Experience

• 

  BCP Pros, Inc.

  • San Clemente, CA 92672

  • Senior Consultant

    • Jan 1999 - Present
    • San Clemente, CA 92672

    Formerly known as Mainstay Consulting Group, LLC. We deliver consulting services for large organizations, specializing in Risk Mitigation, Business Impact Assessments, enterprise wide Business Continuity Management and Disaster Recovery Programs.

• 

  California Department of Transportation

  • Sacramento, California

  • Project Manager Business Continuity Management

    • Jul 2007 - Dec 2013
    • Sacramento, California

    * Developed Disaster Recovery Plans for 12 Districts and Sacramento Headquarters.* Conducted Risk & Vulnerability and Business Impact Assessments for each district.* Developed recovery strategies to ensure continuity of critical business functions.* Created emergency response, communications, damage assessment, disaster declaration, and system/application recovery plans. Integrated DR plans with continuity of government plans.* Developed BCM Training Programs for IT and business unit personnel.* Created/Implemented department wide DRP policies and standards.* Developed Mock Disaster Scenarios. Created Test plans, test scripts and strategies.* Created post exercise evaluations, reports, and plan remediation project task lists.Project Results: Successfully passed annual state audits to ensure program met State requirements published in Budget Letter 07-03, and SAM 4843-4843.1. Conducted successful integrated, component and table-top exercises with districts and Caltrans Headquarters.

• 

  County of Orange

  • Santa Ana, CA

  • Project Manager, Recovery Strategy Development

    • Feb 2008 - Jan 2009
    • Santa Ana, CA

    * Developed Recovery Strategies for critical applications and associated business processes. * Consolidated/Reviewed existing Business Impact Analysis (BIA) for application prioritization.* Conducted Business Impact Analysis (BIA) for 21 agencies identifying critical processes.* Created final report listing Recovery Strategy options, associated costs and recommendations.Project Results: County IT management chose report recommendation followed by successful DR testing. Report enabled them to meet agency requirements to provide adequate business process recovery facility and a backup facility for IT.

• 

  California Department of Public Health

  • Sacramento, California Area

  • Project Manager, Disaster Recovery Planning

    • Jan 2007 - Jan 2008
    • Sacramento, California Area

    * Developed Disaster Recovery and Business Continuity Plans for 19 Divisions.* Conducted Business Impact Assessment defining recovery priorities and RTO/RPO.* Developed recovery strategies to ensure continuity of critical business functions.* Coordinated IT and Business Unit plans to ensure IT requirements support business recovery efforts.* Created Plan testing standards and conducted tests with multiple Divisions and Programs.* Created/Implemented Department DR/BC policies and standards for testing & plan maintenance.Project Results: Successfully passed annual state audit to ensure program met State requirements published in Budget Letter 07-03, and SAM 4843-4843.1, HIPAA Security standards and ITIL requirements. Successfully conducted multiple component and table-top exercises.

• 

  California Department of Health Care Services

  • Sacramento, California

  • Consultant/Project Manager Disaster Recovery Planning

    • Mar 2002 - Sep 2007
    • Sacramento, California

    * Developed Business Continuity and Disaster Recovery Plans for 24 Divisions. * Conducted Risk Analysis & Business Impact Assessments to learn RTO/RPO, and restoration priorities.* Developed recovery strategies to ensure continuity of critical business functions.* Developed Plan testing standards and conducting tests with multiple Divisions and Programs.* Created/Implemented Department policies and standards for testing & ongoing plan maintenance.* Developed Incident & Emergency Response program, including policies, procedures, and training.Project Results: Successfully passed annual state audit to ensure program met State requirements published in Budget Letter 07-03, and SAM 4843-4843.1, HIPAA Security standards and ITIL. Successfully conducted multiple component and table-top exercises.

• 

  Intersections Inc.

  • Chantilly, VA

  • Project Manager, Disaster Recovery Plan Review

    • Jul 2006 - Jul 2007
    • Chantilly, VA

    * Reviewed and presented management report on state of existing disaster recovery & business continuity plans based on industry best practices as defined by FFIEC, CoBit, and ITIL.* Conducted a Business Impact Assessment.* Developed Recovery Strategies and priorities, including RPO and RTO requirements.* Developed a new, more effective DR plan template, including response & notification, damage assessment, disaster declaration, system recovery and business restoration procedures.Project Results: Plans were developed, conducted first integrated test, and passed regulatory audit.

• 

  Seneca Capital Management

  • San Francisco, CA

  • Consultant, Business Continuity Management, DR Plan

    • Apr 2002 - Mar 2003
    • San Francisco, CA

    * Conducted Business Impact, Risk & Vulnerability Assessments, and reported on findings.* Created and designed recovery strategies, including RPO and RTO requirements.* Developed IT Department Disaster Recovery Plan and Business Continuity Plans for 20 business units.* Created policies and procedures governing plan maintenance and training of the DR/BCP Program.* Conducted plan testing for IT and business units, including table-top and integrated testing.* Developed corporate emergency plan, including emergency response and notification procedures.Project Results: Successfully represented company during third party audit of disaster recovery and business continuity plans. Auditor stated plans went beyond audit and regulatory requirements.

• 

  L.A. Care Health Plan

  • Los Angeles, CA

  • HIPAA and DR/BCP Consultant

    • Mar 2000 - Mar 2002
    • Los Angeles, CA

    * Performed Gap Assessment of existing privacy and security standards.* Developed recommendations to meet HIPAA standards for security and privacy.* Developed/implemented privacy/security policies & procedures.* Recommended security system software and cyber-defense systems to enforce policies.* Developed HIPAA Awareness Training course for employees and management* Managed development of Disaster Recovery Plan during this time.Project Results: Successfully met HIPAA Privacy and Security Requirements, as reviewed by a third party audit, as well as subsequent regulatory audits.

• 

  Pacific Life

  • Newport Beach, CA

  • Consultant, Disaster Recovery Plan Development

    • Jan 1999 - Mar 2000
    • Newport Beach, CA

    * Conducted Risk & Vulnerability and Business Impact Assessments.* Developed DR Plans including event response/notification, damage assessment, restoring client/server, LAN/WAN, phone system and mainframe environments.* Improved backup tape processes, and offsite storage program; conducted offsite tape library audit.* Developed Business Continuity plans for Business units, including management order of succession.Project Results: Conducted successful plan testing. Plans exceeded corporate requirements for BCP & DR plans.

• 

  WFS Financial

  • Irvine, CA

  • Production Systems Support Manager

    • Jan 1992 - Oct 1998
    • Irvine, CA

    * Established strategic IT disaster recovery direction including use of commercial hotsites, design of auto-failover systems for mission critical UNIX systems located in California and Texas. Developed DR plans for all platforms, including AT&T phone, imaging, IT call center and corporate help desk systems. Managed eight successful disaster recovery tests, including participation from IT and business unit personnel. Developed Business Continuity plans for (7) subsidiaries, involving 60 business units.* Designated as Corporate ISO. Developed and Managed security program for all platforms, establishing strategic direction for information security program and cyber-defense mechanisms, ensuring regulatory requirements were met. * Developed policy and procedures to support enterprise security, including the Internet/Intranet usage and electronic communications. * Responsible for technical support of multiple platforms including IBM S/390, HP/UX, DG/UX, UNISYS, Novell and NT. Provided level II & III support for mission critical applications.

• 

  Great American Bank

  • San Diego, CA

  • Disaster Recovery Manager

    • 1980 - 1989
    • San Diego, CA

    Disaster Recovery Plan development and maintenance. Development of business continuity plan. Managed 26 integrated tests using hot-site backup.