Companies’ managers and employees who oversee implementing and managing a resilience program and/or plan (business continuity plan, emergency response plan, crisis management plan, IT disaster recovery, crisis communication plan, etc.) are consequently responsible for training on the various topics covered by these plans.
This includes, among other things, the understanding and ability to perform operational risk analyses, assess risks for employees on business trips, identify external sources of risk that could interrupt your operations, perform teleworking risk assessments, anticipate risks and adapt to changes, assess your organization’s ability to cope with major disruptions, perform physical security diagnostics, perform Business Impact Assessments (BIA), develop workarounds if critical suppliers experience business interruption, plan tests and exercises, train personnel who have roles and responsibilities in the plans, set up KPIs, simplify your organization’s resilience plans, know the legal and compliance obligations related to resilience and to which your organization is subject, as well as regularly update your overall knowledge to stay informed and abreast of best practices and new technologies.
Other employees with roles and responsibilities also benefit from minimal training in the aspects that concern them, in an approach that ensures they are able to carry out their tasks in planning mode and ready to react in the event of a crisis.
The aim of this article is to make you aware of the importance of personal training in resilience planning, so that you have the best practices to implement, maintain and improve such a plan in your company. We will therefore limit ourselves to a few examples.
Train with a reputable organization
There are several recognized organizations offering international training and certification in the various spheres of resilience for professionals, employees and company managers. Here are a few of the most reputed (list limited so as not to weigh down this article):
- ASIS (American Society for Industrial Security)
- BCI (Business Continuity Institute)
- BCM Institute (Business Continuity Management Institute)
- BRCCI (Business Resilience Certification Consortium International)
- DRI Canada (Disaster Recovery Institute – Canada)
- DRI International (Disaster Recovery Institute International)
- EMI (Emergency Management Institute FEMA/ DHS Independent Study)
- IAEM (International Association of Emergency Managers)
- IARCP (International Association of Risk and Compliance Professionals)
- IBFCSM (International Board for Certification of Safety Managers)
- ICOR (International Consortium for Organizational Resilience)
- IHMM (Institute of Hazardous Materials Management)
- IIA (Institute of Internal Auditors)
- IRM (The Institute of Risk Management)
- ISACA (Information Systems Audit & Control Association)
- ISC (International Information Systems Security Certification Consortium)
- ISO (International Organization for Standardization)
- NFPA (National Fire Protection Association)
- NIST National Institute of Standards & Technology
- PECB (Professional Evaluation & Certification Board)
- RIMS (Risk Management Society)
- Etc.
These organizations offer a variety of programs, ranging from online and traditional classroom courses to advanced workshops, and, depending on their service offerings, cover a wide range of subjects such as: auditing, fire safety, physical security, IT/technology security, emergency measures, business continuity, risk management, crisis management, crisis communication, IT/technology disaster recovery, cybersecurity and organizational resilience. However, these training courses and certifications are not within everyone’s reach, as costs can be an obstacle for many companies, especially if a large number of resources need to be trained. A winning approach would be to ensure that the manager and team responsible for managing the resilience program or plan take part in such training, while other employees with roles and responsibilities are trained by a firm specializing in resilience, through a certified trainer. This approach makes it possible to achieve the objectives of training and resource awareness (difference between awareness and training).
In all cases, it’s important to ensure that employees and managers take ownership of and maintain their knowledge of the resilience plan. Training and awareness-raising are therefore essential actions, for both new and existing employees. Find out more in this blog post.
Don’t underestimate continuous learning
In an ever-changing world, professionals and companies alike need to be able to adapt quickly to change. Although the budget allocated to continuing training is often limited, it represents an investment that should not be overlooked. Among other things, it helps to update skills, stay competitive in the marketplace, motivate employees and stimulate innovation and creativity in teams.
Continuing education is offered through various resources such as conferences and webinars given by professional associations and community groups, for example, in Quebec :
- Association de sécurité civile du Québec (ASCQ)
- Association de Sécurité de l’Information du Montréal Métropolitain (ASIMM)
- Association des gestionnaires en sécurité incendie du Québec (AGSICQ)
- Conseil pour la réduction des accidents industriels majeurs (CRAIM)
- Regroupement des organismes humanitaires et communautaires pour les mesures d’urgence à Montréal (ROHCMUM)
- Réseau d’Échange en Continuité des Opérations du Québec (Réco-Québec)
- Etc.
These associations and groups offer many networking events, and these are also a good opportunity to network with other industry professionals and get valuable advice from peers.
Individual responsibility throughout the career path
We believe that everyone is responsible for their own professional development, so we strongly encourage you to take training courses now and then, whether you’re an employee or self-employed. Don’t hesitate to be proactive by adding strings to your bow via various training courses, conferences, webinars or events. Of course, this requires time and money, but the results are certainly worth it!
Conclusion
Implementing and managing a resilience program and/or plan (business continuity plan, emergency response plan, crisis management plan, IT disaster recovery, crisis communication plan, etc.) within an organization is a complex task requiring specialized and in-depth training. The employees responsible must not only understand the risks and develop effective strategies, but also coordinate with teams and ensure regular training of all team members.
At Benoit Racette Services-conseils inc. we can help you plan and deliver training and awareness sessions tailored to your reality. Contact us today for our support: mailto:[email protected].