WIN A FREE BCM/DR PROGRAM EVALUATION!!

WIN A FREE BCM/DR PROGRAM EVALUATION!!  Find out where you really stand.

We have decided to run a great contest here at StoneRoad: Purchase a book from our founder, A. Fullick, directly from the StoneRoad website (www.stone-road.com) , your name (and company) will be entered into a draw for a FREE Business Continuity Management (BCM) program evaluation.    The more copies you purchase – of any book or combination of books – the more entries your get and the greater your chances.

Oh, and did we say it’s open to EVERYONE AROUND THE WORLD !!  How’s that for confidence in what we do!

So, head over to the StoneRoad website for details and good luck!! www.stone-road.com

This is only valid for books sold through the StoneRoad bookstore (https://stone-road.netfirms.com/cart/);  purchases from any other retail outlets (online or otherwise) are not eligible.     If you have any questions, email inquiries@stone-road.com.

GOOD LUCK!!

Regards,

The StoneRoad Team

“Failure isn’t about falling down, failure is staying down” – Marillion

“Procrastination is the art of keeping up with yesterday” – Buddha

BCM and the Risk Analysis (RA): Is it Dead or Dying?

Don’t forget, you could win a FREE BCM Program Evaluation. 

For details go to www.stone-road.com.  Good Luck!!

 

I overheard an interesting comment the other day between two senior project management representatives: ‘…just go straight to the impact analysis; we already know what are risks are.’  I’m paraphrasing a bit but what got me was that they were talking about not doing any sort of risk assessment.  As usually, I put everything into a BCM/DR/ERM context and I thought, ‘Is the risk analysis dead or just dying?’

With recent events in the world being and the various disasters that are occurring, I was wondering if anyone performs a Risk Assessment (RA) anymore.  In many cases, BCM/DR/ERM programs are started because a corporation has already had a disaster and they jump straight to developing communication and contingency strategies because they already know they’re vulnerable in areas.  If they already had a disaster, what’s the benefit of performing a time-consuming initiative like a RA only to be told they are vulnerable; they already know that.

Financial Institutions and many other like-minded and focused organizations follow RA processes when determining strategy and tactical activities – though if you read the headlines, some of them don’t perform the RA very well – to make money and increase market share.  That might be the reason why the RA is not followed as rigidly as it once was.  If there is a chance to make more money and increase market share and keep unemployment levels low while increasing the corporations brand awareness, the RA might uncover areas that can hinder the ability to make money and keep the company looking ‘good.’  Rather, corporations would rather accept the risk – or ignore it altogether – and go as far as they can with their strategies until something occurs; then worry about the impacts.

Many corporations that focus on their financial risk exposures, make assumptions of what will happen if their operations stop, basically skipping the RA and wanting to know what the impact will be when something happens.  They make the assumption that a disaster will occur and want to know the impact to the corporation, not paying attention the what the vulnerabilities are but rather what will happen if ‘anything’ occurs.

By ignoring a proper RA, corporations increase their vulnerability to disasters.  The RA is being skipped over for actual deliverables, which may – or may not, depending upon how the program is build – harm the program later on because assumptions of what will hurt them are made into contingencies, while those risks that are particular to the corporation are missed for quick and dirty plan development.  The RA can identify that an organization is vulnerable to a particular instance, which means that a proper contingency can later be developed but if it’s skipped and never identified through the RA, when it occurs –and it will – there won’t be anything in place to properly and effectively deal with the situation.

There is in itself when it’s decided to do nothing.  As an example, natural disasters are on the increase and occurring in all areas of the globe, placing people in situations they wouldn’t normally have experienced.

Here’s just a short list of things that are occurring right now:

1. Volcanic activity (think how the Iceland eruption crippled European travel);
2. Heat Waves scorching crops (US, Canada, Horn of Africa)
3. Flash floods in the UK (July 2012),
4. Flash floods in Russia (July 2012),
5. Airplanes into buildings (think 9/11)
6. Texas and Colorado wildfires in the US (June/July 2012)
7. Arab Spring (which is still occurring in some areas)

For many, it’s no longer a case of what might affect us or what we might be exposed to, but rather, what do we do when we’re exposed to it?  This is the thinking we want organizations and communities to have.  But in getting people to think this way, the RA is slowly falling out of favour and organizations are heading straight to the BIA or even skipping that and going to contingency development and implementation.

Insurance and regulators also want to see results of BCM / DR / ERM planning and programs.  They want contingency strategies and plans in place that show what an organization will do when a disaster occurs.  This also aids in having an organization skip the RA (and often the BIA) and go straight for the contingency development phase.

In the past, a disaster was considered a mere minor possibility of occurring but now a disaster has become fact.  Just turn on the TV and it details the latest set of disasters around the globe.  What was a risk is no longer a risk; it’s real and occurring, driving people away from performing RA’s and moving immediately towards contingency development.  This is what we want organizations to think after all but we want them to ensure that all the right planning steps are taken to build the BCM/DR/ERM program.

There is a feeling that anything can occur – and is occurring – so it’s OK to skip the RA step because it will only validate what they already believe to be the truth; that there are risks that will impact an organizations people, places and things (IT, operations etc).  So they decide to build on the worst case scenario and then work backwards, addressing smaller risks as program development proceeds.  This is a quick and dirty approach, which if done correctly can still provide the right answers and strategies needed but if done wrong, can hinder an organization later down the road.

Could it be a sense of paranoia that is beginning to prevail?  A sense that disaster is imminent; it’s just unknown when it will occur.  If so, that would be why many are skipping the RA and heading towards the BIA first – or jumping further along the path right to the contingency development stage.

Is it possible for the leading governing bodies within the BCM/DR/ERM industries to rethink the RA and BIA processes and streamline the governance around them to meet the thinking of today’s organizations, rather than trying to change the organizations thinking to meet the needs of the governing bodies?

Personally, I think it might be a combination of both and a dialogue needs to be held, as the RA and BAI are both necessary steps in ensuring a solid foundation for any BCM/DR/ERM program.  Is it possible to combine the two?  I don’t think the RA is dying but its importance might be slipping, especially if the acceptance of the potential for a disaster is being accepted by organizations.  The RA is slipping unnecessarily, as it identifies exposures and vulnerabilities for organization, which ultimately help determine impacts and later, the development of ‘fit for purpose’ contingency strategies.

We’ve got corporations thinking the way we want – or at least Mother Nature has – and it seems we haven’t properly thought out what we’d do if organizations did accept our line of thinking (that a disaster will occur).  Now that they do, they don’t see the need for the RA, they see the need and value in contingency strategies and plans.  The industry needs to think about this and ensure that our processes and way of thinking keeps pace with what is needed.

 

ENTER OUR CONTEST!!

Win a FREE BCM/DR/ERM program evaluation.   

Go to www.stone-road.com for details.

WIN A FREE BUSINESS CONTINUITY PROGRAM REVIEW!!

Well, we have decided to run a great contest here at StoneRoad:

Purchase a book from our founder, A. Fullick, directly from the StoneRoad website (www.stone-road.com) , your name (and company) will be entered into a draw for a FREE Business Continuity Management (BCM) program evaluation.    The more copies you purchase – of any book or combination of books – the more entries your get and the greater your chances.  Oh, and did we say it’s open to any person and corporation AROUND THE WORLD !!

How’s that for confidence in what we do?!

So, head over to the StoneRoad website for details and good luck!! www.stone-road.com

This is only valid for books sold through the StoneRoad bookstore (https://stone-road.netfirms.com/cart/);  purchases from any other retail outlets (online or otherwise) are not eligible.

If you have any questions, email inquiries@stone-road.com.

GOOD LUCK!!

Regards,

The StoneRoad Team

“Failure isn’t about falling down, failure is staying down” – Marillion

“Procrastination is the art of keeping up with yesterday” – Buddha

Japanese Nuclear Power Plan Report Released (July 2012)

A week ago I’d heard the Fukushima report was coming out and that there were a bunch of conclusions and recommendations being prepared, so I set to writing an article for posting thinking I could add my thoughts as well.  Then I read the report and found that it said everything better than I could.  So, here’s a link to the report The Fukushima Nuclear Accident Independent Investigation Commission  and what the commission recommends and determined was the cause of the disaster.

One thing that I found very interesting is the fact that corporate culture attributed to the disaster – in fact, is listed as a cause of the disasters – and that the very nature of the disaster was communication; from well before the disaster to after it had occurred.  What was also fascinating was that the disaster itself was not the caused by the tsunami, which would be a normal thought but rather the cause of the power plan disaster was man-made.  The tsunami was just the catalyst to trigger all the problems that existed.

I’ve always said – in previous posts – that communications would be the glue that either holds it all together or assists with it all falling apart.  Seems I’ve been validated (and I know I’m not the only person who thinks that).

One thing that I hadn’t expected in the report was the mention of how government and agencies change the names of organizations that experienced or participated in the disasters to show that they’re taking things seriously.   But, they don’t change any of the processes and procedures within these organizations; the processes and procedures that didn’t work the first time.  You can throw paint on a decrepit old car but that won’t make it run any better and that’s what the report basically says.  There is fear that nothing will change; let’s hope it does.

Enjoy the report: I did.

(c) StoneRoad

 **NOW AVAILABLE**

 “Heads in the Sand: What Stops Corporations From Seeing Business Continuity as a Social Responsibility” and “Made Again Volume 1 – Practical Advice for Business Continuity Programs”

by StoneRoad founder, A.Alex Fullick, MBCI, CBCP, CBRA, ITILv3

Available at www.stone-road.com, www.amazon.com & www.volumesdirect.com

 

Europeans Able to Check Hazardous Production Sites

The below notice was sent via the President of The International Emergency Managers Society (TIEMS), of which I’m a member of the editorial advisory board.   I thought this was quick interesting and wondered how this would go over in North America.

************************************************************

Dear TIEMS Members and Supporters,

The Council and the European Parliament have reached an informal agreement on amending a so-called «Seveso Directive ». The Directive is named after an accident which happened in 1976 in Seveso, Italy when a dense vapour cloud containing hazardous substances was released from a pesticide factory. The accident prompted the adoption of legislation aimed at the prevention and control of such accidents. Since then all the companies storing large amounts of fireworks, oil, petrol or toxic chemicals are referred to as « Seveso cites».

The new directive reinforces the rights of EU citizens regarding their access to information on hazardous production sites. European citizens will be able to see if they have dangerous industrial sites in their neighbourhood on the internet and see how to react in case of emergency. They will also be able to go to court if they think that a new Seveso site is established too close to their homes. All Seveso sites will be obliged to prepare an accident prevention policy to improve their level of safety.

Ida Auken, Danish Minister for the Environment and a fervent proponent of this proposal says that this step will allow citizens to feel more secure in their homes even if they live in the proximity of a plant producing hazardous substances.

After the European Parliament adopts its position on first reading in June 2012, the directive will be officially adopted by the Council in the second half of 2012. The amended Directive will enter into force in 2015.

More information is available here: http://www.consilium.europa.eu/uedocs/cms_data/docs/pressdata/en/envir/129282.pdf

With Best Regards,

TIEMS Secretariat

15th TIEMS Newsletter (March 2012)

The latest newsletter from The International Emergency Managers Society (TIEMS) is now available.  StoneRoad founder A.Alex Fullick, MBCI, CBCP, CBRA is co-editor.   Check out the two articles by Alex; one in partnership with the President of TIEMS, K. Harald Drager.

Check out the link below and see what other things TIEMS is up to.

Link:

http://www.tiems.info/images/stories/tiems%202012%20march%20newsletter.pdf

 

 

NOW AVAILABLE the New Book by A.Alex Fullick: “Made Again – Volume 2”

Announcement – A.Alex Fullick’s NEW Book Release: Made Again – Volume 2 

StoneRoad is excited to announce the new book by our founder, A.Alex Fullick, MBCI, CBCP, CBRA.  See the full Press Release below.

**********************************************************************************************************************

Stone Road releases third book: Made Again Volume 2: Practical Advice for Business Continuity Programs

It’s been a great year: revenue is up 25 per cent, profits are up, department teams are (is) functioning smoothly, your new product line has been a big seller and production efficiency and quality control have improved markedly. Employees are energized and the results of all the hard work is finally beginning to pay off.

(PRWEB) February 27, 2012

Then disaster strikes. The CEO decideds to jump ship; a key competitor has just introduced what could be a game-changer in your industry; and on top of that, your entire sales team is suddenly up in arms over commission and compensation levels, threatening to quit if you don’t come up with an enriched compensation package. In a short time, your business life has gone from glory to gory.

This is the world where Alex Fullick lives. Fullick is the Founder and Managing Director of StoneRoad, a business consultancy based in Southern Ontario specializing in Business Continuity Management (BCM) and Disaster Recovery Planning (DRP). Fullick is also an author, having published his first work in 2009 entitled Heads in the Sand; his second project, Made Again (Volume 1) was published in 2010.

Made Again (Volume 2) picks up where its precursor left off, offering practical Crisis Management, Disaster Recovery and Business Continuity advice for business owners and forward-thinking business executives. At its core, Made Again 2 asks business practitioners to work and hope for the best, but also to plan and prepare for the worst. It provides information tips and guidance for those that want to improve their BCM programs and provides details that can only be found through real-life experiences. Author Fullick encourages business owners and top execs to base their business-continuity plan on the four R’s: Resiliency, Restoration, Recovery and Resumption. It’s within this framework that the essays and advice articles are written, as his mission is to teach leaders how to prepare for the bad times as best they can, rather than trying to figure it out when a disaster strikes. A well-designed business-continuity plan/program will allow a corporation to respond to a disaster/crisis quickly and effectively; without them, the waters get murky and crisis response becomes slow, lurching, unfocussed and can potentially destroy an organization.

Fullick has that rare communications gift – his conversational writing style breathes life and passion and easy understanding into complex business subjects. An Amazon.com reviewer had this to say about Fullick’s conversational approach to writing: “It did not feel like I was being advised or taught, but more like I was having an informal chat with a friend. I would strongly recommend this book to anyone . . . ”

Made Again 2 is that rare publishing commodity – it’s informative, it’s original and it’s crisply and clearly presented. It’s a must-read for those in business who need to be fully prepared for the absolute certainty of an absolutely uncertain tomorrow.

Author Alex Fullick is a writer based in Guelph, Ontario. When not hard at work at the keyboard, he can be found at the curling rink or, come summer, wandering the province’s hiking trails.

Made Again: Volume 2: Practical Advice for Business Continuity Programs
by A. Alex Fullick ISBN: 9780981365732

###

Puchase copies for yourself and your organization at Amazon.com and/or Volumes Direct Publishing.

 

 

 

 

 

What is a Disaster? (Part II)

So here is Part II of the old article.  Based on some emails and feedback on Part I, I’m writing a Part III (Final) piece, so watch for that in the future.

********************************************************************************************************************

There are many types of disaster but in general, they tend to fall into two categories: natural disaster and man-made disasters.  However, it’s not so easy to put a situation into one bucket; it’s not all black or white.  Sometimes there are grey areas and by definition, the disaster may not fit into a single disaster category.  Here is how the two categories can be further split;

1. Man-made Disasters (Intentional) – I think in many respects this      one speaks for itself.  This is the      category where you put such things as terrorism and those that      intentionally try to cause harm to someone or something.  It could be to blow up a building – like      the World Trade Centre disaster in 2001 – or it could include such things      as roaming gangs causing problems (and in many cases casualties) while      trying to establish territory for their drug operations.  It can anyone that starts a fire that      gets out of control and apartment blocks go up in smoke with people      loosing everything.  If it’s      premeditated and intentional then it would fall into this category.  It’s the most common category for      man-made disasters.
2. Man-made Disaster (Unintentional) – Sometimes there are disasters      caused by people that aren’t intentional and aren’t premeditated.  I don’t believe that electricians and      welders intentionally start fires while they are working.  Sometimes a spark from a torch will      ignite a rag, some old dry wood or cabling and cause a major fire.  The situation is still man-made – or the      trigger was caused by a person – but there was no intentional malice      behind it.  It could simply have      been an accident, an error in judgement or lack of proper procedural      training that caused the fire.
3. Man-Made Natural Disasters      (Unintentional)      – This category may not be so obvious.       These natural disasters can be caused as a result of human      interference with natural events.       For instance, the building of dams and the clearing of forests for      development can cause erosion to occur that can enhance the threat of      floods.  Often, the surrounding      landscape and the trees soak up the water the roots help strengthen the      soil that surround them.  But if      that is removed to help build a new mall for suburbia, it can cause the natural      environment to no longer provide the protection it once did.  It wasn’t done with intention –      hopefully – but what will trigger the natural disaster is the fact that      human changed something with the natural environment to cause potential natural      disasters to occur.  Here’s another      way of looking at it.  A wild and      thunderous storm can cause landslides, flood and other damage yet, the      landslide may not have been triggered by rain but due to man having      cleared the hillside of trees and other brush that – if untouched –      would/could have prevented the landslide from occurring.  I’m not suggesting that a hard rain      can’t and won’t cause a landslide but it might occur because of a decision      made by us.  The overall situation      will be determined a natural disaster because it was weather related to      start with but the consequences of the storm and bad decisions by man,      caused the relating scenario that caused the landslide.  The rain didn’t cause the landslide, the      decision my man to clear the land of trees quite possibly caused that      component of the disaster.  Make      sense?
4. Natural Environmental Disasters – This is another category that      speaks for itself.  When you think      of natural disaster you think of lightening storms, tsunamis, earthquakes,      tornadoes and hurricane’s – among many other natural disasters that can      occur.  If the situation is      triggered by natural or environmental events then the situation or rather      the disaster, falls into this category.       Like the ‘man-made’ category, this is one of the two main categories      for disasters.

 

Often, the trigger will determine if it’s a man-made or natural disaster, not the resulting responses that are implemented as a result of the disaster.  What category would we put such things as ‘over-fishing’ or the killing of rare animals?  They are man-made disasters – or can be – and they can cause disasters for people.  The destruction of the environment by man can cause animals such as bears to enter town and cities, which if not addresses appropriate can place people in jeopardy.  Living inCanadaas I do, we do hear of stories of people being attacked by animals because man has caused problems for their environments driving them into areas they wouldn’t’ normally enter.  Are the natural or man-made disasters?  Or do they only count as a disaster until a person is involved / harmed?

So, what is a disaster?  It’s whatever an organization or person perceives it to be in some respects.  If the situation can be managed – either proactively or with adequate response mechanisms in place – then it won’t be a disaster.  If there are no risk mitigation strategies or continuity plans in place, the same situation could be termed a disaster for the company without those strategies and plans.  One situation; two corporations but because of what has been implemented and developed – such as a BCM program – one will experience a disaster while the other may not.

From a personal perspective, the closer I am to a situation and the greater the impact it has on me, the more I will see it as a disaster.  The farther away I am and the less impact to me, the less I will see it as a disaster – with a capital “D”.  That doesn’t mean that I won’t have feelings for those impacted but I won’t have the same definition of the disaster as those that are actually impacted by it.

A disaster is more than just the failure of a technology component or the obvious natural disasters such as tornadoes and forest fires, which incidentally can be caused by people.  A disaster is the level of tolerance and impact you’re willing to manage before it either gets out of hand or begins to hamper what you’re doing.  If a corporation can manage a serious situation and have the right mechanisms in place to respond – or mitigate the situation – the less of a disaster it might become.  And even then, the level of disaster / crisis management might be of a high quality and execution but the level of impact on other parties may also be significant, which will cause the situation to become a disaster even when a corporation has the right mechanisms, training, response plans and contingencies in place.

Pigeon-holing a situation to fit this type of disaster or that type of disaster isn’t as simple as it may seem.  It’s also not as easy to understand that what might be a disaster for one may not be for another.  A disaster can be many different things to many different corporations, peoples, industries and communities.  It’s our job as BCM professionals / practitioners to be aware of this and help corporations understand what a disaster is for them – the corporation – and ensure the right assessments; analysis and contingency strategies are developed.

What’s a disaster?  In short, it can be anything…  I think that covers it pretty well.

 

**NOW AVAILABLE**

The new book by StoneRoad founder, A.Alex Fullick, MBCI, CBCP, CBRA, ITILv3, “Heads in the Sand: What Stops Corporations From Seeing Business Continuity as a Social Responsibility.”  Available at www.stone-road.com **

 

What is a Disaster? (Part I)

Note: I came across this in an old folder, while looking for some reference material for the next BCM/DR book: “Essence”.   I wrote this 2 years ago (so it says in my notes) and decided to keep it the way it was written so the original spirit is still there, rather than editing it and making it into something else.  Even the “Now Available” section doesn’t even mention the 2nd book; Made Again.  I take full responsibility for any hiccups it may contain.  Enjoy…

****************************************************************************************************

Like many of you, I get asked this question quite often; ‘What is a disaster?’  I’ve been asked this by executives, employees, curious friends and families and from those are just curious as to what I do.  I started writing this as a little article but as I got going it got bigger and bigger – to the point that this might actually become a book at some point.

On the surface, we can say a disaster is something like a bomb, fire, flood, earthquake, a building collapsing and anything else that might harm people.  Honestly, that is the way the general public see a disaster; something that can be seen with the naked eye and has impact on people and facilities.  These disasters fall into two categories; the man-made disasters (terrorist actions) and the natural disaster (a peeved Mother Nature).

Yet a man-made disaster can be intentional and unintentional.  Terrorism and the actions of 9/11 was very much a disaster but it was man-made; conceived by (mad) men and executed by men and had an incredible impact on not just the World Trade Centre but the city ofNew   York, surrounding areas and the world in general – which is still being felt today.

An unintentional man-made disaster can be that of someone who starts a fire while working with a blow torch and an explosion ensues.  It might just be carelessness or negligence but it’s not an intentional act.  Or it could be someone who left a candle to burn all night and it catches the drapes/curtains or the bed spread and ‘poof!’ up goes the house. Again, it can be a disaster but it’s not an intentional disaster.  What would we call the Great Fire of Chicago (1871), when Mrs. O’Leary’s cow kicked over a lantern?  It wasn’t man-made, it wasn’t intentional and it wasn’t started by any natural phenomena, like a lightening strike.  Maybe we need a new category for things like that.  (For the record, it was never established that the cow started the fire, as a reporter some 20+ years later admitted to starting the ‘rumour’ and the story took off just like the fire did.)

I typed in “Define Disaster” into a search engine and these are some of the things that popped up (minus the punk rock band reference I found);

1. a      failure
2. an      unplanned, calamitous event with widespread impact
3. something that causes great distress or destruction
4. a state of extreme ruin and misfortune
5. unrealized expectations (like      a big budget movie that flopped)
6. time limiting, though the impacts may go on indefinitely
7. something that warrants an extraordinary response from      outside the affected community area

 

Disasters come in many sizes, styles and circumstances.  Not all are those related to our classic BCM defined definition(s);

1. Personal Disasters – What might happen to a single      person doesn’t affect the organization.       This is not to say that a disaster to a single person isn’t important      just that it rarely affects the operations of a corporation. It can      however, have impact on decision making if the disaster (whatever the      situation) impacts a key member of a team.       It may delay decisions and delivery times if that person cannot      provide the appropriate response when needed.
2. When People We Know Are Impacted – Using the example above, we      see can see a disaster when something occurs to others.  We may wonder how we’d respond under the      same circumstances and may wonder why the situation seems overblown.  We may also feel it is a disaster      because the situation has hurt or impacted someone we know personally.       When that happens we are closer to the situation and can be      inadvertently impacted by it – it becomes out disaster as well.  With respect to an organization, if a      member of the team has a terrible accident, it can impact all those that      work with him or her.  Personally, I      recall coming back to the office after Monday lunch to find that a      co-worker (who sat beside me) had passed away over the weekend.  It impacted out entire team because for      days it was hard to look at the ‘empty’ desk.
3. When People Are Powerless to do      Anything –      We will also believe things are a disaster when we are powerless to stop      things.  For instance, right now there      are terrible floods inPakistan      and if you watch the news and view maps, it looks like half the country is      under water.  Not only is it a      disaster because of the flood, it’s a disaster because we – the general      public – can’t stop it.  We can help      those in need by providing supplies, food and financial support but that      doesn’t stop the mudslides, the rain or the water from flowing.  We are powerless to do anything about      the disaster itself but we do have the ability to provide a response to      it; all the while the water continues to flow.
4. When Corporations Experience a      Disruption –      We watch the news; we know that a simple issue for a company can have      disastrous impacts on people and other corporations.  If you’re wireless provider has a hiccup      with their service – even a small one – it can mean you loose emails,      tests and calls to your personal device, which depending on what the      contents were, could mean the loss of business, miscommunications or a      wrong decision being implemented because no one received all the      details.  When we don’t get what      we’re used to –and don’t see any progress to fix the situation – we feel      that the situation is a disaster.       It’s not being managed properly and we aren’t being compensated for      the situation.  Years ago I recall a      situation where a Financial Institution (in Canada) had an issue with      their internal systems.  It was down      for a significant amount of time – over 24hrs if memory serves correctly –      and during this time people had checks bounce, mortgages default and other      issues.  Because of what a bank      does, people saw it as a disaster for the bank and questioned their      internal recovery processes.  Sure      it was a disaster for the bank but people experienced a disaster too      because of the problem; dealing with creditors, other banks, credit card      companies and anything else financial related.  This situation alone proved that the      company needed a stronger BCM program – and they have by the way.  Again, corporations can experience a      disaster and we don’ feel it is anything significant until we feel the ramification and      impacts of the situation.
5. When Something That People are      ‘Attached’ to No Longer Exists – This can mean people losing their jobs, the death      of a loved one, the burning of an old historic building, an earthquake      that changes the landscape, volcanoes that destroy lush forests and so      forth.  When we are attached to      something, we – as humans – want it to last forever; at least while we are      alive and can experience it. But nothing is permanent.  Everything changes and change is one      thing people don’t like.  Depending      on our proximity to the situation, when something is gone it hits us hard      and we have to face reality – that nothing lasts forever.  When our home burns to the ground we      lose everything; it’s a disaster.       However, everything in that home can be replaced and a new home can      be rebuilt.  We were to attached to      the way things were that when it’s gone we experience a disaster.  Same thing with corporations.  When they are riding high on profits      selling, selling and selling  they      eventually will run out of steam because they may have oversold and under      produced; they simply can’t handle the continued growth.  They are attached to the money and      prestige that was coming their way but now when it begins to ebb away,      they feel the company is in a disaster even if it is of their own making.
6. When Something Foreseen as      Manageable Becomes Out of Control – Sometimes some issues are manageable due to the      reoccurrence.  There are many      instances where email has a hiccup every so often and based on daily      operationally protocols can be fixed quickly and things just continue back      to normal.  However, if it’s the      same issue over and over again and it’s not investigated and resolved,      those little incidents pile up and now you have something that can’t be      fixed so easily.  Picture a single      pebble on a trail.  One pebble      doesn’t cause too much trouble and is easily fixed but if more pebbles      being to pile up without ever investigating what’s causing the pebbles to      get there n the first place, you can end up with the path being      blocked.  Now you have a bigger      issue to deal with; one that might not be resolved so quickly.  It now has greater impact upon      operations because things can’t continue.       All those quick fixes need to be reviewed to see what has to be      changed and how to find the root-cause of the situation; when that should      have been done earlier.  What was      thought to be manageable now escalates into something greater and slowly      gets out of control.  Now, you‘ve      got a disaster on your hands.
7. When Expectations Aren’t Met – When corporations experience      crises, we expected that they know how to rectify the situation and set      things right (cough). They have plans in place to ensure that a product or      service continues to be delivered as soon as possible with the least      amount of impact to clients, customers and partners.  I think many individuals can understand      that, well, crap happens, and will continue to happen.  That, I think many of us can grasp.  What we won’t grasp and won’t tolerate      is the fact that a corporation doesn’t know what its doing and doesn’t      have a plan to make sure I – as a customer – and continuing to get my      product or service.  I might      tolerate a day or two of downtime and work around that but after a week      with no progress; I’m not going to be so forgiving. I see that that what      might had been an mild interruption escalated into an unmanageable      disaster and now I’m not too happy.
8. The Proximity to the Situation – If we are closer to the      situation playing our before us, the situation becomes more a      disaster.  An earthquake on the      other side of the world is a disaster but we aren’t there so we don’t feel      the impact of it – we feel the impacts of the consequences of the      earthquake by watching news reports and seeing photographs.  Hopefully we feel strongly enough to      donate aid.  But, the disaster      doesn’t have as great an impact as if it occurs to us.  Suddenly, we expect response teams to      help, aid to arrive, lives and homes to be saved and time is of the      essence.  This same feeling and need      doesn’t occur when you watch it on the news – even if you ‘feel’ for those      impacted.  The closer the disaster      is to us the more likely we are to be impacted by it and know individuals      (and maybe family members) that are impacted by it.  Our proximity seems to drive a need to      response and need to help.  The      closer the situation the greater the disaster is perceived because it      impacts us – no them.
9. Personal Involvement and Impact – We are more apt to identify      with a ‘disaster’ when we are impacted by it.  This doesn’t mean impacted emotionally
   by seeing news reports or the feeling of having the heart strings tugged,      this is being directly impacted physically, financially and emotionally;      meaning we are part of the disaster.       The more involved we are with the situation the greater is becomes      a disaster for us.  If we loose our      homes due to a flood – it’s a disaster.       If see out neighbours home burn down and they find themselves with      nothing, then it is a great disaster to us because we ‘feel’ for tem;      loved ones (assuming they are good neighbours) are impacted and as such,      we are – though admittedly, not to the extent of the family that lost      everything.  The point is, the      closer we are to the situation – financially, physically, emotionally –      the greater the feeling of something being a disaster.  Watching the news a seeing someone’s      home burning on the news may be a disaster for a short period but we      change the channel or get up and get dinner.  It’s not the same if we live beside the      impacted family or they are members of our own family.  Suddenly, the impact of the situation is      greater and the disaster is closer to home – our personal involvement is      greater.

There can be more added to this list but for the sake of time and space (on this page) I’m only listing these 10 things.  You can add more based on your own experiences and beliefs.  There can be many ways in which we define and classify disasters.  A disaster is going to mean something different to every person and to each organization.  What may affect and impact one, may not affect or impact another – at least not a severely.  It is different for everyone.

**NOW AVAILABLE**

The new book by StoneRoad founder, A.Alex Fullick, MBCI, CBCP, CBRA, ITILv3, “Heads in the Sand: What Stops Corporations From Seeing Business Continuity as a Social Responsibility.”  Available at www.stone-road.com **

Disaster Communications: More Than a Phone Line Update

Continuity Magazine, published by the Business Continuity Institute (BCI) had an interesting article regarding “…Resilience in the Workplace.”  The author provided many valuable tips for corporations on how build resiliency within the work force (many ideas of which I’m quite familiar with from years of being in the industry), however there was a point in the article that caught my attention and it provided the spark for this article.

The thought was to bring together team members that aren’t part of the disaster team structure (i.e. those performing restoration and recovery efforts or those leading these teams) and were individuals that were sent home to wait for instructions.  Often, we know we are to communicate the status’ of situation to employees, stakeholders, Crisis Management Team/DR Team members, partners, suppliers, customers and clients and the thing all of these have in common is that a team is made up of people; people, not a product, service or some sort of commodity.  Therefore, we need to treat people as exactly that; people.

During a disaster, only a pre-selected (and hopefully trained) individuals are required to help restore, recovery and validate systems.  Only a select few are given tasks that relate to the disaster/crisis response; the rest may be sent home for further instruction.  This is where some additional issues can slowly creep into the fray.

It is one thing to send people home and ask them to check a phone line for updates; it’s another to actually communicate status’ and expectations with them.  For many employees, the expectation is to go home – when requested to leave for home – and monitor a phone line, website or email, for communications from the corporation (assuming of course the corporation has a communication strategy) but this only last for so long.

The website, email and/or phone messages must be consistent and provide enough information so that employees accessing the line understand what is actually occurring and how things are progressing.  Understandably, details may not be provided but a high-level overview of where things are can help people feel a part of the restoration and recovery efforts when they actually aren’t apart of those teams at all.

In addition, if after a couple of days the only communication is through the email, website or phone line, employees can begin to feel alienated and forgotten.  Not forgotten in the sense that they aren’t going to be needed as some point but forgotten because all they are getting is a phone message, which they probably have to dial into at certain specific designated time to get an update that doesn’t address any of their concerns or questions.

Many of today’s larger corporation have external parties that offer employee assistance (Employee Assistance Programs – EAP) but even here, they can only offer support and provide so much information.  If the EAP is the sole source of information, the employee once again can feel alienated and left to fend for themselves.  Corporations give the perception that they are shuffling off their staff to EAP and then turn around and focus on the restoration and recovery efforts.  That isn’t to say that corporation can’t use EAP’s to help but they can’t just shuffle the responsibility off to an EAP and expect employees to feel like they are being communicated with by the corporation.

It idea the author of the Continuity Magazine provided an interesting idea; create touch points/sessions that can bring together some of the employees sent home, so they can meet each other and bring forward their concerns and issues.  Sure, executives and DR teams are focusing on getting things back up and running but there is still a segment of employees that need to have some focus as well.

An idea could be to have one of the EAP representatives and/or a representative from the corporations Human Resources office organize an information session for those that have been sent home.  Ask them to attend a meeting at a hotel where they can come together and discuss the disaster and be reunited with their colleagues (of all levels).  If they can’t attend in person, provide a conference bridge or web access so they can follow along.  This will at least let employees know they are being looked thought of during a disaster (and being provided a platform to communicate concerns and receive information).   BTW, some of this might even be performed using notification software/applications but beware; it will take some time set up ahead of time and many individuals might not want to provide you with their contact information.  Still, this will at least give you a tool that’s easier to use (hopefully) to reach more people.

Corporations want a sense of community; a sense where everyone wants the corporation and all its employees to be successful.  But when a disaster occurs the focus goes to a select few and the rest can feel like they’ve been pushed aside only to be brought back when the corporation says they are needed again.  It can cause resentment amongst staff because they can’t share their stories and experiences with colleagues and aren’t being communicated with by the corporation; just a voicemail providing little information and continually asking to call back.  That isn’t communication.

 **NOW AVAILABLE**

 “Heads in the Sand: What Stops Corporations From Seeing Business Continuity as a Social Responsibility” and “Made Again Volume 1 – Practical Advice for Business Continuity Programs”

by StoneRoad founder, A.Alex Fullick, MBCI, CBCP, CBRA, ITILv3

Available at www.stone-road.com, www.amazon.com & www.volumesdirect.com