Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 28, Issue 1

Full Contents Now Available!

Jon Seals

Not every company has a Big Data problem. In fact, many companies are operating in “relatively sparse data environments,” says David Meer, a partner with Strategy&’s consumer and retail practice.

This isn’t your usual rant about how companies need to fix small data problems before embracing Big Data. No, Meer’s Strategy+Business article is much more original. He’s proposing that companies revisit existing data, and then seek out ways to add to or fill out that data for strategic advantage.

Why would they do this? It turns out the market doesn’t care if you don’t have large datasets and can’t afford to buy them.  You still need to compete against data-driven companies.

...

http://www.itbusinessedge.com/blogs/integration/five-business-savvy-ways-to-add-strategic-little-data.html

Cyber security and data protection have been ranked a surprising third in a list of boardroom priorities, according to a survey released by KPMG.

The annual Business Instincts Survey, a poll of 498 C-level executives from businesses across the UK, found that under-investment has left many businesses acknowledging the need to increase spending on secure technology. Yet despite acceptance that cyber security, specifically, is critical to long-term business operations, one in three executives questioned (36 percent) said that investing in people skills had become their number one concern, with 19 percent also more focused on plant or machinery purchases.

...

http://www.continuitycentral.com/news07274.html

Most organizational decisions to try to slow or ban Bring Your Own Device (BYOD) in the workplace seem to circle around the security issues. Which, of course, are valid and concerning to IT groups who must balance conflicting security and productivity or convenience needs for users. CIO.com, for instance, describes a large electrical contractor, Rosendin Electric, that has a no-BYOD policy. Employees keep asking about it, but CIO Sam Lamonica worries about security breaches and says, “We have a user base that might not, in a lot of cases, make the right choices.” The article also cites a CompTIA survey of 400 IT and business execs in which just over half said they are not “doing” BYOD, period.

But CIOs and IT managers are also now dealing with less quantifiable problems that may grow along with BYOD and the mobile worker’s lifestyle. These problems range from angst and worry over job loss, to fear of being expected to work unlimited hours, to uncertainty about which responsibilities could increase with BYOD’s freedom.

...

http://www.itbusinessedge.com/blogs/governance-and-risk/byod-can-threaten-more-than-network-security.html

Monday, 07 July 2014 17:09

Five Ways MDM Benefits Business Users

Some experts think too many organizations are approaching master data management (MDM) as a “must-do” without really understanding or achieving its potential. In fact, Forrester MDM and data expert Michele Goetz says MDM isn’t something every company should pursue.

If you’re interested in drilling down on the potential of MDM, check out this recent Infosys BPO blog post. Granted, as a technology consultancy, it’s good business for the company to promote MDM (did you see that their CEO is now India’s highest paid executive?) and it may have elements of their model in it. But mostly, it seems pretty straightforward, with solid information.

The blog post provides some telling statistics, although it doesn’t source the surveys or provide specifics, so it’s impossible to judge their legitimacy. For instance, the piece cites a 2013 survey that found only 21 percent of organizations rated their data quality as high or better, with most rating it “fair.” I will say that information falls in line with past research that I’ve read.

...

http://www.itbusinessedge.com/blogs/integration/five-ways-mdm-benefits-business-users.html

NEW YORK – New Yorkers know about severe weather. After Hurricane Sandy, 2013 brought 15 significant weather events to New York, including winter snow and ice storms, a tornado, extreme heat, brush fires, heavy rains and flooding. Two of those events resulted in major disaster declarations for the state.

Next week, March 2-8, is National Severe Weather Preparedness Week, a nationwide campaign to remind everyone that severe weather can affect anyone. The effort is sponsored by the Federal Emergency Management Agency and the National Oceanic and Atmospheric Administration.

Across the U.S. last year, there were seven severe weather events that crossed the $1 billion mark in economic and property damage. These disasters, including floods, tornadoes and wildfires, caused the deaths of 109 people.

NOAA and FEMA urge all New Yorkers to understand the risks where you live and how severe weather could affect you and your family. Check weather forecasts, get a NOAA Weather Radio and sign up for local weather alerts from emergency management officials. Check NOAA’s National Weather Service website for more information: www.weather.gov.

Next, make sure you and your family are prepared for severe weather. Develop a family communication and disaster preparedness plan, keep important papers, medications and other essential items in a safe place and visit www.Ready.gov/severe-weather to learn more.

Being prepared for severe weather need not be complicated or costly. Keeping a few simple items handy in a disaster kit, for example, could end up being a lifesaver. Go to www.ready.gov/basic-disaster-supplies-kit to find out more about what to include in a basic kit and how to develop one for those with unique needs. The same information is available in Spanish at www.listo.gov.

Once you have taken action to prepare for severe weather, set an example by sharing your story with family and friends on any social media site. Be a "force of nature" and inspire others in your community to take action too. Pledge to prepare by signing up for America’s PrepareAthon on April 30 at www.fema.gov/americas-prepareathon.

The Federal Emergency Management Agency (FEMA), through its National Watch Center in Washington and its regional office in Atlanta, and in coordination with the National Weather Service and National Hurricane Center, is monitoring the conditions of Tropical Storm Arthur off the east coast of Florida. FEMA remains in close contact with state emergency management partners in potentially affected states.

According to the National Weather Service, a Tropical Storm Watch is in effect for the east coast of Florida from Fort Pierce to Flagler Beach. A Tropical Storm Watch means that tropical storm conditions are possible within the watch area, in this case within 24 hours. Tropical Storm Arthur is expected to move northwest today and then north on Wednesday. Arthur is expected to become a hurricane by Thursday near the coast of the Carolinas. Visit Hurricanes.gov  and Weather.gov for the latest storm track and local forecasts.

FEMA urges residents and visitors in potentially affected areas to closely monitor the storm and take steps now to be prepared in advance of severe weather and most importantly, follow the direction of state, tribal and local officials.

FEMA has deployed liaisons to the emergency operations centers in North Carolina and South Carolina along with an Incident Management Assistance Team (IMAT) to North Carolina to coordinate with local officials, should support be requested, or needed. FEMA’s regional office in Atlanta is in contact with its emergency management partners in Florida, North Carolina and South Carolina. FEMA’s National Watch Center is at an Enhanced Watch.

As the first tropical storm of the Atlantic hurricane season, Tropical Storm Arthur serves as a reminder for residents in areas prone to tropical storms and hurricanes to refresh their emergency kits and review family plans. If you do not have an emergency kit or family plan, or to learn about steps you can take now to prepare your family for severe weather, visit ready.gov.

At all times, FEMA maintains commodities, including millions of liters of water, millions of meals and hundreds of thousands of blankets, strategically located at distribution centers throughout the United States, that are available to state and local partners if needed and requested.


Tropical Storm Safety Tips:

  • Residents and visitors in potentially affected areas should be familiar with evacuation routes, have a communications plan, keep a battery-powered radio handy and have a plan for their pets. Individuals should visit ready.gov or listo.gov to learn these and other preparedness tips for tropical storms.
  • Know your evacuation zone and be sure to follow the direction of state and local officials if an evacuation is ordered for your area.
  • Storm surge is often the greatest threat to life and property from a hurricane. It poses a significant threat for drowning and can occur before, during, or after the center of a storm passes through an area. Storm surge can sometimes cut off evacuation routes, so do not delay leaving if an evacuation is ordered for your area.
  • Driving through a flooded area can be extremely hazardous and almost half of all flash flood deaths happen in vehicles. When in your car, look out for flooding in low lying areas, at bridges and at highway dips. As little as six inches of water may cause you to lose control of your vehicle.
  • If you encounter flood waters, remember – turn around, don’t drown.
  • Tropical Storms have the potential for tornado formation. If you are under a tornado warning, seek shelter immediately in the center of a small interior room (closet, interior hallway) on the lowest level of a sturdy building. Put as many walls as possible between you and the outside.
  • Get to know the terms that are used to identify severe weather and discuss with your family what to do if a watch or warning is issued.


For a tropical storm:

  • A Tropical Storm Watch is issued when tropical cyclone containing winds of at least 39 MPH or higher poses a possible threat, generally within 48 hours.
  • A Tropical Storm Warning is issued when sustained winds of 39 MPH or higher associated with a tropical cyclone are expected in 36 hours or less.


For coastal flooding:

  • A Coastal Flood Watch is issued when moderate to major coastal flooding is possible.
  • A Coastal Flood Warning is issued when moderate to major coastal flooding is occurring or imminent.
  • A Coastal Flood Advisory is issued when minor or nuisance coastal flooding is occurring or imminent.

More safety tips on hurricanes and tropical storms can be found at ready.gov/hurricanes.

Implementing ISO 22301, 22313,
22320, 22398, 27031, 31000, 19011 & 17022
Includes BCI's 2013 Good Practice Guidelines 
Looking for a course that is based on international standards?
 
Looking for templates and examples on how to develop a Business Continuity Management System that meets the requirements of the standards? 
 
Do you like to have fun (and maybe even laugh out loud!) when you learn?
Then BCM 2000: Essentials of Business Continuity Management is the course for you!  Download the Brochure 

Course Description 
BCM 2000: Essentials of Business Continuity Management provides you with knowledge to develop a standards-based, auditable, and actionable business continuity program for your organization.
This course is the critical starting point to developing a program that can be certified ISO 22301. It is comprised of 10 individual modules that can be taken as a series or in combination over time.

Essentials of Business Continuity Management provides the foundation necessary for new or current professionals interested in either developing a career in Business Continuity Management, seeking certification, or for those professionals responsible for developing a business continuity program for their organization.

It is designed to expose the participant to all aspects of a holistic BCM program and to be a solid "how to"guide for building a business continuity program for all types of organizations.


Student activities are included throughout the course and are designed as knowledge checks to reinforce lesson materials and to provide attendees with hands-on activities that will enable them to become familiar with and apply these principles in their jobs.

Delivery Structure
Essentials of BCM is offered as an elearning course that includes the following elements: Download the Brochure
  • Voice over ppts teaching online
  • pdf's of the course book
  • Templates of how to implement the requirements of the standards (sample policies, reports, etc.)
  • Multi-media that is relevant & fun!
  • BCI's 2013 Good Practice Guidelines 
  • Case study
  • Open for Business Toolkit
  • Course review activities to evaluate for comprehension
  • Practice exam questions (for DRII's Qualifying Exam)
  • Online essay for CEU credit  
  • Email access to a qualified expert for questions
  • Online ISO 22301 Lead Implementer Certification Exam included in course fee 
Certification Requirements
Successful completion of the BCM 2000 series with a passing grade on the online CORS in BCM exam completes the educational component for certification as a Certified Organizational Resilience Specialist (CORS) in BCM / ISO 22301 Lead Implementer.

null
Holders of the CORS certification are entitled to apply for statutory membership with the BCI at the AMBCI or MBCI level, subject to evidence of required experience.
With ISO 22301 as an international standard allowing companies to demonstrate their ability to cope with major threats; as well as provide a management systems approach to business continuity management, this course provides you with what you need todevelop a program that complies with these certification standards.

Register Here

And if you have questions, don't hesitate to call or send an email.
Sincerely,
Lynnda Nelson, President
The International Consortium for Organizational Resilience
Education@theicor.org
866.765.8321 US/Canada  +1630.705.0910 International Calls
BCM 2000: Essentials of Business Continuity Management Series
BCM 2011: Business Continuity Program Development
BCM 2021: The Business Impact Analysis
BCM 2022: The Risk Assessment
BCM 2023: Developing Strategies / Options to Protect the Organization
BCM 2031: Plan Design, Program Structure, & Required Documentation
BCM 2032: Incident Response, Management & Communication
BCM 2033: Business Continuity & Recovery Plans
BCM 2035: Writing the ICT Continuity / IT DR Plan
BCM 2041: Awareness, Training, Testing & Exercising
BCM 2042: Program Evaluation, Improvement & Audit
BCM 2011:  BCM Program Development 
In order to develop a Business Continuity Management System, it is important to understand the requirements of management systems, the core concepts of business continuity, and how to determine the scope of the program, develop policy, and the requirements for leadership and governance. BCM 2011 provides an overview of each of these topics as the foundation for developing and managing the BCMS.

BCM 2021:  The Business Impact Analysis
The BIA process is covered from beginning to end with a focus on the identification of the organization's key products and services and the critical activities and resources that support them.  Examples of BIA data gathering questions, methodology, analysis and reporting provided. 

BCM 2022: The Risk Assessment
Using the ISO 31000 standard on Risk Management as its basis, this course describes the process of conducting a risk assessment and analyzing the results to mitigate risks.  From risk identification, risk description, risk analysis, risk evaluation, risk communication, and risk reporting, this course covers the entire risk assessment process using an enterprise risk management approach.   A key requirement of the standards is the identification of the organization's risk appetite or acceptance and this course provides the methodology for this identification. In addition, BCM 2022 includes a review of different quantitative and qualitative methods for analyzing risk.

BCM 2023:  Developing Strategies / Options to Protect the Organization
This course introduces the student to the challenges of selecting the appropriate strategies / options
for the continuity and recovery of business processes, critical functions, operations and the supporting information technologies within the specified recovery time objective.  Building on the information gathered during the BIA and risk assessment, BCM 2023 explores how to evaluate the different strategies necessary for mitigating risk, continuing operations when possible, and recovering operations if interrupted. BCM 2023 reviews strategies for people, property, assets, technology and information, reputation, suppliers, and financial viability.

BCM 2031:  Plan Design, Program Structure & Required Documentation
In order to develop the actual plan documents the organization will need to decide on the approach, methodology and the plan document structure. BCM 2031 outlines the necessary roles and responsibilities of the members of the organization, the key elements that must be included in every plan type, and how to meet the requirements for managing documentation.

BCM 2032:  Incident Response, Management & Communications
Implementing procedures for responding to an incident of any kind, managing the incident, and ensuring successful communication with all interested parties before, during and after the incident is an essential requirement for all business continuity programs. BCM 2032 also ties to the requirements of ISO 22320 on Incident Management and PAS 200 on Crisis Management & Communications.  The objective of BCM 2032 is to develop and implement procedures for response to and stabilization of the situation following an incident or event, including establishing and managing an Emergency Operations Center and local command centers during the crisis.

BCM 2033:  Business Continuity & Recovery Plans
All of the procedures developed as part of strategy development need to be documented in the business continuity and recovery plan. BCM 2033 reviews the requirements for business continuity plans and how to document procedures according to ISO 22301.

BCM 2034:  ICT Continuity / IT DR Plans & Procedures 
The focus of the ICT Continuity and the IT Disaster Recovery Plan is on the IT infrastructure that supports the business operations and ensuring that the plan in place protects the key infrastructure of
the organization. ISO 27031 on ICT Continuity outlines the methodology for ensuring that the ICT infrastructure supports the BCM infrastructure to ensure that there are no unsupported critical processes and the RTOs can be met. BCM 2034 reviews the guidelines for ICT continuity under ISO 27031, ISO 27001, and NIST 800-34.

BCM 2041:  Awareness, Training, Testing & Exercising 
Building a BCMS culture is an essential component of ensuring a successful program. Determining competence of all parties involved in the business continuity management system and increasing competence through awareness, training, testing, and exercising is a key component of this process and is vital to the success of the BCMS. BCM 2041 also aligns to the guidance of ISO 22398 for developing exercise programs. 

BCM 2042: Program Evaluation, Improvement & Audit 
It is impossible to keep the BCM program current and actionable or to move to a management system without monitoring, measuring, analyzing, and evaluating the BCMS. BCM 2042 explores the requirements for internal audit and management review of the BCMS. Also included are the requirements for writing the audit report based on ISO 19011 and ISO 17022. 
If you would like to submit an article or presentation for a future ICORrespondence Newsletter submit it to Lynnda@theicor.org.
 
Sincerely,
 
Lynnda Nelson, President
The International Consortium for Organizational Resilience
Save 10%
Did you know that you can save 10% on all ICOR courses if you are a member of one of the following organizations?  Contact them to find out how or email info@theicor.org.
  • ICOR
  • ACP
  • AFCOM
  • ASIS
  • BRPA
  • BRPA SW
  • IAEM
  • IFMA
  • NEDRIX 
Become an ICOR Member Today!

Emergency Disaster Services (EDS)

ALEXANDRIA, Va.  – The Salvation Army’s Emergency Disaster Services (EDS) teams have mobilized in preparation for Hurricane Arthur, which is expected to make landfall July 4 on the East Coast. The teams are prepared to provide food, beverages and spiritual support to survivors and first responders. Additional teams will be on the ground in the morning, if needed, to assist with relief efforts. People living in or visiting the forecasted areas are encouraged to visit disaster.salvationarmyusa.org for up-to-date information about storm preparedness and where to receive assistance.

            The National Hurricane Center reported Thursday morning that Arthur has been elevated into a Category 1 hurricane. Salvation Army EDS teams are prepared to respond should the storm continue to grow in severity.

For more information on The Salvation Army’s response, visit http://blog.salvationarmyusa.org/, www.facebook.com/salvationarmyusa or www.twitter.com/salvationarmyus.

About The Salvation Army

The Salvation Army, an evangelical part of the universal Christian church established in London in 1865, has been supporting those in need in His name without discrimination for more than 130 years in the United States. Nearly 30 million Americans receive assistance from The Salvation Army each year through a range of social services: providing food for the hungry, relief for disaster survivors, assistance for the disabled, outreach to the elderly and ill, clothing and shelter for the homeless, and opportunities for underprivileged children. Eighty-two cents of every dollar The Salvation Army spends is used to support those services in 5,000 communities nationwide. For more information, visit SalvationArmyUSA.org.

BCM Programs are highly complex with many moving components that must be synchronized like a watch in order to ensure they will work seamlessly when needed. 

With so many components to address along with limited resources and time, what essential components should be addressed? 

This presentation will use the concept of essentialism - The disciplined art of pursing less to identify what is the minimum we need in place to have an effective BCM program that will recover the critical business activities of our organization. 

So, bring an open mind and participate in a presentation designed to bring a state o mindfulness and focus on less is more in our BCM programs. 

Get more information
Register Now!

As companies focus on business continuity planning for impending hurricane season, premier technology and IT services provider offers comprehensive business continuity solutions that include dedicated work seats in Connecticut, New Jersey and New York

 

SHELTON, Conn. – Cervalis, a premier and trusted provider of technology and IT services, today announced the availability of 600 dedicated work seats at its newest, and Connecticut’s largest, data center. The work area recovery space is for use as a backup location in the event a weather-related or other disaster hits the region. Dedicated work seats are also available at Cervalis’ other high- availability data centers in Stamford, Conn., Totowa, New Jersey, and Wappingers Falls, New York.

 

With hurricane season here until November, businesses are busy reviewing their disaster recovery and business continuity plans and taking steps to prevent downtime. “Many companies don’t anticipate the negative impact power outages, natural disasters and other such incidents can have on their business and reputation,” said Michael Boccardi, president and CEO of Cervalis.

 

Work area recovery is an integral part of intelligent business continuity planning.  It allows employees to conduct business as usual under adverse conditions in a comfortable and secure environment that is supported by a reliable data center.  These dedicated seats enable companies to remain online, maintain critical operations, preserve employee morale, and keep customers satisfied during unplanned disruptive events.

 

“Many businesses in the New York Metro area have faced significant interruptions as a result of inclement weather and natural disasters in recent years,” Boccardi said. “Having work area recovery seats at a data center is, essentially, an insurance policy against downtime.

 

During Superstorm Sandy, Cervalis maintained 100 percent uptime and supported thousands of clients through its data centers.  The premier technology and IT services provider even hosted a global trading firm, through which billions of dollars in transactions flow, during and after the storm. (Case Study Here)

 

As a company built by IT veterans for IT teams, Cervalis understands the importance of security, accessibility, scalability and reliability in helping businesses achieve their goals.  For more than a decade, the company has provided work area recovery to businesses in the tri-state region.  Currently, more than 200 companies trust Cervalis to boost their business resiliency. 

 

All of Cervalis’ data centers are SSAE 16 Type 2 and PCI compliant, as well as U.S.-EU Safe Harbor certified.  Security is a top priority at each facility, meeting HIPPA standards and comprising a comprehensive, multi-layered program designed to protect customer environments.  Clients include Fortune 500s to SMBs in the legal, healthcare, insurance, telecommunications, media and high tech industries. 

 

About Cervalis

Cervalis offers a comprehensive suite of IT infrastructure solutions including managed hosting and storage, business continuity and disaster recovery, colocation and cloud computing services in an enterprise class environment. The company’s skilled professionals, world-class facilities and outstanding customer support provide clients with a secure IT environment that ensures business resilience. Cervalis’ state-of-the-art and fault-tolerant operations and recovery centers total more than 500,000-square-feet of space. The company offers world-class customer support with the technology needed to scale complex environments reliably and cost effectively. Cervalis is compliant with SSAE 16 Type 2 and PCI, as well as U.S.-EU SafeHarbor certified. To learn more about the Cervalis advantage and the company’s data centers, visit www.cervalis.com or call 1-866-602-2020 to schedule a tour.