Breaking Down Silos – Using Common Criteria to Assess and Prioritize Risks

Breaking Down SilosAn isolated approach to business continuity (and risk management in general) is holding many organizations back.

Business Continuity is one of many disciplines that helps organizations to become more resilient – that is, to increase an organization’s capacity to adapt to evolving circumstances and survive (or even thrive) during periods of disruption or change.  Other related disciplines – such as Information Security, IT Disaster Recovery, Emergency Management, Enterprise Risk Management, and Physical Security –ultimately have the same strategic purpose.  The goals and objectives of the individual disciplines may be more focused, but if we, as practitioners of these disciplines, force ourselves to look outside the artificial walls we sometimes build around our responsibilities, we should find that we are striving for something bigger than we can deliver on our own. Continue reading

Does Practice Make Perfect?

Practice Makes PerfectEveryone has heard the popular saying “Practice Makes Perfect”. But, is this true?

I am of the belief this statement is close to the truth.

“Perfect Practice Makes Perfect” Many have heard these words from Vince Lombardi, but I always heard them, multiple times mind you, from my father.  As a typical teenager, I didn’t really comprehend the message, or realize that it applies to more than just sports.  The message my father and Vince were trying to convey is simple, “What you put in, you will get out.” Continue reading

Strategy Connected Business Continuity: What is it, and Why is it Important?

Strategy Connected Business ContinuityMichael Porter once famously said “the essence of strategy is choosing what not to do”. While I am sure that Mr. Porter was not necessarily thinking of business continuity when making this statement, it is absolutely applicable to the implementation of a successful business continuity program. There is no better way to ensure business continuity program failure then to improperly scope the program by ignoring the organization’s overall business strategy. This perspective aims to provide clarification on what exactly strategy connected business continuity means, as well as why it is important to all organizations considering the implementation of a successful, focused business continuity program. Additionally, we will explore conversation topics designed to “crystalize” the organization’s business strategy in a way that helps inform the scope and objectives of the business continuity program. Continue reading

“…Or High Water”: A Business Continuity Case Study

Water PipeThe Importance of Business Continuity and Leveraging Resource Loss Based Planning

SITUATION
On Sunday, January 8, 2017, the temperature in Cleveland, OH dropped significantly, which caused a water pipe to burst in the hallway of our building, right outside the entry to our Cleveland office.

No one was in the building at the time, and the water poured out for about 45 minutes before it was shut off. The water pooled primarily in our office space resulting in damage to floors, walls, and some equipment. When all was said and done, the total amount of water removed from our office space alone, was approximately 15,000 gallons. The rest of the water literally went down the elevator and main stairway – flooding three of the floors below. Continue reading

Introducing Avalution’s Values

AC ValuesWhen my business partner Brian and I started Avalution in a Starbucks 11 years ago, we didn’t spend much time agonizing over what we wanted this firm to be about. It was a quick conversation – and it didn’t really focus on business continuity! We envisioned a firm of great problem solvers. We were both most comfortable with business continuity, so we considered that a great place to start. Throughout the years, we’ve had many quick conversations to determine the path forward for Avalution. Continue reading

My Business Continuity Predictions for 2017 and Beyond

Business Continuity in 2017 and BeyondWith 2017 well underway, I wanted to take the time to reflect on 2016 and also look ahead to predict the way in which our business continuity profession will continue to mature in 2017 and beyond.

In many ways, this “top five” list is aspirational – that being my hopes for our profession as we solve some entrenched challenges and work to add more value to the organizations we serve. Continue reading

Business Continuity: The Importance of Thinking Both Strategically and Tactically

thinking-both-strategically-and-tacticallyAs I reflect on my first year as a business continuity professional, I contemplate what has made me successful to date. In my previous role of being an officer in the U.S. Army, I lived and breathed risk assessments and contingency planning (addressing a loss of resources). When I first started in the military, my focus was very tactical, ensuring that there was always a plan to replenish our basic supplies (e.g., bullets, food, gas, and water). These plans were very basic and more reactionary than anything else, but I always knew that as long as I had these resources, I could continue the mission. Continue reading

Business Continuity Program Validation: An Overview of BCI Professional Practice 6

BCI_GPGs_SeriesThis perspective provides an overview of the Business Continuity Institute’s Professional Practice 6 (PP6) – Validation, which is the professional practice that “confirms that the Business Continuity Management (BCM) program meets the objectives set in the Business Continuity Policy and that the organization’s BCM program is fit for purpose”. Business continuity practitioners should perform validation activities after documenting response and recovery plans for their organizations (for more on planning, read our perspective on PP5 – Implementation).  Continue reading

Integrating Information Security and Business Continuity

integrating_infosec_and_bcmThe organizations we work with are increasingly coordinating, and in some cases integrating, the management of their Business Continuity Management (BCM) program with the management of Information Security (InfoSec). This perspective looks at how they are approaching coordination/integration. Let’s explore the various forms of integration possibilities between BCM and InfoSec.. Continue reading

National Preparedness Month 2016

Don't Wait. Communicate. Make a family emergency plan today. September is National Preparedness Month. Learn more at www.ready.gov/September.  As business continuity professionals, we’ve all heard the saying: failure to plan is planning to fail. In the spirit of this timeless mantra, we would like to remind you that September is National Preparedness Month, sponsored by FEMA’s Ready Campaign.

Due to the success of last year’s theme – Don’t Wait, Communicate. Make Your Emergency Plan Today – they are keeping the same theme for this year; however, there will be more emphasis on generating preparedness for youth, the elderly, and people with disabilities. Continue reading