A Case Study in backing up data . . . .

We recently formed a relationship to manage the continuity program for a new client. At the start of the discovery phase, we had a hearty discussion about backup practices. The new client used a well-known and reputable local data backup provider but had not thoroughly fleshed out the agreement or contractual obligations with them. Though our client was very confident in the services they were receiving, after reviewing the contract we were still uncertain how the provider supported testing or recovery of the backup data.

With reservations, but in response to our urging, the client contacted their supplier and, after several weeks and many discussions with varying levels of management – leading up to the owner – he found that, while they were backing up a great deal of data, the backup files were wrong for their core processing system to start recovery. In fact, key files they would absolutely need during any recovery procedure were not getting backed up at all because they labeled them as “backup files” – not required for critical processing during usual business. The backup system was simply filtering them out. Clearly we were not concerned with business as usual!

Though our client had previously felt very sure of their recovery capabilities and had, for several years, paid a first-class disaster recovery provider to back their data up, the system had never been analyzed to recognize its clear flaws. While the provider was technically holding up their end of the contract, our client would never have been able to recover from any data loss impacting their core system. Because of a few simple questions and conversations with the back up and core process vendors, this client now has a better sense of certainty with evidence to prove his recovery capabilities!

See more at: www.diyturnkeycontinuity.com

How Excellent Companies Avoid Dumb Things – 12 Principles

I just finished an excellent book on driving change in business: Neil Smith’s “How Excellent Companies Avoid Dumb Things”

Here’s the 12 principles that cut through the barriers:

• The CEO must personally lead and support and change process carried out across the entire organization and a majority of senior management must also support it. 
• The entire organization must be engaged in the change process. 
• The project must be guided by “stars” who are willing to change the status quo.
• There must be no up-front targets for the company as a whole or the individual departments within it. 
• Those who will implement the idea must own the idea. It must be easy to put ideas into the change process but hard to remove them. 
• Consideration of ideas must be based on facts and analysis, not opinion.
• Consensus must be built.
• There must be a focus on increasing revenue, not just reducing expenses. 
• The change process must not disrupt normal business. 
• Implementation must be nothing less than 100 percent. 
• The change process must be about culture change, not just a completed project. 

Smith is right, constructive change that you want to see in your business is going to begin at the top and must be measured and deliberate. Don’t mistake success for luck. It’s not going to come easy! See more at:
www.diyturnkeycontinuity.com

Technology at the wheel?

Think again! So many companies these days think it’s a good idea to let technology get behind the wheel of business or business recovery. This is not going to move you forward. Business is about people and systems. If you happen to have a computer to help with one of those systems, fine, but don’t let that computer boss you around and don’t EVER start thinking that computer cares about you or your company. It doesn’t and it never will.

Likewise, there’s a strong trend to push business decisions on to the people who care for the computer. They are fantastic people and they help you get what you need. You may even get to feeling like they are indispensable because they are always saying things like, “We are working on that now”. Or they make your iPad work after you screamed at it and threatened to throw it out the window. Your tech team may be working miracles but they still can not run your business. Put them back in their car seat and get back to driving!

For more information please visit: www.diyturnkeycontinuity.com and www.dcsplaniing.com

Not just Surviving – THRIVING!

Continuity management has long been tied to disaster planning and crisis response as fundamental to emergency planning but the reality is: If you’re just practicing business continuity to survive you’re never going to get much out of it.

The key to effective value creation from continuity management is a strategy that builds on how the day-to-day business is designed to create value. Today’s global market puts us all in crisis. Corporate directors are in jail. Cyber terrorists can easily hide across borders around world yet still access information kept locked away. States and countries declare bankruptcy. Instability is everywhere.

Businesses are so interdependent on one another that supply chain and technology are complex grey zones of value and accountability. The bottom line is the business needs to create value to survive. Maybe value means money, maybe it’s customer satisfaction or maybe it’s serving its nonprofit goal. Regardless, the creation of that value must be the crux of your resilience plans.

One of the most common misconceptions of business continuity planning is that it starts with a disaster and in a lucky world no one would need a plan. Luck favors the prepared. A business with a healthy continuity management program doesn’t just survive crisis; it thrives daily. The reality of the business world is that every day is more complex and risk loaded. In order to work toward corporate maturity and institutionalization of the systems that create value you have to structure and live your plan.

For more Information Please visit: www.dcsplanning.com and www.diyturnkeycontinuity.com

Continuity management has long been tied to disaster planning and crisis response as fundamental to emergency planning but the reality is: If you’re just practicing business continuity to survive you’re never going to get much out of it.
The key to effective value creation from continuity management is a strategy that builds on how the day-to-day business is designed to create value. Today’s global market puts us all in crisis. Corporate directors are in jail. Cyber terrorists can easily hide across borders around world yet still access information kept locked away. States and countries declare bankruptcy. Instability is everywhere.
Businesses are so interdependent on one another that supply chain and technology are complex grey zones of value and accountability. The bottom line is the business needs to create value to survive. Maybe value means money, maybe it’s customer satisfaction or maybe it’s serving its nonprofit goal. Regardless, the creation of that value must be the crux of your resilience plans.
One of the most common misconceptions of business continuity planning is that it starts with a disaster and in a lucky world no one would need a plan. Luck favors the prepared. A business with a healthy continuity management program doesn’t just survive crisis; it thrives daily. The reality of the business world is that every day is more complex and risk loaded. In order to work toward corporate maturity and institutionalization of the systems that create value you have to structure and live your plan.
- See more at: http://www.dcsplanning.com/not-just-surviving-thriving#sthash.xjGbyK3s.dpuf

Kit for Exercising your Disaster Business Response Plans

Compliance requirements state that contingency plans have to be regularly tested but what does that mean for your continuity program and what does a test actually look like? DCS recommends you build a robust exercise program that develops over time to test your plans, incorporate updates and train your employees. Most importantly the program needs to correspond to changes in your business. This kit helps you design, build and facilitate an effective test that will exercise your disaster business response plan from beginning to end. 

In the continuity industry it’s well known that a plan isn't worth the paper it's been printed on if it hasn't been tested. Let us help you add value to your disaster planning program with our kit. It’s full of details on the entire span of testing. This kit covers it all, including: 

• Test strategy
• Types of exercises
• Building your team
• Scenario development
• Simple forms to help with planning and documentation
• Getting participants involved
• Creating detailed plans for how a test is conducted
• Test evaluation and feedback
• Reporting results to your executive team
• Planning the next test based on the last test’s results

Specifications: FFIEC and HIPAA compliant, 16 pages
For more details visit - www.diyturnkeycontinuity.com/

Exercise Kit

What is Exercise kit and how do you make sure you’re meeting regulatory requirements while preparing in a way that’s right for your organization? DCS’s experienced team knows what you need. 

Read more on http://www.diyturnkeycontinuity.com/

OR

Information Security Threat Risk Kit

Looking for an incident response compliance solution? Need direction on how to respond to a data breach you’ve experienced? Want to make sure you’ve covered all your bases? You’re at the right place! Our Information Security Threat Kit is the solution for professionals who want to be prepared to respond to a data breach. Based on regulatory guidelines and best practices, it’s a simple to use robust form that will walk you through your emergency.

OR

 

 

For more details visit-http://www.diyturnkeycontinuity.com/