If you had to evacuate from your building right now and were told you couldn't get back in for two weeks, would you know what to do to ensure your business continues to operate? Would your staff? Would every person who works for your organization? Increasing threats to business operations, both natural and man-made, mean a disaster could occur at any time. It is essential that corporations and institutions develop plans to ensure the preservation of business operations and the technology that supports them should risks become reality. Building an Enterprise-Wide Business Continuity Program goes beyond theory to provide planners with actual tools needed to build a continuity program in any enterprise. Drawing on over two decades of experience creating continuity plans and exercising them in real recoveries, including 9/11 and Hurricane Katrina, Master Business Continuity Planner, Kelley Okolita, provides guidance on each step of the process. She details how to validate the plan and supplies time-tested tips for keeping the plan action-ready over the course of time. Disasters can happen anywhere, anytime, and for any number of reasons. However, by proactively planning for such events, smart leaders can prepare their organizations to minimize tragic consequences and readily restore order with confidence in the face of such adversity.
Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well. As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it's difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially. That is what Business Continuity Planning (BCP) is: a methodology used to create a plan for how an organization will recover after a disaster of various types. It takes into account both security and corporate risk management tatics.There is a lot of movement around this initiative in the industry: the British Standards Institute is releasing a new standard for BCP this year. Trade shows are popping up covering the topic.* Complete coverage of the 3 categories of disaster: natural hazards, human-caused hazards, and accidental and technical hazards.* Only published source of information on the new BCI standards and government requirements.* Up dated information on recovery from cyber attacks, rioting, protests, product tampering, bombs, explosions, and terrorism.
PRAISE FOR Business Continuity Management Few businesses can afford to shut down for an extended period of time, regardless of the cause. If the past few years have taught us anything, it's that disaster can strike in any shape, at any time. Be prepared with the time-tested strategies in Business Continuity Management: Building an Effective Incident Management Plan and protect your employees while ensuring your company survives the unimaginable. Written by Michael Blyth one of the world's foremost consultants in the field of business contingency management this book provides cost-conscious executives with a structured, sustainable, and time-tested blueprint toward developing an individualized strategic business continuity program. This timely book urges security managers, HR directors, program managers, and CEOs to manage nonfinancial crises to protect your company and its employees. Discussions include: Incident management versus crisis response Crisis management structures Crisis flows and organizational responses Leveraging internal and external resources Effective crisis communications Clear decision-making authorities Trigger plans and alert states Training and resources Designing and structuring policies and plans Monitoring crisis management programs Stages of disasters Emergency preparedness Emergency situation management Crisis Leadership Over 40 different crisis scenarios Developing and utilizing a business continuity plan protects your company, its personnel, facilities, materials, and activities from the broad spectrum of risks that face businesses and government agencies on a daily basis, whether at home or internationally. Business Continuity Management presents concepts that can be applied in part, or full, to your business, regardless of its size or number of employees. The comprehensive spectrum of useful concepts, approaches and systems, as well as specific management guidelines and report templates for over forty risk types, will enable you to develop and sustain a continuity management plan essential to compete, win, and safely operate within the complex and fluid global marketplace.
This easy workbook format shows managers new to Business Continuity Planning how to quickly develop a basic plan and keep it updated. If you've been tasked with developing a basic business continuity plan and aren't sure where to start, this workbook with sample forms, checklists, templates, and plans will walk you step-by-step through the process. The book is aimed at single/few location companies with up to 250 employees and is more oriented to an office environment, especially where computer operations are critical. It offers a fast, practical approach for small companies with limited staff and time to customize a workable plan and expand it as they grow. Endorsed by The Business Continuity Institute and Disaster Recovery Institute International, it includes these helpful tools: Straightforward, jargon-free explanations emphasize the non-technical aspects of Information Technology/Disaster Recovery planning. Glossary with 120 terms and Appendices with sample risk assessment and risk analysis checklists. Extensive, easy to-use downloadable resources include reproducible worksheets, forms, templates, questionnaires, and checklists for various natural disasters and special hazards such as power outages, boiler failures, bomb threats, hazardous material spills, and civil unrest, along with a checklist for vital records storage. For professional development or college classes the book is accompanied by a set of Instructor Materials.
A well-monitored supply chain is any business’s key to productivity and profit. But each link in that chain is its own entity, subject to its own ups, downs, and business realities. If one falters, every other link—and the entire chain—becomes vulnerable. Kildow’s book identifies the different phases of business continuity program development and maintenance, including: • Recognizing and mitigating potential threats, risks, and hazards • Evaluating and selecting suppliers, contractors, and service providers • Developing, testing, documenting, and maintaining business continuity plans • Following globally accepted best practices • Analyzing the potential business impact of supply chain disruptions Filled with powerful assessment tools, detailed disaster-preparedness checklists and scenarios, and instructive case studies in supply chain reliability, A Supply Chain Management Guide to Business Continuity is a crucial resource in the long-term stability of any business.
Every year, nearly one in five businesses suffers a major disruption to its data or voice networks or communications systems. Since 9/11 it has become increasingly important for companies to implement a plan for disaster recovery. This comprehensive book addresses the operational and day-to-day security management requirements of business stability and disaster recovery planning specifically tailored for the needs and requirements of an Information Security Officer. This book has been written by battle tested security consultants who have based all the material, processes and problem- solving on real-world planning and recovery events in enterprise environments world wide.John has over 25 years experience in the IT and security sector. He is an often sought management consultant for large enterprise and is currently a member of the Federal Communication Commission's Homeland Security Network Reliability and Interoperability Council Focus Group on Cybersecurity, working in the Voice over Internet Protocol workgroup. James has over 30 years experience in security operations and technology assessment as a corporate security executive and positions within the intelligence, DoD, and federal law enforcement communities. He has a Ph.D. in information systems specializing in information security and is a member of Upsilon Pi Epsilon (UPE), the International Honor Society for the Computing and Information Disciplines. He is currently an Independent Consultant.·Provides critical strategies for maintaining basic business functions when and if systems are shut down·Establishes up to date methods and techniques for maintaining second site back up and recovery·Gives managers viable and efficient processes that meet new government rules for saving and protecting data in the event of disasters
The book discusses the activities involved in developing an Enterprise Continuity Program (ECP) that will cover both Business Continuity Management (BCM) as well as Disaster Recovery Management (DRM). The creation of quantitative metrics for BCM are discussed as well as several models and methods that correspond to the goals and objectives of the International Standards Organisation (ISO) Technical Committee ISO/TC 292 "Security and resilience”. Significantly, the book contains the results of not only qualitative, but also quantitative, measures of Cyber Resilience which for the first time regulates organizations’ activities on protecting their critical information infrastructure. The book discusses the recommendations of the ISO 22301: 2019 standard “Security and resilience — Business continuity management systems — Requirements” for improving the BCM of organizations based on the well-known “Plan-Do-Check-Act” (PDCA) model. It also discusses the recommendations of the following ISO management systems standards that are widely used to support BCM. The ISO 9001 standard "Quality Management Systems"; ISO 14001 "Environmental Management Systems"; ISO 31000 "Risk Management", ISO/IEC 20000-1 "Information Technology - Service Management", ISO/IEC 27001 "Information Management security systems”, ISO 28000 “Specification for security management systems for the supply chain”, ASIS ORM.1-2017, NIST SP800-34, NFPA 1600: 2019, COBIT 2019, RESILIA, ITIL V4 and MOF 4.0, etc. The book expands on the best practices of the British Business Continuity Institute’s Good Practice Guidelines (2018 Edition), along with guidance from the Disaster Recovery Institute’s Professional Practices for Business Continuity Management (2017 Edition). Possible methods of conducting ECP projects in the field of BCM are considered in detail. Based on the practical experience of the author there are examples of Risk Assessment (RA) and Business Impact Analysis (BIA), examples of Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP) and relevant BCP & DRP testing plans. This book will be useful to Chief Information Security Officers, internal and external Certified Information Systems Auditors, senior managers within companies who are responsible for ensuring business continuity and cyber stability, as well as teachers and students of MBA’s, CIO and CSO programs.
As an instructor, you have seen business continuity and risk management grow exponentially, offering an exciting array of career possibilities to your students. They need the tools needed to begin their careers -- and to be ready for industry changes and new career paths. You cannot afford to use limited and inflexible teaching materials that might close doors or limit their options. Written with your classroom in mind,Business Continuity and Risk Management: Essentials of Organizational Resilience is the flexible, modular textbook you have been seeking -- combining business continuity and risk management. Full educator-designed teaching materials available for download. From years of experience teaching and consulting in Business Continuity and Risk, Kurt J. Engemann and Douglas M. Henderson explain everything clearly without extra words or extraneous philosophy. Your students will grasp and apply the main ideas quickly. They will feel that the authors wrote this textbook with them specifically in mind -- as if their questions are answered even before they ask them. Covering both Business Continuity and Risk Management and how these two bodies of knowledge and practice interface, Business Continuity and Risk Management: Essentials of Organizational Resilience is a state-of-the-art textbook designed to be easy for the student to understand -- and for you, as instructor, to present. Flexible, modular design allows you to customize a study plan with chapters covering: Business Continuity and Risk principles and practices. Information Technology and Information Security. Emergency Response and Crisis Management. Risk Modeling – in-depth instructions for students needing the statistical underpinnings in Risk Management. Global Standards and Best Practices Two real-world case studies are integrated throughout the text to give future managers experience in applying chapter principles to a service company and a manufacturer. Chapter objectives, discussion topics, review questions, numerous charts and graphs. Glossary and Index. Full bibliography at the end of each chapter. Extensive, downloadable classroom-tested Instructor Resources are available for college courses and professional development training, including slides, syllabi, test bank, discussion questions, and case studies. Endorsed by The Business Continuity Institute (BCI) and The Institute of Risk Management (IRM). QUOTES "It's difficult to write a book that serves both academia and practitioners, but this text provides a firm foundation for novices and a valuable reference for experienced professionals."--Security Management Magazine "The authors...bring the subject to life with rich teaching and learning features, making it an essential read for students and practitioners alike." – Phil AUTHOR BIOS Kurt J. Engemann, PhD, CBCP, is the Director of the Center for Business Continuity and Risk Management and Professor of Information Systems in the Hagan School of Business at Iona College. He is the editor-in-chief of the International Journal of Business Continuity and Risk Management Douglas M. Henderson, FSA, CBCP, is President of Disaster Management, Inc., and has 20+ years of consulting experience in all areas of Business Continuity and Emergency Response Management. He is the author of Is Your Business Ready for the Next Disaster? and a number of templates.
Business Continuity from Preparedness to Recovery: A Standards-Based Approach details the process for building organizational resiliency and managing Emergency and Business Continuity programs. With over 30 years of experience developing plans that have been tested by fire, floods, and earthquakes, Tucker shows readers how to avoid common traps and ensure a successful program, utilizing, detailed Business Impact Analysis (BIA) questions, continuity strategies and planning considerations for specific business functions. One of the few publications to describe the entire process of business continuity planning from emergency plan to recovery, Business Continuity from Preparedness to Recovery addresses the impact of the new ASIS, NFPA, and ISO standards. Introducing the important elements of business functions and showing how their operations are maintained throughout a crisis situation, it thoroughly describes the process of developing a mitigation, prevention, response, and continuity Management System according to the standards. Business Continuity from Preparedness to Recovery fully integrates Information Technology with other aspects of recovery and explores risk identification and assessment, project management, system analysis, and the functional reliance of most businesses and organizations in a business continuity and emergency management context. - Offers a holistic approach focusing on the development and management of Emergency and Business Continuity Management Systems according to the new standards - Helps ensure success by describing pitfalls to avoid and preventive measures to take - Addresses program development under the standards recently developed by ISO, ASIS and NFPA - Provides both foundational principles and specific practices derived from the author's long experience in this field - Explains the requirements of the Business Continuity Standards
If you had to evacuate from your building right now and were told you couldn't get back in for two weeks, would you know what to do to ensure your business continues to operate? Would your staff? Would every person who works for your organization? Increasing threats to business operations, both natural and man-made, mean a disaster could occur at any time. It is essential that corporations and institutions develop plans to ensure the preservation of business operations and the technology that supports them should risks become reality. Building an Enterprise-Wide Business Continuity Program goes beyond theory to provide planners with actual tools needed to build a continuity program in any enterprise. Drawing on over two decades of experience creating continuity plans and exercising them in real recoveries, including 9/11 and Hurricane Katrina, Master Business Continuity Planner, Kelley Okolita, provides guidance on each step of the process. She details how to validate the plan and supplies time-tested tips for keeping the plan action-ready over the course of time. Disasters can happen anywhere, anytime, and for any number of reasons. However, by proactively planning for such events, smart leaders can prepare their organizations to minimize tragic consequences and readily restore order with confidence in the face of such adversity.