DRJ's Spring 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 32, Issue 1

Full Contents Now Available!


Companies consistently create cross-functional project teams to implement technology, reengineering, product launch and other complex initiatives in the workplace. Many of us, when asked to give an example of a high point in our careers, immediately cite a major successful team effort. Yet in our constantly accelerating marketplace, we find that more and more of our time is being spent getting teams back on track or having to step in and 'do the heavy lifting' when the team does not deliver results.

What is the difference between the team that you remember as a career high point, and the one you are pulling out of the ditch today?

Often, it is the time you spend up front -- ensuring that you and the team can answer and agree on some simple questions: What is the team doing? Why? How will we accomplish the work? Who is involved?

Not doing this is the equivalent of firing before aiming.


Most teams launch into the work quickly because team members feel they know what has to be done and are probably already behind schedule. However, as you speak to each member of the team (or worse yet, must conduct the post-mortem on what went wrong), you find that they each have a very different view of 'what, why, how and who.' An Interaction Associates survey of 400 companies found that the top three internal barriers to team success are that team members:

1.Lack an approach to influence and get support from key stakeholders;
2.Fail to set appropriate goals for the team and then build and implement a plan for reaching them;
3.Don't spend enough time planning how they will work together.

The Business Continuity industry has changed since I wrote my first article on Business Resumption Planning. The title of the article, 'Surviving A Disaster Takes a Plan, Not a Miracle!' (Disaster Recovery Journal, Vol. 7, Issue 3 1994). Business Continuity was still a new concept, since most planning was limited to recovery of the data center. Advances in technology and changes in the way business is done, has spun the growth of this industry and planning has expanded to cover the entire organization.

In the aftermath of Y2K activities, and the emerging of e-commerce for business processes, we have been overwhelmed with new products, changing concepts and new terminology. The terms Business Resumption and Business Continuity were often used interchangeably. Our planning detailed how and where the critical business processes would continue operations after a major disruption. The concept meant resuming business operations within a pre-defined time period.

This could include manual workarounds or an alternate processing procedure. Business Continuation (new terminology) is quickly developing into a planning concept to meet the requirement for shorter recovery times. Understanding what is being provided and how to incorporate the concept into your planning will be important in the success of your overall program.

As you prepare your business for the 21st century, you have undoubtedly addressed a variety of concerns that could hamper your productivity and success. But in developing plans for enhanced IT capabilities and aggressive business development strategies, have you devoted comparable attention toward a blueprint to protect your employees and your facilities from a terrorist attack?

Recent events have shown that no U.S. asset is immune to terrorist actions. Attacks on government facilities at U.S. embassies in Kenya and Tanzania and at Khobar Towers reveal that terrorists search for symbols of U.S. policy to manifest their dissatisfaction. With the bombing of private facilities at the World Trade Center it has become clear that terrorists also seek symbols of U.S. economic prosperity and are targeting corporate assets as well. The attack on the Murrah Federal Building in Oklahoma City represents a new class of terrorism, as both government and private sector assets were effected by the incident. It is likely that in the coming years, both domestic terrorism and private sector assaults, as manifested by the World Trade Center and Oklahoma City attacks, will increase. As such, it becomes necessary for businesses to protect both their equipment and personnel from a terrorist strike.

Whether at home or abroad, public or private; it has become clear that the interests, facilities, and persons of the U.S. are now more frequent targets of both state and non-state actors. So how do we best prepare ourselves to face the growing threat of attack? A purely post-incident response to an attack is not the ideal course of action, as our facilities and persons will already be lost and our interests threatened. Similarly, failsafe information collection and other pre-incident actions designed to mitigate against incident occurrence yield uneven results and should not be relied upon as stand-alone courses of action. Our best strategy for success is to combine these pre-incident planning and post-incident response elements. This juxtaposition provides the best opportunity both for avoiding an incident and also for providing for more effective response and recovery, should an incident occur. Full-spectrum planning is the keystone of an effective incident response and recovery.

Electronic and Computer Equipment areas are found in every local community across America. They may range from a small computer in one office area to a large mainframe computer room with raised flooring and isolated power and climate controls. The primary purpose of this article is to address the specific construction principles and fire protection standards related to large data centers.

The NFPA has reported more than one thousand fires erupting in computer equipment across the U.S. on an annual basis. Beginning in 1980 through 1991 the number of fires has been on a downward trend while 1991 to the last year of the report, 1996, has shown an upward trend in fire incidents . This trend can be attributable to the proliferation of home personal computers as well as the quantity of computers found in businesses today.

Fires involving data centers, whether they originate inside the computer room or extend to the area from an adjacent room, brings special hazards to the firefighter that cannot be overlooked.

Businesses today spend multi-million dollars in computer equipment to manage their information systems and rely on sophisticated controls, detection and suppression systems to protect this large investment. As businesses expand or divest, the need for computer equipment changes as well. As a result, the original sound installation of wiring, and fire-resistant construction is left to the hands of employees who have no knowledge of fire growth and flame spread.

Some time ago the American Film Institute published its list of the 100 greatest American films of all time. If they had any sense, they knew beforehand that there would be a lot of disagreement with specific selections on this list. I don't know about you, but I can't imagine even putting Star Wars on the list, let alone ranking it number 15. But that's what they did, placing it ahead of such movies as The African Queen, The Grapes of Wrath, High Noon, To Kill a Mockingbird, and Dr. Zhivago.

I know what I think of some of their choices. I realize I run the same kind of risk in proposing these Ten Commandments of Business Continuity Planning. So (in true BCP fashion) I want to mitigate some of that risk by proposing this list, not as the last word, but as a suggestion, a starting point. You may disagree with one or more of these commandments; you may disagree about the priority. I would welcome suggestions for changes, along with the reasoning behind them. This list is simply the best I've been able to come up with so far.