About InterCEP
description
Transcript of About InterCEP
1
Examining “the Business Case” for the
New Voluntary Private Sector Preparedness Certification Program
2
About InterCEP
• We are a catalyst focused on Private Sector Preparedness & Corporate Resilience
• The Alfred P. Sloan Foundation Funds InterCEP Research on Incentives for Business Preparedness – insurance, rating agency, mitigating legal liability,
supply chain, corporate governance
• Research Focus on the Linkage of
“What” & “Why” of Corporate Resilience
3
Our Panelists• Al Martinez-Fonts - Assistant Secretary, DHS• Robert Dix, Jr. - V.P., Govt. Affairs, CIP,
Juniper Networks• Bob Connors - Director, Preparedness, Raytheon• Pete Jespersen - Director, Bus. Cont. Mgmt.,
Merrill Lynch• Charles Wallen - Managing Executive, Bus Cont.
Committee, FSTC• Raymond B. Biagini - Partner, McKenna Long &
Aldridge LLP
4
Overview• Introduction
• Supply Chain Management
• Legal
• Rating Agencies
• Business Reporting
• Insurance
• Reputation & Other Considerations
Absent a “Why” the “What” will not get done
5
Certification
Standard(criteria)
Assessment Process(audit)
Certification
The Private Sector must be directly involved in the design
and implementation of the program.
Must assure basic business value!
7
Current Research • What to Do: There are consensus-based standards that
indicate “what” good preparedness is.
• Why to Do It:– Internal Incentives: There are a diversity of internal corporate
benefits to preparedness although these need to be better clarified & communicated
– External Incentives: Major stakeholders who may offer external incentives to acknowledge preparedness:
• Supply Chain Management• Rating Agencies• Legal• Insurance
8
Combining Multiple BenefitsMinimizing Impact of Business Disruptions
Insurance Benefits
Rating Agency Acknowledgement
Mitigating Legal Liability Post-Event
Supply Chain Resiliency
Process Efficiencies, Agility
Reputational, Corporate Governance and other Benefits
9
Current ResearchA disconnect for incentives:
• Major incentive stakeholders may be willing to
acknowledge preparedness • But they lack an appropriate indicator/assessment• And are not necessarily interested in assessing
preparedness themselves• Critically – there is no historical data on benefits
Chain
What to Do(Preparedness
Standards)
Why to Do It(Incentives &
Benefits)No CommonIndicator if
Prepared
< No Strong Connection >
10
Linking “What & Why”
The New Program may serve as a link:• It may assist in making a more effective connection
between good practice (What to Do) & benefits from both internal and external sources (Why to Do It).
What to Do(Preparedness
Standards)
Why to Do It(Incentives &
Benefits)Assessment & Certification
11
Key Considerations for Business Value
• Business Involvement in Program Design & Implementation (Management and Practitioners)
• Incentive Stakeholder Involvement
12
InterCEP’s Activities• Hosting Working Groups
– Supply Chain Management– Legal Liability Mitigation– Insurance Acknowledgement– Rating Agency Acknowledgement
• Developing a temporary online clearinghouse of information relevant to the voluntary business preparedness accreditation and certification program until appropriate body steps up.
• Participating in conferences & other forums.
13
If can’t measure it, you can’t manage it…
…and you can’t understand its impacts and
reward it!
14
Supply Chain Management
• Increasing need for supply chain resilience due to globalization, interdependencies, etc.
• Diversity of current efforts• Challenge of customers – attempting to build your
own program, engage and assess multiple suppliers
• Challenge of suppliers – diversity of customer assessment approaches, multiple audits
• Opportunity for mentoring
15
Legal Incentives
• Tort Negligence
• Port Authority ‘93 Bombing Case
• Affirmative Defense – advance conformity with a consensus-based industry standard
16
Rating Agency Acknowledgement
• Enterprise Risk Management (ERM) will be added as an element of all corporate ratings by S&P.
• Emergency management & business continuity are important elements of effective ERM in addressing operational risk
17
Rating Agency Acknowledgement
• “The extent to which companies are adopting standards, especially voluntary standards, would bolster the view that management has a proactive culture and attitude towards risk. However it’s too early in our process to know what weight we’d place on that evidence.”
18
Business Reporting
• Diversity of reporting requirements currently in some vertical industries, little in others
• Need to assure that program is a rationalizing force not a complication
• Need to support first, second and third party verification
19
Insurance
• Diversity of companies, product lines, etc.
• Unwillingness to define preparedness and measure it
• Lack of historical data correlating preparedness with outcomes
• Likely incremental with focus on key areas such as business disruption insurance initially
20
Reputational & Other?
• Reputation – differentiator?• Process efficiencies• Corporate agility• May facilitate exchange of best practices• More consistent benchmarking• May forward corporate governance goals• What else?
– ARC example
21
If we can be of help . . .Bill Raisch
DirectorInterCEP- New York University
212-998-2000 [email protected]
www.nyu.edu/intercep
22
Generic Template for Accreditation/Certification Scheme
23
What is a Preparedness Certification?
• Uses an accepted assessment process to acknowledge that the current state of organization’s emergency preparedness meets an identified standard(s).
• Assessment may be conducted by – The organization itself (first party)– A related organization (second party)– A qualified and independent third party
24
Typical Certification Steps
1. Internal review of current state of emergency preparedness (gap analysis) against selected standard
2. Supplement and/or improve existing preparedness processes, plans & activities to meet intent of desired standard(s)
3. Decide on first, second or third party verification if appropriate contract with accredited certification body
4. On-going surveillance and continual improvement processes
25
Key Players
• Accreditation bodies assess the competence of and accredit (i.e., approve) certification bodies against a set of accreditation requirements to carry out certain certification activities
• Accredited certification bodies assess the conformity of and certify an organization to certain standards or specifications
• The organization seeking certification