthRiverSolutions.com The Architects of Resiliency

9 9 www. metrix411.com The Assessment and Information Management Company

10 10 Use the Instant Message feature to submit questions for discussion by the panelists

11 3 Follow On Activities 11 1.All questions listed at www.continuitycompliance.orgwww.continuitycompliance.org 2.This session has been recorded for playback 3. A Linked In group has been created

12 12 www. anab.org Mr. Scott Richter Director Planning & Development

13 13 www. nqa-usa.com Mr. Randy Pittman Consultant Relations

14 14 www. radiancompliance.com Ms. Lisa DuBrock Managing Partner

15 CB Auditors & ANAB Assessors PS-Prep Webinar / Scott Richter-ANAB 27 July 2010

16 ANAB – ANSI-ASQ National Accreditation Board ANAB – ANSI-ASQ National Accreditation Board AR – ANAB Accreditation Rule AR – ANAB Accreditation Rule CB – Certification Body CB – Certification Body Auditor – An individual who performs an audit to determine conformance to requirements Auditor – An individual who performs an audit to determine conformance to requirements Assessors – An individual who performs oversight of an auditors performance Assessors – An individual who performs oversight of an auditors performance Acronyms and Terms

17 ANAB – www.anab.org ANAB – www.anab.orgwww.anab.org IRCA – www.irca.org IRCA – www.irca.orgwww.irca.org RABQSA – www.rabqsa.com RABQSA – www.rabqsa.comwww.rabqsa.com Websites

18 Items to be covered Items to be covered Requirements for CB auditor training Requirements for CB auditor training CB Auditor competencies CB Auditor competencies ANAB Assessor competencies ANAB Assessor competencies Summary Summary Public Sector Voluntary Preparedness Certification (PS-Prep)

19 ONLY pertains to CB auditors and ANAB assessors ONLY pertains to CB auditors and ANAB assessors DOES NOT pertain to general auditors or consultants DOES NOT pertain to general auditors or consultants ANAB’s Accreditation Rule places requirement criteria on our accredited CBs, no one else! ANAB’s Accreditation Rule places requirement criteria on our accredited CBs, no one else! ANAB does not establish requirements for any entity other than certification bodies ANAB does not establish requirements for any entity other than certification bodies Requirements for training

20 No courses yet recognized No courses yet recognized Successful completion of “a training course that includes an examination of the auditor’s competence (including ASIS SPC.1, BS 25999-2, and/or NFPA 1600) and Appendix 1 of this Accreditation Rule that has been certified by a recognized national or international training provider approval body” Successful completion of “a training course that includes an examination of the auditor’s competence (including ASIS SPC.1, BS 25999-2, and/or NFPA 1600) and Appendix 1 of this Accreditation Rule that has been certified by a recognized national or international training provider approval body” CB auditor training requirements

21 CB Auditor Competencies

22 General The CB’s audit team members shall have demonstrated the competence to: Understand the terminology used within the standards. Understand the terminology used within the standards. Understand the industry in which the audit is occurring and the ability to apply that understanding to that industry sector. Understand the industry in which the audit is occurring and the ability to apply that understanding to that industry sector. Evaluate the appropriate level of connectivity or relationship of the standard’s requirements to the organization’s culture. Evaluate the appropriate level of connectivity or relationship of the standard’s requirements to the organization’s culture. Perform management system process auditing and the associated planning, implementation, operating, and monitoring process cycle as employed by the organization. Perform management system process auditing and the associated planning, implementation, operating, and monitoring process cycle as employed by the organization. Evaluate the requirements of the standard or standards being audited by the audit team member and how such requirements should be applied by the organization. Evaluate the requirements of the standard or standards being audited by the audit team member and how such requirements should be applied by the organization. Evaluate the appropriate level of how the organization fits into an enterprise-wide system if part of a larger entity. Evaluate the appropriate level of how the organization fits into an enterprise-wide system if part of a larger entity. Understand the purpose of documents specified or referenced by the standard or standards being audited. Understand the purpose of documents specified or referenced by the standard or standards being audited. Understand the application of documents required by laws and regulations. Understand the application of documents required by laws and regulations. Understand the application of laws and regulations for the organization’s industry sector. Understand the application of laws and regulations for the organization’s industry sector. ANAB’s Draft AR, Appendix 1

23 Planning The CB’s audit team members shall have demonstrated the competence to: Evaluate that an organization has an effective process for risk assessment and impact analysis to address man-made, natural, or technological hazards that have the potential to threaten life, damage property, or interrupt or disrupt operations in the geographical areas and industry sectors in which the organization operates. Evaluate that an organization has an effective process for risk assessment and impact analysis to address man-made, natural, or technological hazards that have the potential to threaten life, damage property, or interrupt or disrupt operations in the geographical areas and industry sectors in which the organization operates. Understand the internal and external context of the organization. Understand the internal and external context of the organization. Understand the needs of external agencies, customers, and other interested stakeholders with regard to the organization’s system. Understand the needs of external agencies, customers, and other interested stakeholders with regard to the organization’s system. Understand the impact of the organization’s policy, scope, and objectives on its operations and whether or not they have been taken into account during planning stages. Understand the impact of the organization’s policy, scope, and objectives on its operations and whether or not they have been taken into account during planning stages. Understand if the organization’s personnel competency requirements are appropriate to the policy, scope, and objectives. Understand if the organization’s personnel competency requirements are appropriate to the policy, scope, and objectives. ANAB’s Draft AR, Appendix 1

24 Implementation/Operation The CB’s audit team members shall have demonstrated the competence to: Evaluate that an organization’s risk strategies to adaptively, proactively, and reactively address minimization of both the likelihood and consequences of disruptive events are appropriate. Evaluate that an organization’s risk strategies to adaptively, proactively, and reactively address minimization of both the likelihood and consequences of disruptive events are appropriate. Understand techniques used to develop and implement the system. Understand techniques used to develop and implement the system. Evaluate the level to which the organization has planned, organized, directed, and managed its system. Evaluate the level to which the organization has planned, organized, directed, and managed its system. Determine whether strategies are consistent with management policy and stated goals and objectives as well as potential risks. Determine whether strategies are consistent with management policy and stated goals and objectives as well as potential risks. Determine whether the availability and capability of resources can deal with identified or potential hazards. Determine whether the availability and capability of resources can deal with identified or potential hazards. Understand the laws and regulations requiring prevention and risk mitigation programs. Understand the laws and regulations requiring prevention and risk mitigation programs. Understand the prevention and risk mitigation strategies for the industry sectors to be audited. Understand the prevention and risk mitigation strategies for the industry sectors to be audited. Determine whether the system includes implemented strategies commensurate with the frequency of identified hazards and the potential severity of impacts. Determine whether the system includes implemented strategies commensurate with the frequency of identified hazards and the potential severity of impacts. ANAB’s AR, Appendix 1

25 Monitoring and Evaluation The CB’s audit team members shall have demonstrated the competence to: Review training, drill, and exercise records to determine whether the monitoring program has achieved program goals and objectives and required capabilities have been established. Review training, drill, and exercise records to determine whether the monitoring program has achieved program goals and objectives and required capabilities have been established. Comprehend whether or not the monitoring and evaluation activities are appropriate for the organization and the industry sector in which it operates. Comprehend whether or not the monitoring and evaluation activities are appropriate for the organization and the industry sector in which it operates.Review The CB’s audit team members shall have demonstrated the competence to: Comprehend whether the review, preventive and corrective action, and continual improvement activities are commensurate with the organization’s goals and objectives. Comprehend whether the review, preventive and corrective action, and continual improvement activities are commensurate with the organization’s goals and objectives. Comprehend whether review activities are commensurate with the geographical location and industry sector in which the organization operated. Comprehend whether review activities are commensurate with the geographical location and industry sector in which the organization operated. ANAB’s Draft AR, Appendix 1

26 Somewhat limited Somewhat limited Listing of 60+ CBs currently accredited at www.anab.org / certification bodies / directory Listing of 60+ CBs currently accredited at www.anab.org / certification bodies / directorywww.anab.org ANAB’s accredited CBs are located globally ANAB’s accredited CBs are located globally Expect 8-10 of these CBs to apply for accreditation in the near term Expect 8-10 of these CBs to apply for accreditation in the near term As many as 15-25 may eventually apply As many as 15-25 may eventually apply Opportunity for employment at CB

27 ANAB Assessors

28 Extremely limited if any!! Extremely limited if any!! High level of third party conformity assessment experience High level of third party conformity assessment experience Thorough expert working knowledge of ISO/IEC 17021 Thorough expert working knowledge of ISO/IEC 17021 Crème de la crème Crème de la crème Only contract with 25 assessors to perform over 800 audits per year Only contract with 25 assessors to perform over 800 audits per year Employment opportunities at ANAB

29 Summary

30 Where are we all going?

31 Third-Party PS-PREP Auditors NQA, USA Randy Pittman ps-prep@nqa-usa.com (800)649-5289

32 Third-Party Certification Model Accredited Certification Bodies (CB’s) Accredited Certification Bodies (CB’s) Standards/Requirements for Auditors Standards/Requirements for Auditors CB runs Sales & General Administration CB runs Sales & General Administration Assigns audits to auditors Assigns audits to auditors Auditor responsible for auditing Auditor responsible for auditing

33 Auditor Responsibilities Audit Responsibilities: Audit Responsibilities: Audit Planning Audit Planning Technical & Logistical Technical & Logistical Conduct Audit Conduct Audit Document Report/Submit to CB Document Report/Submit to CB CB-specific forms CB-specific forms Recommend Certification status Recommend Certification status Review CAR’s/Submit to CB Review CAR’s/Submit to CB Audit Admin (expenses, etc.) Audit Admin (expenses, etc.)

34 Becoming a 3 rd Party Auditor Code of Conduct, Traits, Competencies Code of Conduct, Traits, Competencies Practical Experience Practical Experience Business Continuity Management Business Continuity Management Management Systems Auditing Management Systems Auditing Standards Training Standards Training Competence confirmation Competence confirmation

35 Code of Conduct Ethical Ethical Fair Fair Due Diligence Due Diligence Independence Independence Evidence-Based Decisions Evidence-Based Decisions Based on ISO 19011 Based on ISO 19011

36 Traits / Skills Ethical Ethical Open-minded Open-minded Diplomatic Diplomatic Observant Observant Perceptive Perceptive Detail-Oriented Detail-Oriented Versatile Versatile Tenacious Tenacious Decisive Decisive Self-reliant Self-reliant Communication Communication Verbal Verbal Written Written

37 Competencies Audit principles and techniques Audit principles and techniques Management system understanding Management system understanding Organizational situation applicability Organizational situation applicability Applicable regulations and other requirements Applicable regulations and other requirements BCM related methods and techniques BCM related methods and techniques Including Risk Management Including Risk Management Critical Infrastructure & Key Resources Critical Infrastructure & Key Resources See DHS.gov; search ‘CIKR’ See DHS.gov; search ‘CIKR’

38 Standards Training Recognized/Certified PS-PREP Course Recognized/Certified PS-PREP Course Encompassing: Encompassing: BS 25999 BS 25999 ASIS SPC-1 ASIS SPC-1 NFPA 1600 NFPA 1600 BUYER BEWARE: Recognized PS- PREP Course DO NOT exist yet… BUYER BEWARE: Recognized PS- PREP Course DO NOT exist yet… Competency Examination Competency Examination

39 Standards Tri-Fecta Sorting out the matrix: PS-PREP: Program umbrella PS-PREP: Program umbrella Built on 3 distinct standards Built on 3 distinct standards Consider each standard separately in competency needs analysis, audit, etc. Consider each standard separately in competency needs analysis, audit, etc. Can be qualified for one or all standards “All” will be most marketable qualification

40 Connecting with a CB ANAB listing of PS-PREP Accredited CB’s ANAB listing of PS-PREP Accredited CB’s Documentation to have: Documentation to have: CV (w/ BCM), Training Cert, Audit Log CV (w/ BCM), Training Cert, Audit Log Contract vs. Full Time Contract vs. Full Time

41 Working with a CB Contractor Contractor Likely can work for several CB’s Likely can work for several CB’s Can maintain BCM consulting practice Can maintain BCM consulting practice MANAGE CONFLICTS OF INTEREST MANAGE CONFLICTS OF INTEREST 3-6 months in advance scheduling 3-6 months in advance scheduling Travel expected Travel expected Certification maintenance Certification maintenance

42 Working with a CB Full Time Full Time Work for one CB only Work for one CB only No BCM consulting allowed No BCM consulting allowed May have other tasks in ramp-up period May have other tasks in ramp-up period Other Audits, Sales, Internal Ops Other Audits, Sales, Internal Ops Utilization 16-18 Audit days/month Utilization 16-18 Audit days/month 1 - 6 month advance schedule 1 - 6 month advance schedule Travel Expected Travel Expected

43 43 Lisa DuBrock ldubrock@radiancompliance.com 847-997-2032

44 44 Career Opportunities Follow-up on Third Party Auditing Follow-up on Third Party Auditing Other Opportunities Other Opportunities Internal Auditor Internal Auditor Compliance or Second Party Auditor Compliance or Second Party Auditor Internal SME Internal SME External Consultant External Consultant

45 45 Traits / Skills Ethical Ethical Open-minded Open-minded Diplomatic Diplomatic Observant Observant Perceptive Perceptive Detail-Oriented Detail-Oriented Versatile Versatile Tenacious Tenacious Decisive Decisive Self-reliant Self-reliant Communication Communication Verbal Verbal Written Written

46 46 Additional Trait

47 47 Competencies Audit principles and techniques Audit principles and techniques Management system understanding Management system understanding Organizational situation applicability Organizational situation applicability Applicable regulations and other requirements Applicable regulations and other requirements BCM related methods and techniques BCM related methods and techniques Including Risk Management Including Risk Management Critical Infrastructure & Key Resources Critical Infrastructure & Key Resources See DHS.gov; search ‘CIKR’ See DHS.gov; search ‘CIKR’

48 48 Additional Competency Two- and Three-Digit Standard Industrial Classification (SIC) Code Table 01 AGRICULTURAL PRODUCTION-CROPS 12 COAL MINING 20 FOOD AND KINDRED PRODUCTS 011 Cash Grains 122 Bituminous Coal and Lignite Mining 201 Meat Products 013 Field Crops, Except Cash Grains 123 Anthracite Mining 202 Dairy Products 016 Vegetables and Melons 124 Coal Mining Services 203 Preserved Fruits and Vegetables 017 Fruits and Tree Nuts 204 Grain Mill Products 018 Horticultural Specialties 13 OIL AND GAS EXTRACTION 205 Bakery Products 019 General Farms, Primarily Crop 131 Crude Petroleum and Natural Gas 206 Sugar and Confectionery Products 02 AGRICULTURAL PRODUCTION-LIVESTOCK 138 Oil and Gas Field Services 207 Fats and Oils Understand the vertical of the company you are auditing

49 49 Other Career Opportunities

50 50 Internal Audit You might be an Auditor if... you have no idea that GAP is also a clothing store A Management System Internal Auditor is not a financial or operational auditor, but could be if they receive the proper training Required within the SPC.1 and BS 25999 standard, but only touched upon in NFPA 1600:2010

51 51 Compliance or Second Party Auditor Not involved with a Certifying Body Commonly used in a supply chain Usually hired by the ‘Prime Supplier’ or Manufacturer May be hired by individual ‘subs’ in the supply chain

52 52 Internal SME Management System SME Management System SME PS-Prep SME PS-Prep SME Standard Specific SME Standard Specific SME Discipline Specific SME Discipline Specific SME Emergency Management Emergency Management Business Continuity Management Business Continuity Management Resiliency Resiliency

53 53 Consultant Types of Consulting Services  Management Systems  Implementation  Audit Services  Training  Awareness Campaigns

54 It’s Your Turn

55 Thank You!

56 Final Words Our Hosts Our Sponsor

57 57 Upcoming Webinars Understanding Management Systems Business Impact Analysis: Techniques and Methods Human Resiliency: the Next Challenge Does the Tail Wag the Dog: Supply Chain Resiliency PS-Prep: Explained! How to Talk to Your CEO About BCP A Detailed Look at BS25999 A Detailed Look at NFPA 1600 A Detailed Look at SPC.1 Getting an ROI From Your BCP Benchmarking Business Resiliency How to Prepare for a PS-Prep Audit International Opportunities for BC Professionals What else would you suggest?

58 58 Questions,Comments, Suggestions webinars@metrix411.com

Download ppt "1 Career Options and the PS-Prep Program 27 July, 2010."

Similar presentations

1 IAF Working Group on FSMS Azusa Nakagawa-Inoue PAC TC meeting 16 June 2010.

1 IAF Working Group on FSMS Azusa Nakagawa-Inoue PAC TC meeting 16 June 2010.
International Organization International Organization

International Organization International Organization
Presented to By. 2 3Terms and definitions 3.7 competence ability to apply knowledge and skills to achieve intended results.

Presented to By. 2 3Terms and definitions 3.7 competence ability to apply knowledge and skills to achieve intended results.
Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS 1 1 1.

Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS
Organizational Governance

Organizational Governance
. . . a step-by-step guide to world-class internal auditing

. . . a step-by-step guide to world-class internal auditing
Internal Audit Capability Model (IA-CM) for the Public Sector

Internal Audit Capability Model (IA-CM) for the Public Sector
The Managing Authority –Keystone of the Control System

The Managing Authority –Keystone of the Control System
Gaining Senior Leadership Support for Continuity of Operations

Gaining Senior Leadership Support for Continuity of Operations
IBM Corporate Environmental Affairs and Product Safety

IBM Corporate Environmental Affairs and Product Safety
EMS Checklist (ISO model)

EMS Checklist (ISO model)
Effectively applying ISO9001:2000 clauses 6 and 7.

Effectively applying ISO9001:2000 clauses 6 and 7.
Effective Contract Management Planning

Effective Contract Management Planning
Checking & Corrective Action

Checking & Corrective Action
1 PS-Prep and Small Business: Examining the Issues The Webinar will begin shortly.

1 PS-Prep and Small Business: Examining the Issues The Webinar will begin shortly.
Internal Control–Integrated Framework

Internal Control–Integrated Framework
KEITH CANTANDO, CBCP CORPORATE SECURITY - PROGRAMS PROGRESS ENERGY PS-Prep (DHS – Voluntary Private Sector Preparedness Accreditation.

KEITH CANTANDO, CBCP CORPORATE SECURITY - PROGRAMS PROGRESS ENERGY PS-Prep (DHS – Voluntary Private Sector Preparedness Accreditation.
1 Important Changes to the Victorian Electricity Industry for Electrical Infrastructure Civil Works 1 July 2009.

1 Important Changes to the Victorian Electricity Industry for Electrical Infrastructure Civil Works 1 July 2009.
Internal Control and Control Risk

Internal Control and Control Risk
Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.

Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.

Similar presentations

Ads by Google