Sooner or later, your organisation will suffer a data security breach. This may sound like the opinion of a fatalist. However, CIOs and CSOs increasingly accept that such a breach is inevitable. Read more
Where you go and what you do, in an environment surrounded by systems managing other systems managed by people, security seems to be the word that keeps people awake at night. The main cause of this issue is the fundamental foundation of security awareness & training not being properly established and integrated into the organisations culture. So how can this be prevented? How can we build a sound resilience of security controls throughout the organisation? Yes that’s right, through ISO22301 & ISO27001 training and awareness. Read more
What is the common factor between worldwide fast-food chains and successful business continuity management in different offices of the same organisation? The answer is that both use a combination of global and local approaches, otherwise known as ‘glo-cal’. For the fast-food restaurants, global rules that must apply everywhere include safety, hygiene, accounting and branding policies. However, on a country-by-country basis, establishments may be able to offer their clientele supplements or variations to the standard menu. A similar idea can be applied to implementing business continuity planning and management across different branch or country offices. Read more
If your organisation employs internal auditors, then as a business continuity manager, make sure you get acquainted – and sooner rather than later! Your auditor colleagues have a responsibility to evaluate and review the level of business continuity, as well as making recommendations for actions. They also have skills and experience to ask important questions about what is being done to prevent adverse conditions bringing operations to a halt. With the help of internal auditors, you can multiply the business continuity message and reinforce awareness top-down across the all departments via departmental/functional heads. Read more
Where in your company orgchart should you put BCM? The quick answer is ‘in the business continuity department’. However, unlike marketing, sales, production and so on, business continuity doesn’t always benefit from being a department in its own right. You could tackle the question by putting business continuity management in the department where it first started. You could put it in an area that reflects the way that BCM has grown from a technology-centric consideration to an enterprise-wide concern. You could even make it a direct responsibility of your organisation’s CEO or at least a C-level function like the CFO, CIO and so on. But which of these possibilities makes the most sense? Read more
For many aspects of IT, the business market takes its cue from developments in the consumer sector. Even if other items like servers, databases and virtualisation are still enterprise-centric, developments in tablet PCs and smartphones are driven first of all by what private users want. These mobile computing devices are accounting for an increasingly large part of IT everywhere. That means that if you want to see what will happen in the business market tomorrow, look at the consumer market today. Tablets and smartphones also open up new possibilities for effective business continuity management. But other consumer IT innovations are contributing to changes in BCM too. Read more
Business continuity management depends on good risk management. That’s a term that resonates with senior management because enterprises and organisations are constantly exposed to risk. So presenting BCM as a way to reduce or even eliminate the negative consequences is often a way to attract the attention of departmental heads and C-level directors. However, as marketers and sales people will tell you, once you have senior management’s attention, you need to build up the interest and move them to action. You could continue pounding home the message about potential damage, but is this most effective way of getting management to act by visibly supporting and implementing BCM? Read more
You can stop holding your breath. Societal security as in the standard ISO 22301:2012 is remarkably similar to business continuity management. Before this standard, there was another one called BS 25999-2 that was clearly positioned as the reference for BC management. The ISO standard replaces BS 25999-2. The ISO 22301: 2012 standard however makes provision for an organisation to be certified by an accredited body. That means the organisation can show proof of compliance to its different stakeholders, including investors, customers, employees, investors and senior management. Read more
You’ve trained for business continuity challenges. You’ve planned and practised, in case that server crash, flood, fire or earthquake hits your business tomorrow. But all these events are subject to chance. They may or may not happen. Here’s another challenge to business continuity that will certainly happen however, and that is likely to affect a vast number of organisations and enterprises around the world. It’s the end of support by Microsoft for its Windows XP operating system. To understand why this is such a major event, after over 12 years of XP existence, we should start by looking at some of the statistics. Read more
One of the business continuity courses offered by DRI-ANZ is the Business Continuity Management Overview course, BCOE000. The aim of the course is to transfer fundamental knowledge to attendees about BC planning and management. As a one-day course, it covers the importance, trends, planning approach, roles and responsibilities involved, giving participants a clear view of BC and its relationship with an organisation. What then is the connection with Pareto? Even if the name is unfamiliar, you’ve probably come across some version of the ’80-20’ rule that came about as a result of Pareto’s research into the Italian economy about one century ago. Here’s how it applies to this course. Read more