Crisis Management

Business Continuity Management in ISO 27002:2022

By |2022-03-07T15:52:25+01:00 7 March, 2022|News, Norms & Standards|

In February 2022, ISO 27002 "Information security, cybersecurity and privacy protection - Information security controls" was updated and replaces its predecessor from 2013 with the 2022 version. ISO 27002 is the guidance for implementing the requirements from ISO 27001 and consequently is not itself a certification standard. Certification continues to be based on the ISO 27001 standard. The title of the standard has been changed (formerly: "Information technology - Security techniques - Code of practice for information security controls"), the structure of the controls has been changed, for example by assigning attributes to the individual controls and controls have been merged, the descriptions updated and controls deleted. These changes will be included in the ISO 27001 update and will be mandatory for future ISO 27001 certifications. The following controls were added: Threat intelligence Information security for use of cloud services ICT readiness for business continuity Physical security monitoring [...]

Read More
 0

Leading – differences between bcm and administrative crisis management

By |2021-09-29T11:18:07+02:00 29 September, 2021|Interest|

Business continuity management can also mean "emergency and crisis management". We also find this term in the administrative sector, as in the work of civil protection. But is leadership in the event of crises really the same? This short article is intended to highlight individual differences and similarities between these two emergency and crisis management approaches so that a distinction can be made and differentiation simplified. Causes of crises The causes of crises or disasters in the field of civil protection are almost exclusively external. This means, for example, natural disasters, terrorist attacks or a technical/human failure, which leads to high risks. In the case of companies, there are two additional causes: inadequate attention to operational fluctuations up to the point of escalation and the occurrence of latent problems, which lead to high reputational damage. The crisis is therefore not only brought in from the outside, but may [...]

Read More
Comments Off on Leading – differences between bcm and administrative crisis management

The crises team

By |2021-09-27T10:52:18+02:00 27 September, 2021|crisis management, Interest|

A crisis team is a group of people with decision-making authority who plan and implement the management of a crisis. Other names are a staff for extraordinary events or a task force. No matter what such a group is called, it must have decision-making capability and be responsible for managing the crisis. Fire Service Regulation 100 on Leadership and Command in Emergency Operations (German: Feuerwehr-Dienstvorschrift 100, FwDV 100 or DV 100) describes the crisis management team as it is used in emergency response (fire department, rescue service, disaster control/civil protection). Here, it is referred to as incident command staff. For more information on the distinction between the crisis management team and the command staff, you can read our blog article on the topic of "Leading - differences between BCM and official crisis management". The FwDV 100 was created after the Lüneburg Heath fire, as leadership faced great challenges [...]

Read More
 0

Modern Hospital Alarm and Response Planning

By |2021-09-24T16:37:49+02:00 24 September, 2021|Interest, Norms & Standards|

Hospitals are specialized healthcare enterprises that operate either for profit or as a public legal entity. Crisis management in hospitals is also known as "hospital alert and response planning" (german: Krankenhaus Alarm- und Einsatzplanung KAEP), this has its roots in the need to increase treatment capacity. Examples of this are mass casualty incidents (MCI) or sick cases, where the hospital has to care for significantly more patients than in regular operation. Also described in the KAEP are measures to deal with functional failures, such as power outages. Hospital processes require personnel as well as resources embedded in an organization. Support from resources such as electricity, water, sewage, hygiene, IT, materials, medicines, etc. is required with the highest availability. Organizational, billing and documentation processes occur in parallel. The intersection between a hospital and a company from a business continuity management perspective is therefore very large. The Criticality Ordinance of [...]

Read More
Comments Off on Modern Hospital Alarm and Response Planning

Emergency drills – stumbling blocks and importance

By |2021-08-31T12:01:14+02:00 31 August, 2021|News, Safety|

Due to multiple threat possibilities (e.g. natural phenomena, increasing dependencies on information technology, international terrorism, blackouts, pandemics, etc.), emergency drills are an important tool to prepare a company/organization for such scenarios. Only those who are prepared and feel prepared can handle an emergency adequately and in a timely manner. If this is not the case, emergencies can develop into crises or even disasters for one's own company/organization or even for other stakeholders. This article is intended to shed a little light on the complex topic of emergency drills, emphasizing the importance and problem areas of such drills by highlighting some aspects. Thus, there is by no means any claim to completeness. Importance of emergency drills As mentioned earlier, we are all virtually at the mercy of a variety of threats that can result in physical or financial damage or damage to reputation. These threat opportunities are difficult for [...]

Read More
Comments Off on Emergency drills – stumbling blocks and importance

Organizational resilience

By |2021-08-31T08:23:13+02:00 31 August, 2021|Norms & Standards, Safety|

The standards for organizational resilience In March 2017, the new ISO standard ISO 22316:2017 was published with the long title "Security and resilience - Organizational resilience - Principles and attributes". The standard was developed by the Technical Committee ISO/TC 292 Security and resilience, which is also responsible for the ISO standards around ISO 22301 Business Continuity Management. In addition to this ISO standard, BS 65000:2014 "Guidance on organizational resilience" has been available from British Standards (BSI) since 2014. We can therefore currently build on two standards on the subject of resilience. What is it about a topic that is apparently so important that two standards are dedicated to it? If you enter the search term "resilience" for german books in Amazon, you will already receive over 1,000 suggestions for filling your electronic shopping cart. If you approach the topic of "resilience" in a foreign language, you already [...]

Read More
Comments Off on Organizational resilience

Updated: Hospital alert planning for pandemics

By |2021-08-24T07:34:44+02:00 24 August, 2021|Interest|

The course of corona disease worldwide shows that a massive increase in the number of infected individuals is also to be expected in Germany. At present, there are still very few infected people compared to China and Italy. Pandemic measures are needed to reduce the spread, especially in hospitals. Corona, in the form of Covid-19, is a virus that can be transmitted from person to person. Vaccine protection against it has not yet been developed, so the only way to prevent it from spreading is through good hygiene and isolation of those infected. The legal basis for this in Germany is the Infection Protection Act, which requires compliance with the state of the art in medicine and epidemiology in order to prevent the spread. According to Section 4 (1) of the Infection Protection Act, the Robert Koch Institute is named to prescribe and develop this state of the art. Accordingly, the [...]

Read More
Comments Off on Updated: Hospital alert planning for pandemics

Crisis management after product extortion

By |2021-08-23T09:45:46+02:00 23 August, 2021|Interest|

Turpentine, coliform bacteria, pesticides, cyanide, broken glass or chemicals: the list of means with which products have been laced in order to extort companies is long; the procurement of these toxins, on the other hand, is simple. The core of any product extortion lies in the nature of the perpetrators, their psyche, their criminal energy, and their determination to carry out the threat. A look at the statistics brings astonishing insights: "The perpetrators" is usually "the perpetrator", namely a classic lone perpetrator. Often this lone perpetrator tries to fake a group in order to increase his "dangerousness". It is almost exclusively men who commit this type of crime, and they are often of above-average intelligence. It is also interesting to note that one hardly ever finds previously convicted or habitual criminals among the group of perpetrators of product extortion. The psychological profiles of these perpetrators would certainly provide [...]

Read More
Comments Off on Crisis management after product extortion

“New Normal” – Really that new?

By |2021-08-18T13:58:00+02:00 18 August, 2021|Interest, News|

In many places, life with and after SARS-Covid-19 is currently being described as the new normal. But much of what is supposed to be "new" is not so new. I dare to take a look back. The call of the tower guard: "Close the gates" announced imminent danger. The "lockdown" was the consequence. Isolation and waiting (historically: quarantine = 40 (itl. quaranta) days waiting period for ships entering the port of Venice to protect the narrow city from epidemics) were always the first step to ward off an epidemic. So far, nothing new. But behind the term "New Normal" lies the question of how to shape the future. And not just in dealing with a pandemic event. In terms of business processes, this means formulating modified requirements for business continuity management (BCM). Because closing the gates and waiting will have consequences: Necessary movements of people and goods are [...]

Read More
 0

Is COVID-19 really a “Black Swan”?

By |2021-08-18T13:27:29+02:00 18 August, 2021|Interest|

Many commentators referred to the COVID-19 pandemic as a "Black Swan" event. However, this is a misunderstanding of what a Black Swan actually is. Understanding the difference moves COVID-19 from the list of events for which governments and organizations could not prepare to the list of events for which they should have prepared. What are Black Swans? The theory of Black Swan events was developed to categorize unpredictable high-impact events. Nassim Nicholas Taleb first proposed the term in his 2001 book Fooled by Randomness. In 2007, he expanded the concept in his better-known book, "The Black Swan." According to Taleb, a Black Swan event has three characteristics: "First, it is an outlier, being outside the range of regular expectations, because nothing in the past can convincingly point to its possibility. Second, it has an extreme impact. Third, despite its outlier status, human nature lets us concoct explanations for [...]

Read More
 0
Copyright IUGITAS GmbH | Alle Rechte vorbehalten | Impressum | Datenschutz
Go to Top