Resources

Resources

Set out below is a series of links to national and international standards for preparedness, business continuity, crisis management, as well as relevant organizations and associations. We welcome your suggestions for additions to this list.

We try to ensure all links remain current but if you find yourself at a dead end please let us know so we can update our site. Either email info@raymondcoxconsulting.com or submit the form on our Contact page.

To expand the titles, click on each arrow below.

 

Standards & Guidelines

Standards & Guidelines – Reference Lists from DRJ and BCI

Two organizations in the private sector maintain comprehensive lists of the laws, standards and guidelines related to disaster recovery planning and business continuity management. One is an organization based in the US. The other is an organization based in the UK. Both are excellent resources for professional reference.

The Disaster Recovery Journal’s list can be downloaded (in Excel format) from the Rules and Regulations Page.

The Business Continuity Institute’s list can be downloaded (in PDF format) from the BCM Guides & Standards Regulations, Standards & Guidelines Page.

Background on Private Sector Preparedness

DHS/FEMA Private Sector Preparedness Program (PS-Prep)

The Voluntary Private Sector Preparedness Program (PS-Prep) is mandated by Title IX of the Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110-53).

The purpose of the PS-Prep Program is to enhance nationwide resilience by encouraging private sector preparedness in an all-hazards environment.

Prior to the PS-Prep program, there was no comprehensive set of standards that the spectrum of American businesses and private sector entities could use to assess their preparedness for all hazards.

Congress directed the Department of Homeland Security (DHS) to develop and implement a voluntary program of accreditation and certification of private entities using standards adopted by DHS that promote private sector preparedness, including disaster management, emergency management and business continuity programs.

For more information on the PS-Prep Program, visit:

PS-Prep

Information about PS-Prep

Frequently asked questions about PS-Prep

Standards for Private Sector Preparedness

The following three standards have been approved by the U.S. Department of Homeland Security development for voluntary certification of Business Continuity and Emergency Preparedness Programs in the private sector, under Title IX of Public Law 110-53.

• NFPA 1600:2013 – Standard on Disaster/Emergency Management and Business Continuity Programs

About the Standard: Developed by the National Fire Protection Association (NFPA), this standard provides a management system framework and the criteria for development of programs to support an organization’s preparedness for emergency, disaster and business disruption.

NFPA 1600 is recognized by the American National Standards Institute (ANSI) as an American National Standard.

NFPA 1600:2013 includes a new chapter on Training and Education as well as annexes to address issues within the field of emergency management and business continuity and to address the use of NFPA 1600 as a Management System Standard..

The 2013 Edition of NFPA 1600 may be downloaded at no cost from NFPA Org.

• ASIS SPC.1-2009 – Organizational Resilience: Security, Preparedness, and Continuity Management Systems – Requirements with Guidance for Use

About the Standard: Developed by the American Society for Industrial Security (ASIS), this standard provides the framework for a management system that integrates security, preparedness, response, mitigation, business/operational continuity and recovery from an emergency, crisis, or disaster.

ASIS SPC.1 is recognized by the American National Standards Institute (ANSI) as an American National Standard.

At present, ASIS has not announced any updates to this standard.

Obtaining a Copy: This standard may be downloaded at no cost from the PS-Prep™ Standards Page.

• ISO 22301:2012 – Societal Security – Business Continuity Management Systems – Requirements

A guidance document for ISO 22301 is also available under the title “ISO 22313:2012, Societal security — Business continuity management systems — Guidance.”

A guidance document for ISO 22317 is also available under the title “ISO 22317:2015, Societal security — Business continuity management systems — Guidelines for Business Impact Analysis (BIA)

Obtaining a Copy: ISO 22301, ISO 22313, and ISO 22317 may be downloaded for a fee from ISO.

• AS/NZS 5050:2010 -Business Continuity – Managing Disruption-Related Risk

About the Standard: Developed by Standards Australia, AS/NZS 5050 is a joint national standard for Business Continuity Management in New Zealand and Australia.

This standard has not yet been adopted or endorsed by the U.S. Department of Homeland Security under the category of “Standards for Business Continuity and Emergency Preparedness”. It is, however, an internationally recognized standard and is in close alignment with ISO 31000 (Risk Management – Principles and Guidelines).

AS/NZS 5050 describes the application of the principles, framework and process to manage business disruption related risk and establish business continuity management programs in a manner consistent with the international standard for risk management, ISO 31000:2009.

The Standard includes, in Section 5, a schedule of requirements for organizations seeking to demonstrate their processes for managing disruption-related risk meet the characteristics of management systems as described in ISO Guide 72.

Standards Australia has not announced a schedule for update of AS/NZS 5050.

Obtaining a Copy: This standard may be downloaded for a fee from SAI Global.

Resources for Private Sector Preparedness

Business Continuity Institute (BCI)

About the BCI Good Practice Guidelines (GPG 2013): Details may be found on BCI.

Obtaining a Copy: The Good Practice Guidelines 2013 may be downloaded for a fee from BCI.

FEMA Ready.Gov

Ready.Gov is a national public service advertising (PSA) campaign designed to educate and empower Americans to prepare for and respond to emergencies including natural and man-made disasters. The goal of the campaign is to get the public involved and ultimately to increase the level of basic preparedness across the nation.

Red Cross

The Red Cross Ready Rating program provides a framework designed to: 1) Help businesses, organizations, and schools become prepared for emergencies; 2) Help increase the level of preparedness among individuals and families; and 3) Encourage businesses, schools and organizations to help their local communities prepare for emergencies.

• Red Cross Ready Rating Program

• Frequently Asked Questions about the Red Cross Ready Rating Program

Organizations & Associations

The following local and national organizations have additional resources, which can assist in the development of plans, practices and communities for emergency preparedness, business continuity, and crisis management.

• Business Continuity Institute (BCI)

• Business Recovery Managers Association (BRMA)

• Disaster Recovery Institute (DRII)

Neighborhood Emergency Response Team (NERT)

• NERT USA

• NERT SF Bay Area

Disaster Preparedness Supplies and Kits

The following are locally owned Bay Area businesses offering a full line of earthquake survival kits and emergency supplies for disaster preparedness to individuals, schools, small, medium and large organizations.

• Earth Shakes

• Nexis Preparedness Systems

• Simpler Life Emergency Provisions