Avalution’s March 2012 hospital perspective (Hospital Preparedness: The Intersection of HICS, Business Continuity and IT Disaster Recovery) discussed how hospitals can integrate siloed preparedness activities into a single, unified preparedness program. Since the article’s publication, Avalution received a number of questions regarding how those involved in preparedness (emergency management, business continuity, and IT disaster recovery) should interact during a response and recovery effort, and who is responsible for responding to each type of event. This article aims to answer these questions. Continue reading
Your organization has spent considerable resources preparing for disruptive events, and now a crisis is looming. Plans are in place, detailing assigned roles and responsibilities that involve crisis leadership, as well as response and recovery procedural execution. But, will your Crisis Management Team Leader be effective? Will your response be successful? Often, one of the most significant key success factors is the choice of crisis leadership. Continue reading
The goal of any recovery plan, regardless of the size or nature of the organization, is to protect life, minimize damage from an event, and quickly resume the delivery of critical products and services to meet customer requirements. How this is accomplished, however, not only depends on the nature of the organization, but also its customers, size and resources, and culture. The objective is to build plans that are based on realistic requirements, fit within the organization’s culture, and remain cost effective and appropriate. The remainder of this article will discuss these characteristics and how they are incorporated into recovery plans. Continue reading
The number one priority for hospitals is to provide continuous, superior care to patients, regardless of circumstance. This principle results in the need to invest time and resources in preparing for disruptive events. In addition, a number of external parties require hospitals to invest in preparedness measures: Continue reading
Since individual technologies seem to change at a rapid-fire pace, it’s shocking how long magnetic tape media has survived (first used in 1951 to record computer data, it outdates hard drives and is now approaching 61 years of use!). Although innovative new mediums (e.g., hard drives and solid-state storage) have exponentially increased speed and reduced the physical size of storage over the decades, cost and/or scaling issues left magnetic tapes as the logical disaster recovery choice for most organizations. Recent innovations in both storage mediums and performance enablers, however, may be the catalysts necessary to finally move beyond tape. This article will explore one alternative, electronic data vaulting and the use of virtual tape libraries, and compare its benefits and shortcomings to magnetic tape. Continue reading
We see a lot of confusion specific to the topic of force majeure. Often, executive management has the belief that force majeure clauses in their contracts protect them from a wide variety of disruptive events, and thus they may not invest appropriately in business continuity plans and strategies. However, the concept of force majeure is somewhat convoluted and often includes many variables. As a result, if an organization does not plan appropriately, it may actually be left unprotected and vulnerable to claims of breach of contract in the event of a disruption.
This article explores the history of force majeure and its current state application in contract law. Continue reading
Many organizations think having a disaster recovery plan is all the protection they need from disasters. However, there is so much more to disaster recovery than just a plan! That’s why most industry professionals see disaster recovery as an ongoing program or process that contains a number of distinct elements. Key process activities include: Continue reading
While there is no denying the importance of disaster recovery/business continuity (DR/BC) planning for any enterprise that wants to minimize the impact of unplanned disruptions, it is also a given that there is no one right way to achieve an effective DR/BC strategy. An organization’s specific recovery point and recovery time objectives will drive the selection and allocation of technologies, personnel and facilities best suited to its own DR/BC requirements. Beyond choosing the right combination of tape-, disk- or cloud-based backup, and the optimum location for a hot site, cold site or warm site recovery facility, for most organizations the overall approach to disaster recovery involves an even more fundamental decision: whether to manage and perform the entire process in-house or to outsource selected functions to a qualified service provider… Read the full article on drj.com
NOTE: The content of this perspective was initially presented September 13, 2011 at DRJ Fall World in a presentation titled, “Connecting with Management and Staying Relevant.” During the presentation, attendees were asked to complete a Self-Assessment Survey answering various questions regarding management involvement within their organizations’ business continuity programs. Avalution used the information gathered during that session in order to frame this perspective and offer feedback based on the recommendations presented at DRJ.
Management involvement and support is vital to the growth and ongoing success of an organization’s business continuity program. Management buy-in ensures alignment with the organization’s overall strategic direction and business objectives, and allows the program to obtain appropriate resources and visibility. Without adequate management involvement and support, a business continuity program risks losing effectiveness and alignment with business strategy, misspent or unfit resources, imbalance between capability and requirements, or in the worst case, management cutting business continuity all together because they do not see the value in the investment. Continue reading
Many business continuity professionals have expressed concern and uncertainty regarding the future of business continuity and how it will ‘fit’ with newer concepts like GRC (Governance, Risk and Compliance) and ERM (Enterprise Risk Management). In truth, these different ways of managing risk and optimizing business performance could significantly affect how business continuity programs are run. But, in the end, the importance lies in managing obligations and risk in the most efficient and cost-effective manner possible so the organization can thrive and meet stakeholder expectations. This article dissects the current state of GRC and what business continuity professionals need to know and do about it. Continue reading