Once we have achieved a goal of a completed Functional exercise, or at least a TTE, we should have a significant amount of actionable data on the performance of the Resilience Program and we have verified data to provide for auditing purposes, then we can begin the process over again. resilience is not a "one off" process, it's a living, breathing function that must be monitored and kept in tip-top shape, this includes staff who have key functions in the response. It will drive updates to the RA, the BIA and communication processes and these updates reset the clock on our exercise program. For an excellent deep dive into how to manage data extracted from your program, refer to Martin Gierczak's 4-part essay
It is important to your program, that during the exercise/test processes, you establish and test your Crisis Communications (Professional Practice 9 for those of you keeping score.) Communications, both internal and external, with stakeholders, including senior management, prior to, during, and following an exercise/test - i.e. scope, objectives, results, etc. Those following closely will have noticed that I have not mentioned IT Disaster Recovery (DR) tests, Life-safety or other such Emergency Management type tests. These are very important to the resilience program and the developer(s) of the various exercises should endeavor to include the folks responsible for those areas in the planning and conducting of exercises to ensure you're all – yes, I was very tempted to use y'all - are singing from the same hymnbook. This will allow any "hooks" that must be included in your response/recovery processes to be identified and mitigated before it bites you on the big toe in a real crisis. I mentioned previously that exercises are the most overlooked part of any resilience program, well, the most overlooked type of exercise is the return to business as usual and/or return to building. Not unexpectedly, but this is also the least developed plan/process within many programs, but it's something I've identified in gap analyses time and time again across all industries. It's as if everyone has a mental block about the crisis (party?) ending. As a closing pointy stick in the eye to many organizations, the most often heard takeaway from almost every exercise I've been involved with has been, "Communications were an issue." I'll bet most of you have heard that takeaway after many exercises within organizations as well. Not sure why this is, but may be related to the fact that many practitioners don't deal with the communications folks as a separate business unit, but see them more as a partner in the program development process and consequently they don't get the benefit of a complete RA, BIA and fully developed BRPs. Whatever the reason, stop being one of my bad jokes during program and exercise development. As always, thanks to those who peer reviewed and offered input and edits to help me appear smarter than I am. Garth Tucker, CBCP, CORP Email: garthtuckercbcp@gmail.com Garth is the Principal of Green Apple Resilience Planning (greenapplebcp.com), a member of the DRI Canada (dri.ca) Board of Directors, and a Certified Business Continuity Professional (CBCP). His career focus is on the development and management of holistic resiliency programs as well as effective management of crisis events. The path to his current position began with software development, project and program management, and as an IT technology educator worldwide for IBM in the late 1990s and early 2000s. He transitioned to disaster recovery, business continuity, and crisis management beginning in 2002. Significant formal, and self-education throughout his career has ensured he remains relevant and effective.
Stay Connected with TUGThe Toronto Users Group is committed to providing you with communications that are timely, relevant, and insightful. Canada's Anti-Spam Legislation (CAS) requires that we receive your permission to continue sending you emails. You may have already given us your consent. If you haven't done so yet, or if you're not sure, please click on the following link to indicate that you would like to continue receiving electronic communications from TUG. Should you change your mind, you can unsubscribe at any time, by clicking on "manage your subscription" at the bottom of our messages. The Toronto Users Group for Power Systems (TUG) is a user group/forum for the exchange of ideas, and specializes in providing affordable education relating to the IBM iSeries, AS/400, System i, and Power Systems platforms. TUG is in its 34th year of operation. Browse our
|
|
|||||||||||||||||||||||||||
Do we have your current e-mail address and other contact information?
Email the TUG office to keep us up-to-date. Copyright 2019 - Toronto Users Group for Power Systems (Power Systems is a trademark of IBM Corporation.) IBM and the IBM logo are trademarks or registered trademarks of International Business Machines Corporation in the United States and are used under license by IBM Canada Ltd. Linux is a registered trademark of Linus Torvalds. Other logos appear in this message for reference purposes only, and are trademarks or registered trademarks of their respective owners. (Please note that if you forward this email to any third party, they will be able to view your personal data once they click on the link to Manage Your Subscription, unless you remove that line from the message.) eNewsletter design by Eclipse Technologies Inc. (www.e-clipse.ca) |