The Business Continuity Institute - May 03, 2016 16:50 BST
Q. How can you develop robust business continuity and still have enough budget left for a pair of shoes?
Within the heart of every business there is a hole that only business continuity can fill.
I would like to present a low cost, continuous improvement model that has proved successful in providing business continuity management to a large organisation and an additional capability that it did not have before.
Generally speaking we develop or employ one expert, who is trained to a recognised standard and responsible for BCM across the organisation. In some cases BCM is combined with emergency planning and risk under the title of 'Resilience Manager'. Personally I think that putting three jobs into one is not ideal, however I understand that organisations have to 'cut their cloth' according to the pressures they face.
Whatever the setup, and depending on the budget, the BC programme will be delivered via a project team, a single manager, or a manager guiding a number of BC representatives (in addition to the day job) that receive training as they go along. These are all tried and tested processes, the result of which sees us where we are today. Many organisations aspire to align with ISO22301, and consequently the BC programme is driven along those lines.
It is important that BC managers should be trained to a high level of expertise. This is a necessary, yet expensive process, but brings with it a measurable return on investment in the form of continued service delivery. In addition, I think that those members of staff who are given the BC plan to develop or update should also be given some formal training to assist them. In my own organisation this training took the form of a two day fundamentals course, which was delivered by an outside trainer. This was very successful and properly equipped staff, (with some guidance) to produce BC plans for their area of work.
This approach worked well for the first year, but because of staff moving post, we found that the following year we needed to repeat the process. Again, no bad thing, because those that had moved on, took with them a basic knowledge of BC into the organisation. At year three, we decided that the training costs were becoming prohibitive, but still necessary. Consequently, I gained a teacher training qualification at night school, wrote a fundamentals and plan development course aligned to ISO22301 and the Good Practice Guidelines 2013, which I now deliver to our staff annually.
Senior and middle managers that have attended this course have found that it has improved their knowledge and understanding of BC, allowing them to give the correct level of support to staff that are tasked with developing their plan.
The development of a BC response also creates an additional capability that can be called upon in times of high demand. For example, by activating the communications room fall-back procedure and staffing the now vacated room with minimum staffing, we produced an additional capability to deal with high volume calls. Working the organisation on the failover server, frees up the main one for maintenance and repair without loss of performance. It should be understood that this type of use of the BC plan cannot be sustained for very long, and utilised carefully, but it does work.
The costs associated with this course are minimal, and break down as follows; in house training venue, "on costs", staff salary, two days away from day job and the price of two BC text books given to each student.
- The benefits to the organisation include:
- Significant cost savings on outside training
- Staff trained to a consistent standard
- Widespread promotion of organisations core values and objectives
- Continuous improvement of BC awareness within the organisation
- Identifies future experts in BC who understand the organisation and how it works
- Provides a capability that can boost production or service delivery at little or no cost
Generally the best time to deliver training of this kind, particularly if you need a working budget to buy books for example, is between January and March. I have found over the years that almost all departments have money that they are looking to spend before the end of March, or face losing it from the following year's budget.
I can already hear finance shouting “it’s not like that anymore”, well, my experience is that either departmentally or organisationally there is very often some money around. Spending some of it on in house staff BC training is a low cost option that will develop staff, and produce long term benefits for the organisation, and maybe still have enough for shoes.
John Ball AFBCI is the Business Continuity Coordinator at Sussex and Surrey Police.
My upbringing was a little different to that of my friends. I was a young teenager in the ’80s, when hair was backcombed high and shoulder pads were “in.” My mum was constantly being confused as the pop star Cher. With her similar hair, makeup, heels and great outfits, people would stop her and ask for her autograph. She certainly did not fit in to any type of normal mother mold I saw around me. I’m proud to say, she is now 67 and still does not fit in to what the average woman her age should look like or do.
Years later, I realized the wisdom of her stance against “fitting in.” Having worked in the ethics and compliance field for 20 years, I now understand how much compliance is not about “fitting in.” Indeed, it’s the exact opposite. Unfortunately, we live in a world where the “norm” in many countries would be seen as unscrupulous to many. We have seen it with the politicians in Brazil recently with Petrobas case. We have seen it on our own doorstep with the Panama papers, in which almost every country you can think of seems to have been touched. And we see it everyday with the prosecutions by the numerous regulators around the world. Fitting in does not work.
NOT fitting in means being unreasonable. Compliance needs to stand out and rebrand itself. Many of my clients tell me that they are queuing up to make their training/communications/projects front of house. They have to stand in line behind safety, security, sales, innovation and the countless other serious and important issues a company needs to address. That’s why it’s important NOT to fit in.
The Weather Company estimates that weather is perhaps the single largest external factor affecting business performance, to the tune of nearly $1 trillion lost annually in the US alone. Combining weather data with business data can improve decision-making for a wide range of companies. The company's work earned it the No. 2 spot on the 2016 InformationWeek Elite 100.
The Weather Company and its project to modernize its data collection, storage, and forecasting platform won recognition in last year's Elite 100, coming in at No. 5.
So it's no big surprise that, a year later, The Weather Company is in the top 5 again as the company continues to build on its previous success. Its expanded ambitions involve its new parent company, IBM, and a plan to apply Watson cognitive computing to the Internet of Things (IoT).
Michael Dell today revealed the new names, and yes we are talking multiple names, for the artist formerly known as the Dell-EMC deal. EMC will be deprecated for the main branding Dell Technologies, but will live on for the enterprise brand Dell EMC while the client services business will be called Dell, Inc. according to multiple reports.
Confused? I’m sure you’re not alone, but Dell was reportedly very excited about the new brands as he spoke about them on stage at EMC World in Las Vegas today. I suppose when you spend $67 billion, a few extra names makes sense — more names for your buck. Other brands like VMware, Virtustream, RSA and Pivotal will also reportedly live on.
If you aren’t familiar with the deal, it has gone through some twists and turns, but last October Dell surprised the world by announcing it was buying EMC for $67 billion in what’s believed to be the largest technology acquisition in history. It involves a mountain of debt, approximately $40 to $50 billion, depending on which reports you believe, and it will likely require selling off pieces of both companies to pay the deal.
Today, MetricStream, the market leader in governance, risk and compliance (GRC) apps, has released the results of a survey which reveal the maturity of Regulatory Compliance Management (RCM) in North American and European businesses, having surveyed more than 100 compliance professionals. Identifying the factors that impact the effectiveness of RCM, which is essential for monitoring for regulatory changes and ensuring compliance, the survey analyzes the processes in place, number of dedicated employees and departments in charge. The results indicate that, despite being well staffed to manage RCM, many businesses are still unaware of or unable to invest in appropriate technology and tools; key findings include:
Growth forecasts for data center storage capacity show no signs of slowdown. Cisco expects that by 2019, 55 percent of internet users (2 billion) will use personal cloud storage — up from 42 percent in 2014. By 2019, a single user will generate 1.6 Gigabytes of consumer cloud storage traffic per month — up from 992 megabytes per month in 2014. Finally, data created by devices that make up the Internet of Things, which Cisco calls “Internet of Everything,” will reach 507.5 Zettabytes per year by 2019 — up from 134.5 ZB per year in 2014.
Needless to say, that’s a lot of data, which will require a lot of storage, and Google is proposing a fundamental change to the way engineers think about and design data center storage systems, a rethink that reaches all the way down to the way optical disks are designed.
ATLANTA – The Federal Emergency Management Agency (FEMA) recognized Louisville-Jefferson County, Ky as a premier participant in the National Flood Insurance Program’s (NFIP) Community Rating System (CRS). With additional steps the community has taken, Louisville-Jefferson County is now the first community in Kentucky, and only the second in the eastern US, to receive a CRS Class 3 rating. Jesse Munoz, FEMA Region IV mitigation division director, presented Metro Council President David Yates a plaque recognizing Louisville-Jefferson County’s achievement at the April 14 Metro Council Meeting.
The CRS rewards communities that voluntarily take steps to reduce flood risks beyond the minimum requirements of the NFIP, such as increasing flood protection and implementing preparedness and mitigation activities. As a result, property owners and renters in CRS-participating communities enjoy a reduction in flood insurance premiums.
“Louisville-Jefferson County is the only community in the commonwealth and among only a handful of communities nationwide that has achieved Class 3, which is a notably high rating,” said Gracia Szczech, regional administrator for FEMA Region IV. “I am pleased that we can recognize Louisville-Jefferson County for taking steps to make their community safer, more resilient and save their residents money.”
Policyholders in Louisville-Jefferson County first began receiving flood insurance discounts under the CRS program in 1991. Currently, there are more than 5,194 flood insurance policies in force in Louisville-Jefferson County, representing more than $880 million in flood insurance coverage. Policyholders located in the high risk areas of flooding, or Special Flood Hazard Areas, can now receive a 35 percent discount on their policy premium, which is an average savings of $505 per policy. Some policyholders in the lower risk areas are eligible for a 10 percent discount. In total, policyholders realize an annual savings of $2,054,687 because of the community’s participation in the CRS program.
For more information on the NFIP’s CRS program visit https://www.fema.gov/national-flood-insurance-program-community-rating-system. For more information about the NFIP, a program administered by FEMA, visit www.floodsmart.gov.
FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.
The future of the data center is quickly evolving into the question of the day as changes to technology, business processes and the economy itself spur the reconsideration of long-held design precepts up and down the data stack.
Existential angst over the data center is no different from what philosophers have been pondering for millennia – “Who am I? Where am I going? What does it all mean?” – but in this day and age, plans for the future, and not even the very long-term future, are having direct consequences on decisions being made in the here and now. So amid the mad rush to get on the cloud, deploy Big Data and remake all that the IT department holds dear, it’s worth it to stop and think where we want to be in a few years.
According to Rakesh Kumar Singh, lead tech of data center technologies at Juniper, the future data center will focus heavily on client-facing and analytical workloads, with the overarching goal being to maintain and even extend a competitive edge in an increasingly cut-throat economy. The best way to approach this is to upend the age-old practice of constantly seeking out and deploying the latest and greatest technologies to instead focus on business priorities and work out the infrastructure from there. As IDC noted in its most recent FutureScape study, half of all infrastructure investment by 2018 will foster greater engagement, insight and action rather than systems maintenance, while 45 percent of the installed base will employ automation and even autonomy to improve performance, lower costs, and provide the agility and scalability to remain relevant in the coming years.
One of the highest-value services MSPs offer customers is protecting their data with automated backup and recovery. However, often neglected in the conversation with customers is the need for business continuity planning.
When you get right down to it, the ultimate goal of any BDR strategy should always be to keep the business running, no matter how serious a calamity it suffers. To achieve that level of readiness, BDR technology is essential, but there is more to business continuity planning than backing up data.
MSPs, therefore, should not only provide BDR technology, but also take on the role of business continuity consultant. In this way, you add value for the client by addressing a critical need while creating consulting revenue opportunities. Of course, helping clients stay in business through a catastrophe also helps protect your future income.
A growing trend in law enforcement today is the use of social media and technology as a valuable resource to agencies and residents. The acronym LESM (Law Enforcement Social Media) is becoming a common term across Twitter, podcasts, and a focus among law enforcement agencies. Agencies are adopting LESM to stay current with today’s technologies as well as connecting with the community in the most effective way.