Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

DRJ Blogs

DRJ Community Blogs
Jun 18
2014

Assessing Your Disaster Recovery and Business Continuity Strategy

Posted by Alex Belyarchik in Business Continuity , BRP , BIA , BCP , BCM Professionals , Awareness , Advice From A Risk Detective

Alex Belyarchik
  • Identifying business processes
    • How critical are they to the business? 
    • What are the RTO's for them? 
    • What is the supply RTO for them from IT? 
    • Are they relying on the applications, or could be done manually in case of disaster? 
    • If there are gaps within Supply / Demand RTO --> negotiate with the Sr. Mgmt to either implement the changes or sign off on accepting the risk
  • Assess the potential external / internal risks for the company
    • What are the disruptions to the business? (i.e. natural disasters, flu pandemic, building not available, e.t.c.)
    • What are the internal risks? (i.e. access privilege violation, information theft, e.t.c.)
    • Create "Criticality Matrix" to assess the probability of each of the risks happening to an organization. This could be on a High/Medium/Low basis
  • Review all DR/BCP Plans
    • Start off with the Tier 1's critical applications and go down the list
      • Conduct plan review called "Tabletop" with plan builder to review and update the document
      • Then conduct "Walkthru" with the plan builder presenting the plan in front of all stakeholders. You can also invite internal/external audit to assess the process
      • Conduct a functional test 
  • Vendor management
    • How often were the vendors reviewed? 
    • How often are the vendors visited? Top 10 critical vendors must be visited on an annual basis. This could be merged with the Security Assessment. 
    • Obtain information on data center locations, disaster recovery tests, contact persons, as well as dates and times of the past and future tests
    • Record information within plans and ensure that each plan requiring vendor application to be available possesses this vendor information
  • Functional Testing
    • How often are the critical applications tested? 
    • Is the testing methodology aligned with the corporate goals? Are you getting service disruptions during the tests? 
    • How often are Tier 2,3,4 applications tested? 
    • Were multiple concurrent tests conducted at once? (e.x. testing 20 applications as a bundle in datacenter failover test). 
    • Review the Test Certifications to ensure they possess critical information, such as: test times, applications tested, hardware tested, issues are logged, resolutions are found, physical signatures of the testers are obtained, Sr. Mgmt approvals
Jun 12
2014

Business Continuity of your cloud based services

Posted by John DiMaria in Untagged 

John DiMaria

I read a lot of articles on the key benefits of the cloud, and how cloud computing can be used help to ensure business continuity and speed disaster recovery and in some cases the cloud services themselves can become a major component of the disaster recovery plan for on-site systems and services, but cloud services are not perfect, and while they sometimes offer redundancy and data protection, they can also lead to problems caused by updates or network failures.

Remember last year when a disruption at Amazon shut down Instagram, Vine, Airbnb And IFTTT?

Jun 10
2014

The Relationship Between the Business Impact Analysis and Risk Assessment

Posted by Courtney Bowers in Business Impact Analysis , Business Continuity , Avalution Blogs

Courtney Bowers

By Jacque Rupert, Avalution Consulting
Originally posted on Avalution Consulting’s Business Continuity Blog

The business impact analysis (BIA) and risk assessment are foundational elements of every effective business continuity program; however, in our experience, many business continuity planning participants experience a lot of confusion regarding the definitions, relationship, and expected outcomes between the two processes. This confusion often results in outcomes that fail to drive preparedness.

May 27
2014

Managing incidents across timezones

Posted by Lorna Leslie in Untagged 

Lorna Leslie

 

For the past week I have been working with a company in California and getting them ready for ISO22301 certification. I will speak more on the lessons learned from the certification in next week’s bulletin. In preparation for the audit I have been helping the local coordinator and senior managers develop their local business continuity plan for the loss of their Californian Headquarters. The other half of the company which is in Sweden has already been ISO22301 certified.

May 16
2014

Compliance Concerns Are Rising - Here's What You Can Do About It

Posted by Brandon Tanner in Untagged 

Brandon Tanner

Originally posted on Rentsys Recovery Services’ blog.

According to Accenture's 2013 Global Risk Study, regulatory requirements rank as a top-five risk category for financial, government, insurance and other industries. In fact, 30 percent more companies plan to increase their compliance efficiency.

May 15
2014

3 Steps to Incident Readiness

Posted by eBRP-Blogs in Untagged 

eBRP-Blogs

Business Continuity methodologies have been around for decades. Business processes, technology, culture, markets, media and communication have all changed – yet BCM is still virtually the same.It shouldn’t surprise anyone that ‘Selling BCM to the C-Suite” is a problem of epidemic proportions.

May 15
2014

4 Elements to Create an Incident Ready Program

Posted by eBRP-Blogs in Untagged 

eBRP-Blogs

enbrp

The purpose of anIncident Readiness Programis to enhance the ability to respond effectively toanybusiness disruption and restore those assets (Business Processes, facilities, technology, suppliers and people) that are critical to the delivery of that organization’s Products & Services.

May 12
2014

Reading and writing

Posted by Andy Osborne in Untagged 

Andy Osborne

By Andy Osborne, Acumen
Originally posted on Oz's Business Continuity Blog

I like writing. I like reading too, although with everything else vying for my attention, I don’t get nearly enough time to read for pleasure.

May 08
2014

Client Solution Innovations

Posted by in Untagged 

The very best web design service provider. Higher premium sites presently economical find out even more by Client Solution Innovations

May 08
2014

Why Plan? A Closer Look at Business Continuity

Posted by Courtney Bowers in Disaster Recovery , Business Continuity Planning , Business Continuity , Avalution Blogs

Courtney Bowers

By Ross Ladley, Avalution Consulting
Originally posted on Avalution Consulting’s Business Continuity Blog

Business continuity is an often talked about risk management practice, especially with what appears to be an ever increasing number of serious disasters, including Superstorm Sandy, the California wildfires, and the Japanese Tsunami – and that’s only natural disasters! Disruptive incidents can stem from major events such as these, but they can also originate from events that are far less visible and widespread, including sprinkler malfunctions, power outages, supply shortages, and an IT disruption.