Since 2005, Avalution Consulting has performed hundreds of business continuity exercises with organizations in every major industry and sector throughout the United States. No matter the scope of the exercise or the level of complexity, several key elements enable the successful outcome of this important component of the business continuity lifecycle. This perspective shares some of our lessons learned, highlights the importance of exercising and provides insight into our time-tested exercise methodology.
Nearly every business continuity standards and regulatory body recognizes the need for exercises to validate and continually improve continuity plans, including the National Fire Protection Association (NFPA), the British Standards Institute (BSI), and even the Federal Financial Institution Examination Council (FFIEC). Exercising is also one of the most visible activities in which a business continuity practitioner is involved; it’s where the rubber meets the road. Continue reading
In December 2009, my perspective titled “Data Breaches: A Sidewalk Sale of Consumer and Personal Information” detailed the financial, reputational and regulatory implications surrounding a data breach occurrence. Since then, little has changed (other than the fact that the term “data breach” is now commonplace throughout workplaces and households due the continuous increase of breaches worldwide). Organizations around the world ranging from US Bank and Outback Steakhouse to the U.S. Air Force and Sony have experienced (or are currently experiencing) a data breach and the headache of breach notification. Despite numerous attempts to implement federal data breach notification legislation, little has been done on a national level to streamline the process.
This perspective highlights the data breach notification process and how recent legislation proposed by the Obama Administration is hoping to consolidate dozens of diverse state breach notification regulations into one integrated national plan. Continue reading
As published in the Summer 2010 Issue of the Disaster Recovery Journal – Volume 23, Number 3.
The time has come for business continuity to evolve beyond the idea of “all hazards” planning and deal directly with the core causes of business interruptions. This article details an approach that takes everything you loved about all hazards planning and enhances it with detailed procedures focused on the resources that your organization cares about most. Continue reading
What do CNN, Dalai Lama, FEMA, and Avalution all have in common? All embrace social media in the form of Twitter to interact with users and share breaking news. Displaying topics ranging from H1N1 and Haiti to the best local cup of coffee, Twitter has created a new baseline for effective and efficient communication. With the ease of use and scalability that social media provides, organizations are looking to understand how social media not only fits into their marketing and branding efforts, but also their business continuity capability.
Today’s business vocabulary is filled with buzzwords such as “information security”, “business resiliency”, “business continuity” and “disaster recovery”. Most professionals would agree that these concepts are all critical to the long-term success of the modern organization, but who should assume the responsibility of managing it all – or should a single role manage it all? One current trend amongst organizations of all sizes and industries is to combine information security and business continuity in an effort to safeguard against any type of business interruption. This perspective will provide you with insight into business continuity management and the current trends associated with combining business continuity with other disciplines, including information security. Continue reading
Data breach is a growing risk for organizations of all sizes and from all industries. The number of reported data breaches in recent years has skyrocketed, and their cost can be devastating to an organization’s reputation and finances. In addition, effectively responding to a data breach is far more complicated than simply sending a mass mailing to affected customers notifying them of the occurrence. Given the potential impact of a data breach on an organization, cross-functional awareness and preparedness are a necessary addition to an organization’s business continuity program. Continue reading to learn what a data breach is and why your organization needs to be prepared for one. Continue reading
With a potential wide-spread outbreak of H1N1 looming, the US Government released two resources last month to provide preparation assistance: the Report to the President on the US Preparations for 2009-H1N1 Influenza and Flu.gov’s Guidance for Businesses and Employers to Plan and Respond to the 2009/2010 Influenza Season.
The Report, provided by the President’s Council of Advisors on Science and Technology, assessed the Obama Administration’s preparations for this fall’s expected resurgence of 2009-H1N1 flu and outlined key steps officials should take in the coming weeks and months to minimize the disease’s impact. Continue reading
The following article summarizes a recent national survey of American businesses conducted by Harvard University that was published on September 9, 2009. The complete survey can be found on the Harvard School of Public Health’s website via a link at the end of this article. Continue reading