by Scott Owens, PMP, CBCP on March 13th, 2015

Recently I had the pleasure of writing a short article for the BCEye to celebrate Business Continuity Awareness Week 2015.  Please enjoy my post on this year's BCAW central theme: testing your plans: ​http://owl.li/J2jFA.

by Scott Owens, PMP, CBCP on September 18th, 2014

Looking for a fun activity to do with your family that will really make you scratch your head?  Take the 5 Minute Preparedness Challenge.  

Here is how it works.  Gather your family around the dining table and explain the scenario in which the fire department has just knocked on your door at 2:00am and due to a wildfire getting close to your neighborhood, you have 5 minutes to pack up and leave your home for what could likely be several days to one week or more.  Take whatever you can but you must be gone in 5 minutes.  

Give each person a blank sheet and ask them to spend the next 5 minutes writing down items that they would take. 5 minutes can be a lifetime ... or not.  Then have each person share their list to see if you are ready.  Not everyone will enjoy this exercise but it will help make you more prepared for a real event. 

Here are some common items that people forget:
  • Car keys
  • Toothbrush
  • Contact lens cleaning kit
  • Bible; religious texts
  • Laptop
  • Family photos
  • Jewelry
  • Credit cards, ATM card, checkbook
  • Cell phone charger
  • Bottled water & snacks
  • Pets & food
Let me know how your exercise went and what key items you were happy to have with you.  

Next Step: Formalize your list and keep it in a handy place.

Image courtesy of FreeDigitalPhotos.net

by Scott Owens, PMP, CBCP on March 21st, 2014

Please see our BluTinuity listing in the 16th Edition of the Disaster Resource Guide, a premier publication providing education and experience in the business continuity, disaster recovery and response, and resiliency arena for 25 years.  

by Scott Owens, PMP, CBCP on February 16th, 2014

Business Continuity is one of the most important organizational disciplines that can be implemented in a business.  It essentially prescribes an approach for understanding and managing business risk, and an approach to the preparation for and management of a variety of incidents that actively threaten the ongoing operations of the business.  Business Continuity is concerned with people, facility assets, and technology, and the strategic interrelationships between them.  It is about the ability of a business to respond to a crisis in such a way as to minimize the damage and impact of a disaster. 
 
With this in mind, it would seem that everyone would have an interest in business continuity.  And in a few weeks, there is a wonderful occasion to share the virtues of business continuity with others.
 
Business Continuity Awareness Week is only one month away (March 17-21, 2014).  This exciting week is sponsored by the Business Continuity Institute, and provides a great opportunity for you to bring attention to your company’s Business Continuity Management or Disaster Recovery Programs.  I would like to encourage you to plan for some level of awareness activities.  Some companies will coordinate training seminars, concentrate on updating their business continuity plans, or facilitate disaster drills with this event, but simpler forms of awareness like newsletter articles or intranet blogs are also impactful.
 
Here are some ideas for you to consider over the next month to generate awareness for Business Continuity Awareness Week:

  • In your regular team meetings, share pieces of your business continuity plan with employees
  • Hold a building evacuation drill
  • Practice executing the call trees or emergency notification system
  • Perform a paper-based walkthrough (tabletop exercise) of your plans using a realistic scenario
  • Invite local law enforcement to present a safety topic to an upcoming meeting
  • Update your disaster recovery team assignments
  • Verify your data backups are working properly
  • Design a wallet card to hand out to staff with critical information
  • Share this 4 minute video on the importance of business continuity: Business Continuity Management: The Time is Now  

Please take the time to share on this blog what you are planning to do to help your organization become more ready to handle a disaster. 


by Scott Owens, PMP, CBCP on January 10th, 2014

As the New Year rings in, please consider a few technology predictions for 2014.
 
Cyber security breaches will be commonplace.  What do Target, Instagram, Gmail, Adobe, Twitter, Facebook, and LinkedIn have in common?  They all suffered security breaches in the past few years in which millions of user accounts or nd/or financial record data was stolen and misused.  Healthcare organizations, financial institutions, and government agency systems were compromised.  According to a recent survey by the Ponemon Institute, an estimated 8,000 unencrypted corporate laptops are stolen each week in the United States.  Many organizations do a poor job of protecting against these kinds of events, and they all have a huge cost.  Expect this trend of security breaches to continue even though companies will invest heavily in security. 
 
Your smart phone will become more important than your laptop, and will be able to control most electronic devices in your home and office.  Already an active player in controlling your cable/DVR box, Blu-ray device, SmartTV, Netflix, or Google Chromecast, the smart phone is quickly becoming the technology that will control your world.  Integrated home security?  Nanny-cam?  Control the thermostat?  Turn off the lights? Close the garage door?  Check.  Already here.  Washers, dryers, refrigerators, water filtration systems?  Available.  Coffee machines are on the horizon.  Bill Gates once envisioned a smart house with incredible technology, but people didn’t want just the automation.  What we really want is to control it ourselves with our personal smart phones.  Expect more home appliances to be Wi-Fi enabled to bring convenience into your hands.
 
Wearable technology will start to become mainstream.  Or at least not weird.  Nike Fit and other similar technologies that connect a sensor in a wristband, chip, or device to your smart phone app for physical fitness or health reasons is already big business.  The new Samsung Galaxy watches seem to be brining spy gadget technology into the forefront.  And 2014 may be the year that Google Glass hits big time with healthcare or professional applications.  So while imagining someone wearing all this technology may seem like an episode of Star Trek, it is here to stay. 
 
What are your technology predictions for 2014? 

by Scott Owens, PMP, CBCP on July 31st, 2013

Executives always find that business continuity and disaster planning is important.  Sometimes this revelation isn’t immediate.  Sometimes it takes years.  Sometimes there is quite a journey to get there.  But they always get there.
 
Essentially, there are three paths that lead to this epiphany.  The first path is through a disaster.  The organization suffers some devastating event that has a huge impact on the company, its people, assets, finances, or reputation.  Maybe this is a natural disaster such as a tornado or flooding.  Or it could be a significant hardware or software crash in which an application is unavailable for days, and data has been lost forever.  Perhaps through employee fraud, hundreds of thousands of dollars are embezzled.  In the wake of these disasters, executives often look back asking, “How could I have prevented this?”  And then they arrive – that business continuity project at the bottom of the list really was important after all. 
 
Don’t be this executive.
 
The second path to recognition is through regulatory compliance.  Many industries flat out require disaster planning as part of the compliance requirements from government regulation.  This list includes healthcare, banking & financial services, insurance, utilities, and some government sectors.  Often a government audit that goes poorly can result in large fines and penalties.  Quick show of hands – who wants to be on a government watch list for periodic review of regulatory non-compliance?   I realize that in today’s economy, companies are lean and budgets are tight, which might mean that some of these compliance initiatives have a lesser priority.  But not addressing compliance is risky, and the long term odds are not in your favor.
 
 This executive will get to the same conclusion as the first, but perhaps in a less painful way.
 
The last type of executive is a risk focused leader that sees business continuity for what it is – a strategy to protect the business and its people.  These executives believe that having a current disaster plan is important because disruptions to the business are costly in many facets.  They understand their own risk profile and invest in policies, programs, systems and people that increase the resiliency of their organizations.  They realize that proactive fire drills and testing of their emergency plans show a commitment to employees’ safety.  They realize that business continuity can be a revenue driver as well. 
 
This executive’s journey to the recognition of business continuity’s importance is complete. 
 
So where are you on this journey?

Photo courtesy of Elizabeth Owens

by Scott Owens, PMP, CBCP on March 26th, 2013

I was recently interviewed as a disaster planning expert in Rural Lifestyle magazine. Please review Lynn Woolf's blog in the March/April Issue by clicking the link below:

Be Storm Ready

by Scott Owens, PMP, CBCP on February 12th, 2013

Patrick Lencioni is one of my favorite authors and management advisors, primarily for his no-nonsense style of organizational leadership.  He wrote a book in 2004 that became an instant classic in business circles, called Death by Meeting.  In this leadership fable, Lencioni addresses the question of why so many people would rather stick their finger in a rotating fan than go to some team meetings.  One of the critical elements to keep participants on their toes is conflict.  Meetings become more interesting if you expect tough discussion on issues that really matter. 
 
So what does conflict have to do with the execution of disaster drills?  Everything!  The goals of a disaster drill are to test your business continuity and disaster recovery plans, but also to test your team’s ability to handle difficult situations and manage through a crisis.  Conflict enhances stress and creates more realistic simulations.  It encourages people to take sides.  It makes the team sweat.  And it will result in an exercise that is remembered long after its completion.
 
My personal philosophy on designing and facilitating drills for organizations is to introduce a significant amount of conflict into the scenario to force the team to work through key decisions. 
 
Below are some ways that you can create conflict in your business continuity and disaster drills:
  • Simulate the sudden absence of a key leader to see how other members of the team manage the scenario
  • Introduce personal conflict such as a family crisis simultaneously with a team member’s work responsibility, forcing them to choose and delegate
  • Include regulatory compliance deadlines with surprise calls from real government agencies
  • Incorporate creepy details, such as simulating a stalker scenario for a particular team member
If you inject intentional conflict into your next disaster drill, your team will enjoy it and will learn more in the process. 

Image courtesy of FreeDigitalPhotos.net

by Scott Owens, PMP, CBCP on January 11th, 2013

Imagine being the coach of a great team with high expectations for winning the championship.  You are a world class leader and have surrounded yourself with brilliant assistants – each well known in their respective disciplines.  Weeks before the big game, you and your assistant coaches pour over film of the opponent, study their strengths and weaknesses, and meticulously design a powerful game plan based on technical and artistic analysis.  The plan is great and everyone agrees that it will set the groundwork for a huge victory.  Each player on the team receives a full color, spiral bound version of the game plan. 
 
Between this time and the big game, there is much to do, and with the media days, budget meetings, and sponsor obligations, you never get around to getting the players out to the practice field to run through the new playbook. 
 
On the day of the championship game, everyone seems calm and confident.  After all, everyone has a copy of the most magnificent plan they have ever seen.   Some of the players have read the chapters that contain the insights to their position, but most assumed that it would be common sense, and since they were experienced athletes they could do what was necessary to win.  
 
As the game starts, you see a few good moves, but not exactly matching the way the plan was designed, and very little communication.  By the end of the first half, chaos has set in.  Frustration at team members is obvious and key milestones have been missed.  Since the game plan was not being followed by the team, it has forced the coach to shift formations and player positions on the fly, and to make decisions without having timely information.  Ultimately you have trouble matching up to the challenge and end up losing the game. 
 
I realize that a world class coach would not take this approach because he or she knows that the secret to success on game day is proper training.  The game plan is part of a successful outcome, but unless everyone on the team understands their role and respective responsibility, there will be chaos.  And when the game is on the line, every moment and decision counts.  Bad or delayed decisions can result in failure.
 
So it is with business continuity and disaster recovery planning.  Many organizations have built elaborate, technical, and process-centric plans to help them mitigate risk and manage through a crisis.  But if the plan has never been tested, or if key individuals aren’t familiar with the details, there is a strong likelihood that the plan won’t work the way it was intended. 
 
As a business continuity professional, I have facilitated dozens of disaster drills for clients large and small across many industries, and there is one constant in all of them – the team always learned something that resulted in revisions to the plan.  It might be as simple as modifying phone numbers in your contact list, but it could be significant, such as realizing that a crucial vendor cannot meet your requirement and has to default on a contract.  What a surprise that would be in the wake of a building fire. 
 
The bottom line is that if you haven’t tested your business continuity or disaster recovery plan, you aren’t ready to manage through a disaster.

Image courtesy of FreeDigitalPhotos.net

by Scott Owens, PMP, CBCP on August 1st, 2012

I am proud to announce that BluTinuity LLC is celebrating our first anniversary on August 1, 2012. I owe a special thank you to my family, friends, mentors, colleagues, advisors, business partners, and clients for helping to make this a fabulous year.


◀ Older Posts