By Stephen McGrady
Principal

As I discussed in my article on the difference between Business Continuity Planning (BCP) and Disaster Recovery (DR) planning, Business Continuity Planning is about the operations side of disaster preparedness. How will you keep the business running after disaster strikes?

When helping organizations address their Business Continuity Planning needs, CIO Professional Services uses a four-step approach: conduct a Business Impact Assessment, get Governance mechanisms defined and approved, prepare the team to handle Crisis Management, and create the Emergency Operating Plans (EOPs) for highly-impacted departments. Here’s an overview of how this works…

By Stephen McGrady
Principal

There’s nothing like the unthinkable happening to make businesses realize that the unthinkable really can and does happen. This was the case with the 9/11 attacks, which not only collapsed two towers, but also left a significant part of lower Manhattan closed for business for quite some time. By 9/12 the necessity of preparing for disasters was at the forefront of every executive’s mind.

That said, disaster preparation is a multi-faceted endeavor. The two biggest aspects are known as Disaster Recovery (DR) planning and Business Continuity Planning (BCP). The following is a high-level introduction to both…

By Rocky Vienna
Principal

According to the U.S. government, up to 40% of businesses fail to reopen following a disaster. Recent natural disasters such as Hurricane Sandy have underscored the need for Disaster Recovery (DR) and Business Continuity (BC) planning. Here's what you need to know.

Before we delve into the components of BC planning, let's clearly define the difference between Disaster Recovery and Business Continuity. Disaster Recovery refers to the IT plan that assumes that an event (usually physical in nature, such as an earthquake or fire) has occurred, resulting in significant disruption to business computer systems. A Business Continuity Plan is the set of business procedures that enable business organizations to respond to an event that has disabled the company's business systems in part or in whole. Some events, such as the sudden loss of a key service vendor or supplier, do not require DR but still need to be considered for BC.

By Stephen McGrady
Principal

If Hurricane Harvey and the magnitude 8.1 earthquake off the coast of Mexico didn’t get you thinking about whether your business is prepared to withstand a major disaster, chances are Hurricane Irma or Maria did.

Like most professionals who work in the Business Continuity Planning (BCP) field, I’ve been giving a lot of thought to the implications of having three major natural disasters strike in North America within a 1-1/2 week span. It’s become clear to me that even if you have what you thought was a solid plan in place to keep your business operating after a disaster, your plan might not be good enough. After all, most organizations put plans in place that address how they’ll recover from one disaster. Very few ever consider the possibility that the situation may be even worse than that.

By Stephen McGrady
Principal

Those responsible for Business Continuity Planning (BCP)—i.e. having plans in place to keep a business running after disaster strikes—understand that the world really can be a dangerous place. Although hacking, malware and ransomware aren’t really “new” threats per se, they have certainly grown in frequency and impact.

As some recent high-profile situations have shown, terrible things can and do happen to organizations everywhere. Case in point: Disney was recently hit with a ransom demand by hackers who claimed to have stolen the latest “Pirates of the Caribbean” movie. A few weeks before that, hackers stole the latest season of “Orange is the New Black” from Netflix, and leaked episodes when the firm refused to meet their ransom demands. And then there’s the widely-publicized “WannaCry” ransomware attack, which affected over 200,000 computers in 150 countries in May.