DDRiVE-M FAQ

Data-Driven Risk and Vulnerability Evaluation and Management platform aligned with RA 10121, ISO 22301, and anticipatory action

Frequently Asked Questions

🛰️ I. Detection & Early Warning (Phase 1)

DDRiVE-M integrates real-time feeds from:

  • Natural hazards: HazardHunterPH, PHIVOLCS, and GeoRiskPH for earthquakes, floods, and typhoons.
  • Cyber threats: SIEM (e.g., Azure Sentinel) and VAPT tools for ransomware, phishing, and data breaches.

Alerts are automatically classified by severity (Low to Critical) and trigger Phase 2 analysis.

đź“Š II. Diagnosis & Risk Analysis (Phase 2)

Using an ISO 31000-aligned framework, DDRiVE-M evaluates:

  • Likelihood Ă— Impact for all hazards (natural or cyber).
  • Legal compliance with RA 10121 (DRRM) and RA 10173 (Data Privacy Act).
  • Recovery Time Objectives (RTO) for essential public services.

Critical risks (score ≥20) are flagged for immediate treatment in Phase 3.

🛠️ III. Response, Integration & PSCP Design

A PSCP ensures your agency can **continue delivering essential services** during disasters—beyond life-saving response.

DDRiVE-M generates PSCPs that comply with:

  • Philippine: RA 10121, DILG MC 2020-161
  • International: ISO 22301 (Business Continuity), UNDRR MCR2030

DDRiVE-M enables anticipatory action by:

  • Triggering pre-defined responses when HazardHunterPH predicts a typhoon or flood.
  • Pre-positioning resources based on climate forecasts.
  • Automating staff mobilization before a cyberattack escalates.

This aligns with the Sendai Framework’s Priority 4 on preparedness.

🧭 IV. Governance, Activation & Compliance

The Continuity Management Team (CMT)—led by the Head of Agency—activates the PSCP based on real-time intelligence from DDRiVE-M.

Activation levels:

  • 🟢 Level 0: Normal operations
  • 🟡 Level 1: Advisory (monitoring)
  • đźź  Level 2: Partial activation
  • đź”´ Level 3: Full PSCP activation

All personal data in DDRiVE-M is:

  • Encrypted at rest and in transit.
  • Access-controlled under the National Privacy Commission (NPC) guidelines.
  • Only used for continuity planning—not commercial purposes.

Cyber-risk detection (e.g., SIEM) also complies with the Cybercrime Prevention Act (RA 10175).

đź’ˇ V. Support & Next Steps

DDRiVE-M was developed by Alvin M. Silva, MDM—a Systems Innovator specializing in disaster resilience, climate adaptation, and anticipatory action.

Learn more about the framework and author

You can also ask DDRiVER AI (the contextual assistant in the platform) for real-time guidance.