• PROTECT AND ENHANCE THE VALUE OF YOUR ENTERPRISE

    FREE CUSTOMIZED DEMO

    The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.

    LEARN MORE ABOUT FRONTLINE LIVE 5

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

DRJ Blogs

This is some blog description about this site

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Recent blog posts

By Andy Osborne, Consultancy Director at Acumen

Once upon a time there was a senior manager called Rudolph who, on top of his other responsibilities, was put in charge of the business continuity project. Rudolph was a busy chap with a lot on his plate – he didn’t have time for detail. And anyway, disasters never happen do they? Well, only to other people. 

So rather than doing any proper analysis he leapt straight into writing a plan. In fairness, he also thought about the business continuity strategy -  for about five minutes. Then he took out the cheapest contract he could find for some ship-in IT equipment and wrote some lovely looking plans based on a number of un-validated (and, as it happens, invalid) assumptions. It didn’t take him long at all really. 

...

If you’re interested in business continuity, here’s a new book that might attract your attention: Becoming Resilient: The Definitive Guide to ISO 22301 Implementation. So, if you are looking for some tips on how to implement this standard, here’s a brief overview of my book.  

Main focus of the book

My main goal for this book was to provide practical step-by-step guidelines for implementing ISO 22301 – on one hand, I knew I needed to cover all the in-depth details of such complex implementation, but on the other hand I wanted to avoid using specialized language that no one understands.

...

By Stacy Gardner, Avalution Consulting
Originally posted on Avalution Consulting’s Blog

Most organizations that have experienced a crisis would likely agree that advance planning is critical to enabling an effective response. When a disaster impacts several sites simultaneously, it makes coordination even more chaotic, so the importance of a defined structure increases. Organizations with multiple facilities or sites, especially those within “at-risk” regions, should take proactive steps to prepare their organization for events that require a widespread and coordinated response. Specifically, these preparedness steps include enabling coordination, communication, and adherence to organizational policies in advance of a disaster to ensure all sites implement appropriate response procedures. This article summarizes best practices that help enable sites to work together and execute common, approved response strategies to minimize impact and reduce confusion.

Define Authorities and Expectations
In organizations with centralized policies effective across several sites or facilities, it is important to define specific response authorities and performance expectations within human resources or business continuity policies. Specific policy changes include defining which individuals have authority to close a site as well as closure critieria, such as a public authority emergency declaration. Organizations should define criteria by which individual site leaders can act independently, such as in situations where employees are at risk for an immediate threat, and when additional approval and oversight is necessary from an executive leadership team, such as in advance-warning events.

...

Effectively convincing senior management of the need for detailed, programmatic business continuity, even in this day and age, continues to be a major headache for too many BC professionals.  Even in organizations where a dedicated position – or not as good but often sufficient part-time position – has been designated for the purpose, communicating the need for a detailed, rehearsed and constantly improving disaster backup plan is often difficult at best.

So here’s an easy way: tell them to give up their car insurance.

None of us needs car insurance.  Not really.  Leaving aside varying state requirements that drivers maintain liability insurance, if you’re reading this the chances are that you don’t really need auto insurance. At least not to replace your car. Think about it.  If, on the way to lunch tomorrow, you had a wreck and your car was totaled, even if you didn’t have auto insurance the chances are excellent that you’d have a new car by tomorrow night.  Sure, it would be a hassle and you might not be able to get the exact car you want but the fact is that you could get a new car without insurance and probably very quickly if you needed to.  And even if you couldn’t, there are a number of readily available transportation options that you could easily and immediately adapt to.

...

Posted by on in DRJ Blogs

On this snowy day (in most parts of Canada and the United States), it is helpful to look forward to spring and warmer less snowy days... In particular, lets take a closer look at DRJ Spring World taking place in Orlando, Florida from March 30-April 2. 

As you likely know, networking is an integral part of business and there is no better place to do it than at DRJ Spring World. Our upcoming conference provides lots of opportunities for you to meet experts in disaster recovery and business continuity and to connect with those who can help you get ahead:

  • Exhibition Hall: discover new products, mingle with vendors and attend interactive product demonstrations. 
  • Welcome Reception: this first event of DRJ Spring World held on Sunday evening is a fun and relaxed way to meet other conference attendees and to enjoy some drinks and snacks.
  • Monday Night Hospitality: gold sponsor XMatters is hosting this event on Monday evening. This is a great way to end the first full day of the conference and make lasting network contacts. 
  • Networking Meals: all attendees are treated to six full meals during our conference at no extra cost. Our networking tables make it a great way to interact with peers in your field or related industries.

Along with networking, learning from your peers and industry experts is vital in staying up-to-date with latest trends, standards and approaches to disaster recovery and business continuity. We've got a full conference agenda for you that works for all experience levels and areas of interest.

...
Tagged in: DRJ Spring World

Posted by on in DRJ Blogs

Thanksgiving is the day we celebrate the day when Native Americans sat down with Pilgrims and ate together.  For some of us, it's a better holiday than all the others combined because we reflect upon just how much we have to be thankful for.

Team Rubicon in Port-Au-Prince, Haiti

But there's no reason we can't recognize and celebrate unselfish work every day.  Or any day.  Those of you who read me on Facebook may know how much I admire the veterans' volunteer organization called Team Rubicon and the work that these volunteers do during disasters.  They were early into both Haiti (above) and into  both the Philippines (below) and into the devastation in Washington, Illinois. 

   Team Rubicon also sent teams  to help with Hurricane Sandy's aftereffects. If you'd like to learn more about their efforts or support their work, here's their story.

...

It’s a slow week in the U.S., so slow that you’re probably not even reading this because you’re busy getting ready for the holiday.  Either that or you’re trying to make several work-related deadlines before the long holiday weekend and really don’t have time to read this.

...

Hang on . . . present-what-ism?  Is that even a word?  Turns out it is, and while discussing absenteeism and presenteeism can be about as exciting watching paint dry, the fact is that it has a substantial impact on payroll.  There are two similar definitions for presenteeism: the mainstream definition – when employees show up to work despite the fact that they’re sick and could potentially infect othersand the business continuity definition which is when healthy employees show up after a disaster but are so distracted by the process of getting their personal lives back in order that their onsite productivity takes a dive. 

...

Posted by on in DRJ Blogs

We’re pretty excited about our 50th conference, so you’ll have to to bear with us as we continue to boast about the top-notch speakers, sessions, and workshops that we’ve got planned for DRJ Spring World.

With the theme of “Ensuring Resiliency in a Risky World”, you’re going to want to make sure you’re in Orlando, Florida from March 30 - April 2.

Here's a closer look at what you’ll be learning and the people you’ll be meeting at our 50th conference, make sure you download the conference agenda and review these sessions, workshops, and break-out tracks designed specifically to meet your business continuity and disaster recovery needs.

...
Tagged in: DRJ Spring World

Posted by on in DRJ Blogs

STORServer takes it to a whole new level

What happens when you combine the best hardware in the industry and the industry leading data protection software in the industry?  Simple, you get the best data protection solution in the world. 

 

CommVault has been an industry leader for years and has lead the Gartner Magic Quadrant over the likes of IBM, EMC and Symantec. Combine that with the easy to use, easy to understand data protection product they have developed makes them a logical choice for customers looking to manager the protection of their data.

...

Posted by on in DRJ Blogs

By Andy Osborne, Acumen.    
Originally posted on Oz's Business Continuity Blog

Following the recent departure of number one son to Manchester (see “University challenge”), on Sunday afternoon I decided to address a small issue that's been troubling me for a while. For several years, in fact. When I say troubling, I mean causing my blood to simmer gently on a pretty much permanent basis, and to boil over about once a week, often punctuated by the phrase "...and tidy your @*~%#& bedroom!"

I've often wondered whether life would have been easier if we'd had girls instead of boys. I imagine that they're probably altogether more wholesome and helpful creatures who do things like washing up (and just general washing); and being pleasant and considerate to their wonderful parents; and not trashing the whole house; and keeping their @*~%#& rooms tidy. I'll never know though, because we were blessed (at least I think that's the right word) with two boys. Perhaps someone can enlighten me.

...

By Tony Shen, OpsCentre
Originally posted on OpsCentre's Blog

Distributed Denial of Service (DDoS) attacks are becoming a trending and serious issue when it comes to Cyber Security across many industries in particular the banking and financial sectors.

In a DDoS attack Botnets (usually referred to as a “Zombie army”) bombards a server or a network with thousands of system requests sent from infected computers and internet connections causing network traffic to become overloaded and unavailable. So how do we prevent this from happening? Below are five strategies that can be used to prevent a DDoS.

...

Posted by on in DRJ Blogs

Mark these dates on your calendar: March 30 - April 2, 2014 and make a note that you’ll be in Orlando, Florida for Spring World 2014.

It might seem a bit early to start planning your 2014 education, networking and learning opportunities, but we really don’t want you to miss out on attending Spring World 2014. We’ve got a great agenda of classes, workshops, sessions - all led by the leaders in the disaster recovery and business continuity space. 

To help you start planning your Spring World 2014 experience, each week we’ll highlight different sessions, workshops, events and presenters.

...
Tagged in: DRJ Spring World

By Jacque Rupert, Avalution Consulting
Originally posted on Avalution Consulting’s Blog

A Business Continuity Scoping Approach That Contributes to Better Management Engagement and Prioritization of Risk Management Efforts

One of the most common questions business continuity professionals ask is how to keep management involved in the ongoing preparedness effort and prioritize the implementation of business continuity strategies with limited resources. Business continuity professionals strive to have engaged, interested management teams, but often struggle to achieve this goal. Whether management disinterest has been present from the beginning of the preparedness effort, or whether interest has waned over time, there is one key strategy that Avalution strongly suggests organizations implement in order to achieve greater levels of both management involvement and input regarding business continuity planning: scoping and planning based on the recovery of products and services.

...

Posted by on in DRJ Blogs

By Andy Osborne, Consultancy Director at Acumen

We recently reached a significant milestone in the Oz family history, when we transported number one son (number one as in the sequence in which they arrived, as opposed to any order of preference, I hasten to add) with a car chock-full of his gear, to his chosen university in Manchester, some 120 miles from home.

It would be churlish of me to mention that, with just two hours to go before our planned leaving time, it came to light that some important stuff that he needed to take with him had been lent to friends, so I won't. Suffice it to say that, despite my and Mrs Oz's strenuous, vociferous and repeated efforts over the preceding weeks to ensure it didn't happen, there was an unwelcome amount of last minute frenzied activity and associated stress.

...

The Tip of the Week: Private Sector Beware!

By Dr. Tom Phelan

Thursday, October 30, 2013, 8:07 a.m. EDT – This morning I received an e-mail from fema@service.govdelivery.com titled FEMA Private Sector Resilience Tip of the Week. I usually scan these, but today, attempted to follow the enticing title through the thread provided in the e-mail.

FEMA Private Sector Resilience Tip 10/28/13: Prevent cyber threats from impacting your business systems network. http://go.usa.gov/WrPP.

I clicked on the link which led me to http://www.dhs.gov/protecting-our-nation’s-critical-infrastructure-cyber-threats.  The first four paragraphs narrowed the “Tip” to a discussion of cyber threats to only a certain few forms of critical infrastructure – “…the broadband networks beneath us and the wireless signals around us, the utility plants that pump water into our homes, and the massive grids that power our Nation.” My home has a well, so no need for a plant to pump in the water, but electric power is required for it to provide water.  It still seems a bit confusing how cyber threats might impact bridges, tunnels, and road ways, but I continued in my journey down the “Rabbit Hole.” Low and behold, the concluding paragraph stated,

...

Posted by on in DRJ Blogs
I have said from the start that notifying everyone in a community of a threat due to what appeared to be a domestic dispute is not a leadership or law enforcement responsibility. VA TECH has been vindicated.
from the Huffington Post:
RICHMOND, Va. -- RICHMOND, Va. (AP) — The state Supreme Court on Thursday reversed a jury's wrongful death verdict against the state stemming from the April 16, 2007, killing of 32 students and faculty at Virginia Tech in the deadliest mass shooting in U.S. history.
The justices wrote that the state had no duty to warn students of the potential acts of the case's lone gunman, who initially shot two in a dormitory. Hours later, he killed 30 more people, then himself.
The parents of Erin Nicole Peterson and Julia Kathleen Pryde sued the state for negligence, contending that university officials should have warned the Blacksburg campus of the first shootings before Seung-Hui Cho killed the others, including Pryde and Peterson, at the classroom building Norris Hall.
Jurors in Montgomery County ruled in March 2012 and agreed with the families, awarding each $4 million. A judge later reduced the award to the state cap of $100,000 for each family.
The state argued that law enforcement officials believed the first shootings were the result of a domestic dispute and they concluded the larger campus was not at risk, even though the gunman remained on large.
In the opinion, the justices agreed, writing, "it cannot be said that it was known or reasonably foreseeable that students in Norris Hall would fall victim to criminal harm."
Hits: 769
Recently, I was asked to sit in on a meeting – not participate mind you – and listen to some discussions that were going on regarding a project.  The discussions revolved around requirements and were pretty intense and detailed at time.   The point is, there was a question asked about Disaster Planning and Business Continuity Plans (BCP) and if they had to include anything in their scope.  My ears perked up on this one…and yet, I had to keep quite.The question asked by one of the attendees was this, “What’s the difference between a disaster and a crisis?”  Of course, I wanted to answer this but a quick look and grin from the individual that asked me to attend, told me not to interrupt because she knew I was chomping at the bit to jump into the fray.What I found interesting was the explanation given by one of the meeting participants, who I found later, had no involvement in Disaster Recovery (DR), Business Continuity Management (BCM) or Emergency Response Management (ERM) for that matter.  They weren’t even up to speed on technology; he was a business analyst (BA).  But his description was something I thought I’d pass along to others because it really got the message across to people in the room; something many of us have stumbled over in the past when trying to explain our industry terminology to ‘outsiders.’   I’ve paraphrased all the comments by the meeting participants into two descriptions below.  Before I forget, I’m not stating one way or another whether he was right or wrong, just conveying some information that might help others when communicating the differences or terms related to DR, BCM and ERM.A Disaster Is…“An event that causes major problems for a company or community…”“A disaster is something that happens suddenly and you have to immediately respond to it…”“With a disaster you have impacts that are immediately apparent…”“…something major that stops us from working.”“…something that has gone beyond normal crisis management processes.”“Everyone is impacted and involved…”A Crisis (Management) Is…“…is the management of the disaster or emergency situation…”“…a group of knowledgeable leaders (Note: “leader’ wasn’t defined) that make decisions to ensure activities      start/complete when required…” “…a team that coordinates response  activities…”“…the Single Point of Contact for questions and guidance as to what to do…”“Following documented plans and procedures to help respond to the situation…”“…managing the situation before it becomes a full-scale disaster.”“…not everyone needs to be involved with the management of a crisis.”I thought it was rather interesting coming from someone not in the industry, especially knowing how much people get these terms (and others) confused.  At least not one asked what the difference is between a contingency plan and a recovery plan.The descriptions are rather simplified and effective.  People understood after a minute or two what was being discussed and it helped get the meeting moving.  With industry terminology, it can get very confusing because there are so many different variations on what both of these mean; even among industry experts, professionals and practitioners.   Corporations that offer DR/BCM/ERM services also end up using their own terminology as well, so that adds to the confusion.I thought this person didn’t too badly of a job of stating the difference.  Of course, I wanted to state a few things but since he got his message across to a large group that had difficulty understanding between the terms.By the way, when they were completed, they decided they didn’t need to include DR, BCM or ERM in their project (Hope that doesn’t become a jinx on their project…) **NOW AVAILABLE** “Heads in the Sand: What Stops Corporations From Seeing Business Continuity as a Social Responsibility”and“Made Again Volume 1 – Practical Advice for Business Continuity Programs” by StoneRoad founder, A.Alex Fullick, MBCI, CBCP, CBRA, ITILv3Available at www.stone-road.com, www.amazon.com & www.volumesdirect.com
Hits: 1053

Posted by on in DRJ Blogs

Today, Oct. 29 marks the one year anniversary of Hurricane Sandy. This was the most devastating storm of 2012 and the second most expensive in the history of the United States. 

A quick online search reveals a range of opinions, facts and photography collections that tell the story of Hurricane Sandy. Lives were lost. Homes were destroyed. Livelihoods were crushed. People have started to recover - some areas of the Eastern Seaboard are in "better" condition than they were before the Superstorm Sandy hit. 

With an influx of funding and support, many businesses, cities/towns and people have been able to rebuild and get back to life as they knew it. This returning to life as it was before the storm though, could just be the source of the problem. 

...
Tagged in: hurricane sandy

Posted by on in DRJ Blogs

Events near the end of October have a way of forcing me to choose among equally enticing prospects.  Rather than attend this year's Executive Women's Forum in Scottsdale, I flew to Reno to help present the 2013 Hall of Fame Awards & Gala for the International Network of Women in Emergency Management and Homeland Security.  The event is only three years old.  I was honored and amazed to be inducted in 2011, along with Eleanor Roosevelt and Clara Barton.  Last year's inductees were splendid.  And this year, we kept the bar high.
Two distinguished Washingtonians were honored:  Mary Schoenfeld, a pioneer in the field of emergency management and school crisis management.  She's been in the field over 30 years and has written 5 books and countless articles. She is an inspiration to each of us.  Here, she is pictured in the president of inWEM, Dr. Jacqueline McBride, who also hosted the evening's festivities.
Also honored in memoriam was Ben Dew from FEMA Region Xand prior to that, Washington State emergency management.  He is the author of the strategy we now call "Neighbor Helping Neighbor."  More than one person remembered him and his "Never give up" mantra during the evening.
And there were others who received awards that evening as well, including four of the women pictured below.  Left to right:  Judge Renee Cardwell Hughes (Red Cross), Cheryl (on behalf of Delta Sigma Theta), Fire Chief Toni B. Washington, Dr. Meloyde Batten-Mikens (2012 awardee), and Fire Chief Debra Prior.
Here's Mary Anne McKown, author/synthesizer extraordinaire for some of our finest national documents, including the National Response Plan, the National Response Framework, and the National Emergency Communications Plan.  That's just a small taste of the work she began when she left Booz Allen become a government employee after 9/11.
Different stories for each of the awardees, but overall you could say that each of these women understands public service, the notion of giving back on behalf of something larger than yourself, and a keen desire to leave the world a better place.

Hits: 836