Posts filed under Business

Though I am seeing this change slowly in organizations across industries, most companies still separate IT disaster recovery from business-side continuity and process resumption planning. As planners, and often the IT guys realize this too, it is incredibly difficult for IT to prioritize and determine the appropriate technology investments without knowing what is important to the business… and how important in terms of quantifiable dollars-at-risk data.  Read More

Early in my career, I worked in a manufacturing environment. And though we were not yet a disciplined SixSigma shop, we were obligated by customer requirements to conduct, on a monthly basis, 7-Step Root Cause Analysis on the top 10 issues causing downtime or product defects on our assembly lines.

I learned two important things from this process that I believe applies to business continuity and disaster recovery exercises and testing.  Read More

In December 2009, my friend Mike Ellis (@EmergCommNetwrk, website) posted an excerpt of Mark Prutsalis’ (@LivingPrepared, website) August 13, 2009 article Use of Twitter as an Emergency Notification Service. Both became relevant this past week when Twitter experienced serious outage issues making its site inaccessible and API unavailable.

In the article, Mark argues that government agencies should not use Twitter as an emergency notification service.  His points are valid and applicable to private sector businesses and non-profit organizations as well.  Read More

I believe a lot of managers and board members hold a number of misconceptions regarding business continuity and disaster recovery testing and exercises.  Over the years, I’ve heard many argue about what makes a test successful or not, and how to best present test results relative to business objectives when management, auditors and regulators are pushing for ‘successful tests’.   Read More

Among an organization’s most important and valuable assets is its reputation. This applies equally to companies, departments and even project teams.Business continuity and disaster recovery planning is not just about mitigating loss and improving up-time, availability and maintaining customer service through an outage.  It’s not just about getting ‘back to normal’. It’s also not just about ‘learning from the experience’ to avoid the disaster or better-managing a similar event in the future.  Read More

That is the question… sort of an informal survey regarding business continuity and disaster recovery planning.

Part 1. Choosing between your employees and your technology, which exposes your company to the greatest risk?

And by ‘risk’ I mean which, if managed poorly and failed, would result in the greatest loss, but, if managed and executed well, would result in the greatest increase in profit for your company?  Read More

Click here to read the entire thread on LinkedIn.

The following question was posted earlier today on LinkedIn:

how do you think this statement “I intends to have an IT business continuity plan that ensures 100% availability of organisational IT at all times”?

Continue reading to see my response (and please forgive my typo)  Read More

Years ago, in a conversation about ERP systems with the president of a Tier 1 automotive supplier, he said something that will forever stay with me.  We were talking about whether we (the company) should retire our legacy system in favor of SAP.  He said that if he really had his choice, we should develop our own solution in-house.  Puzzled, I pushed further and asked him what would drive him to reach such a conclusion with SAP, Oracle, our legacy product and a number of other industry-specific solutions available.  He responded that he doesn’t want to change the way he manages the business to make it fit with some off-the-shelf application according to how some software developer or any other company thinks his business should be managed.  Read More

If you have never put much thought into managing risk in your organization, a risk assessment is the place to start.  It can be an eye-opener for a number of reasons.  First, you’ll quickly see that no risk management methodology is going to allow your organization to avoid all potential loss.  Second, if you have never done an assessment before, you may be shocked to find just how many threats exist to your organization and how vulnerable you are.  Third, you may be equally surprised to find that there are likely several actions you can take in the near term, with little or no cash investment, to mitigate some of that downside risk.  Read More

While this can apply to a number of different scenarios, it’s especially appropriate to business continuity planning.  As business continuity professionals, we are often tasked with meeting certain goals and objectives.  Our success and the success of our programs depend on other people; people over whom we have no management authority.  Read More

You know, several years ago… back when the Palm Pilot first came out, I was all over it.  I was an early gadget junky and had to have everything techie.  Back then, I was the typical IT guy walking around with a cell phone (a big, bulky one), two pagers and my PDA hanging from my “utility belt”.  I was an IT super hero.  Read More

Yesterday I had the pleasure of sitting down and chatting with Larry Smith, President of the Institute for Crisis Management.   Among the many valuable insights gleamed from that meeting was a reminder of the months preceding the feared “Y2K”.  Read More

Secretary Napolitano Announces New Proposed Standards for Private Sector Preparedness

Department of Homeland Security (DHS) Secretary Janet Napolitano today announced new proposed standards for a 9/11 Commission-recommended program for the private sector to improve preparedness for disasters and emergencies.

“Preparedness is a shared responsibility and everyone—including businesses, universities and non-profit organizations—has a role to play,” said Secretary Napolitano. “Ensuring our private sector partners have the information and training they need to respond to disasters will strengthen our efforts to build a culture of preparedness nationwide.”  Read More

Many SMB owners and managers realize the need to do more than just plan for protecting and recovering their data. But while they realize the need, they often don’t know where to begin. Perhaps a good start is to consider what steps would be required in the event of a severe business disruption. Keep in mind that what follows is generic. Conceptually, it applies to nearly any organization, the devil is in the details and will vary between organizations and specific circumstances.

I’ve broken the timeline into 5 phases, and what you will do during each of these should be included in your plan. I call these phases “The 5 R’s”.  Read More

Much of the time when industry professionals talk about continuity or recovery planning, they’re talking about it in reference to the impact of natural or other physical disasters.  And while that is certainly a requirement for ensuring survival of any organization, there is more to consider.  Read More