Cyber Exercise Proposal

Valid until: Oct 30, 2023
Proposal ID: recxnr7mbe5bc8szr-1
Version: #1

Proposal Accepted

Accepted on

Proposal Expired

Expired on Oct 30, 2023

strictly private and confidential

Cyber Exercise Proposal

Presented to Scott Thompson of Waikato Regional Council

Introduction

Dear Scott,

Re: Cyber Exercise Proposal

Thank you for the opportunity to provide Waikato Regional Council (‘the Council) with a proposal for scenario exercise services. 

The Council has identified the need to conduct a cyber exercise to validate their crisis management program to ensure the appropriate level of preparedness in the event of a business disruption.

Fixinc will validate the data in The Council’s incident response plans and increase awareness among key personnel, ensuring an effective response in case of disruptions. By facilitating this program of work, Fixinc aims to improve both the effectiveness of The Council’s crisis management program and the confidence of key stakeholders that the program meets relevant best-practice standards.

A fit-for-purpose program validation, based on clear recovery priorities and dependencies, and strong stakeholder engagement, will increase confidence in The Council’s crisis management capabilities and meet stakeholder expectations.

All activities are performed by highly qualified and experienced consultants.

Fixinc boasts extensive experience collaborating with Local Government, which has resulted in a deep understanding of the Councils’ environment. As a result, we offer unmatched expertise to top organisations and are widely acknowledged as market leaders in the incident and crisis management domains.

Scott, at Fixinc, we are passionate about empowering individuals to confidently tackle challenges, which leads to a more resilient future. We take pride in delivering highly professional outcomes that provide your Council with the confidence of having the required measures in place to handle business disruptions.

Thank you for the opportunity to submit this proposal and I look forward to the opportunity of working with you soon. Please do not hesitate to contact me if you have any questions.

Yours Sincerely,

Brad Law
Co-Founder & Global Head of Consulting

A summary of this proposal.

program objectives

Developing your resilience

By facilitating this program of work, Fixinc aims to improve both the effectiveness of Waikato Regional Council corporate resilience, as well as the confidence of key stakeholders that your new program meets relevant best-practice standards.
 
Validation of a fit-for-purpose program, based on a clear understanding of recovery priorities and dependencies, and supported by strong engagement, training and testing will help to meet stakeholder expectations and deliver a high level of confidence in Waikato Regional Council resilience capabilities.
 
The following is an overview of our recommended approach.

items

Project Engagement and Document Review

Prior to a formal engagement meeting, Fixinc will review all of The Council’s existing crisis management documents to assess the level of preparedness and compliance with key standards. This may include risk assessments, crisis management plans, cyber response plans and any recent training, testing and exercising documentation.

Fixinc will then facilitate an engagement meeting with key representatives from The Council to verify the scope and key crisis management priorities. 

When evaluating the existing program, Fixinc will identify strengths that can be further capitalised on to build greater resilience and weaknesses that need to be addressed to ensure a robust capability exists within the organisation. 

Following the Engagement meeting, Fixinc will provide The Council with a project plan with identified key milestones and conduct regular project update meetings. 

items

Scenario Exercise Program

Conducting hands-on scenario exercises to validate and improve The Council's crisis management program and instill stakeholder confidence in their recovery capabilities, with Fixinc overseeing a systematic approach.

Validating The Council’s crisis management program via realistic, hands-on scenario exercises is critical to:

Gain an understanding of the roles, duties, procedures, and tools utilised by the staff.

Find realistic ways to improve the program.

Ensure stakeholders have confidence in The Councils ability to recover effectively from an event.

Fixinc will implement a systematic approach to create and execute a scenario-based exercise program for The Council, which will include:

Exercise Planning

Fixinc, in collaboration with The Council, will hold a planning session to determine the extent of the scenario exercise, establish exercise goals, and review critical performance metrics. This will guarantee that the exercise program meets the expectations of stakeholders and provides benefit to everyone involved.

After the planning meeting, Fixinc will draft an exercise plan for The Council that outlines all necessary information for the exercise program, including:

  • Exercise objectives
  • Exercise methodology
  • Exercise scope and scale 
  • Communications
  • Roles and responsibilities 
  • Resource requirements 
  • Timeframes and timescales
  • Internal exercise participants
  • Performance criteria
resilience maturity

Maintenance Program

Take your corporate and personal resilience to the next level by running an annual maintenance program with Fixinc. Build a strong, positive culture of resilience.

On completion of all activities, it is recommended that Waikato Regional Council commence an annual maintenance program to meet best practice standards and ensure that Waikato Regional Council maintains a continuous program of improvements.
 
The proposed services have the objective of consistently improving Waikato Regional Council capabilities and resilience, while also ensuring that the program adheres to the latest best practice standards. This approach guarantees that you will be suitably prepared in the event of an emergency, meet stakeholder expectations, and safeguard your initial investment in establishing a business continuity program. The following activities are recommended:

Service
Start time
End time
Initial Activities
  • Annual engagement meeting with key stakeholders.
  • Provision of annual maintenance schedule .
  • Development of annual exercise strategy.
January to March, 2025
March 2028
Mid Year Health Check
  • Annual BIA review interviews to update BIA and Threat Landscape.
  • Full review and update of all business continuity related documentation.
  • Distribution of revised plans (soft copy).
April to June, 2025
June 2028
Annual Activities
  • 1 x 45-minute business continuity awareness session.
  • 1 x 3-hour annual Crisis Leadership training session.
  • 1 x 3-hour annual Crisis Scenario Exercise.
  • Provision of post-exercise reports.
  • Provision of revised soft copy BCP documentation.
  • Management and maintenance of business continuity related training records.
  • Provide executive/board presentations as required.
  • Provision of Annual Assurance Statement.
July to September, 2025
September 2028
on-call coverage

Advisory Board

Four of the very best supporting you through the tactical, operational, and strategic response to an event, anywhere in the world, at any moment.

how it works

Four senior resiliency professionals available any time, guiding you through any disruption, anywhere in the world at the click of a button.

The Advisory Board will support and cover Waikato Regional Council's tactical, operational, and strategic response to any incident, 24/7, anywhere in the world. Our four advisors focus on these three core activities and the response to an incident that's unique to you by utilising existing plans and our in-house F24 app. The Advisory Board's #1 aim is to get you back to business-as-usual as efficiently and effectively as possible.

01 hour
max response time from Fixinc.
04 advisors
on call at any given time.
portal

An intelligent portal.

Built in-house in partnership with FACT24, you will gain access to the most innovative and intelligent incident response and management portal available.
Detailing date and time of premium coverage
Details of the disciplines and support we offer you
Status of your post incident reviews and / or annual review
Activation SLAs, Management of event, Technology solutions
Signature and date verification by Fixinc with contact details
learnings

Relevant Standards.

All Fixinc services strictly adhere to best practice benchmarks and standards. These will be agreed during the stakeholder engagement process and may include:

ISO 22301:2019

Societal security – Business Continuity Management Systems - Requirements.

Business Continuity

'Good Practice Guidelines 2018'

BS11200:2014, Crisis Management

Guidance and Good Practice.

ISO 31000
Risk Management

Principles and guidelines.

AS: 3745

Planning for Emergencies in Facilities.

Industry specific legislation

standards, and codes of practice.
schedule

Timeframes & Resources

Fixinc will provide a detailed development schedule prior to commencement of work, outlining key project milestones and completion dates. Indicative timeframes and Waikato Regional Council commitments are below:

Stage 1

Project Engagement and Document Review

Prior to a formal engagement meeting, Fixinc will review all of The Council’s existing crisis management documents to assess the level of preparedness and compliance with key standards. This may include risk assessments, crisis management plans, cyber response plans and any recent training, testing and exercising documentation.

Provision of all relevant documentation.

1-hour meeting

Proposed start date: w/c .

Stage 2

Scenario Exercise Program

Conducting hands-on scenario exercises to validate and improve The Council's crisis management program and instill stakeholder confidence in their recovery capabilities, with Fixinc overseeing a systematic approach.

Review and approve exercise plan.

Review and approve scenario and run sheet.

2 hour desktop exercise.

Review and approve post-exercise report.

1 day

Proposed start date: w/c .

about us

Program Team.

The Waikato Regional Council program will be co-run by a Fixinc Principal Consultant or Director and supported by our highly-experienced Business Continuity and Crisis Management professionals of which have extensive experience in program development and implementation.
 
Unlike how other consultancies charge clients, the people listed below are the people who will work on your program and constitutes part of the investment for Waikato Regional Council.

Brad Law of Fixinc
Brad Law
Co-Founder & Global Head of Consulting
Brad will act as your main program contact and consultant from start to finish. Whilst other consultants with other backgrounds will join the program from time to time, it's Brad who oversees the progress and direction as well as making the final decision on what is shared with you. His focus is on ensuring you are comfortable with everything we're sending you as well as the outcome of your Fixinc program.
Bio

Brad is the Global Head of Consulting within the Fixinc Consulting practice and also oversees our entire Advisory Board. He has over 25 years of Business Continuity and IT commercial experience, working across Asia, UK, Europe, New Zealand and Australia. Brad is responsible for the management and implementation of numerous business continuity and crisis management projects across a variety of industries, including not-for-profit, telecommunications, technology, government, financial services, education, infrastructure and utilities.

He is highly experienced in all aspects of the business continuity lifecycle and designed the unique 'Tungsten Diamond' diagram for Fixinc. His experience stretches through policy development, business impact assessments, strategy development, business continuity plan development and implementation and facilitation of business continuity training and scenario exercises. Brad brings strong business strategy, workshop facilitation, project management and analytical problem-solving skills with a visible passion for assisting organisation build their resilience capabilities.

​Prior to working for Fixinc, Brad served 15-years with the British Army as a tank commander, seeing 2 tours of activity duty where he was awarded with the Northern Ireland Clasp for Operation Banner and NATO Medal for Yugoslavia during the Bosnia conflict. During this time he was a communications and cold weather survival instructor and has had extensive incident response experience fighting terrorism and supporting organisations such as Médecins Sans Frontières and UNHCR.

Brad’s business continuity and incident management qualifications were put to the test during the 2011 Christchurch earthquakes, whilst working for the Christchurch Polytechnic Institute of Technology (Now recognised as Ara). He initiated and ran two incident management cells for the February 2011 and June 2011 earthquakes, ensuring services could be established in temporary sites within a week of the disaster.​

Brad holds the Business Continuity Institute (BCI) CBCI training qualification and has trained many students in the certification course on behalf of the BCI. He also held the award of Business Continuity Consultant of the year for Australasia in 2015.

Read full bio
Ollie Law of Fixinc
Ollie Law
Co-Founder & Managing Director
Ollie will be helping with the administration and analysis of your project, ensuring that the correct information is gathered and reviews of your documents are in order and documented correctly. As an operational assistant, Ollie also runs the quality assurance of our overall programs. He will also act as a key contact at the beginning and end of the programs.
Bio

Ollie brings over a decade of industry experience in digital marketing and product development, with specific expertise in no-code solutions and application automations. His experience has enabled him to design and develop digital marketing campaigns that drive commercial market opportunities on mass-scale, and identify emerging applications to support internal organisational and end-user experiences. Career highlights include positions with Centrica (British Gas), Jaguar Land Rover, and Accounting Web, where he built competitive and disruptive marketing campaigns supporting Xero in their introduction to the UK market.

Ollie is a multi-business owner and entrepreneur, with a passion and focuses on converting 'old-school' methods into modernised, competitive solutions. Ollie brings valuable experience working across a number of private and government entities within the UK and Europe, Asian, and Australia and New Zealand.

He is the majority shareholder, founder and Managing Director of Fixinc Solutions (Fixinc Directory), Co-Founder and Managing Director of Fixinc Consulting Partners (Fixinc Advisory Board), and co-Director of the Fixinc Group.

Read full bio
Ella Gould of Fixinc
Ella Gould (Old)
Jr Resilience Specialist
Whilst seldom seen by our clients, Ella works relentlessly in the background to ensure resilience programs and operations are running efficiently and effectively. Her work is crucial in freeing up the time and resource the Fixinc Advisors provides you in your program. Ella will assist in the administration, reviews, reports and much more to help us provide an all round service.
Bio

Ella is a Resilience Specialist in training who oversees our program and operational requirements. She is responsible for supporting and assisting with the development and maintenance of Business Continuity, Crisis Management, and Incident Management projects. Laura is involved with all aspects of the Business Continuity Lifecycle (summarised in what we call the Tungsten Diamond), with clients ranging from the Health Sector, to manufacturing and aviation. She is passionate about driving innovation and problem solving through technology and onsite experience. These skills have been refined while working closely in an executive administration and support environment.Ella plays a critical role in training and exercise development and assisting the consultants in exercise delivery. She also runs operational and administrative tasks that help keep our Advisory board active and running smoothly for the Oceania region. 

Read full bio
our founders

A father and son, on a mission.

Fixinc was founded by Brad and Ollie Law in 2017. The pair experienced first-hand the results of practitioners failing their clients when they were needed most. They developed the Consulting Practice, Advisory Board, and Directory to help organisation have premium support at any moment. With a combined three decades in the industry, the father and son duo bring a powerful balance of technology expertise and senior executive level consulting to a fresh and impactful service.
12 yrs
in the industry together
250+
Businesses serviced together
Ollie Law and Brad Law Fixinc Directors
our values

A simple approach to resiliency.

Learn more about us here

We are playing the infinite game. No one supplier can be the best, but organisations should have access to the best solutions. Our passion for the industry and careful management of deep relationships with fellow practitioners and industry bodies places us as a premium supplier. Our programs speak for themselves, set upon three simple approaches:

Community

Build meaningful connections.

Communication

Integrety and honesty.

Corporate sustainability

Don't just advertise it, do it.
rewards

Fixinc Loyalty Program

Your loyalty and commitment to us should be rewarded. That's why every program or activity you do with Fixinc earns you points that goes towards money off your next invoice, or complimentary work like an exercise.

Money off

Every dollar you spend at Fixinc will transfer into points that also have a monetary value to them (reducing costs on future quotes).

Extra services

Use your accumulated points for unique activities like a virtual training & exercise, or a plan / program review.
Introduction
Onboarding with Fixinc
At Fixinc, we value efficiency. Following our initial meeting, expect a comprehensive proposal in as little as 30-minutes, with a follow-up discussion scheduled for the following week. Our flexible process accommodates any necessary adjustments, ensuring a customised program is ready for signing in just three weeks. For those eager to start sooner, we can expedite the process, typically initiating Stage 1, Engagement in only four weeks from your first contact.
Discovery Call

45 to 60 minutes

45-minutes with your stakeholders or relevant program contacts is all we need. We will share how implementation works with us, provide an idea on how we'd run your program (or overcome your problems), then provide a valuable Q&A for both parties.

Proposal

30 minutes

We do our preparation ahead of the call and can gather a lot of understanding of the sort of program scope you will need just from your initial note to us. Our clever internal tool helps us put a comprehensive proposal together to you in less than 30-minutes. Happy to go ahead? Use our digital signature tool to lock it in.

You are here
Adjustments

Within 1-week. 30-min call.

During our discovery call, we'll book our next meeting with you a week from now. This will give you time to review the scope and compile questions with us.

New Version

1 hour

If there are any changes, we can make these immediately after the call and reissue you a new version of your proposal (archiving the original).

Engagement Meeting Booked

1 week

After signing digitally via the online proposal, we'll have your engagement meeting booked in with a senior consultant or program manager within a week.

First steps
Engagement
During the engagement phase, you have the chance to get acquainted with your project team here at Fixinc, and validate the essential milestones linked to your project, leading to potential key outcomes such as:
Confirmation of project scope.
Development of implementation plan.
Assigning roles and responsibilities.
We will also begin onboarding you, like uploading important documents onto our secure server, adding you to your unique client portal, and arranging financials.

“Our resilience consultants are available to shoulder the burdens of your project, ensuring timely and cost-effective delivery. Here, you'll have a chance to meet them and build meaningful relationships."

Brad, Global Head of Consulting and co-Founder

Let's start
Program Implementation
Our Program Implementation process is a collaborative journey. We work closely with your stakeholders to assess and study your organisation's existing plans and programs, fostering strong internal relationships. We ensure every project member is crystal clear on their responsibilities and the program's expected outcomes, delivering a roadmap for success.
Review current documents.
Analysing organisational products and services.
Review the current threat environment.

Developing a comprehensive business resilience plan across your organisation requires a fundamental understanding of your organisation's products and services, and the critical business functions that support them. This knowledge is crucial to ensure a holistic approach to business resilience and is a process Fixinc take extremely seriously.

faqs

Make sure your clear on everything we're offering.

Integrity and strong communication are part of our values, if anything is missed below, contact us.
When will the program start?
We can typically start a program within a week or two, however, we're ready to start as soon as you are able to get the team together for the engagement meeting.
How long does a program take?
This is dependant on how many modules you require, but on average our programs are 43% quicker than the current industry standards. We see medium size programs wrap up within two months.
Can I pause a live program?
This rarely occurs, but if it is a requirement, we recommend a limited suspension to maintain commitment and momentum of the work and your people’s investment. If you suspect a pause in program delivery is imminent, please let us know as soon as possible.
Do you have an office in our region?
We are currently based in Australia and New Zealand with a Kuala Lumpur office opening in late 2024. However, we have successfully serviced and completed programs around the world. We do this either virtually or travel to your location if it’s necessary. Clients are only charged for domestic travel if within our three core locations.
How many resources will I need for this program?
At Fixinc, our aim is to do the heavy lifting for you. This will limit your internal resource requirements to only the necessary people. After the engagement meeting, we will confirm the individuals we believe are required, and how often.
Can we add additional work once started?
Yes, however this is dependent on the program type you’ve started with us. If it’s a separate discipline, we would need to ensure this doesn’t disrupt the current program’s momentum. In either case, we would create a new scope and proposal for you to review, and then add this into your schedule with us.
Do we have to do face-to-face delivery?
No, in most cases, we can do all delivery remotely. In fact, during the covid lockdown period, we honed the processes and standardisation of how we deliver virtually so that the transitions are seamless.
Can you deliver our program next week?
We will make every possible attempt to meet a deadline, however we often see the biggest hurdle being your ability to muster your internal resources and sign off on programs within your timescale. We will work with you and provide some techniques on how to better place an urgent program.
about us

Client References.

Fixinc has compiled the most relevant referals we have permission to share with Waikato Regional Council. If you are unable to contact them, please let us know.
 
We aim to find a balance between similar programs and similar industries. However, this is subject to which of our clients are happy to be contacted.

Contact us

Speaking to our team.

No matter your program scale or duration, our team prioritise clients on a program with Fixinc. When you join us, we'll ensure you always have a direct line of communication.

Email

Email me directly via the address below.
brad@fixinc.org

Accounts

For anything invoice related.

Phone

Mon-Fri from 9am to 5:30pm.
(+64) 027 365 5824(+64) 0800 349 462
quote

Your Investment with Fixinc.

Fixinc is able to provide competitive pricing that is up to 30% lower than the industry average. We are able to do this through low overheads, utilising our contract based Advisory consultants, and the use of automated technology (like this proposal).

Investment

All prices listed are in NZD and show any applicable taxes or fees below.

Item
Investment
Valid until
Project Engagement and Document Review
1111.25
Specifications
  • 1-hour engagement meeting with project owners.
  • Provision of all relevant documentation.
implementation commitment
Responsibility
Scenario Exercise Program
9999.85
Specifications
  • Review and approve exercise plan
  • Review and approve scenario and run sheet
  • Attend 2 hour desktop scenario exercise
  • Review and approve post-exercise report
implementation commitment
Responsibility
Total investment
11111.10
with tax
12777
with tax
12222.21
with tax
11888.88