Preparing for the Unexpected: July 27/17 Show Announcement!

fullick-Promo-VarietyHello everyone,

We’re happy to announce next week’s show with guest and BCM / DR specialist, Alvaro Orrantia.

Check out the promo here:

Check out Alvaro’s BIO here:

It’s sure to be another great show!


The StoneRoad Team


Preparing for the Unexpected: Thursday, July 20/17 – BCM/DR Project Management

This weeks show is ready to go.

Does it ever seem as though your BCM/DR program isn’t quite operating as smoothly as you believe is should?  Tune in this week to hear our chat with S. Rosalind Baker, a Project and Program Management specialist.  Learn how to manage your BCM/DR program using strong project management practices and take your own BCM/DR role to next level.

Check out more about this weeks show at


The StoneRoad Team


BCM & DR: Internet Radio Show Coming Soon!!

STONEROAD ANNOUNCEMENT: Internet Radio Show Coming Soon!!

Today, we’d like to announce that StoneRoad founder, Alex Fullick, has signed a contract with World Talk Radio LLC to establish a 13 week talk radio show about all things related to Business Continuity Management (BCM) on the Variety Channel.  Continue reading

Reporting DR & BCM Program Status as Red


I’ve noticed recently that many individuals working on various projects and programs, including Disaster Planning and Business Continuity, seem afraid to actually communicate some of the difficulties they’re encountering.  Continue reading

BCM & DR: Mergers & Acquisitions (Part 2)

As noted in Part 1, if you’re going to be merging all areas of the two companies and the acquired will be engulfed or swallowed up by the acquiring company, then BCM/DR has a very large workload ahead of itself.  In some regards, it’ll be like starting over but you’ll know half the BCM need already.  Continue reading

The 4 R’s of Disaster

When the director of technology states that the IT infrastructure is up and available after a disaster, many believe it means that an organization can now begin to operate as normal. This is not completely correct; it’s only part of the solution. It’s like a car salesman pointing out a car on the lot; just because it’s sitting there doesn’t mean it’s ready for use – you need gas, a key and other bits before it’s ready for use. So, just because the technology infrastructure is ready, doesn’t mean it’s ready for use.

What’s happened is that the infrastructure has only been restored; the organization still needs other components in play before it can safely say it is back to operations – not necessarily ‘normal’ operations (Is it ever ‘normal’ to operate in disaster mode??). Yet when technology is restored there is the misconception that all must be well.

I like to keep 4 R’s in mind when an organization is getting back up on its feet after a major situation. Below describe four key stages that an organization must go through before it can state – confidently – that it’s back open for business – albeit, no doubt at reduced capacity and capability.

1. Response: Basically, this relates to the initial responsive activities an organization takes when a disaster occurs. It would include such things as evacuation & assembly procedures, communications (internal, external), crisis management, DR team activation, 1st aid/CPR assistance and other basic activities.

2. Restoration: This focuses on the restoration of technology/IT equipment and services. It does not automatically mean that once a server or application is restored that all is ‘well’ once again in the world. That’s not it al all. What it does mean that the organization has been able to get all the pretty green lights on and systems are restored. All the systems can ‘see’ each other, cables are connected and power is running to everything. The technology infrastructure is now ready for the next step.

3. Recovery: Recovery focuses on data. What data do you have? Have you lost any? Is it corrupted? What was lost when systems failed (regardless of the trigger)? Can you access it? It means obtaining the data (from whatever source) and validating that is usable (i.e. not corrupted) and available for users. It’s also to ensure that systems are actually speaking to each other; that files will pass from one system application to another, as expected. If they can’t, then there is an issue with the technology set or potentially with the data itself. In some instances, an IT and business user will validate that data has not been corrupted and if it is OK, it’s time to move to the next phase. If not, IT must go back and obtain the last set of data files that are OK and not corrupted but if not, users are now brought in for resumption.

4. Resumption: Resumption relates to the end user; the person using the recovered data that moves between the restored systems. This is the final step in the 4 R’s. Once systems are available and data has been validated and available for use, the user now can begin to perform their business operations in the order and frequency dictated by the departments Business Continuity Plan.

Some might say you can incorporate a 5th “R” to the mix; review. However, ‘review’ would actually fall into the maintenance category and the continued review of existing plans and procedures that aren’t just attributed to a disaster occurring. Review would occur after testing and validation for lessons learned and ensuring that disaster team members are kept up to date on expectations and reviewing various other BCM/DR program components (plans, processes etc) to ensure they are current and maintained on a regular basis. The 4 R’s strictly relates to a disaster situation.

The other part with review is that you can do this after a disaster has occurred or some other organizational incident, as a lessons learned. Review how you did and what needs to change.

Sometimes using quick little items like “the 4 R’s” can help illuminate the minds of executives that don’t fully understand – or pay attention to – BCM/DR.

(C) StoneRoad (A.Alex Fullick) 2013
Alex Fullick is the author of several books including his latest, “Business Impact Analysis: Building the Foundation for a Strong Business Continuity Program” (Available at or