Disaster Recovery Journal Spring World 2016

DRJ Spring World 2016

Disaster Recovery Journal Spring World 2016 is taking place March 13-16, 2016 at Disney’s Coronado Spring Resort in Orlando, FL. We’re looking forward to another amazing show with numerous educational sessions and awesome people!

We have a lot planned during DRJ Spring World, and we hope you’ll join us:

Please take a look below for more details. We look forward to seeing you soon! Continue reading

National Preparedness Month 2015

NPM15_logo_v5FinalSeptember marks the beginning of National Preparedness Month (NPM) sponsored by FEMA’s Ready Campaign.

The 2015 theme is: “Don’t Wait. Communicate. Make Your Emergency Plan Today.”

The goal of National Preparedness Month is to encourage individuals, businesses, and communities to plan and prepare in advance so they can safely respond and communicate in the event of a disaster. Continue reading

Introducing ISO 22317 – The Business Impact Analysis Standard

ISO 22317WHAT IS ISO 22317?

The International Organization for Standardization (ISO) Technical Committee (TC) 292, the committee responsible for writing security, resilience, and business continuity standards, has released its latest document: ISO 22317 – Societal Security – Business Continuity Management Systems – Business Impact Analysis, the first and only international standard solely addressing the business impact analysis (BIA).

ISO 22317 was officially published on September 17, 2015.

There are a few important points to understand before reading ISO 22317: Continue reading

Chaos in Cleveland?

ClevelandSETTING THE STAGE

This morning was a non-eventful morning.  I was sitting in my office, sipping on my coffee, and working on my monthly reports. Then, the manager of our office building entered our lobby.

The Michael Brelo case is nearing an end. Closing arguments have been heard and a verdict is expected shortly. The question is, when?

Our building manager was concerned, and rightfully so.

Our office is located directly across the street from the justice center where the case is taking place. Just a couple weeks ago, we sat witness to the riots and devastation in Baltimore, and, from our ongoing monitoring of the situation and media this week, our team is aware that the City of Cleveland is actively bracing for the possible impact and chaos that could result when the verdict is announced. Continue reading

FFIEC Updates Business Continuity Planning Booklet with Appendix J

FFIEC_Appendix_JAppendix J: Strengthening the Resilience of Outsourced Technology Services

The Federal Financial Institutions Examination Council (FFIEC) recently released an updated a version of its Business Continuity Booklet, which is one in the series of booklets that comprise the larger Information Technology (IT) Examination Handbook.

This article provides an overview of Appendix J and discusses the confirmed importance that continuity planning isn’t limited to just your organization; rather, it extends to all outsourced and supplier relationships as well. Continue reading

Why Testing and Exercising is Essential for an Effective Business Continuity Program

BCAW 2015 LogoThis post is part of the Business Continuity Awareness Week (BCAW) 2015 flashblog. To learn more about The BCI and BCAW 2015, visit the website or follow the discussion on Twitter via #BCAW2015 and #TestingTimes.

Exercising. Whether you’re talking about hitting the gym or testing your business continuity strategies and plans, I’ve come to find that no one likes hearing this word. The typical reaction and excuses are similar, too: I don’t have the time; I have better things to do; I just don’t see the value.

Well, okay… the last one pertains a bit more to business continuity, but I’m sure you get my point. Continue reading

Ebola – What Business Continuity Professionals Need to Know

You’ve all seen the news – the sometimes (perhaps often) inaccurate and exaggerated presentation of ‘facts’ and race for ratings has started. We’re by no means downplaying the seriousness of the situation – Ebola is extremely serious and should be treated as such. However, causing panic isn’t going to do anyone any good. Rather, a focus on knowledge building, preparedness, and communication with stakeholders, senior management, and employees should be your top priorities right now.

As such, the sole intent of this article is to provide guidance on what actions business continuity professionals should be taking at this point, as well as resources to better understand the situation. Continue reading

Risky Business (Part 1): Managing Third-Party and Supplier Risk

Business continuity planning is inherently cross-functional with a necessity to address risks to an organization’s product and service offerings, as well as the resources necessary to meet obligations.  As organizations increasingly rely on a global network of suppliers and service providers, business continuity practitioners have the responsibility to understand and analyze these relationships and lead strategy identification efforts to protect their organization when faced with a third-party disruption.

Developing and implementing business continuity strategies and risk treatment options related to third parties can be a difficult endeavor because strategies may seemingly contradict an organization’s strategic efforts to leverage single-source suppliers, make supply chains “lean”, and reduce stored inventory levels. However, business continuity practitioners must provide top management with the information needed to balance strategic initiatives with the need to reduce single points of failure and protect an organization should a resource become unavailable.

This perspective discusses the tools available to identify and document third-party resources and methods by which risks can be presented to top management for review and action. Continue reading

Why Documentation Is So Much More Than Just Documents

Part of Avalution’s Conforming to ISO 22301 Series

This perspective takes a look at ISO 22301’s requirement for documentation, which includes documented processes and procedures, as well as evidence of business continuity planning execution.  The content found in this perspective is specifically based on lessons learned from our ISO 22301 certification audit (which Avalution completed successfully in the spring of 2013). Continue reading

Implementing ISO 22301: The Business Continuity Management System Standard

Implementing ISO 22301Today we announced the release of a new white paper, Implementing ISO 22301: The Business Continuity Management System Standard, co-authored by Brian Zawada, Avalution’s Director of Consulting and the Chairman and Head of U.S. Delegation to ISO Technical Committee 223 (the group charged with developing ISO 22301), and Greg Marbais, a Consultant at Avalution. Continue reading