Voluntary Private Sector Voluntary Private Sector Preparedness Accreditation and Certification Programand Certification Program

“PS-Prep”presented at the

AGA/EEI Security ConferenceAGA/EEI Security Conference

Ellen WillhiteAPS Business Continuity Manager

March 8, 2011

Agenda

• Welcome

DHS EEI E t• DHS-EEI Engagement

• PS-Prep Background

• PS-Prep Framework Guide

• PS-Prep FeedbackPS Prep Feedback

• Questions and Answers

2

DHS EEI EngagementDHS - EEI Engagement

3

PS-Prep Engagement• DHS, assisted by contractor Energetics Inc.,

invited EEI to partner in developing the first sector-specific PS-Prep Framework Guide

• EEI CEO Business Continuity Task Force agreed to partnership; engagement kicked off March 2010partnership; engagement kicked off March 2010

• EEI PS-Prep Working GroupPepco Holdings United Illuminating Constellation Energy

Tampa Electric Kansas City Power and Light Southern Cal Edison

NextEra (FP&L) Portland General Electric Pacific Gas and Electric

Southern Company Allegheny Power Alliant Energy

BC Hydro Con Edison Northeast Utilities

National Grid American Electric Power Arizona Public Service

Edison Electric

4

EEI Objectives

• Proactive Partnership with DHS• Tell Our Industry’s Story of PreparednessTell Our Industry s Story of Preparedness• Review & recommend deliverables for

Framework Guide:C t t – Context

– Structure

– Viability

• Collaborate on Industry compliance matrix for:– NFPA 1600

– BS 25999BS 25999

– ASIS SPC 1-2009

• Communicate & EducateC it t t tif i i di id l • Commitment to certify is an individual company decision

5

PS Prep BackgroundPS–Prep Background

6

Implementing Recommendations of the 9/11 Commission Act of 2007

Mandated Action

(Public Law 110-53)

– Directs DHS to establish a “Voluntary Private Sector Preparedness Accreditation and Certification Program”

– Select preparedness standards for accreditation and bl h d d festablish accreditation and certification program

Improve Private Sector Preparedness in:– Disaster management

– Emergency management

– Business continuity

Key Program RequirementsKey Program Requirements– Voluntary Participation

– Provide a method to independently certify preparedness of private-sector entities (third-party certification)of private-sector entities (third-party certification)

– Integrate and leverage existing regulatory requirements and programs, if feasible7

Program Coordination, Management, and Oversight Structure

• The Act identifies specific DHS program offices with

and Oversight Structure

p p goversight over PS-Prep:

– Administrator of FEMA

– Assistant Secretary for Infrastructure Protection

– Assistant Secretary for the Private Sector

– Under Secretary for S&T (DHS Standards Executive)

• DHS designated FEMA as the program lead

8

Certification Program Model

Accreditor* Accredits certifying bodies

Certifies private-sector entities Certifying Bodies

pto an adopted standard

Private Sector Entitiesthat apply for

voluntary preparedness certification

* ANAB = ANSI-ASQ National Accreditation Board9

Adopted Standards

On June 15, 2010, DHS announced adoption of the , , pfollowing standards:

• NFPA 1600 - Standard on Disaster / Emergency Management and Business Continuity Programs, “ …a g y g ,common set of criteria for preparedness, disaster management, emergency management, and business continuity.” (2007 and 2010 editions)

• BS 25999 - Business Continuity Management. “…defines requirements for a management systems approach to business continuity, and integrates risk management disciplines and processes ” management disciplines and processes.

• ASIS SPC.1-2009 - Organizational Resilience: Security, Preparedness, and Continuity Management Systems “ defines requirements for a management systems …defines requirements for a management systems approach to organizational resilience.”

10

Critical Infrastructure Sector-Specific Engagements

18 Critical Infrastructure Sectors– Agriculture and Food

DHS Office of Infrastructure Protection is collaborating with

Sector-Specific Engagements

– Defense Industrial Base– Energy– Healthcare and Public Health– National Monuments and Icons

sectors to:

– Identify guidelines, best practices, relevant National Monuments and Icons

– Banking and Finance– Water– Chemical

p ,regulations and agreed codes of practice that already apply to the sector

– Commercial Facilities– Critical Manufacturing– Dams

Emergency Services

– Cross-map to adopted standards

Develop framework guide for – Emergency Services– Nuclear Reactors, Materials, and Waste– Information Technology– Communications

– Develop framework guide for use by certifying bodies and sectors in applying standards

– Postal and Shipping– Transportation Systems– Government Facilities

standards

11

The Case for Preparedness

• Why prepare?y p p

– Resilience

– Continuity

– Sustainability

• Why prepare to a standard?

– Standards developed by groups of external preparedness experts

– Systematic approach - avoid unintentional gaps

– Facilitates appropriate allocation of resources

• Why certify?

– Credibility

12

PS Prep Framework GuidePS–Prep Framework Guide

13

Electric Sector PS-Prep Framework Guide1. Getting Prepared - Details key subject areas of a

comprehensive preparedness program

PS-Prep Framework Guide

2. Getting Certified - Defines the certification process, description of standards and potential value of certification

3 The Electric Sector Perspective Describes regulatory 3. The Electric Sector Perspective - Describes regulatory landscape, business case for preparedness and considerations prior to certification

4 S t C M W k h t A i t i f i lf4. Sector Cross-Map Worksheets - Assists in performing a self-assessment for compliance to a standard. Provides an electric sector worksheet which aligns industry regulations/practices to individual elements of the standards regulations/practices to individual elements of the standards for a defined scope. (Downloadable and tailorable)

5. Electric Sector Data-Set - Outlines a comprehensive list of laws regulations programs and practices relevant to laws, regulations, programs and practices relevant to preparedness and the Electric Sector

14

A ComprehensivePreparedness ProgramPreparedness Program

15

PS-PrepMapping GuideMapping Guide

16

PS-PrepSector-Specific WorksheetsSector-Specific Worksheets

17

PS-PrepSector Cross Map Worksheets

Worksheets may be used to assist in performing a li i lf t f l t tifi ti

Sector Cross Map Worksheets

preliminary self-assessment for voluntary certification after defining scope

Step 1: Know the preparedness standard

Step 2: Review internal preparedness practices

Step 3: Align existing preparedness practices as closely asStep 3: Align existing preparedness practices as closely aspossible to individual elements of chosen standard

18

PS-PrepConsideration ChecklistConsideration Checklist

19

PS-PrepOnline Resources

• PS-Prep Resource Centerwww.fema.gov/privatesector/preparedness

Online Resources

g /p /p p

– Managed by FEMA

– Links to Three Standards

Federal Register Notices– Federal Register Notices

– Press Releases and Fact Sheets

• Critical Infrastructure Learning Serieshttp://dhs.gov/ciwebinars

– Partnering for Critical Infrastructure Preparedness

– Voluntary Preparedness Standardsy p

• ANAB websitehttp://www.anab.org

I f ti f tif i b di– Information for certifying bodies

– Information for private sector entities interested in certification20

Questions?Questions?

21