Autumn

TUG Buzz! for Thursday November 8, 2018

IN THIS ISSUE:

  1. November TUG MoM - Register now...
  2. Corporate Resiliency Policy - article by Garth Tucker
  3. iDev Cloud
  4. Stay Connected - Confirm your subscription to TUG Buzz

Registration is now open for the
November Meeting of Members!

Monte CarloDate: Wednesday November 21, 2018

LOCATION: Monte Carlo Inn, Markham Downtown

7255 Warden Ave (at Denison Street)
Markham, Ontario L3R 1B4

** FREE Parking **

SPEAKERS: (from the IBM Toronto Lab)

Barbara Morris Edmund Reinhardt
Barbara Morris Edmund Reinhardt

 

     AGENDA for November 21st MoM

ADMISSION:  Free for TUG members ($60 non-members) 

Registration starts at 4:30 pm

5:00 pm - Session 1:
Barbara Morris with Edmund Reinhardt
Test Driven Development - Leveraging Best Practices for RPG and IBM i Development

• Current best practice for producing high quality software is Test-Driven Development.
• These practices can be applied to RPG development on IBM i.....read more.

7:00 pm - Session 2:
Barbara Morris
Best Practices for RPG Coding

How using service programs can modernize your development, both new function and maintenance....read more.



Back to Top

[article] Corporate Resilience Policy

Garth TuckerBy Garth Tucker

Whether you call it disaster recovery, business continuity, emergency management, or any variant thereof, you will likely not be truly successful in your resilience program without a corporate policy endorsed by the senior leadership team.

Why is this?

Direction. Left to their own devices, business unit managers/administrators will either ignore requests from the team building the program because they're "too busy" or, even worse, believe that they know better how to deal with a crisis. In my experience, the policy is an often-overlooked part of a program or it's not effective enough to provide the clout required to ensure compliance from all business units/departments. With a well thought out policy that has the stamp of the C-Level on it, there is no room left for argument or interpretation and all involved will be rowing in the same direction in the building and maintenance of your resilience program.

My approach. When wearing my consulting hat for Green Apple, and previously for Dynamic Disaster Recovery, and received a request to build a DR or BC plan, the first thing is to explain that I will not write them a plan but build them a program and begin to instill a culture of resiliency within all departments. After we've agreed on what the project consists of, I either review any current policies in place and recommend changes as required or produce a generic policy document as a starting point for review, development, and ultimately, to be implemented throughout the organization.

What makes a good policy?

To be effective, your resilience policy must outline:

1. Objective(s): What are you trying to accomplish? Reduce downtime? Reduce costs of outages? Life safety? Lower insurance premiums/deductibles? All of these are legitimate objectives and may require different approaches to accomplish, so you must identify them to determine the size of the breadbox you're going to build.

2. Scope:
      a. Departments/Business Units
      Obviously, we want to ensure the entire organization is covered under the program, however, budget constraints or other roadblocks may cause you to specify what will be included in the program initially. The policy document can be amended later when it's possible to include more business units.
      b. Approach
      How will the program be developed and maintained over time? Once you've determined how your program will be built (ISO standards preferably), put it in the policy so that if there's a change in staffing, those coming along behind understand what was being done and can continue without wasting significant amounts of time deciphering what the previous person was doing.
      c. Risk assessment
      This can be a tricky thing to stickhandle around and it's best if the Enterprise Risk Management folks are involved and everyone understands the difference between what ERM does and the detailed operational RA that resilience planning requires to avoid disagreements down the road that will block achieving objectives.
      d. Education/Training
      I've written previously on my approach to training the Business Unit Champions and Subject Matter Experts on the various parts of resilience planning to achieve better results. We must also ensure that all departments understand that they must take part in training and exercises to ensure familiarity and accuracy of the plans.
            I call this the Tom Sawyer approach to consulting/management ☺
      e. Auditing
      You must identify how often you will audit internally and how often to bring in an outside firm or expert to provide a different perspective.
      f. Remediation of audit findings
      Once you have the finding, your policy should identify how long they have to fix the issue(s) before punitive measures are enforced against departments or facilities that are out of compliance.
      g. Calendar
      This defines the yearly processes that maintain your plans/program and should allow for exceptional occurrences that may delay a department or facilities ability to comply with the policy. The process allowing for this must be defined as well so that it can be noted in any following audit.

3. How scope requirements will be fulfilled: This identifies the who's, what's, when's, where's and how's of the development and maintenance of the program. Requirements detailing responsible positions and measures to ensure compliance, etc.

4. Review & Approval (signatures): Pretty straightforward, but you must identify who must sign off on or approve the policy and under whose authority punitive measures will be enforced.

This is as much of an overview as I can fit into a thousand words or less but covers many of the things I've seen overlooked in most organizations or industries and has hopefully opened a few non-practitioners' eyes to allow them to ensure they're getting good advice from their consultants or program staff.

Garth Tucker, CBCP, CORP
Resilience Professional

Email: garthtuckercbcp@gmail.com
Skype: garthatucker

GarthGarth is a DRI Certified Business Continuity Professional (CBCP), a member of the International Association of Emergency Managers (IAEM), an experienced Disaster Recovery, and Emergency Management planner. His career focus is on the development and management of resiliency programs as well as effective management of crisis events.

The path to his current position began with software development, project and program management, and as an IT technology educator worldwide for IBM in the late 1990s and early 2000s. He transitioned to disaster recovery, business continuity, and crisis management beginning in 2002. Significant formal, and self-education throughout his career has ensured he remains relevant and effective.

Back To Top

iDev Cloud

Sign up now for iDevCloud! You will be able to:

  • Share between multiple developers
  • Get private library and storage
  • Have access to most of the IBM i development tools
  • Have all compilers for IBM i tools available

The Performance is monitored by system managers with adjustments as needed. The system is accessible at anytime from anywhere in the world. Just a computer and an internet connection are needed. Any work done on the system stays on the system until removed by its owner.

Contact Leo Lefebvre at leo@tug.ca to get started.

(*Free startup for TUG members.)

Back To Top

Stay Connected with TUG

The Toronto Users Group is committed to providing you with communications that are timely, relevant, and insightful. Canada's Anti-Spam Legislation (CAS) requires that we receive your permission to continue sending you emails.

You may have already given us your consent. If you haven't done so yet, or if you're not sure, please click on the following link to indicate that you would like to continue receiving electronic communications from TUG.

Consent button

Should you change your mind, you can unsubscribe at any time, by clicking on "manage your subscription" at the bottom of our messages.

Back To Top

<!- ********************************************************************************* -->

The Toronto Users Group for Power Systems (TUG) is a user group/forum for the exchange of ideas, and specializes in providing affordable education relating to the IBM iSeries, AS/400, System i, and Power Systems platforms. TUG is in its 34th year of operation.


TUG is the proud recipient of a 2017/ 2018 Maxava iFoundation grant.

Maxava

Browse our
Articles & Downloads archives
Browse our
TUG Buzz! archives

Browse our
eZine archives

TUG GOLD Members

Lansa 
Mid-Range 
UCG 
Do we have your current e-mail address and other contact information?
Email the TUG office to keep us up-to-date.   

TUG Juggler Copyright 2018 - Toronto Users Group for Power Systems (Power Systems is a trademark of IBM Corporation.) IBM and the IBM logo are trademarks or registered trademarks of International Business Machines Corporation in the United States and are used under license by IBM Canada Ltd. Linux is a registered trademark of Linus Torvalds. Other logos appear in this message for reference purposes only, and are trademarks or registered trademarks of their respective owners.

(Please note that if you forward this email to any third party, they will be able to view your personal data once they click on the link to Manage Your Subscription, unless you remove that line from the message.)

     eNewsletter design by Eclipse Technologies Inc. (www.e-clipse.ca)