Introducing Our Information Security Practice

Introducing Avalution's Information Security PracticeFor twelve years, Avalution has been laser focused on business continuity. We’ve become the leading provider of business continuity software and consulting in the US. We work with 13% of the Fortune 100, including the largest organizations in seven different industries.

We’ve become well known for delivering business continuity services that are connected to the strategy of the business, pragmatic, and reliably delivered.

Today, we are expanding into Information Security Management.  Continue reading

Introducing Avalution’s Values

AC ValuesWhen my business partner Brian and I started Avalution in a Starbucks 11 years ago, we didn’t spend much time agonizing over what we wanted this firm to be about. It was a quick conversation – and it didn’t really focus on business continuity! We envisioned a firm of great problem solvers. We were both most comfortable with business continuity, so we considered that a great place to start. Throughout the years, we’ve had many quick conversations to determine the path forward for Avalution. Continue reading

Integrating Information Security and Business Continuity

integrating_infosec_and_bcmThe organizations we work with are increasingly coordinating, and in some cases integrating, the management of their Business Continuity Management (BCM) program with the management of Information Security (InfoSec). This perspective looks at how they are approaching coordination/integration. Let’s explore the various forms of integration possibilities between BCM and InfoSec.. Continue reading

What You Need to Know: Cloud Computing and Business Continuity

The_CloudCloud computing is potentially the most important technology development of this decade, so business continuity professionals should rightly be asking: “What does it really mean and how does it affect me?” This perspective is designed to address common questions about cloud computing.

What is the Cloud?
Bottom-line – it is a marketing term. Like all great marketing terms, it can be used to mean anything, and thus, it actually means very little. For our purposes, I’d like to suggest the following explanations for “the cloud”, which have proven broadly true in practical experience: Continue reading

Failing Back Home Can Trip You Up

In the last month alone, I’ve worked with two companies that had IT disruptions but didn’t use their IT disaster recovery (DR) plans because they weren’t sure if they could fail back home (aka return to normal). In both cases, these concerns were a surprise to the executive management team.

It’s a theme I’ve heard many times before – the IT disaster recovery solution was built without considering how the organization would return to the primary data center from the disaster recovery location. This perspective highlights some key issues to consider regarding the use of the IT disaster recovery strategy. Continue reading

Business Continuity & IT Disaster Recovery – Should You Start From a Blank Page?

Building a business continuity program (or anything worthwhile for that matter) takes time and dedication.  It also requires compromises – constantly balancing what is practical and what is possible to protect the business.  BUT – it’s important to remember that politics, committees, and making everyone happy isn’t the goal of business continuity.

If you’re lost, playing the same game over and over and ending up at the same result, maybe it’s time to start from a blank page so you can focus on what matters most. Continue reading

Is Your Mindset Limiting Your Effectiveness at Work?

As business continuity professionals, it’s easy to be overwhelmed by the myriad roadblocks that exist on the road to building resiliency – lack of funding, lack of people, lack of management support, etc.  In some organizations, it seems like everyone just wants the business continuity person to go away!

At Avalution, we’re always studying these challenges and working to find ways to prevent and overcome them.  Many of those techniques are documented elsewhere in this blog.  However, one foundational consideration is missing – an appropriate mindset in approaching the challenges facing you and your organization.  Specifically, there are three areas where business continuity planners are often defeated before they even get started:  expectations, excuses, and confidence. Continue reading

Rethink Your Argument Approach to Resiliency!

Have you ever recommended additional redundancy for a process, department, or facility, only to be told that your organization couldn’t afford it or have the project repeatedly delayed until next year? I have. It’s pretty common in our profession.

Casey Haskins and Peter Sims recently wrote an article that you should consider a must read (and so should your senior leadership team responsible for continuity). It may just provide the viewpoint needed to help your organization be more resilient. Continue reading

Business Continuity for Small Businesses – We Can Do Better!

If you have less than 500 employees, odds are you don’t have someone working full-time on business continuity.  And, unless regulations require you to perform planning in some manner, your organization may not have a business continuity plan at all! Continue reading

GRC for Business Continuity Professionals

Many business continuity professionals have expressed concern and uncertainty regarding the future of business continuity and how it will ‘fit’ with newer concepts like GRC (Governance, Risk and Compliance) and ERM (Enterprise Risk Management). In truth, these different ways of managing risk and optimizing business performance could significantly affect how business continuity programs are run. But, in the end, the importance lies in managing obligations and risk in the most efficient and cost-effective manner possible so the organization can thrive and meet stakeholder expectations. This article dissects the current state of GRC and what business continuity professionals need to know and do about it. Continue reading