Managing operational resilience in today's digital environment is extremely challenging, whether your organization is public, private, or governmental. But what happens when the threat is not a computer virus but a biological one, causing much of your workforce to call in sick, either because they are infected or because they are afraid to come in to work?

In response to the potential for a widespread pandemic, many organizations have decided it's time to create a plan for how essential business processes can be sustained and operated securely in the face of a pandemic. This approach to proactively dealing with the potential threat of a pandemic increases the organization's awareness of the potential impacts and costs, and enables them to take actions that reduce the overall risk to the organization, minimize the impact of a pandemic on essential operations, and more predictably ensure the continuity of essential services such as information security.

This session will provide a high-level overview of the impact of a pandemic and explore the following aspects of what is involved:

• How past pandemics provide us with a baseline for understanding the potential impact on an organization
• Which elements of business resiliency planning are most applicable to pandemic planning
• Which elements of pandemic planning differ from traditional business resiliency planning
• Estimating the impact of a pandemic on your supply chain and service providers
• How to determine your organization’s readiness to continue essential operations during a pandemic
• Practical ways to assess your current and future organizational exposure under different scenarios
• Who are the major players (internal and external) that should be involved in pandemic planning
• What are some practical steps to begin implementing pandemic planning in your organization

Whether or not you have created and tested a formal pandemic plan through tabletop exercises or actual resiliency tests, this session will provide practical advice on what is involved in pandemic planning, how to incorporate it in your organization's overall business resiliency efforts, and what pandemic planning can mean to improving your organization's ability to continue to operate during such a crisis.

speaker photo
Stephen Head
Director, IT Risk Advisory Services, Experis Finance

Stephen Head is Director of IT Risk Advisory Services for Experis Finance. He has broad-based experience in cyber risk, regulatory compliance, IT governance and aligning controls with multiple standards and frameworks. He is the author of the internationally recognized Internal Auditing Manual and Practical IT Auditing, both published by Thomson Reuters. He was International Chair of ISACA’s Standards Board and a member of the AICPA Information Technology Executive Committee. As a Certified Business Continuity Professional (CBCP), CISSP, and a CISM, he brings a unique perspective to cyber resiliency, having managed information security practices as well as business continuity programs.