voluntary private sector preparedness accreditation and ... · (public law 110-53) – directs dhs...
TRANSCRIPT
Voluntary Private Sector Voluntary Private Sector Preparedness Accreditation and Certification Programand Certification Program
“PS-Prep”presented at the
AGA/EEI Security ConferenceAGA/EEI Security Conference
Ellen WillhiteAPS Business Continuity Manager
March 8, 2011
Agenda
• Welcome
DHS EEI E t• DHS-EEI Engagement
• PS-Prep Background
• PS-Prep Framework Guide
• PS-Prep FeedbackPS Prep Feedback
• Questions and Answers
2
DHS EEI EngagementDHS - EEI Engagement
3
PS-Prep Engagement• DHS, assisted by contractor Energetics Inc.,
invited EEI to partner in developing the first sector-specific PS-Prep Framework Guide
• EEI CEO Business Continuity Task Force agreed to partnership; engagement kicked off March 2010partnership; engagement kicked off March 2010
• EEI PS-Prep Working GroupPepco Holdings United Illuminating Constellation Energy
Tampa Electric Kansas City Power and Light Southern Cal Edison
NextEra (FP&L) Portland General Electric Pacific Gas and Electric
Southern Company Allegheny Power Alliant Energy
BC Hydro Con Edison Northeast Utilities
National Grid American Electric Power Arizona Public Service
Edison Electric
4
EEI Objectives
• Proactive Partnership with DHS• Tell Our Industry’s Story of PreparednessTell Our Industry s Story of Preparedness• Review & recommend deliverables for
Framework Guide:C t t – Context
– Structure
– Viability
• Collaborate on Industry compliance matrix for:– NFPA 1600
– BS 25999BS 25999
– ASIS SPC 1-2009
• Communicate & EducateC it t t tif i i di id l • Commitment to certify is an individual company decision
5
PS Prep BackgroundPS–Prep Background
6
Implementing Recommendations of the 9/11 Commission Act of 2007
Mandated Action
(Public Law 110-53)
– Directs DHS to establish a “Voluntary Private Sector Preparedness Accreditation and Certification Program”
– Select preparedness standards for accreditation and bl h d d festablish accreditation and certification program
Improve Private Sector Preparedness in:– Disaster management
– Emergency management
– Business continuity
Key Program RequirementsKey Program Requirements– Voluntary Participation
– Provide a method to independently certify preparedness of private-sector entities (third-party certification)of private-sector entities (third-party certification)
– Integrate and leverage existing regulatory requirements and programs, if feasible7
Program Coordination, Management, and Oversight Structure
• The Act identifies specific DHS program offices with
and Oversight Structure
p p goversight over PS-Prep:
– Administrator of FEMA
– Assistant Secretary for Infrastructure Protection
– Assistant Secretary for the Private Sector
– Under Secretary for S&T (DHS Standards Executive)
• DHS designated FEMA as the program lead
8
Certification Program Model
Accreditor* Accredits certifying bodies
Certifies private-sector entities Certifying Bodies
pto an adopted standard
Private Sector Entitiesthat apply for
voluntary preparedness certification
* ANAB = ANSI-ASQ National Accreditation Board9
Adopted Standards
On June 15, 2010, DHS announced adoption of the , , pfollowing standards:
• NFPA 1600 - Standard on Disaster / Emergency Management and Business Continuity Programs, “ …a g y g ,common set of criteria for preparedness, disaster management, emergency management, and business continuity.” (2007 and 2010 editions)
• BS 25999 - Business Continuity Management. “…defines requirements for a management systems approach to business continuity, and integrates risk management disciplines and processes ” management disciplines and processes.
• ASIS SPC.1-2009 - Organizational Resilience: Security, Preparedness, and Continuity Management Systems “ defines requirements for a management systems …defines requirements for a management systems approach to organizational resilience.”
10
Critical Infrastructure Sector-Specific Engagements
18 Critical Infrastructure Sectors– Agriculture and Food
DHS Office of Infrastructure Protection is collaborating with
Sector-Specific Engagements
– Defense Industrial Base– Energy– Healthcare and Public Health– National Monuments and Icons
sectors to:
– Identify guidelines, best practices, relevant National Monuments and Icons
– Banking and Finance– Water– Chemical
p ,regulations and agreed codes of practice that already apply to the sector
– Commercial Facilities– Critical Manufacturing– Dams
Emergency Services
– Cross-map to adopted standards
Develop framework guide for – Emergency Services– Nuclear Reactors, Materials, and Waste– Information Technology– Communications
– Develop framework guide for use by certifying bodies and sectors in applying standards
– Postal and Shipping– Transportation Systems– Government Facilities
standards
11
The Case for Preparedness
• Why prepare?y p p
– Resilience
– Continuity
– Sustainability
• Why prepare to a standard?
– Standards developed by groups of external preparedness experts
– Systematic approach - avoid unintentional gaps
– Facilitates appropriate allocation of resources
• Why certify?
– Credibility
12
PS Prep Framework GuidePS–Prep Framework Guide
13
Electric Sector PS-Prep Framework Guide1. Getting Prepared - Details key subject areas of a
comprehensive preparedness program
PS-Prep Framework Guide
2. Getting Certified - Defines the certification process, description of standards and potential value of certification
3 The Electric Sector Perspective Describes regulatory 3. The Electric Sector Perspective - Describes regulatory landscape, business case for preparedness and considerations prior to certification
4 S t C M W k h t A i t i f i lf4. Sector Cross-Map Worksheets - Assists in performing a self-assessment for compliance to a standard. Provides an electric sector worksheet which aligns industry regulations/practices to individual elements of the standards regulations/practices to individual elements of the standards for a defined scope. (Downloadable and tailorable)
5. Electric Sector Data-Set - Outlines a comprehensive list of laws regulations programs and practices relevant to laws, regulations, programs and practices relevant to preparedness and the Electric Sector
14
A ComprehensivePreparedness ProgramPreparedness Program
15
PS-PrepMapping GuideMapping Guide
16
PS-PrepSector-Specific WorksheetsSector-Specific Worksheets
17
PS-PrepSector Cross Map Worksheets
Worksheets may be used to assist in performing a li i lf t f l t tifi ti
Sector Cross Map Worksheets
preliminary self-assessment for voluntary certification after defining scope
Step 1: Know the preparedness standard
Step 2: Review internal preparedness practices
Step 3: Align existing preparedness practices as closely asStep 3: Align existing preparedness practices as closely aspossible to individual elements of chosen standard
18
PS-PrepConsideration ChecklistConsideration Checklist
19
PS-PrepOnline Resources
• PS-Prep Resource Centerwww.fema.gov/privatesector/preparedness
Online Resources
g /p /p p
– Managed by FEMA
– Links to Three Standards
Federal Register Notices– Federal Register Notices
– Press Releases and Fact Sheets
• Critical Infrastructure Learning Serieshttp://dhs.gov/ciwebinars
– Partnering for Critical Infrastructure Preparedness
– Voluntary Preparedness Standardsy p
• ANAB websitehttp://www.anab.org
I f ti f tif i b di– Information for certifying bodies
– Information for private sector entities interested in certification20
Questions?Questions?
21