Our team of experts can highlight any weaknesses in your existing business continuity and disaster recovery plans, recommending updates based on industry best practices.
Anything that affects your facilities, operations, or people can put your business continuity at risk, from natural disasters like hurricanes that stall shipments of critical components, to infrastructure failures like overtaxed power grids, to civil unrest or labor strikes.
Kroll’s expertise and knowledge to assess the effectiveness of your existing business continuity and disaster recovery plans allow us to highlight any weaknesses and recommend updates based on industry best practices. Our comprehensive process typically includes three phases:
Phase 1 – Business Risk Analysis & Business Impact Analysis (BIA)
To develop comprehensive business continuity and disaster recovery plan for your organization, Kroll will come to understand your business and critical activities through a business risk analysis of the business groups and properties. This will include all elements collaboratively identified as: threats, assets and mitigation; business risks to assets such as: financial, customer, brand and reputation, operational, legal and regulatory. Our approach is in line with the following international standards:
- IOS 22301:2012 – Societal security, BCM systems requirements (United Kingdom)
- ISO 22313:2012 – Societal security, BCM systems guidance (United Kingdom)
- ISO/IEC 27031:2011 – Information security (United Kingdom)
- ANSI/ASIS SPC.1-2009 – Organizational resilience (North America)
- FFIEC:2008 – Business Continuity planning booklet – Mandatory requirement that applies to US banks and their service providers (North America)
- AS/NZ HB 167 – Security risk management (Australia)
- Basel II: 2006 – Revised international capital framework, applies to international banks
Phase 2 – Response Strategy & Recovery Plan Development
Based on your priorities and our analysis, Kroll will develop a supporting framework for the plan, as well as identify the resources for maintaining full or limited continuity of operations in the event of an incident.
Construction of the plan will be a collaborative effort within all levels of the organization to ensure alignment regarding various threatening scenarios.
Phase 3 – Training and Testing
To ensure the effectiveness of the plan in the event of a disaster, our team can provide training exercises that help organizations respond with confidence. Testing recovery sites and emergency evacuation processes also ensures that they are safe, consistent, scalable, and repeatable.
Services include assessments, plan designs, drills and emergency security services.Resilience Consulting
Crisis Management and Emergency Response
On-site assistance for any emergency including natural disasters, violent political activity, etc.Crisis Management and Emergency Response
Crisis Management and Emergency Response Plans
Organize, draft and implement emergency preparedness and action plans and procedures.Crisis Management and Emergency Response Plans
Crisis Management and Emergency Response Training
Leading organizations through crisis management and business continuity training exercises.Crisis Management and Emergency Response Training