Cloud computing is potentially the most important technology development of this decade, so business continuity professionals should rightly be asking: “What does it really mean and how does it affect me?” This perspective is designed to address common questions about cloud computing.
What is the Cloud?
Bottom-line – it is a marketing term. Like all great marketing terms, it can be used to mean anything, and thus, it actually means very little. For our purposes, I’d like to suggest the following explanations for “the cloud”, which have proven broadly true in practical experience: Continue reading
No one enjoys wasting resources in any form – effort, time, or money. However, organizations that implement business continuity planning in a haphazard attempt to meet a customer requirement, pass an audit, or simply don’t take the time up front to ensure that the proper resources and approach are in place, are setting themselves up to do just that.
This article explores the common business continuity-related mistakes and pitfalls that lead to wasting time, money, and effort, and provides solutions focused on performing business continuity planning as an integrated aspect of your organization that will mature and improve risk mitigation and response/recoverability efforts, as well as deliver long-term value. Continue reading
We recently launched the full series of our Business Continuity 101 educational videos, and I couldn’t be more excited to share them with you!
If you’re in a hurry, scroll on down – all the links are below…
If you have a minute, I’d like to let you in on why we created these videos and who will get value from them. Continue reading
Faults & Fixes: Bad Management Reviews
Senior management engagement is critical to business continuity success, so it’s becoming more and more common for organizations to involve management when designing and implementing business continuity programs. However, after the initial implementation project wraps up, it is much less common for organizations to regularly engage management on program direction, capability, and maturation, via what the management system concept calls a “management review”. While the concept of management reviews is relatively new to the business continuity profession, when fully implemented and combined with appropriate messaging, management reviews are the best way to get management to participate actively and stay engaged, as well as close program gaps and improve performance. Continue reading
In the last month alone, I’ve worked with two companies that had IT disruptions but didn’t use their IT disaster recovery (DR) plans because they weren’t sure if they could fail back home (aka return to normal). In both cases, these concerns were a surprise to the executive management team.
It’s a theme I’ve heard many times before – the IT disaster recovery solution was built without considering how the organization would return to the primary data center from the disaster recovery location. This perspective highlights some key issues to consider regarding the use of the IT disaster recovery strategy. Continue reading
How to Perform an Effective Business Continuity Gap Analysis
Following a business impact analysis (BIA) and risk assessment, best practices indicate that an organization should identify business continuity strategies that allow the organization to treat risks and recover business activities in accordance with management-approved requirements. This seems like a simple task on paper; however, in practice, many organizations struggle to do this, and instead jump straight to documenting business continuity plans. In doing so, these plans fail to include the resources and strategies already in place, or the organization fails to acknowledge and address coverage gaps. This leads to a lost opportunity to identify new risk treatments or recovery strategies, ultimately resulting in plans with no real capability to respond and recover. Continue reading
15 Key Questions Executives Should Ask to Better Understand the Program’s Current-State and Next Steps
So, you’ve just been assigned responsibility of your organization’s business continuity program.
I’m sure many thoughts are running through your head right now, ranging from “What is business continuity?” to “What do I need to do first?” (among others). However, you’re in the right place to find answers to these questions, and many more. Continue reading
You’ve all seen the news – the sometimes (perhaps often) inaccurate and exaggerated presentation of ‘facts’ and race for ratings has started. We’re by no means downplaying the seriousness of the situation – Ebola is extremely serious and should be treated as such. However, causing panic isn’t going to do anyone any good. Rather, a focus on knowledge building, preparedness, and communication with stakeholders, senior management, and employees should be your top priorities right now.
As such, the sole intent of this article is to provide guidance on what actions business continuity professionals should be taking at this point, as well as resources to better understand the situation. Continue reading
Business continuity planning is inherently cross-functional with a necessity to address risks to an organization’s product and service offerings, as well as the resources necessary to meet obligations. As organizations increasingly rely on a global network of suppliers and service providers, business continuity practitioners have the responsibility to understand and analyze these relationships and lead strategy identification efforts to protect their organization when faced with a third-party disruption.
Developing and implementing business continuity strategies and risk treatment options related to third parties can be a difficult endeavor because strategies may seemingly contradict an organization’s strategic efforts to leverage single-source suppliers, make supply chains “lean”, and reduce stored inventory levels. However, business continuity practitioners must provide top management with the information needed to balance strategic initiatives with the need to reduce single points of failure and protect an organization should a resource become unavailable.
This perspective discusses the tools available to identify and document third-party resources and methods by which risks can be presented to top management for review and action. Continue reading
In our experience, one of the most difficult roles to fulfill in any business continuity program is the team leader responsible for a cross-functional response and recovery team (often called a crisis management team, a department business recovery team, or an IT disaster recovery team). This is because the team leader faces three significant challenges:
- These teams are cross-functional, which means every person brings their expertise, as well as their opinions and personal agendas for response and recovery; Continue reading