When my business partner Brian and I started Avalution in a Starbucks 11 years ago, we didn’t spend much time agonizing over what we wanted this firm to be about. It was a quick conversation – and it didn’t really focus on business continuity! We envisioned a firm of great problem solvers. We were both most comfortable with business continuity, so we considered that a great place to start. Throughout the years, we’ve had many quick conversations to determine the path forward for Avalution. Continue reading
In many ways, this “top five” list is aspirational – that being my hopes for our profession as we solve some entrenched challenges and work to add more value to the organizations we serve. Continue reading
As I reflect on my first year as a business continuity professional, I contemplate what has made me successful to date. In my previous role of being an officer in the U.S. Army, I lived and breathed risk assessments and contingency planning (addressing a loss of resources). When I first started in the military, my focus was very tactical, ensuring that there was always a plan to replenish our basic supplies (e.g., bullets, food, gas, and water). These plans were very basic and more reactionary than anything else, but I always knew that as long as I had these resources, I could continue the mission. Continue reading
This perspective provides an overview of the Business Continuity Institute’s Professional Practice 6 (PP6) – Validation, which is the professional practice that “confirms that the Business Continuity Management (BCM) program meets the objectives set in the Business Continuity Policy and that the organization’s BCM program is fit for purpose”. Business continuity practitioners should perform validation activities after documenting response and recovery plans for their organizations (for more on planning, read our perspective on PP5 – Implementation). Continue reading
The organizations we work with are increasingly coordinating, and in some cases integrating, the management of their Business Continuity Management (BCM) program with the management of Information Security (InfoSec). This perspective looks at how they are approaching coordination/integration. Let’s explore the various forms of integration possibilities between BCM and InfoSec.. Continue reading
As business continuity professionals, we’ve all heard the saying: failure to plan is planning to fail. In the spirit of this timeless mantra, we would like to remind you that September is National Preparedness Month, sponsored by FEMA’s Ready Campaign.
Due to the success of last year’s theme – Don’t Wait, Communicate. Make Your Emergency Plan Today – they are keeping the same theme for this year; however, there will be more emphasis on generating preparedness for youth, the elderly, and people with disabilities. Continue reading
As published in the Summer 2016 Issue of the Disaster Recovery Journal – Volume 29, Number 3.
One of the latest threats to organizations is something termed “ransomware”. Commonly defined as a type of malware that blocks access to an application and its data until the victim pays a predetermined amount of money. You may have read about two recent attacks, one targeting the Hollywood Presbyterian Medical Center and the other targeting MedStar. If you haven’t heard about these two attacks, perhaps you can pause for a minute and do a quick Google search to learn more. And, after you do, I have a question for you to consider:
If your organization hasn’t already prepared for this type of threat (ransomware or malware in general), who owns planning for it or preparing contingencies addressing the affected resources?
This article discusses some of the threats and risks that are currently top-of-mind for executive managers and why resilience-related thinking is so important, as well as the different roles that the business continuity professional can perform to add value. Continue reading
Risks to critical business operations due to systems outages have been, and will always be, a concern for most organizations. As a result, IT disaster recovery planning is critical to help reduce the likelihood of a system disruption, or reduce downtime if (when) a disruption does occur. So, if you’re looking for an introduction to IT disaster recovery planning, you’re in the right place!
This perspective presents how IT disaster recovery planning fits into the overall organizational Business Continuity Program; discusses common goals in developing Business Continuity and Disaster Recovery plans; and explores unique activities that must be considered when developing an IT Disaster Recovery Plan. Continue reading
The Republican National Convention (RNC) is taking place in my hometown, Cleveland, OH, in just a few short weeks. I can feel the energy and excitement everywhere I go. Of course, that energy has been amplified by the fact that the Cavs just brought home the first major sports title in 52 years, but, regardless, the city is buzzing.
Even though most people are excited to see this scale of an event take place in Cleveland – and, let’s be honest, finally have the opportunity to show everyone why the nickname ‘mistake by the lake’ no longer applies – the entire city and nearly all organizations that operate here will be disrupted. Continue reading
The business impact analysis (BIA) establishes the foundation of an organization’s business continuity program by establishing business continuity requirements. As a result, a significant part of Avalution’s work involves helping organizations design and execute the BIA process. Furthermore, a well-executed BIA can deliver so much more than just a list of recovery time objectives (RTOs) and recovery point objectives (RPOs)! Continue reading