 |
 |
 |
 |
 |
 |
|
|
||||||
|
|||||||
Assessing Risk "A Risk Manager's Quick Guide to the Web" B. Coffin, M. O'Rourke & L. Sullivan. (RM, Vol 50, 10, p. 26) Beyond wasted hours, the online world has a lot to offer if you know where to go. RM offers its suggestions for key information and services for searching, research, data, rules, regulations, news, insight from other professionals, interaction and everyday tools, specifically for risk managers. "Assuming The Probability Of Recovery" H. Kalt. (DRJ, Vol 16, 1, p. 79) There are many types of risks that an organization faces. They can be financial, regulatory, competitive, or physical to name a few. The purpose of this article is to put forward a model to quantify and manage the risk associated with recovery. "Buildings with Bull's-Eyes: Assessing the Risk and Vulnerability of 'Soft' Target Facilities" S. Watson. (CPM, Vol 8, 5, p. 32) Business complexes are among a variety of 'soft' targets for terrorism and other outlandish criminal acts. And while it's been two years since the September 11 attacks, facility security remains a hotbutton issue. "Enterprise Risk Management at Wal-Mart" W. Atkinson. (RM, Vol 50, 12, p.36) Michael Tush and Craig Faris use a five-step process-risk identification, risk mitigation, action planning, performance metrics and shareholder value/return on investment- to create an ERM system for the world's largest retailer. "Ethics and Compliance at Honda of America" B. Coffin. (RM, Vol 50, 12, p.12) In an age of corporate scandal, investor skepticism and D&O lawsuits, risk managers are looking for a way just to keep their companies honest. At Honda of America, the simple but effective philosophy of doing the right thing has been a very successful strategy. "Flaming Car In Lobby Tests Hospital Plans, Employees" T. Huser. (DRJ, Vol 16, 1, p. 60) St. Vincent Hospital in Indianapolis quickly discovered what looks good on paper does not always translate to a good plan when placed into practice. "How Much Is Enough?" T. Pisselo. (DRJ, Vol 16, 1, p. 30) Disaster recovery spending is insurance against the risks of user downtime, data loss, and business interruption. Although every organization knows they need disaster recovery, deciding how much to spend is the issue. "The Iceberg Theorem" G. Jacobsen. (DRJ, Vol 16, 4, p. 34) This work tends to engender a lot of sarcastic commentary among its practitioners, so one can easily understand coming to the conclusion that, "Anything that can go wrong, will go wrong." "Identifying Points of Vulnerability" J. Montella & J. Simmons. (CI, Vol 1, 4, p. 56) Overlooking or underestimating any vulnerability can cost your company millions. "The Inferno of Mbarara Central Market" C. Tushabomwe-Kazooba. (DRJ, Vol 16, 2, p. 61) The Mbarara Central Market fire served as a reminder that all companies and individuals should have a contingency plan. "The Key To Protecting Your Vital Assets On The Road" K. Baker. (DRJ, Vol 16, 1, p. 50) Employees are organizations' most vital assets, so when these same employees travel abroad carrying laptops and carry-ons brimming corporate information, a company is risking the two core foundations of its competitive advantage. "Monitoring Privacy" S. Avery, M. Greisiger. (RM, Vol 50, 9, p. 32) The management of personal information has become an ever more sensitive area with the advancement in database functionality and information collection methods on the Internet. To best control the risks of this area, risk managers must be included on the team of professionals that oversee the creation and enforcement of privacy policies. "Organizational Alignment" A. Spanyi. (CPM, Vol 8, 2, p. 38) Better assess risk by understanding business processes and corporate interdependencies. "Reducing Employment Practices Liability" J. Jarret. (RM, Vol 50, 9, p. 20) By shaping their organization's employment practices to be more carefully attuned to EEOC and state regulations and building insurance coverage to protect against potential lapses, risk managers are taking a two-pronged approach to tackle the EPL problem. "Trade Wins Gather Momentum" B. Gilbride. (SEC, Vol 47, 12, p. 49) Cooperation on security initiatives involving cargo shipped between the United States and Canada is helping to improve safeguards against terrorism. "Understanding and Communicating Risk Assessment" H. Kalt. (DRJ, Vol 16, 3, p. 70) Thorough and detailed, you have lots of valuable information. What does it all mean? "Vendors Provide Inside Look Into Power Outages" B. Wilson, P. Corcoran, & J. Eckles. (DRJ, Vol 16, 4, p. 24) When a disaster occurs that has wide-spread affect on a large number of businesses like the recent blackout, one way to judge the impact is to view the number of declarations industry service providers received. Building the Plan "A Healthy Business Continuity Plan: The Role of BCP in the Healthcare Industry" J. Lewis. (DRJ, Vol 16, 4, p. 63) At the heart of every hospital is the basic desire to care for the sick and injured who walk through the door. To do this, every hospital must be prepared to assist the public regardless of the circumstances. "A New Look At Planning For Disasters" J. Jackson & D. Dec. (DRJ, Vol 16, 1, p. 70) Using Chicago as an example, a terrorist event in the downtown financial district would have a wide-reaching impact on a number of firms, even though the target might have only been one organization or building. "Aligning Business Continuity Planning with Revenue Sources" M. Morganti. (CI, Vol 1, 3, p. 35) Protecting the value created by an organization's top revenue sources and its ability to profitably compete in the marketplace is key to making any disruption transparent to your customers. "AT&T: Building Disaster Recovery from the Top Down" C. Salerno. (CI, Vol 1, 4, p. 16) Business continuity planning is exactly the level of strategic planning that a board should bring up to management. "Audit's Role In The Continuity Process" T. Krichner & D. Ziegenfuss. (DRJ, Vol 16, 2, p. 56) Internal auditing and business continuity planning are two key functions in the successful risk management program of an organization. This article outlines the current and historical relationships between the two functions. "BC Culture Shock" D. Smith. (CPM, Vol 8, 2, p. 40) Dr. David Smith, FBCI, editor of the BCI Good Practice Guidelines, calls for organizations to rethink their preparedness strategies in this the first of a two-part series on Business Continuity Management. "Before Hiring a Consultant, Look Out Your Window" A. Brunacini. (HFR, Vol 1, 3, p. 6) "Business Continuity Begins With the Customer" J. Stagl. (CI, Vol 1, 1, p. 38) Consumers and investors are critical revenue sources for the company, making them key to your strategic business continuity plan. "Checklist: BCP for Human Resources Management" G. Nixon. (CPM, Vol 8, 1, p. 28) Business continuity is a growing concern at every level of an organization, including HR, where personnel directors and organizational leaders need to be prepared for crisis and recovery. "Crisis Management Planning for Corporate America -- Post-9/11" G. Sikich. (CI, Vol 1, 3, p. 45) Business continuity must be a way of doing business, not an adjunct to the business of the organization. "Defense of the Corporate Realm" P. Duffy. (CI, Vol 1, 1, p. 57) Identifying major operational risks; developing corporate crisis and continuity strategies; and creating a crisis management organization are key components to preparing, surviving and defending your company in times of crisis. "Developing Continuity In Government Planning" S. Davis. (DRJ, Vol 16, 2, p. 16) Government organizations should develop continuity of operations (COOP) and continuity of government (COG) plans as part of a comprehensive emergency management program using a comprehensive planning process based on federal guidance and best practices in emergency management and continuity planning. "Diversity in a Business Continuity World" P. Castellano. (DRJ, Vol 16, 4, p. 46) Webster defines diversity as "to differ from one another, to vary." Diversification in my way of thinking should also be synonymous with business continuity. "Effective and Efficient Disaster Recovery Planning" J. Myers. (DRJ, Vol 16, 4, p. 69) To help mitigate business risk and ensure technology functions operate during and after a declared business disaster, every business should have an effective and efficient disaster recovery plan. "Effective Crisis Management" G. Trest & C.H. Guernsey. (TFM, Vol 15, 2, p. 26) Devising a plan and compiling a team can help keep things in line in the event of an emergency. "Ensuring Business Continuity If Disaster Strikes" B. Institute. (TFM, Vol 15, 6, p. 20) BOMI explores the omnipresent issue of disaster recovery. Strategies, preparations, and plans are discussed in this piece. "Essential Ingredients of a BC Plan" P. Kirvan. (CPM, Vol 8, 3, p. 16) A foundation for building a plan. "Is Your BC Plan Adequately Developed, Tested and Maintained?" B. Brewer. (CI, Vol 1, 3, p. 62) Management must consider all aspects of business continuity planning (BCP) when drafting and implementing a BC plan, especially when the business is heavily dependent on IT infrastructure. "Key Considerations For Proactive Planning: How to Mitigate the Effects of Disaster Prior to an Event" B. Miano. (DRJ, Vol 16, 4, p. 30) The recent power outage in the Northeast and Canada brought it home once again; disaster recovery and business continuity planning are basic realities that businesses large and small need to address in order to maintain operations before, during, and after a catastrophic event. "The Linchpin to Successful Business Continuity Planning" J. Barnes. (DRJ, Vol 16, 4, p. 42) After assembling the senior staff, the CEO tries to navigate a path to getting the organization productive again. But over and over, the CEO is met with, "We can't in touch with Charles," or "Our broker wants us to commit to a five-year lease before he'll even talk to us." "MBIA Pioneers Emergency Web Site" J. Westerfield. (DRJ, Vol 16, 2, p. 64) According to Gartner, no prototype for such a Web site existed. IT would have to identify all of the functionality they wanted in the emergency site and have it built from scratch. "Missing A Step: The Enterprise Guide to Communications-Enabled Business Continuity" B. Levitan. (DRJ, Vol 16, 2, p. 76) The most common oversight in the enterprise business continuity equation is the absence of effective, time-sensitive communications in the case of any natural, technical or man-made disruption. "Mission-Critical Strategies for Business and Government: A Vision for Change in the Business Continuity Field" P. Kirvan. (CPM, Vol 8, 5, p. 22) For the remainder of 2003, CPM will be running an ongoing special focus called Global Assurance. The section will focus on a new way of thinking about business continuity--one that draws on best practices from the fields of physical and information security and emergency management to provide a more effective method for ensuring the ongoing operations of business and government. The following is the first installment of this offering. "Mitigating Risk through Outsourcing" J. Langendorff & B. Gaudreau. (CI, Vol 1, 4, p. 52) Outsourcing office space and HR functions are two strategies to promote business continuity in the face of a disaster. "Part Four of a Four-Part Series: Funding the Plan" J. Stagl. (CI, Vol 1, 4, p. 62) Failure to review the plan together with its funding can result in an unfunded or inadequately funded strategy. "Planning for Individual Organizations: While Operating In A World of Outsourcers, Information Processors, Suppliers, Brokers and Many More" J. Covert. (DRJ, Vol 16, 4, p. 66) In the networked world we live in, a critical external organization can have a devastating impact if it fails to perform. It is wise for continuity planners to reevaluate their risk evaluations in light of this understanding. "Preparing Business for Bio-Chemical Attacks: The Necessity of Private-Sector Planning" M. Migliore. (CPM, Vol 8, 4, p. 48) In the April issue of CPM, a degreed chemist that worked on the USEPA Region 3 response effort at the Capitol Hill anthrax sweep presented some technical detail on the process for biotechnical detail on the process for biological agent decontamination. As a supplement to that article, CPM now takes a look at bio-chemical preparedness in the business community. "Preparing for the Worst: A Best Practices Guide to Disaster Recovey Planning" G. Bounds. (CPM, Vol 8, 3, p. 30) Business leaders across the country are revisiting and reevaluating their readiness level to handle natural disasters, terrorist attacks, facility outages, and other potential threats to business continuity. "Protecting Business Value by Elevating the Need for BCP" M. Morganti. (CI, Vol 1, 1, p. 50) Financial executives and risk managers must collaborate to find new solutions to help minimize their companies' risk exposure. "Reconsidering Corporate Security" E. Evangelista. (CPM, Vol 8, 2, p. 30) As the list of potential threats facing business operations today continues to grow, top companies are revamping their corporate security strategies. "RPO and RTO Redefined For the Decision Maker" B. Rider. (CI, Vol 1, 1, p. 40) Management's understanding of the impact of an interruption to business processes and its commitment to making Recovery Point Objectives and Recovery Time Objectives part of the corporate mission statement and core values will help drive the direction of business continuity within their organization. "Stockpiling Emergency Rations: Don’t Forget Those With Special Requirements" J. Glenn. (DRJ, Vol 16, 4, p. 71) Maintaining emergency food supplies is often outside the realm of a business continuity plan, but for some organizations, having a food cache is a critical concern. "Terrorism and Business: Rudy Giuliani on Business Continuity" K. Miller. (CI, Vol 1, 1, p. 46) Keep planning and preparing -- even if you miss the nature of the emergency that you are going to face, the more you prepare yourself and your organization to deal with the worst that can happen, the more efficient you are going to become to deal with everything. "Tough Times Call for Smart Plans: Anticipating Change, Disruption, and the Unexpected" J. Glassford. (CPM, Vol 8, 5, p. 36) Using traditional military intelligence models, businesses in the U.S. can better combat the threat of terrorism and other potential disruptions. "When A Plan Comes Together: Using CAFM For Facility Business Continuity Planning (FBCP) In Government Facilities" C. Rickard-Brideau. (TFM, Vol 15, 8, p. 50) Facility professionals use CAFM for business continuity planning in government facilities. Case Studies "Policies move toward protection" C. McColm. (SEC, Vol 47, 12, p. 42) One Canadian company shares the challenges it faced in meeting new trade security standards. "Power to the people" D. Scalingi M. Morrison. (SEC, Vol 47, 12, p. 93) Learn how an innovative partnership for regional infrastructure security has made the U.S. Northwest better prepared for disaster. "Schooled in the ways of protection" M. Rimpel. (SEC, Vol 47, 10, p. 90) The United Nations International School tells how it upgraded access controls, mailroom procedures, emergency planning, and staff training. Executive "Executive Outlooks" R. Management. (RM, Vol 50, 9, p. 26) Elite senior executives Steve Forbes, Joseph Neubauer, Craig Mulhauser, Leslie Biller and Rupert Murdoch share their insights into the economy, executive scandals, corporate reorganizations and mergeres and acquisitions from the Milken Institute's Sixth Annual Golbal Conference, revealing that top-level perspectives have a lot in common with risk manager's concerns. "Executives under Scrutiny: The Changing D&O Landscape" S. Terzich. (RM, Vol 50, 9, p. 10) More directors' and officers' lawsuits are being filed each year, and although heightened attention to executive behavior can help alleviate this liability, being aware of what is and is not available in the insurance marketplace is an equally important risk management method. Despite tightening policy language, comprehensive coverage is possible for premiums that may not be as high as you think. Industry Specific Issues "A Season of Fury" D. Leben. (DRJ, Vol 16, 3, p. 16) This May, a prime time for tornadoes in the Midwest, we saw an unprecedented amount of storm activity that struck at the heart of municipal infrastructure across the Plains states and into the South. More than 50 lives--and millions of dollars worht of property--were lost in Kansas, Missouri and Oklahoma alone. "Business Continuity -- Is This a Profession?" D. Weldon& B. Hamilton. (CPM, Vol 8, 3, p. 26) Those of us who make our livings providing business continuity planning services to our customers as consultants, or to our employers as employees, certainly know we provide a valuable set of professional services. "Business Continuity -- Is This a Profession?" D. Weldon& B. Hamilton. (CPM, Vol 8, 4, p. 24) "Business Continuity--Is This a Profession?" D. Weldon, J. Varney & B. Hamilton. (CPM, Vol 8, 5, p. 40) In order to move up the evolutionary scale as a profession, business continuity must reassert its value in an increasingly technology-centric world--an effort that will require strong leadership from the government sector. "Contingency Planning and the HIPAA Security Rule" A. Cardona. (DRJ, Vol 16, 3, p. 40) The latest rule published under HIPAA became law on April 21, 2003. "Crisis Management Roundtable" (RM, Vol 50, 5, p. 22) Four risk management professionals from diverse industries discuss how crisis management has changed, how organizations are coping with increased needs and smaller budgets and how the search for catastrophic insurance protection is proceeding. "Negligent Failure to Plan: The Next Liability Frontier?" B. Blythe & T. Stivarius. (CPM, Vol 8, 5, p. 50) Business continuity planning and crisis management may no longer be a matter of good business practice, but rather regulated processes that carry with them heavy legal ramifications. "New Business Continuity Realities" J. Zannos. (DRJ, Vol 16, 3, p. 54) The demand of business continuity and recovery solutions has never been higher. "News Analysis: Wall Street Wins With New Recovery Plan: Regulators Temper Draft Strategy for U.S. Financial Systems" M. Migliore. (CPM, Vol 8, 4, p. 54) Following a period of comment in which financial institutions, government officials, and vendors alike spoke out against a draft proposal outlining best practices for disaster recovery in the financial services sector, regulators have released a revised document that has less specific requirements than the original. The new plan, however, is no longer open for comment and will carry with it legal ramifications for noncompliance." "Planning in Motion: The Rise of Risk Management and Compliance Processes" K. Thrasher. (CPM, Vol 8, 4, p. 30) Under the Sarbanes-Oxley Act, companies are required to provide a way for employees to report ethical lapses or illegal activities anonymously, without fear of reprisals. As this law has a major impact on risk management, new systems are being developed to help companies with compliance. "Public Works: The Nation's Forgotten First Responders" J. Ward. (HPP, Jul./Aug. 02, p. 36) They bring the heavy equipment, set up barricades and porta-johns, clean up afterwards. So why doesn't public works get more respect? "Regulatory Pressure on Technology for Business Continuity" . BrianZawada. (RM, Vol 50, 7, p. 20) Because of the economic and social implications of business failures, the U.S. government has taken to monitoring business continuity. In a series of enactments over the last several years, these regulatory efforts have shaped the responsibilities of risk managers and their information technology colleagues when it comes to keeping IT systems and businesses up and running. "Sarbanes-Oxley--Is It the Hammer for Business Continuity Management?" J. Dato. (CI, Vol 1, 4, p. 66) Will a piece of legislation that contains no references to contingency planning legitimize business continuity management? "Suspicious White Powder" C. WorkingGroup. (HFR, Vol 1, 3, p. 26) Center for Domestic Preparedness develops inexpensive field test for ruling out Anthrax spores. "Talking about Teamwork: Risk Managers Partner between Departments" (RM, Vol 50, 6, p. 10) Three risk managers--from a public entity, a chemicals manufacturer and a retail company--interview the people within their organizations with whom they work. Their perspective on public affairs, production, safety, engineering and the executive level demonstrate how risk management has become pervasive in any successful enterprise. "The Price of Entry in Today's Business Continuity Employment Market" T. Mawson. (CI, Vol 1, 4, p. 68) Certification has gone from being an extra to being a necessity. "The Terrorism Risk Insurance Act" L. Soehren. (TFM, Vol 15, 2, p. 38) BOMA International President Larry Soehren tells how this very important bill became a law. "Three Biggest Challenges Facing Our Industry" J. Copenhaver. (DRJ, Vol 16, 1, p. 24) We as an industry will not achieve our goals and objectives until we acknowledge the root causes of this semi-stagnation and fix them, thereby putting us back on the path onward to status as a true and critical component of sound corporate governance. "'Well, It Worked Last Year!'" C. Rohrs. (DRJ, Vol 16, 3, p. 66) As business continuity professionals we know that periodic reviews of our plans are critical. Plans can become as stale as last week's croissants very quickly. Infrastructure Management & Design "Night Falls On The Northeast" M. Stansberry, J. Parkinson. (TFM, Vol 15, 9, p. 32) The biggest blackout in American history was left the country with some looming questions about deregulation, the grid, and contingency planning. Managing the Program "Another Deal, Another Dollar" R. Rose. (SEC, Vol 47, 6, p. 121) Money laundering schemes like the Colombian Black Market Peso Exchange (BMPE) can ensnare unsuspecting businesses unless they know how to recognize these illegeal transactions. "Biological Agent Decontamination: A New Issue for Business, But One that Must be Addressed" W. Perry. (CPM, Vol 8, 3, p. 48) "Business Continuity: The Case for Senior Management Leadership" A. Penz. (CI, Vol 1, 3, p. 54) Who should lead the charge? "City Implements Emergency Access Plan to Aid Businesses" J. Ballman. (DRJ, Vol 16, 2, p. 54) Business owners in St. Louis can now benefit from a business emergency access plan approved for the city. The plan allows individuals, who complete a credentials program, early access to their facilities following a disaster or business interruption. "Customer-Focused Crisis Response" P. Veal. (DRJ, Vol 16, 3, p. 50) An unforeseen crisis can have a significant impact on your customer's behavior. "Disaster Recovery Planning For Call Centers: Making Sure Customer Inquiries are Answered… No Matter What" T. FitzGibbon. (CPM, Vol 8, 2, p. 26) Service calls are often the only direct point of contact businesses have with their customers. If a call goes unanswered, for whatever reason, customers may look to reinvest their money with a new service provider. As such, disaster recovery planning for call centers cannot be overlooked. "Disaster Recovery: Reenacting Sept. 11" D. Brooks. (STOR, Vol 2, 9, p. 60) It's been two years since Sept. 11 In This article, an insurance company tests its abililty to recover from a similar disaster. How would your company fare? "E-mail and Internet Monitoring" M. Migliore. (CPM, Vol 8, 1, p. 32) "Employee Morale" M. Migliore. (CPM, Vol 8, 1, p. 30) "Evolution of BCP: The Executive Perspective" B. Turley. (CI, Vol 1, 1, p. 31) First came the dinosaurs, but they failed to plan for continuity and quickly became extinct. "Getting to know them: How to Check Vendors' References" E. Ferrarini. (DCM, Vol 23, 6, p.38) The sales rep is friendly, the product demos perfectly and the expense is within the budget. But the question remains, "Am I making the right choice?" Your doubts can be erased - or confirmed - by talking to other customers. "How Banks Responded To Tornadoes" M. Paddock. (DRJ, Vol 16, 3, p. 21) On Sunday, May 4, 2003, several tornadoes struck Pierce City and Stockton in Missouri. Branch banks in both locations suffered major damage. "Learning From BCI's Good Practice Guidelines" D. Smith. (CPM, Vol 8, 3, p. 18) Dr. David Smith, FBCI, editor of the BCI Good Practice Guidelines, explains the BCM life cycle in this the second of a two-part series on business continuity management. "Manage a Crisis, Don't Recover from Disaster" P. G. Power. (CPM, Vol 8, 1, p. 22) Disaster recovery has always been a fashionable term in the business continuity field, but effective crisis management means more to a business' bottom line. "Mitigating Exposure to The Threat of Terrorism" T. Arvish. (CI, Vol 1, 3, p. 31) Executive level buy-in, regardless of the organization's size or nature, is necessary when implementing new risk mitigation strategies. "Regulatory Scrutiny of Item Processing Increases Disaster Recovery Planning" J. Davis. (DRJ, Vol 16, 2, p. 49) In response to heightened concerns about security in general, many banks have put disaster recovery planning at the forefront of their agendas. "Same Old Same Old Is Not Enough" D. Yamanaka. (CI, Vol 1, 4, p. 38) People in business continuity should step outside of the box. "Succession Planning: Effective Strategies for Transitioning Corporate Leadership" E. Evangelista. (CPM, Vol 8, 1, p. 18) Leadership selection is key to corporate success. Without an ongoing effort to prepare for regime changes at the executive level, companies are putting their organizational stability and long-term growth potential at risk. "Talking about Security" (RM, Vol 50, 5, p. 36) RM chats with Paul Viollis, who recently wrote and edited a security handbook for Jane's. He reviews prominent security issues that organizations face and the solutions that can help save lives and money. "The Big One" L. Molino. (HFR, Vol 1, 3, p. 14) Proven methods for the management & mass decontamination of a crowd. "There and back again" D. Wagman. (HPP, Jul./Aug. 02, p. 28) How and why emergency management is returning to its roots in post-World War II Civil Defense. "What Is the Executive's Role in a Disaster?" P. Thompson. (CI, Vol 1, 1, p. 27) An executive does not belong in the center of the disaster status and recovery efforts. He/she should remain strategic enough to set the final direction, but allow others to complete the recovery efforts. "Who's In Charge Here?" T. Elliott. (HPP, Jul./Aug. 02, p. 22) The site of a suspected terrorist attack is both incident scene and crime scene. An examination of what does and doesn't work in incident command. "Working Together on Crisis Management: The Need for Public-Private Cooperation" R. Andrews. (CPM, Vol 8, 3, p. 38) Public/Private Partnerships "FEMA Update: The View from the top" M. Brown. (NHO, Vol 29, 2, p. 1) The Federal Emergency Management Agency (FEMA) has had, and continues to have, a cornerstone role in better securing the homeland from all threats: natural or human-made. Building Your Team "Academic Programs for Business Continuity and Emergency Management: More Than You Thought" P. Kirvan. (CPM, Vol 8, 3, p. 22) Most of you are familiar with the many seminars and conferences available to you in business continuity. But were you also aware of the numerous programs available here and around the world? "Building Confidence in a Crisis" J. Jordan. (CI, Vol 1, 3, p. 22) A crisis communication plan is a key part of an organization's risk and crisis management policies. "Employee Certification Strengthens a Company's BCP" T. Mawson. (CI, Vol 1, 1, p. 60) Training key personnel on business continuity will mitigate losses and quickly provide a return on investment that could literally save a company. "Ethics and the Risk Manager" R. Carris & R. Duska. (RM, Vol 50, 4, p. 28) To mitigate the exposure of ethical breaches, risk managers can use their skills and experience to identify, evaluate, treat and monitor the risk of poor ethical behavior. Be prepared, though, to ask difficult questions of both your organization and its business partners. "Setting New National Standards: Dallas Emergency Reponse Network" D. Kelley. (HFR, Vol 1, 2, p. 8) "Speaking the Language Of Business Continuity" J. Copenhaver. (CI, Vol 1, 3, p. 64) Communication is essential to maintaining continuity. "Strategic Business Continuity Planning: The Value of Recovery Teams" J. Stagl. (CI, Vol 1, 3, p. 58) Selecting the most appropriate recovery team members will help reduce disaster recovery time. "The Case for a Chief Continuity Officer" N. Kaufman & J. King. (CI, Vol 1, 4, p. 30) Creating a chief continuity officer will elevate the importance and strategic nature of BC and regain control of the process. "The Missing Link in Corporate Governance" R. Julien & L. Rieger. (RM, Vol 50, 4, p. 32) Formerly regarded as a series of arcane legal and regulatory hurdles to clear, corporate governance has become a critical topic of concern for everyone in business. The risk manager can play an important role in the establishment and maintenance of good governance. "What You Need to Know When Hiring a BC Manager" P. Thompson. (CI, Vol 1, 3, p. 26) Selecting the right person to lead your business continuity effort is key to your continuity program's success. Employee Preparedness & Protection "Almost Never Business Continuity" D. Wenk & R. Jacobson. (CI, Vol 1, 3, p. 51) Risk Management concepts help CIOs understand salient recovery issues, identify key characteristics and come to grips with the fundamental problem of business continuity. "Building Blueprints Against Terror" M. Greene. (SH, Vol 168, 1, p. 36) Since Sept. 11, the terms "emergency preparedness" and "emergency response" have taken on a new urgency in American workplaces, confronting both large and small workplaces alike. "Checklist For Dealing With SARS Outbreak" H. Ee. (DRJ, Vol 16, 3, p. 48) By as early as June 2003, statistics showed more than 8,500 people were infected with the SARS virus with more than 800 deaths worldwide. "Commitment to Safety: CEOs Who 'Get It'" (SH, Vol 167, 2, p. 28) Safety+Health polled National Safety Council regional offices around the country for the names of CEOs who not only understand the importance of safety, but also talk it, walk it and live it. "Continuity's Vital Link" K. McGrorty. (CI, Vol 1, 3, p. 43) The CEO is the only person who can combine the original vision underlying the direction of the company with the concepts and design, which must prevail in the aftermath of a disaster. "Cultural Impact of Disaster -- A Continuity Imperative" D. Yamanaka. (CI, Vol 1, 3, p. 49) Ignoring the impact a disaster may have on a cultural cross-segment of your company will cost you in the short and long term. "Don't Get Sick Over Toxic Mold" B. Fried. (DRJ, Vol 16, 1, p. 40) Toxic mold is becoming "the next asbestos." It can grow where there is high humidity or dampness. "End Of An Error" D. Pond & K.R. Leifheit. (SEC, Vol 47, 5, p. 113) Los Alamos National Laboratory's security team has a system for reducing human error. "Gearing Up for New Threats" A. Brown. (NFPA, Vol 97, 4, p. 50) First responders are training to prepare for possible terrorist threats. Is their equipment behind the curve? "Guide to WMD Training" J. Jerrard. (HFR, Vol 1, 3, p. 23) "How To Play It Safe" S. Roberts. (SEC, Vol 47, 7, p. 57) Security managers can improve their work safety by involving employees in behavior assessment. "It Starts In Dispatch" R. Larson. (HPP, Jul./Aug. 02, p. 43) Dispatch centers are a key link in emergency preparedness and response, but they face a variety of concerns in the post--9-11 world. "Keeping an Eye On the Super Bowl" M. Migliore. (CPM, Vol 8, 2, p. 74) NFL spends big money to install a new surveillance system at Qualcomm Stadium. "Knowledge Management: Backing Up Enterprise Know-How" D. Robb. (DCM, Vol 23, 2, p. 20) Who likes duplicated effort or overlooked assets? Setting up a knowledge management system puts an end to both, but it's more than creating a massive data store. "Managing the Human Impact of Crisis" M. Braverman. (RM, Vol 50, 5, p. 10) The effects of critical incidents on employees, their families and the surrounding community can have tangible expense repercussions for organizations. By understanding the nature of emotional distress, responding to employees' needs and providing a safe haven, risk managers can maintain and improve dedication to the workplace. "Mock Trial: Executive Liability" J. Foster & S.M. Pagliari. (RM, Vol 50, 2, p. 36) Anita Moneypenny and her fellow shareholders and coworkers have filed a class-action suit against Implode Corporation CEO Richard Rich for breach of fiduciary duties in his handling of the company's finances. Read through the opening statements, the witness testimony and the closing statements, then go online to cast your verdict as a member of the jury. "Motivating the Workforce to Support Security" D. Parker. (RM, Vol 50, 7, p. 16) A systems security program is only as good as the employees who buy into it. So how do you get their support? Instead of concentrating solely on prevention training, consider tying specific security efforts to everyone's job performance. "Preparing Your Organization For a Terrorist Attack" I. Walks. (DRJ, Vol 16, 3, p. 34) On March 30, 2003, three subsidiaries of a U.S. corporation were the target of a bioterrorism attack. This was the scenario for a mock disaster. "Probability Or Consequence" B. Pelant. (DRJ, Vol 16, 1, p. 28) Is it the probability or the consequence of an outcome that drives our actions? "Proper Executive Planning Reduces Threat of SARS" S. Schnell. (CI, Vol 1, 4, p. 42) Executive-level planning against disease emergencies is business as usual for a New York healthcare system. "Read This Rule and Call Me In the Morning" C. Pincock. (SEC, Vol 47, 6, p. 111) More than four years in the making, the Health Insurance Portability and Accountability Act (HIPAA) security standards have finally been issued. "Shock Value" B. Vavra & J.G. Parker. (SH, Vol 167, 3, p. 28) OSHA has increased funding to study the effectiveness of AEDs in the workplace and to expand training guidelines for the device as part of its overall guidelines for first aid training. "Smoke Gets In Your Eyes" F. Phelps. (SEC, Vol 47, 8, p. 95) Southern Methodist University tells how it held a drill to test its fire-safety plan and what it learned from the exercise. "The Human Side of Data Loss" B. Margeson. (DRJ, Vol 16, 2, p. 48) According to a recent study, approximately 15 percent of all unplanned downtime occurred due to human error. Many simply failed to implement adequate backup procedures. "The Human(e) Side: Recovering Human Technology" G. Lewis. (DRJ, Vol 16, 3, p. 60) The emotional, financial and organizational impact of accidents is far-reaching. "The New Centurions" S. Harowitz. (SEC, Vol 47, 1, p. 50) Terrorism and other global forces are reshaping corporate security, creating both challenges and opportunities for the men and women who oversee it. "Thinking Zebras, Not Horses" S. Baltic. (HPP, Jul./Aug. 02, p. 40) How state and local health authorities are encouraging primary-care physicians and emergency departments to be on the lookout for possible bioterrorism. Availability "All Records Are Not Created Equal" V. Carlisle. (CPM, Vol 8, 2, p. 20) Faced with a glut of data, businesses must rethink their vital records protection procedures. "Application-Aware Solutions" E. Price. (DRJ, Vol 16, 3, p. 78) An enterprise needs to maintain availability as near to 24x7 as possible. "Business Continuity Via Satellite Communications" E. Regard. (DRJ, Vol 16, 3, p. 76) For corporations that rely on their networks to generate revenue, protection from network outages or even slowdowns is critical. A network outage translates directly to lost revenue. "Contingency Planning for Data Backup: 5 Reasons to Monitor Your Configuration Settings" A. Bakman. (CPM, Vol 8, 1, p. 40) Organizations today are devoting greater financial and human resources to contingency planning, especially for IT disaster recovery. The need to restore electronic data and business processes as quickly as possible is crucial to a company's survival. "Data Replication Explained: Techno Advice for BC Pros" J. Buffington. (CPM, Vol 8, 4, p. 58) "Do Your Homework Before Building Backup Data Center" T. Davies. (DRJ, Vol 16, 1, p. 36) Your company has decided to build a backup data center, and it is your responsibility. There is pressure to get the project underway, but planning will save you a lot of time and stress. "DR Planning For Teleworking Environments" A. McIlroy. (DRJ, Vol 16, 1, p. 44) Teleworking has become an integral component for many companies. However, disaster recovery for a company heavily dependent on teleworkers requires planning and preparedness. "Effective Strategy for Meeting Disaster Recovery SLAs for Mission-Critical Applications" J. Lee. (DRJ, Vol 16, 2, p. 73) Companies worldwide are examining disaster recovery plans and processes in careful detail, questioning every facet, looking for every minute that can be saved, all with the single objective of ensuring that systems can be recovered as quickly as possible. "Evaluating Storage PSOs: 4 Things to Consider" D. James. (CPM, Vol 8, 1, p. 36) Finding the right storage professional services organization (PSO) requires thorough analysis of a firm's strength and weaknesses in specific areas of the storage equation. "Getting Remote Data Right" M. Farley. (STOR, Vol 2, 5, p. 38) The second of a two-part series on business continuity, this article focuses on how to use replicated data and the different types of replication: subsystem, host and network device based. "Handheld Computing Power: A Two-Edged Sword" J. Herbig. (DRJ, Vol 16, 3, p. 68) Is your corporate date sitting in a forgotten PDA at the airport lounge? "High Stakes Require Reliable Backup at Hotel/Casino" (CPM, Vol 8, 3, p. 52) "InfoSec 101 for BC Pros: 12 Things to Consider When Developing an Information Security Program for Business Continuity" T. Schreider. (CPM, Vol 8, 2, p. 48) A coherent information security strategy is a key requirement in today's business continuity planning process. To protect against the broadest range of threats, a company must first be sure it has addressed its base-level planning requirements. "Justifying the Costs and Projecting the Return of Storage Investment" M. Dangelo. (CI, Vol 1, 4, p. 58) Storage investment is driven by a need for improved profits, lower cost of ownership, shareholder actions and a continuation of business operations in a hostile world. "Keeping Laptop Backups In Sync" C. Preston. (STOR, Vol 1, 11, p. 36) Backing up laptops and keeping them in sync with desktops and servers doesn't have to be torture if you follow these procedures. "Logical Datacenter Replication" A. Aziz & B. Korn. (DRJ, Vol 16, 1, p. 65) At the top of the list is the maintenance of a remote fail-over facility to keep businesses up and running in the event the primary datacenter fails. "Maimonides Solves Storage Problems" P. Piazza. (SEC, Vol 47, 1, p. 91) Keeping stored data safe and available is a matter of life or death for a hospital. New storage technology makes the task easier to manage. "Mid-Market Companies Leave Tape Backup Behind" R. Cramer. (DRJ, Vol 16, 3, p. 81) Mid-sized businesses face a particularly daunting task in implementing data protection strategies with limited IT resources and budgets. "Multi-Terabyte Data Recovery In A Few Clicks" J. Iverson. (DRJ, Vol 16, 3, p. 74) Because data is the backbone of today's organizations, immediate recovery is crucial. "Off Site, Off The Hook?" T. Muser. (DRJ, Vol 16, 3, p. 64) How do you define a facility as being "off site?" Do you use the campus approach or the mileage approach? Or does your facility use an approach similar to ours? If you cannot hear the hospital fire alarm bells, you are off site. A waste basket fire set off a chain of events to test this hospital staff. "Off-Site Copies On the Cheap" C. Preston. (STOR, Vol 1, 12 p. 44) Backing up your off-site files has never been easier -- and cheaper -- to do. "Outsourcing Backups: A Win/Win Trend" E. Ferrarini. (DCM, Vol 23, 1, p. 28) Outsourcing distributed server and data center backups, restores and media vaulting is gaining popularity among organizations with limited IT resources. Find out why and how backup service providers (BSPs) can work for you. Take special note of 10 questions you should ask a BSP candidate and a list of seven BSPs that merit a closer look. "Protecting Documents Shouldn't Stop At Server" T. Hickman. (DRJ, Vol 16, 1, p. 54) Unfortunately, most companies think their existing data storage plans will protect them from massive data loss. Too often these companies are caught unprepared and disaster is often a short step away. "Risks and Potential Costs of an E-mail Outage" S. Mirchandani. (CI, Vol 1, 1, p. 49) Rain, snow, virus, line cut or server meltdown… without protection, e-mail can't get through. "The Road to Availability: Where and How to Start Implementing Your Program" B. Merchantz. (CPM, Vol 8, 2, p. 34) Managed availability is only as valuable as the returns it generates for your company. To ensure success, these returns must be carefully examined at each stage of your implementation strategy. "Security Special Report" J. Ricci. (TFM, Vol 15, 3, p. 55) Guest Columnist Joseph Ricci reveals how security's omnipresence stresses the importance of employees, infrastructure, and technology. "Spending Money to Save Money: Building a Backup and Recovery Strategy Based on TCO" D. Beeler & M. Pitkanen. (DCM, Vol 23, 2, p. 26) This article reveals specific "hidden" costs and walks you through creating a backup and recovery strategy to keep your system running and save you money. "The SSL Alternative: You can ditch your IPsec and tunneling VPNs and use SSL to give remote users secure access to Web-enabled and conventional applications. Neoteris Access Series 5000 sets the security standard" M. Fratto. (NTC, Vol 14, 23, p. 75) SSL VPNs offer remote users secure access to internal resources. We examined eight products , and Neoteris' Access Series 5000 earned our Editor's Choice. "USB 2.0: Taking Backup On the Road" R. Hawkins. (CPM, Vol 8, 2, p. 68) While functional backup options for the remote workforce have been virtually nonexistent in the past, the recent release of the USB 2.0 specification brings with it the performance requirements needed to extend disaster recovery from the back office into the mobile world. Management "Business Continuity Is More Than Just Data" P. Corcoran. (CI, Vol 1, 1, p. 33) A business continuity plan must address not only your IT infrastructure, but also your business as a whole. "Drawing Virtual Lines In the Law" C. Wolf. (SEC, Vol 47, 4, p. 44) The Internet gives companies with Web sites the potential to reach a worldwide audience, but it may also expose them to litigation in other states or countries. "Increase Enterprise Resiliency While Cutting Costs" B. Weston. (CI, Vol 1, 1, p. 35) How IT managers can save money, avoid future expenses, significantly increase resiliency and maintain sufficient contingency plans in times of cost cutting. "Looking to the Future: Five Ways Our Jobs Will Change" J. Simmons. (CI, Vol 1, 1, p. 23) People who are charged with protecting an organization's information have to change how they work. "Protecting Your Investment in Convergence" P. Kirvan. (CPM, Vol 8, 1, p. 43) There are both risks and rewards when using data networks for transporting voice communications. Planners need to know the technical issues associated with VoIP, analyze the risks of convergence, and review strategies for preventing and mitigating potential disasters caused by a network disruption. "Reducing the Cost and Improving the Efficiency of IT Operations" A. Bakman. (CI, Vol 1, 4, p. 54) A configuration management program can deliver measurable return on investment when used on a daily basis. "Submarine Warfare" D. Houser. (IS, Vol 6, 8, p. 46) In the new infosec paradigm, the attacker can be anywhere. To defeat him, you'll have to change your thinking--and your tactics. "Synchronicity or Not" J. Blackmon. (DRJ, Vol 16, 3, p. 72) In today's data processing environment, synchronicity of data may need to be addressed when performing backups as well as the recovery of data. "The Risk Lifecycle" (IS, Vol 6, 6, p. 50) IT security risk management is best approached as a "lifecycle" of activities, one step logically leading to the next. Security "4 Basic Rules for Small Business InfoSec" M. Wysocki. (CPM, Vol 8, 3, p. 58) Whereas information security is a hotbutton issue for most large enterprises, many small businesses have yet to catch on to the hype cycle and are running their organizations without even taking the simplest of precautions. This article identifies four devices small businesses can use to quickly implement some protective measures. "A Healthy Dose of Data Security" P. Piazza. (SEC, Vol 47, 5, p. 89) Two healthcare facilities explain how they are securing medical data in transmission and in storage. "Air Safety" L. Phifer. (IS, Vol 6, 4, p. 48) WEP and war driving scaring you away? Try these new solutions and best practices to protect your wireless networks. "Are You Vulnerable?" G. Shipley. (NTC, Vol 14, 12, p. 42) Worms, viruses, flawed Oss, defective custom apps and poor network design--all can debilitate your business. We give you a guide to rooting out and exterminating bugs and suggest strategies for making security a priority in your product and deployment decisions. "Besieged: Confronting Intellectual Property Threats" R. Reed. (RM, Vol 50, 7, p. 32) Company trade secrets, trademarks and privacy have become more complex as technology has opened up lines of communication and data swapping. The downside of greater business success and efficiency, however, is greater potential for intellectual property loss. By keeping aware of how these targets may be compromised, risk managers can protect their organization's intellectual assets. "Business Continuity and Information Security: The Relationship Between Two Different, but Alike, Disciplines" "Business Risk From Cyber-Criminals" S. Stahl. (CI, Vol 1, 1, p. 55) Eight things that you should do now to implement sound information security practices. "Can You Hack It?" F. Lam & S.K. Cayo. (SEC, Vol 47, 2, p. 83) Penetration testing gives companies a way to find their vulnerabilities before hackers do. "Gateway Guardians' F. Avoilo. (IS, Vol 6, 2, p. 50) Besieged by spam? Viruses? Afraid your employees are leaking confidential data? We tested five e-mail firewalls designed to stop the enemies at the gates. "Getting Certified in Information Security" P. Kirvan. (CPM, Vol 8, 2, p. 58) Assuming you already have one of the current business continuity certifications, it's a good idea to obtain one in information security as well. For BC professionals, CISSP is a good fit. Find out what to plan for and what to expect when pursuing this internationally recognized certification. "Global Outsourcing During Tumultuous Times Raises New Legal Issues" J. Dieffenbach. (DRJ, Vol 16, 2, p. 44) The combination of political turmoil, a down economy and technology developments are providing new and challenging legal issues for managers negotiating outsourcing agreements. If a company is going to put its technology management into someone else's hands, it's critical to make sure they are trusted hands. "Hacking On All Fronts: A Range of Threats Keep InfoSec Pros Looking Over Their Shoulders" M. Seese. (CPM, Vol 8, 2, p. 60) Although the tragic events of September 11, 2001 moved security in general up the corporate radar screen, the threat of cyber-terrorism is fairly low on the information security priority list. Much more worrisome are the dangers posed by internal security breaches and technological evolution. "High Marks for Security" A. Saita. (IS, Vol 6, 4, p. 56) Campus IT managers' emphasis on wireless security puts them at the head of the class. "High Security, Low Cost: 3 Simple Security Strategies for Mid-Sized Organizations" S. Schlesinger. (CPM, Vol 8, 1, p. 42) In a tight economy, it's easy to believe that postponing investments is fiscally responsible. When it comes to security for business networks, though, making reasonable investments to protect critical data and applications can be the most cost-effective and responsible path. "How Far Is 'Far Enough?'" T. Weems. (DRJ, Vol 16, 2, p. 22) How far is enough? That was the question asked of Association of Contingency Planners (ACP) chapters in the United States. The intent of the survey question was to set standards from within the industry regarding how far an alternate facility and an off-site storage facility should be from the primary operations site. "Information Security Software: What You Need and What You Don’t" M. Migliore. (CPM, Vol 8, 2, p. 64) As more and more types of information security software come to market, deciding where to make investments becomes more and more difficult. As such, business continuty professionals need to perform the necessary due diligence in order to make smart choices. "Insecurity Alert" K. Stewart & C. Stewart. (, Vol 1, 3, p. 32) How cyber terrorists & hackers could compromise the nation's emergency response systems. "Inundated by Infections" L. Bridwell & L.M. Walsh. (IS, Vol. 6, 4, p. 71) There were no global "virus disasters" in 2002. But the malware problem still got worse, according to the 8th annual ICSA Labs Virus Prevalence Survey. "IT Security: Dollar Decisions that Make Sense" E. Gerck. (CPM, Vol 8, 2, p. 52) Most security products profess to solve broad problems when enterprises really need specific solutions. "It Takes a Thief: Ethical Hackers Test Your Defenses" B. Coffin. (RM, Vol 50, 7, p. 10) Corporations hire hackers to find out where their security systems could be breached. With methods ranging from simple telephone calls to complex code analysis, organizations can determine what level of ethical hacking is appropriate for their degree of potential information security loss. "Layer 2 Discovery Digs Deep" B. Boardman. (NTC, Vol 14, 23, p. 117) Knowing the precise path between clients, switches, routers and servers is essential to pinpointing network failures, but most network-management packages only provide Layer 3 data. We show you how to achieve a Layer 2 level of detail. "Not Just For HIPAA: Best Practices for Security and Privacy Make Good Business Sense" E. Ferrarini. (DRJ, Vol 16, 2, p. 34) The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sounded a wakeup call throughout the healthcare industry -- patient data is an asset and it needs to be protected. IT departments are now facing the challenge of implementing HIPAA's three provisions - electronic data exchange of transactions (EDI), privacy, and security. "On Patrol In Cyberspace" P. Piazza. (SEC, Vol 47, 4, p. 111) A look at progress among local, state, and federal efforts to combat cybercrime. "Protect Your SAN from Attack" C. Preston. (STOR, Vol 2, 6, p. 30) Think your SAN is secure? Find out the truth by reading Part I in our three-part series on storage security. "Questions Every CEO Must Ask about Information Security" S. Stahl. (CI, Vol 1, 4, p. 64) The CEO must learn to ask good questions in order to get her arms around the security of the firm's critical information assets. "Roadblocks to Defense-In-Depth" J. Snyder. (IS, Vol 6, 6, p. 30) We found six barriers to pushing firewall technology to the port level. "Security Governance" (IS, Vol 6, 6, p. 67) Turnover in the "C-Suite" may disrupt the continuity of the infosecurity program. "Security Liability" F. Prince. (IS, Vol 6, 1, p. 59) Who's responsible for security breaches? Short answer: everyone. "Security vs. Need-to-Know" T. Smalley & J. Glenn. (DRJ, Vol 16, 2, p. 45) Recently there has been some discussion about business continuity plan security. This article tries to bridge the gap between "security" and "need-to-know." "Switching Direction" A. Bhimani. (IS, Vol 6, 11, p. 58) Security switches are hard to define, but they're challenging traditional thinking about wire-speed security. "The CEO and Critical Information Asset Security" S. Stahl. (CI, Vol 1, 3, p. 60) What do you know about the security of your critical information assets? "The Legislative Landscape" A. Briney. (IS, Vol 6, 1, p. 56) The U.S. has already adopted several cybersecurity laws, but few affect operational IT security. "The ROI of Information Security" D. Ouellette. (CI, Vol 1, 3, p. 39) Today's business executives must be aware of and quantify the risk involved with not having a solid security posture. "Trustworthy Yet?" L. Walsh. (IS, Vol 6, 2, p. 30) Microsoft is making significant strides to clean up its security mess, but Trustworthy Computing still has a long way to go. "Turning the Network Inside Out" J. Snyder. (IS, Vol 6, 6, p. 28) We challenged five vendors to design a network that's secure from the perimeter to the core. Their responses give us a glimpse into the future of network security. "Turnover at the Top" A. Saita. (IS, Vol 6, 6, p. 64) How to keep the security program on track… even when there are cracks in the corporate ladder. "Unwrapping Win2003" R. Smith. (IS, Vol 6, 4, p. 32) Microsoft promised Windows Server 2003 would be "secure by design, secure by default and secure in deployment." We took the wrapper off this new OS to see if it lives up to expectations. "Want To Trade Secrets?" M. Halligan. (SEC, Vol 47, 1, p. 67) Recent court cases reveal trends in the use of trade secret protection. "Watch Your Step: Security Resource Planning" P. Lindstrom. (IS, Vol 6, 7, p. 28) Managing risk across an enterprise is a delicate balancing act. We looked at three "security resource planning" solutions that bring order to the process. "Watching the Watchers" C. Fennelly. (IS, Vol 6, 3, p. 66) Even if you hate security audits, it's in your best interest to make sure they're done right. "What Is Vulnerability Analysis? J. Snyder. (IS, Vol 6, 3, p. 34) Infrastructure Management & Design "Behind Closed Doors" A. Wolf. (NFPA, Vol 97, 3, p. 80) A deadly fire in a highly regulated health-care occupancy is leading to stricter sprinkler requirements. "Calculating the True ROI of Facility Monitoring" J. Buckley. (CPM, Vol 8, 1, p. 56) Many executives are now discounting the value of soft dollar risk reduction in today's tight-budget environment. How do you attach hard dollar returns on a facility monitoring investment? "EMC Opts for New Facility Management Solution" N. Browser. (CPM, Vol 8, 1, p. 59) Recent studies have shown that anywhere from 30 to 50 percent of IT network and system outages are directly attributable to failures in critical facility equipment, including power, environmental, fire safety, space and physical security assets. "Protecting Your Critical Infrastructure: Best Practices for Safeguarding Key Business Assets" P. Kirvan. (CPM, Vol 8, 1, p. 52) A major part of business investment is infrastructure. The term includes a broad range of facilities, systems, and technologies. The absence or inability of a firm's infrastructure to function can seriously impact business, which makes protection measures a vital point of consideration. "The Week of 413 Tornadoes" M. Smith. (DRJ, Vol 16, 3, p. 24) Basement stairs took a beating from May 4-10, 2003, as 413 tornadoes occurred from California to Virginia--more tornadoes than in any other one-week period since 1950, the year reliable records became available. Restoration & Recovery "20 Important Questions About Power" P. Kirvan. (CPM, Vol 8, 4, p. 47) Determine your threat level with a quick Q&A. "Comparing & Selecting Recovery Strategies" G. Wold. (DRJ, Vol 16, 2, p. 38) Cost-effective recovery strategies and written agreements related to the most feasible alternatives are important aspects of business continuity planning. "False Cover" B. Blythe & T. Stivarius. (DRJ, Vol 16, 3, p. 28) When your company experiences a catastrophe, the immediate concern is getting things back to normal. It's only afterward that the uncomfortable questions will begin to come up. "Finding and Selecting a Mold Remediation Contractor" S. Stecker & E. Harrison. (RM, Vol 50, 2, p. 26) In a field without well-defined certifications, finding a qualified mold remediation specialist that suits your company's needs can be a challenge. "Getting Beyond Just An Emergency Response Plan In the Public Sector" N. Koehler. (DRJ, Vol 16, 1, p. 56) Despite the extraordinary ability to effectively respond to an emergency, most public organizations are not ready to recover and resume the delivery of the various services they are chartered to deliver. "GIS at the WTC" R. Johnson. (HPP, Jul./Aug. 02, p. 32) One of the most important, yet unheralded, tools at the World Trade Center was digital mapping. The inside story on how geographic information systems aided recovery efforts, and their potential for the future. "Hackensack University Medical Center Takes Recovery to a Whole New Level" C. Salerno. (CI, Vol 1, 3, p. 14) It is the nature of the business that really sets the HUMC apart from most organizations in terms of BCP. "How Well Protected Is Your Facility?" A. Katz. (CI, Vol 1, 4, p. 32) The net result of selecting the right power solution for your application will be a fluid operating environment immune to the perils of power interruptions, and, ultimately, a very respectable ROI. "Lost Art" B. Flynn. (NFPA, Vol 97, 1, p. 52) On September 11, 2001, America's loss extended beyond the overwhelming death toll to include countless artistic and historical treasures that can never be replaced. "Maximizing Internet Use For Business Continuity" C. Alvord & J. Fuqua. (DRJ, Vol 16, 1, p. 73) The Internet will become a central, pervasive direction in continuity planning, as it has for many other functional areas of organizations. The question for a continuity planner becomes how to determine the impact of the Internet as a communications channel for his team and job. "Planning for Emergency Power" J. Swanson. (CPM, Vol 8, 4, p. 36) Electricity is never more precious or scarce than after a disaster. Lights are out, telephones are disabled and businesses are shut down. People may need food, water, heat and medical attention. But without power, none of these issues can be addressed. "Recovery Opportunities in Mold Losses" J. Gerber & E.R. Feldman. (RM, Vol 50, 2, p. 30) When attempting to finance the cost of mold remediation there may be third parties that owe your company some percentage of the expenses. "Sick Buildings: Bad For Business" H. Bloech. (TFM, Vol 15, 4, p. 36) Awareness of IAQ issues is growing, and remediation is indeed affordable. "The Power Standard: An Overview of Leading Industry Specifications" P. Kirvan. (CPM, Vol 8, 4, p. 44) "The Problem(s) With Power" (CPM, Vol 8, 4, p. 42) In the business world today, power is the bottom line when it comes to business continuity. Without power, disaster recovery and high availability systems for electronic data are usless, surveillance monitors can't function, alarms are disabled, and the applications employees rely on to perform everyday tasks are not accessible. "Why Some Recovery Plans Won't Work" J. Bell. (DRJ, Vol 16, 2, p. 30) Having reviewed hundreds of business continuity plans, I am frequently surprised to discover that many of the same mistakes are being written into business continuity plans today. Considering the variability that is possible in disaster scenarios, it is surprising to discover that most plans that fail have similar flaws. Safety & Security "A New Crew Oversees Airports" T. Anderson. (SEC, Vol 47, 6, p. 76) Federal security directors in charge of airport security at all major airports in the United States discuss the challenges they have faced since taking up their posts after 9-11. "Articles of Faith" J. Kitabjian. (SEC, Vol 47, 7, p. 136) Screening for weapons at security checkpoints requires special sensitivity when it comes to dealing with the dress, sacred objects, and customs of some religious groups. "Build-by-Numbers" J. Paradise. (NFPA, Vol 97, 1, p. 58) A traditional approach to high-rise safety is still the best approach. "Evening the Odds Against Liability" A. Nichter. (SEC, Vol 47, 4, p. 64) Gaming establishments can limit their exposure to liability by learning how courts interpret their duty to protect those on their property from harm. "Facilities At Risk" D. Mahoney. (TFM, Vol 15, 7, p. 34) Controlling mold is an ongoing struggle for many facility professional, particularly during this time of year. "HIPAA Top Priority For Health Care Providers" V. Carlisle. (DRJ, Vol 16, 3, p. 44) Reaching HIPAA compliance represents a huge challenge to many companies. "Media and Mold Exposure" R. Maniloff. (RM, Vol 50, 2, p. 24) The growth of mold claims may have more to do with inaccurate media attention than the reality of what is going on inside courtrooms and scientific laboratories. "Mold Control Begins with Moisture Control, Remediation" P. Harkins. (DRJ, Vol 16, 3, p. 56) Concern is growing about potential health risks due to the presence of fungi in the buildings in which we live, work, learn, recuperate and play. "Part Two of a Two-Part Series: Making the Best Use of Limited Security Resources" D. Wenk & R. Jacobson. (CI, Vol 1, 4, p. 60) Using quantitative analysis while working with your CIO and CFO allows for good decisions about risks and security investments. "Places Everyone" D. Axt. (SEC, Vol 47, 6, p. 50) Drills are to security as dress rehearsals are to Broadway; they are the only way to ensure success for the real performance. "Protection to Port Side" T. Anderson. (SEC, Vol 47, 8, p. 46) The Port of New Orleans has a multipronged approach to security. "Rethinking Port Security: Is Biometric Authentication Ready for Prime Time?" M. Migliore. (CPM, Vol 8, 5, p. 16) Currently, there are a number of government projects underway that are examining the possibility of using biometric security devices in air and seaports, both in the United States and internationally. But concerns about privacy, standards, and the technology itself pose potential obstacles to implementation. "Securities Industry Prepares for Continuity Rules" N. Benvenuto & B. Zawada. (CI, Vol 1, 4, p. 49) Companies in the securities industry whose continuity planning has been minimally adequate will now need to rise to a best-practices level. "The Dog Days of Detection" E. Seuter. (SEC, Vol 47, 7, p. 48) Hiring the right canine detection unit requires a dogged selection process. "What's In the Pipeline?" M. Gips. (SEC, Vol 47, 8, p. 62) A look at technology trends and new policy initiatives currently in the works for pipeline protection. "Why The Fuss Over Fungus?" L. Striefsky & H. Goldstein. (TFM, Vol 15, 5, p. 46) Litigation is becoming more prevalent as mold awareness increases.
Communications "Interoperability Isn't Just a Technology Problem" C. Hall. (HFR, Vol 1, 2, p. 26) NIUSR forum seeks answers "Is Your Organization Ready for Intense Media Scrutiny?" B. Patterson. (CI, Vol 1, 4, p. 51) Having a relationship with the media is now a corporate responsibility. "Putting Public Safety On the Map: A Solution for Locating Wireless 9-1-1 Callers… and Other Things" B. Weaver. (CPM, Vol 8, 5, p. 44) As emergency call centers struggle to implement systems for locating wireless 9-1-1 callers, global information systems may be the answer they're looking for. But wireless 9-1-1 isn't the only application for GIS. "Problem Solved: Rush Responds to TOPOFF2 Exercise with New Notification System" C. Staff. (CPM, Vol 8, 5, p. 28) "Rush Responds to TOPOFF2 Exercise with New Notification System" (CPM, Vol 8, 5, p. 28) Emergency Management "DHS in the Rough" T. Elliott. (HFR, Vol 1, 2, p. 10) New Department of Homeland Security promises to improve first response; locals remain skeptical "Emergency Response Outside the Envelope" I. Walks. (SEC, Vol 47, 3, p. 52) The District of Columbia's former chief health officer examines the lessons learned from the response to the spate of deadly anthrax-infected letters. "Grassroots Homeland Security" A. Patton. (NHO, Vol 27, 5, p. 1) "Making a More Secure Business a Better Business" (CI, Vol 1, 4, p. 24) An interview with Al Martinez-Fonts, Jr., Special Assistant to the Secretary of Homeland Security, Private Sector Office provides specific details on the responsibilities of the Department of Homeland Security to the business of America. "TOPOFF 2: Practice Makes Perfect" S. Baranek. (CI, Vol 1, 4, p. 40) A recently simulated terrorism response drill allows businesses to exercise current continuity plans and fine-tune operations for unexpected future events. "USGS--Providing Science and Monitoring to Protect Communities" C. Groat. (NHO, Vol 17, 4, p. 2) "When Downtown Becomes A Disaster Zone" M. Cramer. (SEC, Vol 47, 3, p. 64) Find out how the Dallas business community and the city formed a public-private partnership to develop an emergency response plan tailored specifically for the central business district.
|
