DRJ's Spring 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 31, Issue 4

Full Contents Now Available!

DRJ Blogs

DRJ | The premiere resource for business continuity and disaster recovery

How flexible is your BCP?

How flexible is your BCP?

As Business Continuity professionals, we see a lot of plans. We develop plans for our clients, we help mentor clients on how to build their plans themselves, we review existing plans for gaps, and we audit plans. One consistent concern across all plans, regardless of their size, is it a flexible BCP. At what point is your plan too rigid? How do you know if you have just enough – or too much – information? Do you need responses for every single type and depth of scenario out there? If you don’t know the answers to any of these questions, don’t worry, we’re here to help!

What do we mean by flexible BCP?

For the purposes of this post, we are talking about how well your BCP allows you to adapt, and appropriately respond, to different types of incidents. You should be able to use the same BCP to respond to a fire, a train derailment, a power outage, or an active threat. This might seem a bit daunting; how can one plan possibly respond to all of these things? Simple! The answers are in your plan content and structure, and training.

 

Plan content and structure

Two key areas of a flexible BCP are in the response and recovery steps, and the supporting documentation. The response and recovery steps document exactly what steps you need to take when an incident occurs. But, these steps do not need to be so detailed that they are difficult to follow. For example, one of your steps might be “Inform vendors of the incident and provide temporary instructions.” You do not need to then list the name of every vendor you need to contact for every type of incident. Simply include a reference to your vendor database. That way, you select which vendors you contact depending on what has been impacted by the incident.

...
Continue reading
541 Hits
0 Comments

New Year's Resolutions

We are just a few days away from 2017, wondering what it will bring.  Everyone is deciding what their New Year's resolutions will be.  What will you do differently in your personal life?  And what changes are you going to make in your business and professional life?  This is the perfect time to reflect on what went well for your company this past year; and what was less than perfect. It is also the prime time to do some planning and preparation.

Incidents have a global impact.

One only needs to look back on 2016 to remember how many natural disasters occurred.  This was one of the deadliest Atlantic hurricane seasons since 2005, spanning all the way from mid-January to the end of November.  Out of 1,766 deaths this season, 1,659 were attributed to Hurricane Matthew alone.  There were also massive earthquakes in Ecuador, Italy and the Solomon Islands, and rampant wildfires in the Southeastern United States.  At first blush when these incidents are looked at separately, the impact might not be considered all that high.  However when you really think about the global impact of incidents like earthquakes, sudden flooding, snowstorms, power outages, fires, and hurricanes, you quickly realize how these seemingly isolated incidents resulted in real impacts on your bottom line.

The New Year is the time to start.

I suggest you take this week to get ready for the year ahead. Do a threat risk assessment.  Really look at the results of this process and consider how these threats will impact your business and bottom-line.  Next, take action.  Work with a proven leader in the industry to put together a business continuity plan. When done effectively, the creation and implementation of this plan doesn't have a big impact on the day-to-day operations of your business.  Ultimately you will have the peace of mind that your company and its assets are protected in the event of disaster.

...
Continue reading
1418 Hits
0 Comments

KingsBridge Disaster Recovery to Launch Shield 2.0 at DRJ Fall World

KingsBridge Disaster Recovery announces its signature Shield software, a Business Continuity and Disaster Recovery Planning tool, has undergone a complete redevelopment and will be available to new users starting this month. Shield has always strived to make planning simple, but now The Plan Builder is taking it to the next level following more than a year of planning, development and testing while always keeping “faster", “easier", “intuitive" at the core of their design decisions.  The KingsBridge team is excited to release this new and improved product to build better recovery plans faster.  With the mantra of “The Plan Builder”, Shield 2.0 gives users the ability to build a first draft of the plan right out of the box saving precious time and resources. KingsBridge understands that many Business Continuity project managers have conflicting priorities and tight deadlines. To answer the call for an easy to use, easy to manage plan, Shield 2.0 has enhanced capabilities for managing data and documents with easier navigation. And users couldn’t be happier. Here is what customers have to say about Shield 2.0;

 

  • Ease of use; the application isn’t too complex allowing users to access it only once or twice a year without the need for retraining.

    ...
Continue reading
1169 Hits
0 Comments

Document Core Processes (aka "What's that post-it?")

I walked into the hotel lobby at a client site a few weeks ago to get some tea and review my notes for the day’s meetings.  There was a businessman sitting at a table near the coffee stand, and he was clearly in the middle of an important phone conversation.  From what I could overhear (and he was not being quiet) he was talking with someone in his department (IT) at his head office.  It went something like this:

 

“Ok, so did you check all the hardware connections?”  pause  “No, that wouldn’t help.  You might have to shutdown and reboot.”  exasperated sigh  “Ok, well I’m in a hotel on the West coast so I can’t come in, but I’ll do what I can to walk you through the steps over the phone.”

...
Continue reading
2719 Hits
0 Comments

Should we be planning for an Ebola Pandemic and what should we plan for?

Charlie Maclean-Bristol, FBCI, discusses whether the time has come for business continuity managers to make contingency plans for an Ebola pandemic.

Spain is now dealing with the first case of direct infection of Ebola in Western Europe; the first Ebola death has occurred in the United States; and the World Health Organization has warned that ‘ Ebola is now entrenched in the capital cities of all three worst-affected countries and is accelerating in almost all settings ’. So has the time come for business continuity managers to make contingency plans for a possible future Ebola pandemic? I think the answer to this question is, yes, we should be.

I am not suggesting that you immediately go out to the supermarket and buy lots of tinned food and water, barricade the house, be prepared to operate on battery power and bottled gas and then lie low. 

What I am suggesting is that we should be quietly thinking about how a possible Ebola pandemic might affect our organization; thinking through what an Ebola plan might look like; and monitoring the situation to ensure that you are ready to react if the situation escalates further.

So what at this stage should business continuity managers be doing?

1. One of the first tasks we should be doing as business continuity people is looking at what our possible exposure to Ebola is. What is our staff exposure to the disease, do we have staff travelling in areas, which have had cases of Ebola? As the disease spreads further, which most commentators are saying that it will do, then cases of Ebola may arise in a variety of places. We may have to react quickly if our staff are in the same area or they may be stranded by a country travel ban. 

2. What is our supply chain exposure to the disease and does it involve West Africa? Again, like staff travelling, as the disease spreads and turns up in expected areas then it may affect our supply chain. 

3. If the disease was to take hold in our country how would it affect our organization and would it create more work for us or less? If we work in an organization that would be responding to a pandemic (for example healthcare services) or are a supplier to such an organization, then it is likely our workload will increase. If our organization supplies essential services or part of the country’s ‘critical infrastructure’ such as power, food, water, etc. then we will be under a lot of pressure from government to keep working. Whilst if our organization does not supply something critical then we can perhaps temporarily close down our organization without a major impact beyond our own employees. Any contingency planning should reflect how it affects the individual organization!

4. Once we understand our exposure, then we should be engaging with senior managers in our organization and discussing our organization’s exposure and what action we should be taking at the moment. It we have no exposure then perhaps we should be agreeing to continue to monitor the situation. We may want to agree at this stage what sort of events might trigger further action. If we have a larger exposure then perhaps we should start some contingency planning and engaging with those parts of the business or people who may be at risk.

5. I think at this stage it is very important that we are not seen to panic or to overreact, as this might undermine any other contingency planning for other events; may undermine the credibility of the individuals involved in contingency planning; and may undermine any further escalation within the organization if this is required. Especially if there is a risk to our organization, some measured communication to staff informing them of appropriate risk reduction measures to take, any travel bans and what to do if they think they have been in contact with someone with the disease may help reassure them that you are thinking about the risk and taking appropriate action.

6. It may be appropriate for your organization to carry out some contingency planning to cover scenarios such as loss of a key supplier; if a staff member becomes infected; or if parts of your organization were quarantined. This may involve dusting off influenza pandemic plans and other contingency plans and seeing how appropriate they are in response to Ebola and amending the plans accordingly. I suspect if there was a full pandemic, government would in the main very much dictate the response and precautions to be taken by businesses and individuals.

7. I think, in the end, if we do nothing else we should monitor the situation on a day by day basis; so that we can react quickly if Ebola might, or is likely to, have an impact on our organization. 


The author
Charlie Maclean-Bristol, FBCI, FEPS, Director of Training, PlanB Consulting. PlanB Consulting is able to provide continuity planning risk assessments, advice and contingency plans for any organization that has an exposure to Ebola risk. www.planbconsulting.co.uk

1484 Hits
0 Comments

Here are few tips to keeping your BC plan and program healthy!

Food is a universal language. So is man’s need to survive. Whether in the business world or the kitchen we need a simple recipe for business continuity success.  In this four part series I’ll introduce you to the four basic courses necessary when cooking up an appetizing and rewarding business continuity program. This week the focus is on doing what’s good for us…exercising and eating our veggies!

Continue reading
1788 Hits
0 Comments

Why Plan? A Closer Look at Business Continuity

By Ross Ladley, Avalution Consulting
Originally posted on Avalution Consulting’s Business Continuity Blog

Business continuity is an often talked about risk management practice, especially with what appears to be an ever increasing number of serious disasters, including Superstorm Sandy, the California wildfires, and the Japanese Tsunami – and that’s only natural disasters! Disruptive incidents can stem from major events such as these, but they can also originate from events that are far less visible and widespread, including sprinkler malfunctions, power outages, supply shortages, and an IT disruption.

This perspective discusses why organizations make the decision – or should make the decision – to invest in business continuity planning.

...
Continue reading
1467 Hits
0 Comments

Ski boots and celery

By Andy Osborne, Acumen.  
Originally posted on Oz's Business Continuity Blog.

I love skiing. It’s right up there on my list of top ten favourite things (I’ll keep the other nine and their relative positions to myself for now, on the grounds that divulging them may incriminate me).

...
Continue reading
1770 Hits
0 Comments

Combatting the Annual Disaster to Your Bottom Line – “Holiday Presenteeism” – by Keeping Your Employees Focused During the Festivities

Hang on . . . present-what-ism?  Is that even a word?  Turns out it is, and while discussing absenteeism and presenteeism can be about as exciting watching paint dry, the fact is that it has a substantial impact on payroll.  There are two similar definitions for presenteeism: the mainstream definition – when employees show up to work despite the fact that they’re sick and could potentially infect othersand the business continuity definition which is when healthy employees show up after a disaster but are so distracted by the process of getting their personal lives back in order that their onsite productivity takes a dive. 

...
Continue reading
1992 Hits
0 Comments

Delving into the depths

By Andy Osborne, Acumen.    
Originally posted on Oz's Business Continuity Blog

Following the recent departure of number one son to Manchester (see “University challenge”), on Sunday afternoon I decided to address a small issue that's been troubling me for a while. For several years, in fact. When I say troubling, I mean causing my blood to simmer gently on a pretty much permanent basis, and to boil over about once a week, often punctuated by the phrase "...and tidy your @*~%#& bedroom!"

I've often wondered whether life would have been easier if we'd had girls instead of boys. I imagine that they're probably altogether more wholesome and helpful creatures who do things like washing up (and just general washing); and being pleasant and considerate to their wonderful parents; and not trashing the whole house; and keeping their @*~%#& rooms tidy. I'll never know though, because we were blessed (at least I think that's the right word) with two boys. Perhaps someone can enlighten me.

...
Continue reading
1777 Hits
0 Comments

Your business DNA: Do you have an inherited disease?

You are an administrator of your company’s IT infrastructure. Before you came along, it was someone else’s job, but you inherited their mess. While another person built the infrastructure, it is now your responsibility to manage everything that happens within it. 

 

That inherited infrastructure is the DNA of your business. All of your plans, projects, business and customer information exist in the form of 1’s and 0’s. Just like DNA, those 1’s and 0’s are the building blocks of everything else you do. 

...
Continue reading
2303 Hits
0 Comments

Scalability–You grow, it grows!

When keeping pace with growing data, a major concern for IT organizations, in terms of both storage and data protection is how the data protection solution will handle the growth.

If your business has grown its capacity by 40-60 percent in each of the past three years, and it now supports billions of data objects, you need a solution that grows with you. This growing of capacity may be outpacing your data protection solution and you may need to find a way to scale your protection.

...
Continue reading
2116 Hits
0 Comments

Let's have some fun?

So you have planned.  You have a strategy.  You are ready.

Are you really?

Sure you have done planned testing.  But... people knew it was coming.   You probably made all the plans for your test weeks in advance.  You knew where you were going, when your were going and who was responsible for what.  That hardly seems fair.  That is not going to happen in real life.

...
Continue reading
2274 Hits
0 Comments