John Glenn, MBCI, SRP
http://JohnGlennMBCI.com
JohnGlennMBCI@gmail.com - Planner@JohnGlennMBCI.com
Mobile 1-727-542-7843


Summary

JOHN GLENN is an Enterprise Risk Management (Business Continuity, Disaster Recovery, COOP) practitioner who has been creating complete Enterprise, Business Unit, and IT-specific plans for Defense, Energy Exploration, Financial, Fortune 100, Government, Insurance, International, and Transportation organizations since 1994. Manager and mentor, Mr. Glenn also has extensive documentation and training experience. A regular contributor to the Disaster Recovery Journal (DRJ), he earned his Certified Recovery Planner (CRP) certification in 1999; he currently is certified as a Member, Business Continuity Institute (MBCI) and as a Senior Recovery Planner (SRP) of the Certified Recovery Planner Program at the University of Richmond (VA).

Chronological employment history

Business Continuity Manager - Defense Industry

    January 2007 - present (Staff)

    • Create, or advise and mentor others in creation of, IT-specific Business Continuity plans for multi-site division of major defense contractor.
    • Create, or advise and mentor others in creation of, IT-centric site plans for all division sites having data centers
    • Create PowerPoint training aids for all-division use
    • Create COOP marketing presentation
    • Provide COOP expertise in proposal development
    • Participate as division IT representative on corporate and division pandemic plan development teams.
    • Participate as division IT representative on division Crisis Management Team (CMT).
    • DoD Secret clearance (interim)

      • Division has approximately 20,000 people working from Division and client facilities throughout the United States and Europe. As the Division's IT Business Continuity Manager, I work with both IT and business unit (end-user) personnel to create Business Impact Analyses for all new servers and all applications which touch the Corporate network, and to develop Information System Continuity Plans (ISCPs) for critical applications to assure that these applications are available to meet internal, external, and regulatory requirements.
      Additionally, develop training materials and template so IT or client personnel can develop Site ISCPs to assure that all personnel - IT, business unit, facilities, etc. - are aware of the consequences of a facility failure, including relocation of business unit personnel while the facility is restored or replaced, and any special customer-IT relationship requirements (e.g. collocation of business unit and IT due to latency concerns).
      Work with Facilities personnel to develop comprehensive facility-specific Business Resumption Plans, assuring that IT interests are included and critical IT personnel identified (with up-to-date information).

Independent consultant - multiple projects

    January 2004 - December 2006
    • Mentored retail industry client to develop risk management plan to identify and document risks to temporary relocation of its data center operations at a distant site and recovery of the data center operation at the primary site, including personnel safety and facility inspection. Risks included lack of functional unit management support and participation necessary for successful completion of the project.
    • Identified Enterprise Risks associated in preparation of a energy exploration organization's Sarbanes Oxley Act (SOx) audit and made recommendations to avoid or mitigate the identified risks; developed Enterprise Risk Management-related policies and procedures and modifications to existing policies and procedures to align them with ERM requirements.
    • Guided municipal government's Information Technology team in development of showcase business continuity program designed to be a model for all City departments illustrating the benefits of Enterprise Risk Management; reviewed purchased "fill-in-the-blanks" business continuity software application and identified weaknesses.
      Provide instruction on how to use common commercial, off-the-shelf (COTS) business applications to gather, document, and maintain plans and plan components (e.g. critical personnel contact lists)
      Work closely with CPA auditors to identify risks normally overlooked, e.g. a safe containing critical information whose combination was known by only one person (if the person became ill, was on vacation, or otherwise unavailable, the safe would have to be drilled - time consuming and expensive - or the contacts left unseen).
      Emphasize personnel awareness and safety planning as integral part of Enterprise Risk Management (ERM).
      Participate in SOx team sessions representing both ERM and documentation interests.
      Diplomatically manage and influence client personnel, senior managers, and other consultants to accomplish risk management goals.

Business Analyst - Enterprise Continuity Planner - Zim

    October 2001 - December 2003 (Staff)
    • Create enterprise Business Continuity plan for Zim regional headquarters (for North, Central, South American operations).
    • Develop MIS policies & procedures which impact Zim operations in North America, Central America, and South America.
    • Create training materials for business functions, including EDI.
    • Evaluate, recommend, implement Help Desk software application and train MIS local and remote technical and administrative personnel in its efficient use.
    • Interface between IT and IT clients (call centers, management, EDI specialists) to identify IT product enhancements to improve efficiency and reduce costs

Author

    August 2001 - October 2001
      Write compact book which details basic business continuity plan development for novice planners and for non-planners charged with creating a simple plan.

Independent Consultant - multiple projects

    July 2000 - July 2001
    • Engagement with Fortune 25 all-lines insurance company to salvage business continuity project initiated by a "name" consulting company. Project includes both business and IT resources. Two-stage project was to (a) protect business units and (b) to develop federally-compliant plans for the company's bank and credit union. Project was 2 months behind schedule; with the addition to three independent planners (of which I was the senior business continuity professional) the project completed one month early. Introduce other planning professionals to the requirements and expectations of the Federal Financial Institutions Examination Council (FFIEC) which serves as the examining arm for Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision.
    • Develop FFIEC-compliant business contingency plan for Fortune 50 travel and entertainment leader from virtual office environment.

      • Introduce requirement for all critical vendors to provide business continuity plans for review by my client's planning professionals. This requirement has since become a standard contract clause.
      Review and critique all critical vendor business continuity plans and report findings to both my client and, via the client, to the vendor; this provides a win-win situation in that the client knows the vendor's survivability capability and the vendor enjoys a "free" Gap Analysis (professional review) of its plan.
      All plans comply with FFIEC (ibid.) guidelines effective at the time and client corporate policy (client owns bank, ergo FFIEC requirement).
      Provide client with hard copy and electronic (CD) deliverables.
      Project completed on time and under budget.

    • All plans

      • Create business continuation plans for business functions based on input from Client Vice Presidents, Directors, and Business Function Managers.
      Perform gap analysis on existing Client business function continuation plans.
      Plans include Business Impact Analysis (BIA) through Recovery Plan and both Training methodology and Maintenance philosophy.
      Diplomatically manage and influence client personnel, senior managers, and other consultants to accomplish risk management goals.

Writer - Adaptec

    February 2000 - June 2000 (Consultant)
    • Engaged to convert existing PageMaker documents to FrameMaker format.
      • Create automated process to convert documents from PageMaker to FrameMaker. Perform QA to assure accuracy in final format.
      Establish and document process for creation and maintenance of new documents.
      Project, scheduled for 6 months, was completed in 5 months and under budget.

Staff Consultant - DMR Consulting Group

    May 1995 - October 1999 (Staff)
    • Provide Enterprise Risk Management/Business Continuity, Y2K, and Documentation consulting services to broad client base including automotive industry, data centers, insurance company, lodging chain, network management operations, state government, telecommunications organizations.1
    • Enterprise Risk Management (ERM)/Business Continuity (BC)

      • Diplomatically manage and influence client personnel, senior managers, and other consultants to accomplish project goals.
      Develop, with Business Unit Manager and Sales professionals, marketing materials (low-cost brochures, compact PowerPoint presentations).
      Develop low-cost marketing program targeted to MBA and BBA candidates at universities throughout the State
      Develop, with Business Unit Manager, project proposals.
      Develop, with client sponsors, Statements of Work and Project Plans
      Present Enterprise Risk Management/Business Continuity project information to client personnel at all levels, from very senior executives to newest intern, individually and in groups of up to 100.
      Create complete plans including Business Impact Analyses (BIA), Risk Identification, Risk Prioritization, Risk Avoidance & Mitigation Recommendations; Business Unit and Critical Resource Response Plans, Personal Awareness and Safety Programs, Maintenance Processes, and Training Methodology.
      Develop BIA based on input from client managers and Subject Matter Experts (SMEs).
      Create all deliverables.
      Present deliverables to client sponsor, SMEs, mid- and senior management.
      Train Sales and non-ERM/BC professionals to recognize ERM/BC opportunities.
      Train and mentor non-ERM/BC professionals to assist the project within their areas of expertise (moving them off the "bench" and into income generating functions).
      Utilize Fortune 100's internal resources to establish primary and secondary alternate sites to assure it could be all of its clients' Service Level Agreements (contract requirements) in the event the main facility or IT resources failed for any reason.

    • Y2K
      Manage 10 dotted-line reports in cross-matrix project to identify all IT hardware and software resources requiring mitigation or replacement for assure Y2K compliance.
      Assure project is in alignment with client's corporate Y2K schedule.
      Contact all critical vendors, both domestic and international, to assure vendor products are Y2K compliant or Y2K ready and track vendor written assurances to satisfy client auditors.
      Inventory all hardware, including elevators and communications equipment, to determine if the equipment included an embedded microprocessor and, if it did, if the device was Y2K compliant or Y2K ready.

    • Documentation

      • Develop process to modify, or create as necessary, platform-independent soft text and graphic documentation.
      Create DOS-compliant (8+3) naming convention before commencing documentation work to permit establishment of cross-references to documents yet to be created.
      Learn HTML and create 150-plus cross-referenced text and graphic documents.
      Enhance DMR's documentation capabilities by moving book-length complex documents from the word processing environment to a true publishing environment.

    • DMR internal functions
      Represent company as its Business Continuity and Documentation Subject Matter Expert at client and vendor meetings.

      Platforms & software

      Platforms Macintosh, Microsoft DOS, Microsoft Windows, UNIX (HP/UX)
      Software Microsoft Office Pro (Access, Excel, PowerPoint, Word); Microsoft Visio; Microsoft Project
      Adobe Acrobat Distiller & Exchange (to create PDF)
      Groupwise, HP Openview, HTML
      Lotus Notes (database and mail), Microsoft Exchange; Explorer, Microsoft Mail, Netscape Navigator & Composer
      FrameMaker, Interleaf, Ventura; Requisite Pro

      Certifications

      Business Continuity Institute Member (MBCI), 2004 - present
      University of Richmond (VA) Senior Recovery Planner (SRP), 2007- present
      Harris Recovery Institute Certified Recovery Planner (CRP), 1999-2000

      Professional references & publications

      References http://johnglennmbci.com/reference.html
      Publications http://JohnGlennMBCI.com/onWWW.html
      Candidate site http://JohnGlennMBCI.com/articles.html
      Blog http://JohnGlennMBCI.blogspot.com

      Continuing education

      Emergency Management Institute, Washington DC

      • Introduction to Continuity of Operations (COOP) (IS-547)
      • National Incident Command System (NIMS) (IS-700)
      • Citizen's Guide to Disaster Assistance (IS-7)
      • Emergency Program Manager: An Orientation to the Position (IS-1)
      • Radiological Emergency Management (IS-3)

      Institute of Emergency Administration and Fire Science, St Petersburg FL

      • Disaster Recovery Operations (FFP 2480)
      • Technology Applications in Emergency Management (FFP 1058)

      National Fire Academy, Washington DC

      • Emergency Response to Terrorism (Q-534)

      Personal information

      Citizenship United States of America, evidenced by active U.S. passport.
      Security U.S. Department of Defense Secret (interim)
      Relocation Relocation considered.
      Travel Extensive domestic and international travel acceptable.

      Contact information

      Residence 2708 Wrexham Court, Herndon VA 20171-2405
      Email Primary: JohnGlennMBCI@gmail.com
      Alternate: Planner@JohnGlennMBCI.com
          Please use both email addresses to assure delivery
      Telephone 1.727.542.7843 (mobile)