ASIS President-Elect, David C. Davis, CPP opened the conference, followed by an informative keynote presentation of Dr. Tim Summers ASIS International, the global organisation for security professionals, has recently completed its first international event in mainland China, which was held in Shanghai on 3 and 4 December. With some 150 attendees from 18 countries, the conference was sold out. ASIS President-Elect, David C. Davis, CPP, opened the conference and was followed by an informative keynote presentation of former diplomat and Chatham House Scholar Dr. Tim Summers who spoke on "China 2020: will the reforms work?" Dave Davis also presented the Dan Grove APAC Regional Scholarship for emerging security professionals to Garrhett Thomas from Perth, Australia. Educational sessions on security topics Presentations on day one included Patrick Wang, Head of Security Asia at Bekaert who spoke on the topic of corporate security culture, and Rain Teng, Security Director, Cardinal Health who talked about social engineering. The first conference day closed with the President's Reception which was sponsored by Tyco. Day two of the conference started with a dynamic presentation by Dr. Marc Siegel, commissioner of the ASIS Global Standards Initiative, on using standards to align security with business. Other sessions included Colin Chen, Greater China and Southeast Asia Director at Johnson & Johnson, who spoke on IPR protection issues in China, and Wesley Fan, Asia Regional Security Director at Walmart, who spoke about the effective use of anonymous whistle-blower mechanisms to detect and investigate corporate fraud. The closing keynote was delivered by Totti Karpela, Director of Hong Kong-based Peace of Mind Threat Management, about psychopaths in the corporate world. Conference attendee Andy G. Torrato, Assistant Vice President- Physical Assets Security at Aboitiz Equity Ventures Inc. commented, “The ASIS China Conference was indeed very informative and kept me updated with new standards, case studies and best practices shared by peers in the security industry, particularly in terms of business resilience and creating a security culture. My network has expanded and I have created new friends from across the world. It is definitely a worthwhile event and I am looking forward to next year.” On concluding the conference, ASIS President-Elect, David C. Davis, CPP remarked “I think it was an outstanding event for our first outing in mainland China.” Establishment of the ASIS Shanghai Chapter The event, which was sponsored by Tyco, CRI, China City Guard, Global Rescue, G4S, ICD, Abloy, and Redpoint Resolutions, follows the establishment of the ASIS Shanghai Chapter in 2014, strong membership growth in China, and aligns with the ASIS Board of Directors’ goal of increasing the Society’s global presence. ASIS International plans return to Shanghai with a second iteration of its China Conference in the last quarter of 2016.
Organisational resilience takes all appropriate actions to help ensure the organisation’s continued viability In this day and age, the traditional components of security officers, cameras, access control and alarm systems aren’t enough to protect a company or organisation. No matter how good your preparations, security sometimes breaks down, and bad things happen. That can take a toll on a business. Today, security’s role extends to organisational resilience. What is organisational resilience? The ASIS International American National Standard on Organisational Resilience (OR) defines it as “a management framework for action planning and decision making needed to anticipate, prevent if possible, and prepare for and respond to a disruptive incident (emergency, crisis or disaster). It enhances an organisation’s capacity to manage and survive the event and take all appropriate actions to help ensure the organisation’s continued viability.” Organisational resilience is perhaps the most important responsibility that security has today. It goes beyond traditional security and provides business value to the organisation by ensuring business continuity. “Businesses are in business to create value,” says Marc Siegel, the commissioner, global standards initiative for ASIS International’s European Bureau. “Crisis management is the process of facilitating the recovery of business functions after an event.” That idea suggests a new way of conceiving of the role of security. Traditionally, the idea that security could and probably would break down one day went unspoken and unrecognised. see bigger image Today, we know better. Good security organisations and systems work fine most of the time. Sometimes, though, airplanes fly into buildings and people with guns burst into company offices and start shooting. Now, the security team becomes a response, recovery and business continuity team. Response, of course, comes first. In the case of an active shooter, for instance, the response and recovery work would involve calling the police, hustling people to safety when possible, providing first aid for the injured, supporting the police when they arrive and initiating recovery plans that will enable business to continue with as little downtime as possible. Then comes recovery. How did this event affect the company’s ability to do business? How can you help organise a return to full service capabilities? Identifying and recovering from problems Response and recovery deals with a variety of threats to a business, criminal and otherwise. For instance, Siegel once consulted with a client that generated hazardous materials during manufacturing. Disposing of the waste cost so much that the company found it easier and less expensive to store the waste in barrels at the plant. Was on-site storage really less expensive? The barrels cluttered up the plant and created an eyesore for neighbors. As the company’s security consultant, Siegel decided to check. After all, storing hazardous material on site seemed like a safety risk. “When we investigated, we found that it was not really a hazardous waste problem,” he says. “It was an accounting problem. Purchasing was buying chemicals in bulk to for the volume discounts.” Building OR begins with eliminating security silos and divisional silos within a business “While that seemed like a good idea, when we added in the lifecycle costs of the chemicals, including final disposal, we discovered that it was actually more cost effective to buy smaller quantities of chemicals, generate less waste and pay a reasonable disposal fee.” By solving the hazardous waste problem, Siegel solved two other problems no one had noticed before. The workers felt safer with the hazardous materials gone and grew more efficient, and the neighbours saw that the waste had been cleaned up and grew more comfortable with the plant. Overall, OR improved. Building organisational resilience “Building OR begins with eliminating security silos and divisional silos within a business,” Siegel says. “We have to begin thinking of ourselves as risk managers. We have to get to know the managers in other divisions and the risks they need help managing. There are risks in every department, and so everyone is part of risk management solutions.” “In the end, OR is the outcome of hitting the sweet spot between business management and risk management processes,” says Siegel.