What Makes a Great Recovery Plan?

Posted on April 30, 2012 by Glen Bricker

by Glen Bricker on April 30, 2012

The goal of any recovery plan, regardless of the size or nature of the organization, is to protect life, minimize damage from an event, and quickly resume the delivery of critical products and services to meet customer requirements. How this is accomplished, however, not only depends on the nature of the organization, but also its customers, size and resources, and culture. The objective is to build plans that are based on realistic requirements, fit within the organization’s culture, and remain cost effective and appropriate. The remainder of this article will discuss these characteristics and how they are incorporated into recovery plans. Continue reading →

Organizational Resilience: What it could, or should, mean in the standards landscape

Posted on April 4, 2012 by Brian Zawada

by Brian Zawada on April 4, 2012

As Posted in the Digital Edition of Continuity Insights Magazine

Admittedly, I wrote this article to better get my mind around the swirling debate regarding the concept of organizational resilience and what it means – or better yet, what it should mean – to business continuity, risk management and security professionals. I am a member of the US Technical Advisory Group to ISO Technical Committee (TC) 223, which is charged with developing the ISO 22323 standard (Societal Security — Management system for resilience in organizations — requirements and guidance for use). Continue reading →

Hospital Preparedness: The Intersection of HICS, Business Continuity and IT Disaster Recovery

Posted on March 26, 2012 by Jacque Rupert

by Jacque Rupert on March 26, 2012

The number one priority for hospitals is to provide continuous, superior care to patients, regardless of circumstance. This principle results in the need to invest time and resources in preparing for disruptive events. In addition, a number of external parties require hospitals to invest in preparedness measures: Continue reading →

Business Continuity Tools for Small Businesses – We Can Do Better!

Posted on March 16, 2012 by Susan Giffin

by Susan Giffin on March 16, 2012

Last month, we published a perspective (Business Continuity for Small Businesses – We Can Do Better!) on how most small and medium-sized organizations escape the complexity of larger organizations and thus have the opportunity to implement streamlined business continuity planning processes, which should include: Continue reading →

Selling the Business Continuity Case to Executive Management

Posted on March 5, 2012 by Stacy Gardner

by Stacy Gardner on March 5, 2012

If your organization has not already invested in business continuity, selling the “business continuity” business case to executive management can be difficult. Many believe that since they’re already paying for insurance, investing in business continuity is paying for the same end result twice. However, getting management committed to the concept and requisite investment can often depend on how you sell the benefits, focus on your audience’s key priorities, and keep the pitch realistic and relevant. This article summarizes specific topics and techniques to help management see the value business continuity can bring to your organization. Continue reading →

Business Continuity for Small Businesses – We Can Do Better!

Posted on February 23, 2012 by Robert Giffin

by Robert Giffin on February 23, 2012

If you have less than 500 employees, odds are you don’t have someone working full-time on business continuity. And, unless regulations require you to perform planning in some manner, your organization may not have a business continuity plan at all! Continue reading →

The Business Continuity Exercise: Where the Rubber Meets the Road

Posted on February 8, 2012 by Christopher Burton

by Christopher Burton on February 8, 2012

Since 2005, Avalution Consulting has performed hundreds of business continuity exercises with organizations in every major industry and sector throughout the United States. No matter the scope of the exercise or the level of complexity, several key elements enable the successful outcome of this important component of the business continuity lifecycle. This perspective shares some of our lessons learned, highlights the importance of exercising and provides insight into our time-tested exercise methodology.

Nearly every business continuity standards and regulatory body recognizes the need for exercises to validate and continually improve continuity plans, including the National Fire Protection Association (NFPA), the British Standards Institute (BSI), and even the Federal Financial Institution Examination Council (FFIEC). Exercising is also one of the most visible activities in which a business continuity practitioner is involved; it’s where the rubber meets the road. Continue reading →

What Does Effective Business Continuity Management Look Like?

Posted on January 16, 2012 by Brian Zawada

by Brian Zawada on January 16, 2012

I recently read a column in the Disaster Recovery Journal where the editor interviewed John Copenhaver regarding Standards, Resilience and the Future of Business Continuity Management (BCM). John made the following statement when asked about the importance of standards:

“However, while these things matter [how to get the attention of top management, what methodologies to use, what the right terminology is and so on], they are not necessarily the root cause of why we as a profession are not as effective as we might be. I think that there are deeper problems to address, such as what does effective BCM looks like, where is the discipline heading and where will it be in five years time?”

I thought the question regarding “what does effective BCM look like” was intriguing. It’s such a basic question, but, as I continued to think about it, I could see why a simple answer isn’t that easy to give. Continue reading →

Moving Beyond Magnetic Tape Backups

Posted on December 14, 2011 by Stacy Gardner

by Stacy Gardner on December 14, 2011

Since individual technologies seem to change at a rapid-fire pace, it’s shocking how long magnetic tape media has survived (first used in 1951 to record computer data, it outdates hard drives and is now approaching 61 years of use!). Although innovative new mediums (e.g., hard drives and solid-state storage) have exponentially increased speed and reduced the physical size of storage over the decades, cost and/or scaling issues left magnetic tapes as the logical disaster recovery choice for most organizations. Recent innovations in both storage mediums and performance enablers, however, may be the catalysts necessary to finally move beyond tape. This article will explore one alternative, electronic data vaulting and the use of virtual tape libraries, and compare its benefits and shortcomings to magnetic tape. Continue reading →

Force Majeure: What is it and How Does it Relate to Business Continuity?

Posted on November 30, 2011 by Jacque Rupert

by Jacque Rupert on November 30, 2011

We see a lot of confusion specific to the topic of force majeure. Often, executive management has the belief that force majeure clauses in their contracts protect them from a wide variety of disruptive events, and thus they may not invest appropriately in business continuity plans and strategies. However, the concept of force majeure is somewhat convoluted and often includes many variables. As a result, if an organization does not plan appropriately, it may actually be left unprotected and vulnerable to claims of breach of contract in the event of a disruption.

This article explores the history of force majeure and its current state application in contract law. Continue reading →

Avalution Perspectives

Avalution's Perspective on Business Continuity