Archive for the ‘Business Continuity’ Category

New from DRII – Certified Business Continuity Auditor (CBCA) or Certified Business Continuity Lead Auditor (CBCLA)


Atlantic City, New Jersey

New Audit track for Business Continuity Professionals and IT Auditors. If you are an experienced Auditor or Business Continuity Planner, this is your opportunity to get certified as a Business Continuity Auditor by the leading BCP organization in the USA.   DRI International will be offering training in Atlantic City, New Jersey this coming April.    For more information on this course, see the notice from DRII below:

Two opportunities for the training you want!

The National Fire Protection Association (NFPA) and the Disaster Recovery Institute International (DRI) have joined forces to create an education and certification program that will qualify participants to audit disaster/emergency management and business continuity programs against existing standards and regulations. Certifications available are: Certified Business Continuity Auditor (CBCA) or Certified Business Continuity Lead Auditor (CBCLA).

Through this program, participants will be able to apply the key components of disaster/emergency management and business continuity, the relevant standards, laws and regulations, the process of risk assessment, vulnerability analysis, loss prevention, risk mitigation, and develop, implement, test and maintain their plans and procedures.

The course will cover existing legal and regulatory requirements by industry and country, as well as emerging requirements, including  BS25999, SS540, US PL 110-53 (PS-Prep), NFPA 1600, ASIS, DRI International’s professional practices, financial services, insurance, healthcare, utilities, public sector guidance and a host of others will be explored.  It will also cover the processes by which disaster/emergency management and business continuity programs are initiated with an eye toward corporate governance, policy, and procedures.  More in depth emergency and disaster management will be provided by NFPA.

At the end of the course, a unique. audit track, qualifying examination is conducted and individuals who have passed will be eligible to apply for certification as a Certified Business Continuity Auditor (CBCA) or Certified Business Continuity Lead Auditor (CBCLA). The certification level (CBCA or CBCLA) will be granted based upon the amount of demonstrated audit experience of the applicant. Those seeking the CBCLA designation will be required to provide references to verify that they have at least five years of active audit experience.

For course and education related questions please call the DRII Education Department on:    Toll free numbers: 866-542-3744 and 866-535-3744

This course is designed for novice & experienced corporate planners, internal & external auditors…

Course Name: BCLE-AUD

Start Date : 04/26/2010

End Date : 04/30/2010

Course Cost: $2900.00

Instructor: Not Specified


Atlantic City Convention Center

1 Miss America Way

Atlantic City, NJ  08401

DRII The Institute For Continuity Management.

This was not a paid promotional announcement.

Enhanced by Zemanta

Book Review: “Business Continuity Planning Methodology” by Dr. Akhtar Syed & Afsar Sayed

The Pillars of the Earth
Image by pietroizzo via Flickr

I will start this book review by breaking the rules.  That is, I will first tell you the book is fantastic, one of the best I’ve read on any professional subject and that if you are a CBCP and do not own it, you should get it ASAP.   Now, for the review.

I have many BCP books in my library, but few come close to “Business Continuity Planning Methodology” in maintaining harmony with the DRII framework, as well as best practices from ISO, CobiT and NFPA.   It is also the only one that actually takes you step by step through the major domains every Business Continuity professional needs to know.    The book is 300 pages, so it is concise and to the point.  The authors are hands-on experts in the field who do not waste time on academic examples to drive their points.   The book is divided into eight chapters listed below:

  • Introduction
  • Risk Management
  • Business Impact Analysis
  • Business Continuity Strategy Development
  • Business Continuity Plan Development
  • Business Continuity Plan Testing
  • Business Continuity Plan Maintenance
  • BCP Process: Reports and Documents Summary

The sections on Risk Management and Business Impact Analysis should be mandatory reading for everyone in the Risk, Security, Audit and Governance fields.   In my experience, today the folks holding the CBCP certification have the best Risk Management training of all the non-financial professionals involved with Risk Management.   The granularity and scope of a typical BCP Risk Assessment is far superior to most of what I’ve seen coming out of the IT Security and regulatory compliance spaces.    In addition, the BCP type multi- dimensional Risk Assessment is also superior to those generated by most Auditors, who tend to stop at the financial threshold test generated from the year end financial report.   I have long felt that just these two chapters are well worth the price of the entire book.

Business Continuity is a serious subject that is still misunderstood at many organizations.   In addition, BCP was left out of the Sarbanes-Oxley act, which has given many a CIO, CFO and CEO the excuse that “it is not required” therefore few resources get allocated to having dedicated BCP professionals on board and/or having serious continuity plans.    Outside of the southern states (highly affected by hurricane Katrina) we do not see much serious Business Continuity work at major organizations.    I always considered this attitude irresponsible.  The idea that disasters, crisis and business disruptions are things that affect “others” and it is not worth preparing for seems contrary to logic.    Convincing these “C” types about the value of BCP is a tough job, but if you need to do it and you need to develop a clear and concise argument about what needs to be done, what resources will be needed and how long the efforts may take, the “Business Continuity Planning Methodology” may be one of the best references to have at hand.

As Enterprise Risk Management (ERM) gears up as a result of recent market debacles, we will see a greater need to break the silos that now keep IT Security Risk Assessments, Business Continuity Risk Assessments, Financial Risk Assessments, Operational Risk Assessments, Market Risk Assessments and Regulatory Risk Assessments apart.    True ERM calls for a unified view of risks across all departments, regions, functions, resources and markets.     Threats and information about threats need to be managed in a unified manner.  The BCP approach to Risk Assessment takes this approach.

If you are or plan to be involved in an ERM initiative and you lack Risk Assessment experience, your best bet is to learn the Business Continuity approach to Risk Assessment and Business Impact Analysis.  When you understand these, the other types of Risk Assessments will be easy to tackle.   The Business Continuity Planning Methodology book is a tool that will get you started in understanding this process.  Of course, it is a great reference for all the other topics it covers as well.

Business Continuity Planning Methodology can be purchased from the Today’s Audit Journal book store, by clicking the link below:

Enhanced by Zemanta

Business Continuity & Disaster Recovery |

FDR's "Fireside Chats" With America
Image by Tony the Misfit via Flickr

Free event:  Up to 8 CEAPs towards your CBCP recertification.

This web event will feature leading experts exploring strategies and tactics to build a strong business continuity and recovery plan within an enterprise, the right technology choices for business recovery and best practices and tips to develop a strategy and architecture to meet 24/7 availability and recovery requirements.

If you need the CEAP’s you can get them while watching at home or the office!

Shared via AddThis

Enhanced by Zemanta

Philadelphia H1N1 and Beyond Conference


Conferences are always fun.


Even mean dictators get the flu.

Space is Limited – Sign Up Today for the H1N1 and Beyond Conference in Philadelphia.

In late March and early April 2009, the first cases of human infection with the H1N1 virus were reported in the U.S. Significant novel H1N1 illness has continued into the summer, with localized – and in some cases intense – outbreaks occurring. The U.S. continues to report the largest number of novel H1N1 cases of any country worldwide.

The health risks are clear going into flu season. What can you do about keeping your business up and running no matter what the outage? The H1N1 and Beyond Conference will offer action-based strategies to keep your operations up and running during H1N1 and any other outage – from loss of power to catastrophic disasters.

The value of this educational, interactive event is unmatched:

  • Access to the foremost preparedness experts.
  • The ONLY conference that goes past the health risks and focuses squarely on business recovery to respond to and recover from H1N1.
  • Special offers for participants on H1N1 planning and preparedness products.
  • Breakfast and lunch included.
  • Laptop for note gathering provided by Strategic BCP for your session.


Wednesday, October 7th
Peirce College, Philadelphia, PA | Map
Conference Rate: $295Discounts are available for members of several Business Continuity organizations, planning organizations, educational institutions, and non-profits. Please obtain your code by contacting 866-594-7227.


Presented by:
Presented By Strategic BCP

Presenters include:

Contact Strategic BCP
H1N1 and Beyond Conference Website
866.594.SBCP (7227)

Disaster Recovery – Spring World 2010 Brochure

Heads will roll
Image by Trois Têtes (TT) via Flickr

Spring World, the largest Disaster Recovery event of the year will take place in Orlando, Florida next year.  Here is the PDF file of the event.

Spring World – March 21-24th 2010 in Orlando, Florida.

Shared via AddThis

Enhanced by Zemanta