Interview with Mr. Ahmed Riad, Middle East Business Continuity Leader

Interview with Mr. Ahmed Riad, Middle East Business Continuity Leader

[Total: 3    Average: 1.3/5]

We had the pleasure to interview one of the best business continuity leaders in the region, Ahmed Riad, Middle East Business Continuity leader. we asked him for the importance of BC and organizational resilience, we also outlined some challenges that are facing Egypt to comply with BC standards. Additionally, he told us about his projects and implementation models. At last, there are some tips for new participants engaged in this field.


Can you please introduce yourself to security Kaizen magazine readers (bio, experience, history)?


Thanks for your question, I Am Ahmed Riad an expert in Business Continuity Management, Information Security Management, IT Disaster Recovery and IT Risk Management with over 12 years of industry experience both locally and internationally within banking and financial sector, telecommunications and consultancy of cross-functional experience in delivering optimal values in high growth environment.


I am considered one of the leading business continuity practice owners in Middle East and worldwide, promoting the practice among the clients, peers, and even other practitioners through the voluntary events, seminars, and published papers.


I am dedicated ambassador of Business Continuity and have earned the following recognition:
• WINNER of the BCI MIDDLE EAST Awards 2015 as ” Continuity and Resilience Consultant of the Year ”
• Member of Global Membership Council – Business Continuity Institute (BCI) “ Elected as Middle East Region Representative”
• Shortlisted for Business Continuity Consultant of the Year – DRI 2015 Awards of Excellence
• Shortlisted for Business Continuity Consultant of the Year – BCI Global Award 2014




What is the meaning of Business Continuity and Organizational resilience from your point of view?
Great question. Simply, Business Continuity is a discipline. It exists to avoid any interruption that could lead to significant losses or failure in achieve any of the organization objectives.
Business Continuity is all about preparing for and managing the response to (Loss of technology, loss of building, denial of access to a building, loss of staff , loss of supplier, etc.) Organization is an entity that offers services and products whether it’s profitable or not. Business Continuity helps the organization to continue its production of services or products in Emergency and crisis situation.


Let me also describe how it works, organization provides services or products through multiple resources such as human power, equipment, techniques and processes according to certain framework in line with the organization governance. We defines the potential risks that can threaten the organization, and also analyzes the importance of every element inside the organization (personnel, technique, processes, services). Then we implement the necessary business continuity strategies for the organization to guarantee the recovery from any disaster or emergency situation Next step, we start preparing the Business Continuity Plans .


We also simulate some drills based on imaginary scenarios for emergencies and disaster that could happen, in order to be ready for every possible risk and help the whole organization to be resilient when dealing with any crises situations. From my point of view, I see the organizational resilience the future because it integrates several aspects such as: crisis management, business continuity, information security … etc.


So far, we don’t have a clear implementation model for organizational resilience, however there is only a guideline that have been released by the British guideline 65000 in 2014 which explains the organizational resilience.


As we see in your short biography you have achieved tremendous success as a Middle East Business Continuity Practice Leader which is a rare thing. readers would like to know what brought you to this Industry?


I have been working in the information security field since 2007 including implementing the standards like ISO 27001 and IT Disaster Recovery plans and as you all know the business continuity is a part of ISO 27001 requirements. Information security standards and techniques are designed and implemented to secure any organization from any possible information loss. From that point, The Business continuity field fascinated me and felt that I can work on embedding a business continuity for an entire organization for dealing with any future potential risks, and I started to focusing on it more in order to apply it on a large scale in the Middle East in different business sectors.




You have implemented a model for how to implement Business Continuity in Middle East and North Africa. Could you please give us an overview?

In the last four years, I have noticed a sharp interest in the Middle East regarding the business continuity and organizational resilience. From here, I started thinking of an integrated model for implementation the business continuity.

1. Integrated methodology consists of five basic stages, 22 processes and 120 sub-action (available in Arabic and English versions).

2. The first document toolkit that includes an integrated implementation.

3. Dictionary that includes 100+ Arabic terminologies.

4. Integrated methodology in Arabic and English for the implementation of ISO 22301 regarding the business continuity and ISO 27001 regarding the information security combined in one project.

5. Integrated methodology in Arabic and English version of the implementation of ISO 22301  regarding the business continuity and the UAE business continuity standard.  I use this model for all my clients and it provides a positive results and very good feedback across the region.

What are the kinds of industries and clients that you have dealt with to provide consulting services regarding the Business Continuity and Resilience? Can you tell us about one of your best projects that you’re proud of?

In the last 7 years, I have worked on many projects of the business continuity and IT Disaster recovery in several  sectors (financial, health, communication, service sector and governmental one)

One of my best projects is in the financial sectors in a country of the Gulf region and it is one of the most   important projects for me because it was first project where I was able to apply my model and this project was   recognized many times from institutes and from filed experts.

Can you tell us more details about the Business Continuity Institute and your role within Global Membership Council as Middle East representative?

Business Continuity Institute is a non-profit institution founded in 1994; it works to increase the awareness of the business continuity and providing the best practices that helps the organizations and individuals to implement Business Continuity more effectively.

It also provides scientific membership for more than 9000 member around the world and it varies according to the level of experience. It also offers regional forums to raise the awareness of the business continuity around the world. For the Global Membership Council, it contains 21 experts from all over the world and they are chosen by elections and I have been elected to be the ambassador for the Middle East for the next three years (2014-2017)

The role of the Global Membership Council (GMC) is to provide professional expertise to enab
le the implementation of the BCI Strategy as defined by the Board, including the development, growth and standing of the BCI Membership as a whole. The GMC advises the Board on any membership issues and therefore plays a critical role within the Institute as the representative voice of the members.

As a Middle East practice Leader in Business Continuity and Resilience, How do you see the future of this Industry for Egyptian Society? What challenges this Industry is facing?

From my point of view, the implementation of business continuity and organizational resilience within the Egyptian governments’ entities must be embraced by the Egyptian state in the coming period in line with Egypt’s 2030 strategy.

Business Continuity has been applied in Egypt on a small scale in certain sectors such as banks … there must be an integrated vision of the implementation at the Egyptian state level which contributes to raise the level of resilient of the Egyptian state to deal with crisis and disasters. The most existing difficulties to global implementation of BCM and organizational resilience in Egypt are due to lack of:

1. Egyptian expertise in this filed.

2. Overall vision for implementation in Egypt.

3. Books and references in business continuity in Arabic.

4. Enforcement and regulations.




• Build a local Egyptian expertise:
During the previous period in cooperation with BlueKaizen tried to raise awareness of business continuity and rehabilitation specialists in the business continuity by holding training courses in partnership with the best intern–ational entities such as BCI and PECB, but I think this step is not sufficient and therefore in the upcoming future I will be conducting voluntarily seminars and workshop with the help from Blue Kaizen and BCI Egyptian  forum in different places such as universities and the financial sector in order to raise awareness of business continuity and organizational resilience.
• Absence of a comprehensive vision for implementation at the state level:
As a leader of the business continuity on the world level, and from my love to my country I already started    developing a comprehensive vision for the implementation of business continuity within Egyptian society and  will provide it to the responsible authorities in Egypt and I hope there will be interest in the business continuity   for the benefits of the country.
• Raise awareness of alignment IT Disaster Recovery with business continuity Management:
With the collaboration with Blue kaizen and BCI Egypt Forum I will hold several seminars and workshops dedicated to IT professionals in order to raise awareness of business continuity and correct misconceptions and develop clear strategies to implement business continuity in the institution.


• Lack on available books and references about business continuity in Arabic language:


During the last period it became clear to me the lack of Arabic contents in business continuity and organizational resilience, However during this period as individual effort I attempted to develop Arabic contents in collaboration with business continuity Institute BCI as well as at the Disaster Recovery Institute International DRII , which produced (Good Practices Guideline in Arabic (LI) – BCI, business continuity and organizational resilience Dictionary in Arabic – Disaster Recovery Institute , USA. But I think that this is not enough as the Arabic contents in this important discipline, therefore I currently working on creating a web portal which should be a Arabic guideline for business continuity and organizational resilience across the middle east and north Africa .



what are the books, best practices or web site for business continuity and organizational resilience you’d recommend and why?
With respect to all the existing books, training courses and websites in Business continuity, I highly recommend the BCI Good Practices Guideline GPG 2013  from business continuity institute The real value of the GPG to BC professionals lies  in the fact that it considers not just the ‘what’ to do but also the ‘why’, ‘how’ and  ‘when’ of practices written by BC world experts., in the line with ISO 22301, offered in  different languages and it explains the life cycle of business continuity and how it can   be implemented.


Why do you think there is increase of interest in business continuity? What has been the impact of ISO 22301?


Because of what happened in the Arabic world over the past five years, The Arab World found it interesting to implement the business continuity on government level to keep providing and producing services and products. There are several pilot initiatives at the Arab world such initiative in the United Arab Emirates to apply business continuity on government level and the private sector and follow the issuance of the first Arabic standard in business continuity management by NCEMA.
There is also an initiative at the State of Qatar, which has been through the issuance of business continuity guide, and I hope Egypt will follow the example of these countries to ensure continuity of delivery of basic services to the state and create mechanisms and clear methodology to deal with disasters and crisis.


In 2007 it was issued by the British Standard BS 25999. Since that date till 2012 There was no international Standard supported in business continuity until the body of standards ISO issued the ISO 22301 which had  become a clear framework of business continuity requirements that must be abiding to the organizations  to obtain a certificate of international accreditation in business continuity and discerned the importance of  thisstandard that attracted the attention of several institutions around the world to apply the business continuity  to improve its readiness and willingness to deal with disasters and crisis.


Also during the last five years, the BCI works to develop GPG 2010 – GPG 2013 , which contributes to the   clarification of the mechanics and the life of the implementation of business continuity that’s alignments with  requirements of ISO 22301, also there is DRII professional Practices that provide a life cycle of implementation  of BCM.


Looking out 3 to 5 years, beyond the trends, what do you think will be the next big change in the business continuity industry?


Integration is the answer for this question, in the sense that the world on the way to implement an integrated approach to maintain the organizational resilience and to ensure the integration of several departments into a single entity (risk management, business administration, responding continuity emergency … etc.) which  will lead to increase the readiness of the organization to deal with disasters and crisis and emergencies and handling it easily.


During the past four months I have formatted an integrated methodology for implementing the organizational resilience within the institutions and I will provide it at the upcoming security Kaizen Conference, I hope it will  be beneficial to the recipients and the middle east region.






Leave a Reply

Your email address will not be published. Required fields are marked *