BCM & DR: NAME THE RADIO SHOW!!

As you may know from our last post, our founder Alex Fullick, will be doing an internet radio show on the Talk Radio Network at http://www.voiceamerica.com.

Based on all things Business Continuity Management (BCM) related, such as Disaster Planning, Emergency Management, personal safety (home, privacy…), Crisis Management & Communications, Business Continuity Planning etc. the show hopes to bring the BCM industry awareness to the masses.

But we still need a name!!

Soooo, be creative and provide us a suggested name for the show.

The only guidelines is that is should be short and catchy and easily identifiable to everyone – not just industry practitioners.

We’re looking forward to what you come up with.

 

Regards,

The StoneRoad Team

PS: If the winning suggestion comes from a response provided through this site, we’ll try talk Alex into providing some sort of goodie for ya! 

BCM & DR: People Over Profit

There is an old adage that ‘you can’t put a price on life’ and I personally believe that. No amount of money will every replace a lost life due to a disaster or any other situation. After I recently heard a response to so some questions about Business Continuity and Disaster Recovery by a Senior Executive, I’m beginning to think that some organizations actually do put a dollar value on life – even if they don’t know they’re doing. Continue reading

BUSINESS CONTINUITY & DISASTER PLANNING BOOKS BY ALEX FULLICK: eBOOKS / KINDLE VERSIONS NOW AVAILABLE!!

We are happy to announce that ebook / Kindle versions of all books by StoneRoad founder A.Alex Fullick, are now available from Amazon.com (and other Global Amazon sites).

Testing Disaster Recovery-COVER_Layout 1 Made Again-COVER:Layout 1 Made Again VOLUME 2-COVER:Layout 1 Heads in the Sand-COVER:Layout 1 Business Impact-COVER_Layout 1

We hope these information sources help you with your Business Continuity / Disaster Recovery Program efforts. Keep your eyes open for more BCM / DR information sources coming from A.Alex Fullick and StoneRoad.

Happy planning!

 

Regards,

The StoneRoad Team.

PS: Congrats boss!  😉

© StoneRoad 2015

A.Alex Fullick has over 18 years’ experience working in Business Continuity and is the author of numerous books, including “Heads in the Sand” and “BIA: Building the Foundation for a Strong Business Continuity Program.”

 

BC & DR Plans: Don’t Worry About the Fluff

So when was the last time you found what you wanted in a document without having to dig through pages and pages of information? Do you find that so much of what is in the document doesn’t really need to be there? Is it irrelevant? Is it fluff material just so the volume of the document looks good? In many cases it turns out the document is basically built on the foundation of quantity over quality. That means most of the document – the stuff yo don’t need – is just fluff. Continue reading

Hello StoneRoad followers,

We’re thrilled to let you know that two books by our founder, A.Alex Fullick are now back in stock on Amazon.  It was enough to know they’ve sold out a couple of times and now we’re happy they are back and available once more…hopefully no more “Temporarily out of stock” messages for awhile.

1) Business Impact Analysis – Building the Foundation for a Strong Business Continuity Program

http://www.amazon.com/Business-Impact-Analysis-Foundation-Continuity/dp/0981365744/ref=sr_1_1?s=books&ie=UTF8&qid=1426202326&sr=1-1&keywords=alex+fullick+in+books

2) Testing Disaster Recovery and Business Continuity Plans: How to Plan and Execute Successful Tests

http://www.amazon.com/Testing-Disaster-Recovery-Business-Continuity/dp/0981365752/ref=sr_1_2?s=books&ie=UTF8&qid=1426202326&sr=1-2&keywords=alex+fullick+in+books

Well done boss!

The StoneRoad Team (c) 2015 Stone Road Inc

BCP/ IT DRP Plans: Never Consider Them Complete

All organizations with a Business Continuity Management (BCM) or Disaster Recovery (DR) program always strive to have their Business Continuity Plans (BCP) / Disaster Recovery Plans (DRP) in a state they can use: in a state they believe will cover them in any and all situations. They want their plans to at least cover the basic minimum so that they can be responsive to any situation. But if an organization takes its program – and related plans – seriously, then these plans are never fully complete.
For a plan to be truly viable and robust, it must be able to address as many possible situations as possible while at the same time must have the flexible enough to adapt to any potential unknown situations. If it’s ‘carved in stone’ it makes a bit tough to adapt the plan to the situation (the situation won’t adapt to your plan).
This flexibility – and it’s maintenance (which keeps the plan alive) – includes incorporating lessons learned captured from news headlines and then incorporating the potential new activities or considerations that may not be in the current BCM / DRP plan. These plans aren’t quick fixes or static responses to disasters; they are ‘living and breathing’ documents that need new information to grow and become robust. This is why they should never be considered as complete; as the organization grows and changes – and the circumstances surrounding the organization changes – so to must the BCM and DRP plans.
It’s like trying to pin a cloud to the sky; it can’t be done. A BCP / DRP plan can’t stand still; it must be flexible, adaptable and continue to grow.
Risk profiles and risk triggers will continue to change as the organization develops and implements its strategic and tactical goals and objectives – the BCM program and plans must be able to follow along to assist in ensuring the organization can respond to a situation that might take them off their strategic path. A good plan or program is not a destination, it’s really a desired state of being where plans and processes are nurtured to grow and expand – it’s not a plateau you reach and then stop.
So if you want the best BCP / DRP plans to address as many situations and scenarios as possible when your organization is hit by a disaster, understand that to ensure they do just that, don’t ever consider the plans complete. Think of them as an entity that needs to grow and needs attention, otherwise when you need your plans, they won’t be able to help you because they’d reflect contingencies and strategies that represent the company when the plan was first developed – which could be years earlier.

© StoneRoad 2014
A.Alex Fullick has over 17 years experience working in Business Continuity and is the author of numerous books, including “Heads in the Sand” and “BIA: Building the Foundation for a Strong Business Continuity Program.”

Regards,

A.Alex Fullick, MBCI, CBCP, CBRA, v3ITIL | Director, Stone Road Inc. | 1-416-830-4632 | alex@stone-road.com

“Failure isn’t about falling down, failure is staying down…” – Marillion

BCM & DR: Can Organizations be Resilient?

There’s allot of talk of organization’s becoming resilient and how they need to be resilient if they are to compete successfully and respond accordingly to the ever increasing disasters of the world – both man-made and natural in causation. But that begs the question: Can organizations be resilient? In this practitioner’s opinion, yes, they can though it takes more than a single aspect to become resilient.

Many would have you believe that you can buy resiliency off a shelf; a service or product purchased from a firm touting that they can make your organization resilient, as though the procurement of a ‘product’ will make an organization resilient. Well, unless they are a pseudo-psychologist or have a background in leadership psychology, they can’t; at least not completely. Sure, it’s fine to say that Business Continuity Plans (BCP) and Technology Recovery Plans (TRP) et al will make an organization resilient but that’s just not the complete picture. It’s only part of the overall picture.

It’s just not a simple concept – though it would be great it if was. What will make an organization resilient? Is there some sort of magic ingredient that will suddenly ensure that an organization will bounce back from any adverse situation? Well, yes and no. It’s not one single ingredient, it’s multiple ingredients that when combined just so, will help any organization get through difficult situations.

The following sections outline some areas that must be considered as part of the overall resiliency plan if an organization is to become resilient. See which one’s fit within your organization and which items you might want to focus on to improve or instil a sense of resiliency.

1 – Previous Adverse Experiences
Resilient by definition means ‘bouncing back from adversity’ so no one can be resilient if there hasn’t been previous adverse situations that the person / organization hasn’t bounced back from. How is an organization resilient if it’s never had an adverse experience? How can you measure resiliency? What are you measuring against? What has it bounced back from to prove it became resilient? It can’t be because it’s wouldn’t have anything to bounce back from, so how could it ever know it was resilient? It can’t. Of course, some would say that because the organization didn’t suffer badly during a disaster, it was resilient. Well, maybe it really wasn’t a disaster or major crisis, just a well-timed and coordinated response; that doesn’t automatically equate to being resilient.

2 – Plans/Process
It would be ridiculous to suggest that BCPs and TRPs etc don’t help make an organization resilient; of course they do. These are what get opened up and followed (or used as a guide) when the ‘real’ situation occurs. Through consistent validation and testing, amendments are made and they become more and more robust over time; able to deal with a myriad of situations. If the plans are living, validated and leveraged, then the plans will help the organization become resilient. Not just from providing point by point activities but because the validation and the testing that goes on behind them helps instil a sense of accomplishment and progression to those who use them.

3 – Technology
You can set technology functions up in a way that keeps it going even when the power goes out; even when a primary server (or other component) goes down and data/communications are redirected. You can keep the ‘green lights’ on in many ways (too many for this small article). The technology component is the single most discussed area of resiliency, to the point where many organizations believe they are resilient simply if they have a strong technology recovery or IT disaster plan in place. Well, we know that IT is only part of the overall picture.

4 – Leadership
Leaders are usually leaders because they are resilient as a person, not because they have a high profile title behind their name. They have fought there way through the ranks, overcoming obstacles and thought their way through many complex challenges, all so they can be the leader – or a leader – of an organization; a reward for hard work and perseverance. A good leader will give back to the organization and help train others within the organization how to better focus energies and deal with adverse situations.

5 – Culture
Who creates the culture? Leaders, create it. If the aspects noted in #4 are true, then the corporate culture will eventually sway in that direction, even when those that oppose the leader find they have to deal with the new way of doing things or decide to leave for other pastures. We all know what flows downhill when theirs a problem, but if a good leader really is a good leader, then the good also flows downhill. This positive aspect will help

6 – People
People. People are the most important component of resiliency. Without resilient minded people, no organization will ever truly be resilient. Its people that bounce back from adversity and as the old English adage states, ‘Carry On.’ From the org’s leadership right down to the newest person walking through the door. They all must work together to support each other; from the top down to the bottom up. Everyone has something offer in an organization and everyone has a role to play when a disaster occurs.

When all these aspects are combined, then and only then, will an organization have the chance to become resilient. Then, an organization must encounter a situation that tests all these components and that’s when an organization can determine if it’s resilient or not. Once an organization has bounced back and can stand in front of its clients, customers, partners and the general public stating that it has weathered the storm with its reputation intact, that’s when it becomes resilient; not when it buys a product or service off a shelf.

© StoneRoad 2014 (A.Alex Fullick)