2010 July

Standards New Zealand and Australia Publish New Business Continuity Standard

July 8, 2010 By Continuity_Compliance Leave a Comment

The New Zealand and Australia standards groups has made available a new business continuity standard titled – “AS/NZS 5050: 2010 Business Continuity”.

According to Standards Australia:

“The Standard describes the application of the principles, framework and process for risk management, as set out in AS/NZS ISO 31000:2009, to disruption-related risk. Managing such risk effectively will help maintain continuity of an organization’s business . The approach has drawn on, but of necessity goes beyond, many of the concepts that in the past may have been described as ‘business continuity management’ or ‘BCM’.”

The standard can be purchased as a PDF or as a hard copy.

http://standards.co.nz/

http://infostore.saiglobal.com/store2/Details.aspx?ProductID=1409610

If applicable, please pass this information along to those business continuity and risk management team members in your organization, and, share your comments with this website’s business continuity community of readers.

Emergency Management Planning and Business Continuity Planning

July 7, 2010 By Continuity_Compliance Leave a Comment

In a recent article posted by Paul Kirvan and posted on the SearchDisasterRecovery.com website, Mr. Kirvan presents information showing how business continuity professionals can be more actively in emergency management planning activities for their organization.

We hope that by stressing the importance of emergency management planning activities and processes, every organization will be better prepared “to prevent, mitigate, prepare for, respond to, and recover from an incident that threatens life, property, operations or the environment.” (…as quoted from the definition of emergency management by the National Fire Protection Association No. 1600 (NFPA1600).

Our staff believes the information presented in this posting qualifies to be part of the required reading for those emergency management planners as well as those business continuity, disaster recovery and emergency response team members in any organization.

Click here to read the full article.

Filed Under: Business Continuity Info Tagged With: business continuity planners, disaster recovery, emergency management planners, emergency management process, emergency response, incident, National Fire Protection Association, NFPA 1600

Human Aspects Key to Business Continuity Program Success

July 6, 2010 By Continuity_Compliance Leave a Comment

One of our often referenced business continuity management (BCM) websites is that of Continuity Central and today our staff would like to point the attention of our readers to a recent posting on that website dealing with the human aspects of business continuity management. The BCM information presented comes from a report generated from a recent Business Continuity Institute (BSI) workshop and best of all it is offered free of charge.

The report details the following six (6) presentations from that workshop:

Why Plan for People?

So What is “Duty of Care”?

People in BS25999

Managing and Motivating during Recovery

Psychological Impacts of Disruption

Case Study – Bringing It All Together

…along with the following three (3) discussion exercises:

BCM and HR – Working Together

People Issues as Drivers for BCM

Top Tips for Recovery Planning

We hope you find this information valuable and useful in the support of your own organization’s business continuity program efforts. And, we ask that you please pass this along to those BC, risk management, disaster recovery and emergency response specialists and team members in your organization.

Click here to download and read the full report.

Filed Under: Business Continuity Info Tagged With: BCM, BSI, Business Continuity, Business Continuity Institute, business continuity management, business continuity program, disaster recovery, emergency response, risk management

GAO Continues to Express Ongoing Cyber Security Concerns

July 5, 2010 By Continuity_Compliance Leave a Comment

Many postings about information security associated with Cloud computing decisions have indicated that the jury is still out regarding a final decision of how secure the cloud really is – now more than ever, it is very important to take the time to review, evaluate, and test those organization specific components of a cloud decision making process before you make a final decision.

Compliance and regulatory requirements along with having information security controls in place before you make a final decision are just a few of the elements to consider in that decision process.

It is with this in mind, that we point your direction to a recent article written by Grant Gross and posted on the Computerworld website. In this article, you may see concerns about cloud computing or cybersecurity mentioned and summarized from a recent U.S. Government Accountability Office (GAO) report that match risk managment issues over cloud computing expressed in your own organization.

It is also likely that your organization and our own U.S. government are both being driven by similar anticipated cost reductions coming from a move to a cloud computing environment.

Our staff believes that those similarities for both benefits and risks may have some relevancy in all organizational cloud computing decisions, and, should be passed on to information security and risk management team members in your organization.

Click here to read the full article, and let us know your thoughts and comments.

Is your organization at the same point of review regarding a cloud computing decision?

After reading this article, have you learned more of what to do or what not to do in order to make a best case decision for moving your organization to the cloud?

Filed Under: Cybersecurity, Information Security Tagged With: cloud computing, cyber security, cybersecurity, Information Security, information security controls, risk management

Best Practices Offered for Private Cloud Computing

July 3, 2010 By Continuity_Compliance Leave a Comment

In a recent article written by Features Writer Laura Smith, and posted on the SearchCIO website, some developing best practices for the utilization of private cloud computing are presented and offered to our readers.

That list of best practices starts with three actions – (1) assess, (2) deploy and (3) analyze — and ends with the following two recommendations — (4) creating reusable code and (5) stressing not to forget to charge back those reported metered services provided by private cloud computing providers.

Click here to read Laura Smith’s entire article.

Many of our past postings on this website have focused on the cloud and cybersecurity issues, and, as a result, have initiated readers inputs regarding ongoing concerns about information security and privacy. Our staff hopes that the information provided by Laura Smith’s article will offer more perspective 0f and input to the decision making process regarding this current and controversial topic.

If applicable, please pass this information along to those business continuity and risk managers and management team members in your organization.

Filed Under: Cybersecurity, Information Security Tagged With: best practices, Business Continuity, cloud computing, cybersecurity, Information Security, information security risk managers, Laura Smith, private cloud computing, risk management

Emergency Management Planning and Business Continuity Planning

Human Aspects Key to Business Continuity Program Success

Security Updates

Twitter Positions “Play Down Strategy” for Most Recent Privacy Breach

Security Central Exchange Launched to Bring Security Minded People Together to Improve Their Security Posture

COBIT 5 Governance and Enterprise IT Framework Released by ISACA