Business Continuity Strategies: Protecting Against Unplanned Disasters, 3rd Edition

Book description

Cost-efficient business contingency and continuity planning for a post-9/11 and Katrina world


Disasters can happen. Contingency plans are necessary. But how detailed and expensive do your contingency and continuity plans really need to be?

Employing a thoroughly practical approach, Business Continuity Strategies: Protecting Against Unplanned Disasters, Third Edition provides a proven methodology for implementing a realistic and cost-efficient business contingency program. Kenneth Myers--an internationally recognized contingency planning specialist--shows corporate leaders how to prepare a logical "what if" plan that would enable an organization to retain market share, service customers, and maintain cash flow if a disaster occurs.

Completely updated throughout to reflect lessons learned from 9/11 and hurricanes Katrina and Wilma, Business Continuity Strategies, Third Edition helps cost-conscious senior management:
* Establish a corporate contingency program policy and strategy that ensures timely completion of a plan, with minimal disruption to operations
* Minimize plan development costs
* Understand the importance of conducting briefings to communicate the proper mindset before the program development process begins
* Save time and money by avoiding a consultant's traditional approach of extensive information-gathering that contributes little to the development of practical solutions, but much in the way of consultant fees

Addressing countless hypothetical disaster scenarios doesn't make good business sense. Business Continuity Strategies, Third Edition helps companies focus on what is necessary to survive a natural catastrophe, workplace violence, or a terrorist attack.

Table of contents

  1. Copyright
    1. Dedication
  2. About the Author
  3. Preface
  4. 1. Defining the Problem
    1. Business Continuity Concerns
      1. Telephone Communications
      2. Computer Processing
        1. Operating without Computer Processing Capability
      3. Vital Facilities
      4. Only a Computer Recovery Plan
      5. Current Program May Not Work
    2. Characteristics of a Sound Program
    3. Cost-Reduction Opportunities
      1. How to Contain Program Development Costs
      2. Where to Look for Cost Reductions in an Existing Computer Disaster Recovery Plan
        1. Plan Maintenance
        2. Hot-Site Subscription Fees
        3. Testing
      3. Audit Concerns
        1. Data Center Restoration and Application Recovery
        2. Developing “What If” Interim Processing Strategies
      4. Involving Department Managers
    4. Need for Cost-Effective Solutions
    5. Backup
  5. 2. Workplace Violence
    1. Background
      1. What Is Workplace Violence?
      2. Who Is Vulnerable?
      3. Contributing Factors
    2. Liability
      1. Employer Liability
      2. Security
      3. Workplace Violence Incidents
      4. Three Stages Prior to Workplace Violence
    3. Prevention
      1. Policy and Strategy
      2. Workplace Violence and Boards of Directors
      3. Reducing Exposure to Workplace Violence
      4. What Can Employers Do to Protect Employees?
      5. How Can Employees Protect Themselves?
      6. Warning Signs of Violence
      7. Performance Indicators
      8. Employee Training
      9. Supervisory Training
      10. Alternate Dispute Resolution
      11. Incident Response Team Training
    4. Incident Response
      1. Critical Incident Stress Debriefing
      2. Recommendation
        1. Notes
  6. 3. Final Reports of the Federal Building and Fire Investigation of the World Trade Center Disaster
    1. Introduction
      1. Genesis of This Investigation
      2. November 29, 2005 Report Recommendations
    2. Increased Structural Integrity
      1. Recommendation 1
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 2
        1. Affected Standards and Codes
          1. Affected Standard
          2. Model Building and Fire Codes
        2. Affected Organization
      3. Recommendation 3
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
    3. Enhanced Fire Endurance of Structures
      1. Recommendation 4
        1. Affected Standards and Codes
          1. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 5
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      3. Recommendation 6
        1. Affected Standards and Codes
          1. Model Building and Fire Codes
        2. Affected Organizations
      4. Recommendation 7
        1. Affected Standards and Codes
          1. Model Building and Fire Codes
        2. Affected Organizations
    4. New Methods for Fire-Resistant Design of Structures
      1. Recommendation 8
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 9
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      3. Recommendation 10
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      4. Recommendation 11
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
    5. Improved Active Fire Protection
      1. Recommendation 12
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organization
      2. Recommendation 13
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organization
      3. Recommendation 14
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organization
      4. Recommendation 15
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organization
    6. Improved Building Evacuation
      1. Recommendation 16
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 17
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      3. Recommendation 18
        1. Affected Standards and Codes
          1. Affected Standard
          2. Model Building and Fire Codes
        2. Affected Organization
      4. Recommendation 19
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organization
      5. Recommendation 20
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
    7. Improved Emergency Response
      1. Recommendation 21
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 22
        1. Affected Standards and Codes
          1. Affected Standards:
          2. Model Building and Fire Codes
        2. Affected Organizations
      3. Recommendation 23
        1. Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      4. Recommendation 24
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
    8. Improved Procedures and Practices
      1. Recommendation 25
        1. Affected Standards and Codes
        2. Affected Organizations
      2. Recommendation 26
        1. Affected Standards and Codes
          1. Affected Standards
        2. Affected Organizations
      3. Recommendation 27
        1. Affected Standards and Codes
          1. Model Building and Fire Codes
        2. Affected Organizations
      4. Recommendation 28
        1. Affected Standards and Codes
          1. Affected Standards
            1. Model Building and Fire Codes
        2. Affected Organization
    9. Education and Training
      1. Recommendation 29
        1. Affected Standards and Codes
          1. Affected Standards
          2. Model Building and Fire Codes
        2. Affected Organizations
      2. Recommendation 30
        1. Affected Standards and Codes
          1. Affected Standards
        2. Affected Organizations
    10. Looking Forward
  7. 4. New Contingency Program Paradigm
    1. Background
      1. Strategies versus Plans
      2. Terrorist Incidents
      3. Terrorism, Workplace Violence, and Boards of Directors
    2. Old Paradigm
      1. Organizational Responsibility
      2. Foreign Corrupt Practices Act
      3. Common Mistakes
      4. Computer Oriented
      5. Systemic Problems
        1. Plan Development, Maintenance, and Testing Costs
        2. Computer Hot-Site Costs
    3. New Paradigm
      1. Mind-Set
      2. Organizational Responsibility
      3. Terrorism
      4. Facility Oriented
      5. Workplace Violence
      6. Contingency Program Components
        1. Prevention
        2. Incident Recovery
        3. Interim Processing
    4. Transitioning to the New Paradigm
      1. Organizational Responsibility
      2. Policy and Strategy
      3. Development of Interim Processing Strategies
        1. Loss of Facilities or Production Equipment
        2. Loss of Computer Processing
  8. 5. Developing a Contingency Program
    1. Management’s Responsibility
    2. How Much Market Share Could Cost You?
    3. Protect Against What?
    4. Contingency Planning Requires Specialization
    5. Increased Technology Dependency
    6. Corporate Issue
    7. Contingency Program Phases
      1. Prevention
      2. Incident Recovery
      3. Interim Processing
    8. Discretionary Expense
    9. Project Planning
      1. Policy and Strategy
      2. Limit Scope
        1. Which Types of Disasters?
        2. How Wide an Area?
        3. Individual Business Units
      3. Limit the Time Periods
      4. Surgical Process
      5. Game Plan
        1. Establish a Corporate Contingency Program Policy and Strategy
        2. Select a Program Development Methodology
          1. Benefits of a Good Methodology
          2. What to Look For
          3. A Problem-Solving Process
          4. Prioritization
        3. Communicate Corporate Contingency Program and Strategy
        4. Develop Business Continuity Strategies
      6. Team Concept
        1. Organization Chart
        2. Telephone Directory
        3. Auditors’ Comments
      7. Prototype Programs
    10. Awareness and Education
      1. Business and Environment
      2. Types of Disasters
      3. Potential Impact on Business
        1. Computers
        2. Remote Data Communications
        3. Voice Communications
        4. Vital Facilities
        5. Loss of Efficiency
      4. Program Objectives
        1. Safeguard Assets
        2. Prevention
        3. Organized Response
        4. Business Continuity
        5. Cash Flow, Customer Service, and Market Share
          1. Cash Flow
          2. Customer Service
          3. Market Share
      5. Insurance Considerations
        1. Premium Consequences
        2. What Impacts Insurance Premiums
      6. How Much Detail?
      7. Establishing a Firm Foundation
      8. Key Result Areas
        1. Approval
        2. Flexibility
        3. Maintenance
        4. Cost-Effectiveness
        5. Business Continuity
        6. Organized Response
        7. Responsibility
        8. Testing
      9. Convincing Others
        1. Organizational Needs
        2. Personal Needs
        3. Selling Process
      10. Executive Briefings
        1. Corporate Contingency Program Policy and Strategy
        2. Contingency Program Phases
        3. Prevention
        4. Incident Recovery
        5. Interim Processing
        6. Corporate Concerns
        7. Departmental Issues
    11. Business Impact Analysis
      1. Objective
      2. What Is Really Critical?
        1. A Word of Caution
      3. Awareness and Education
        1. Mind-Set
        2. Education
        3. Cost
      4. Regulatory Agency Reporting Requirements
      5. Window
    12. Selecting a Methodology
      1. Philosophy
        1. Why It Has Worked
      2. Setting the Stage for Success
      3. Program Requirements
        1. Prevention
        2. Recovery
        3. Accountability
        4. Audit
      4. Program Development Steps
      5. Key Tasks
        1. Focus on Essential Business Functions, Not Technology
        2. Protect Ongoing Needs
        3. Emphasize the Low Probability of a Major Disaster
        4. Link Low Probability with the Need for Low-Cost, Simple Solutions
        5. Analyze Alternate Interim Processing Options
      6. Developing “What If” Interim Processing Strategies
        1. Identify Vital Records
        2. Evaluate Proposed Interim Processing Strategies
        3. Finalize Interim Processing Strategies
        4. Obtain Department Managers’ Approval of Interim Processing Strategies
      7. Computer Processing Alternatives
        1. Accounts Payable
        2. Accounts Receivable
        3. Billing
        4. Cost Accounting
        5. Customer Service
        6. Engineering
        7. Fixed Assets
        8. General Ledger
        9. Human Resources
        10. Inventory Management
        11. Material Requirements Planning
        12. Order Processing
        13. Payroll
        14. Production Scheduling
        15. Purchasing
        16. Receiving
        17. Shipping
      8. Documentation
        1. Policy
        2. Strategy
        3. Executive Summary
        4. Prevention
        5. Incident Recovery
        6. Interim Processing Period
        7. Maintenance, Preparedness Reviews, and Testing
      9. Cost Benefits
        1. Lower Program Development Costs
        2. Lower Backup Communications Costs
        3. Minimization/Avoidance of Backup Computer Subscription Fees
        4. Lower Program Maintenance Costs
        5. Lower Testing Costs
      10. Corporate Benefits
        1. Sound Strategy for Program Development
        2. Focus Is on Keeping the Business Running
        3. Auditors Are Supportive
        4. Resolves What Is Critical
    13. Implementation
      1. Tailor Presentations
      2. Role of Senior Management
      3. Role of a Steering Committee
      4. Role of Department Managers
      5. Role of First-Line Supervisors
      6. Role of Outside Specialists
      7. Develop Program with First-Line Supervisors
        1. How Long Can You Do Without?
        2. How Would You Survive?
          1. Suspend
          2. Alternate Methods
          3. Require Redundant Capability
        3. Industry Examples
          1. Banks and Communications Providers
          2. Airlines
          3. Healthcare
          4. Manufacturing
          5. Distribution
          6. Insurance Companies
      8. Obtain Department Managers’ Approval
        1. Present Findings
      9. Noncomputerized Business Functions
        1. Telephones
        2. Buildings
    14. Maintenance and Testing
      1. Objectives
      2. Maintenance
        1. Prevention
        2. Incident Response
        3. Interim Processing
      3. Continuing Education and Preparedness Reviews
        1. Planning
        2. Examination
        3. Education
        4. Feedback
      4. Technology Testing
        1. Planning
        2. Conducting the Test
        3. Feedback Summaries
  9. 6. Guidelines for Developing Contingency Programs at Multiple Locations
    1. Background
    2. Objectives and Scope
    3. I. Organization
      1. Placement of the Contingency Planning Activity
      2. Organizational Functions
    4. II. Standards for Implementation Planning
      1. Methods Standards
        1. Objective
        2. Review of Environment
        3. Preliminary Statement of Objectives
      2. Performance Standards
        1. Objective
        2. Elapsed Time
        3. Effort
    5. III. Standards for Developing Interim Processing Strategies
      1. Methods Standards
        1. Objective
        2. Methodology
      2. Performance Standards
        1. Objective
        2. Elapsed Time
        3. Effort
    6. IV. Documentation Standards
      1. Methods Standards
        1. Objective
        2. Methodology
        3. Prevention
        4. Incident Recovery
        5. “What If” Interim Processing Strategies
      2. Performance Standards
        1. Objective
        2. Elapsed Time
        3. Effort
    7. V. Standards for Ongoing Maintenance and Testing
      1. Methods Standards
        1. Objective
        2. Methodology
      2. Performance Standards
        1. Objectives
        2. Elapsed Time
        3. Effort
  10. 7. Conceptual Business Continuity Strategies for Loss of Computer Operations
    1. Policy and Strategy
      1. Policy
      2. Strategy
    2. Executive Summary
      1. Normal Operations
      2. Emergency Response
      3. Interim Processing
      4. Maintenance and User Continuing Education and Preparedness Reviews
        1. Maintenance
          1. Normal Operations
          2. Emergency Response
          3. Interim Processing
          4. User Continuing Education and Preparedness Reviews
          5. Planning
          6. Examination
        2. Education
        3. Feedback
  11. Glossary

Product information

  • Title: Business Continuity Strategies: Protecting Against Unplanned Disasters, 3rd Edition
  • Author(s): Kenneth N. Myers
  • Release date: September 2006
  • Publisher(s): Wiley
  • ISBN: 9780470040386