If you are building, implementing or reviewing the technology solutions for your duty of care program, take a look at these 9 steps to consider. If you want to know more, or get hold of the complete white paper, simply reach out to me on Linkedin.
I am pleased to release the first version of my EVO framework to guide companies considering their duty of care technology requirements, provide a solid starting point for their proposals to vendors and create a fresh perspective for duty of care solutions. I hope this is useful during this period of the year when so many safety and security events are running. You can get the full whitepaper by contacting me on LinkedIn or filling out the contact form on the Evo website.
If you have spent time, or perhaps years, searching for the perfect technical solution to your duty of care challenges, it is time to be honest and understand there are no silver bullets that will solve all your needs. This Evo Blog looks to help address some of these challenges and challenge the status quo. Technology innovation over the past decade has created the opportunity to revolutionise how you can tick off many of your program's needs, automate them, use collaborative-always-available solutions and use data to get better situational awareness to make smarter decisions. The Evo Framework has been designed to give you are model where you can analyse and apply knowledge to your duty of care program in a meaningful and productive way. The Framework has been broken down into 9 foundational areas ... all intentionally labelled using verbs ...
ASSESS Capturing the threats and vulnerabilities to people, places, areas, assets, environment, operations and reputation. Measuring impact and providing advice, direction and action required to manage and mitigate impact and response.
IMPLEMENT Digitally building policy as processes, flows, procedures, roles, responsibilities, teams, communications etc. Identifying areas ready for automation, tactical response, strategic recovery and ways to test. A key factor is to implement in a way that can be tested.
ENGAGE Engaging with your entire workforce to ensure every individual and stakeholder has access to the solutions, understands how to use them, why they exist, verify their personal details, how to reach out for assistance when required and provide feed back for improvement
TEST The ability to exercise and simulate assessed threats and real-world events to ensure policy has been effectively implemented, assessments are accurate, and goals & objectives are achievable. Aim for simulations to use as realistic data as possible within privacy limits.
DETECT Monitoring and triaging of all events identified during assessment or as they happen whilst identifying unforeseen events. Ensuring that implemented policy can be rapidly judged and enacted upon in a timely fashion and escalated internally or externally for response.
RESPOND All automated and human activities enacted upon as part of response to incidents and crises. Whether impacting an individual, a whole site, a geographic area, IT, social, governance, operations, financial etc. Keep a firm control and visibility from start to finish
RECOVER Strategic return to operation for your business. Initiated for substantial, damaging and impactful events where careful crisis management is required. Escalate from response cases to planned recovery projects with the wider team and partners through goals & objectives
AUDIT A clear, compliant, timeline-based log of all activities, decisions and updates made via automation, the control room, incident and crisis management teams. Searchable and filterable. Ready for internal or external auditors and investigation teams to analyse.
LEARN Real-time analytics of entire framework in action. Providing measures of effectiveness, efficiency, productivity etc. to aid in defining success and failure, identifying gaps and weaknesses in the implemented solution and technology currently implemented
