Skip to content Skip to sidebar Skip to footer
adaptive-business-continuity-new-approach-rothstein-publishing

The Unbearable Lightness of BC-ing

 The move from Traditional to Adaptive Business Continuity (BC) may be uncomfortable for a number of reasons, but perhaps the most uncomfortable change concerns the general elimination of documentation as a deliverable.
Traditional BC centers almost entirely around documentation. The practitioner begins by obtaining full executive approval, then creates the BC policy document, "the key document that sets out the purpose, context, scope, and governance of the business continuity programme" (BCI GPG p.14). The practitioner then generates an RA, and, from one to four types of BIAs (ibid p.38). The center of the Traditional BC universe is the plan. The job of the BC practitioner is to create the plan, make sure everyone is familiar with the plan, and then update the plan on a regular basis. Tests are then conducted to validate "that the plans are current, accurate, effective, and complete" (ibid p.87). All these documentation activities most likely take place for every department (or process!) within the organization, thus resulting in mounds of proverbial "shelfware." In stark contrast, the Adaptive BC approach focuses on recovery capabilities.

Read More

Business Continuity Awareness Week

BCI Manifesto for Organizational Resilience

The world is an ever-changing landscape in terms of risk, and as these changes happen, the business continuity and resilience industry must evolve. The BCI is proud to be a part of this evolution and we are releasing our Manifesto for Organizational Resilience during Business Continuity Awareness Week (BCAW) 2018. The manifesto positions us within the organizational resilience sphere; not as the ‘know-all’ organization, but as a central point for collaboration across all management disciplines.

Read More

On Stones, Clay and Rubber Balls, by Mark Armour

Why we need to agree on our definitions and change our thinking around risk management, business continuity and resilience.

First, this is not about where the responsibility for business continuity should reside within an organization. It is about the responsibilities of the business continuity profession and its practitioners. Lately, I’ve witnessed the practice of risk management begin to take over that of business continuity. Many practitioners promote this alignment and foster the perception that business continuity is simply a part of the practice of risk management. I say this is bad for both disciplines and the organizations they serve.

Read More

The 2018 Continuity Insights Management Conference

Register for the 2018 Continuity Insights Management Conference Today!

Join us in Miami, April 23-25, for the 2018 Continuity Insights Management Conference for insight, inspiration, and actionable ideas presented by an innovative network of leading business continuity and resiliency experts and practitioners discussing today’s hot-button topics and issues. The conference comprises three days of comprehensive educational programming, numerous networking functions, a review of the latest technologies and practices, additional certification*, pre- and post-conference workshops, and much more, offering unmatched opportunities to learn from and network with those responsible for the integrity, availability, resilience, and security of their organizations.

Read More

information-security-policies-roles-and-responsibilities-made-easy-rothstein-publishing

Information Security Policies, Roles, Responsibilities Made Easy: SPECIAL OFFER

Information Security Policies Made Easy is the “gold standard” information security policy template library, with over 1500 pre-written information security policies covering over 200 security topics. Based on the 25 year consulting experience of Charles Cresson Wood, CISSP, CISA, it is the most widely used policy library in the world, with over 10,000 customers in 60 countries. Take the work out of creating, writing, and implementing security policies.Information Security Roles and Responsibilities Made Easy by security expert Charles Cresson Wood, provides over 70 pre-written job descriptions, mission statements, and organization charts that you can easily customize for your own organization.

Read More

enterprise-security-risk-management-concepts-applications-esrm-book-rothstein-publishing

Enterprise Security Risk Management (ESRM): Concepts & Applications

As a security professional, have you found that you and others in your company do not always define “security” the same way? Have security interests and business interests become misaligned? Brian Allen and Rachelle Loyear offer a NEW approach: Enterprise Security Risk Management (ESRM). By viewing security through a risk management lens, ESRM can help make you and your security program successful! Brian Allen and Rachelle Loyear show you step-by-step how Enterprise Security Risk Management (ESRM) applies fundamental risk principles to manage all security risks, based on years of practical experience and research. Whether risks you face are informational, cyber, physical security, asset management, or business continuity, all are included in the holistic, all-encompassing ESRM approach which will move you from task-based to risk-based security.

Read More

Register NOW for DRJ Spring World 2018

DRJ Spring World 2018 is slated to be DRJ's best, biggest, and most inspiring conference yet. We sure hope you’ve registered and chosen your sessions and workshops. This is the one conference you cannot afford to miss. We’ve got the best in business continuity, disaster recovery, facilities, IT, operations, infrastructure, planning, and enterprise management ready to share their knowledge and expertise with you.

Read More

E-mail
Password
Confirm Password