Sep 16
Public Law 110-53, Title IX
Posted: under Title IX.
Tags: best practices, Departement of Homeland Security, preparedness certification
The 9/11 Commission Report determined that the United States was not prepared for disasters. The post 9/11 Katrina experiences have re-emphasized this observation and reinforced a sense of urgency. In implementing the findings of the 9/11 Commission Report, the United States Congress enacted Public Law 110-53, “Implementing Recommendations of the 9/11Commission Act of 2007.” Title IX directs the Department of Homeland Security (DHS) to provide “voluntary” preparedness certification and “develop guidance or recommendations and identify best practices to assist or foster action by the private sector” across a wide range of business continuity practices.
DHS is actively implementing these requirements and is notifying 7-million businesses in September 2008 of their responsibility to establish a corporate continuity plan within a 24 to 36 month deadline.
Public Law 110-53, Title IX is the next step in a complex pattern of laws and regulations requiring the private sector to develop and maintain business continuity plans. By definition, this law affirms the strategic and tactical exposures in continuity and security vulnerabilities faced by businesses and the reality that business continuity is a board governance and compliance issue. The bottom line is that businesses must not only have actionable business continuity plans, those plans must now be certified. Failure to do so subjects a business to being out of compliance with the clear intent of Title IX.
Title IX Impacts
Although Title IX’s requirements remain “voluntary” at this time, Congress did mandate that the Department of Homeland Security “maintain and make public a listing of any private sector entity certified as being in compliance with the program” and provide “guidance or recommendations or best practices as necessary and appropriate.” Annual company audit and recertification is required. Failure of a corporation to be included on the list could impact ratings, shareholder value, selection as an approved vendor, RFP requirements, government contracts, insurability, personal liability of senior leadership, D&O coverage, and insurance costs. At this time, there is no civil or criminal fine or penalty for non compliance under Title IX. However, the law places every business on notice of the need for planning, outlines key planning equirements, identifies approved standards, creates the need for a third party certification benchmark,
and establishes best practices. The initial DHS strategy is to have the marketplace drive adoption of the certification and will leverage certification as a compliance factor. Title IX discussions indicate that a Sarbanes-Oxley type level of compliance for private sector continuity certification is the ultimate goal.
Solution: Preparedness begins with forward looking prevention
The first step in preparing for Title IX is to understand your organization’s level of preparedness. You know what you know; you do not know what you don’t know. To establish a baseline and identify priorities for enhancement, senior leadership should direct a completion of a scoping/gap benchmark analysis of existing continuity, disaster recovery, crisis management, safety, and pandemic plans, processes, and procedures.
We recommend Firestorm’s scoping process that includes a review of documents, plans, polices, and procedures, questionnaires, surveys, personal interviews, and site assessments. Firestorm begins by interviewing a select group of senior management and employees specified by the company, and conducting email survey questionnaires with a much larger group. Firestorm analyzes security, natural and man-made disasters, terrorism, and communicable illness/pandemic exposures along with current disaster plans, insurance, human resource policies, communications, critical supply chain, safety, and other applicable areas to identify vulnerabilities and exposures and begin the process of mitigating these risks.
You can download a White Paper that explains more about Title IX and it’s impact on your business here.
About Firestorm
Firestorm believes that a culture of preparedness is the foundation of success. Such a culture centers your organization on sound governance principles of responsibility and accountability. It enables and guides your organization should you face hostile conditions or if your business environment is compromised.Disaster readiness and enterprise value go hand-in-hand. Both are dynamic, forward-looking and expectations-based. The ability of management to plan for unexpected business-compromising situations, and be effective in turning them around, is more important in driving business recovery than the direct financial consequences of the disaster. Promoting and enforcing a culture of readiness protects a company’s assets. Firestorm’s Disaster Due Diligence™ process does just that.
A white paper that further defines the background, overview, certification and accrediting body and the impact that this regulation may have on your firm can be downloaded for free from
Firestorm’s website.
