It seems that industry, media and events companies are all focusing on business continuity management and disaster recovery in the later part of this year. There are several BCM and DR events and conferences taking place in September and October, not forgetting the BCI World Conference in November, so be sure not to miss out on these strategic events. The document discusses various topics related to business continuity management including work area recovery, new good practice guidelines, migration and data sharing solutions, the value of BCM for business interruption, absenteeism in the workplace, and upcoming ContinuitySA training dates.
1. One highlight can surely be the Inaugural BCI Africa Awards taking place on the
10th September, where business continuity professionals throughout Africa will be
recognised for their contribution to the BCM industry. The upcoming BizStrat 3rd
Annual BCM & DR Conference in September, where ContinuitySA is the Platinum
sponsor and the BCI SADC Chapter are the endorsers has a full agenda and this
can be found towards the end of the newsletter or you can click here to down-
load. Organisations and BCM professionals should be present at, at least one of
the upcoming events, where you will receive tremendous insight into trends and
changes within the business continuity industry. After all companies should be fo-
cusing on making their companies more organisationally resilient.
The recently launched Disaster Recovery Preparedness Benchmark (DRPB) Survey is still available and you can
click here to access the online survey. Preliminary results have already been published and tell us that 3 in 4 com-
panies are at Risk and or Failing to Prepare for Disaster Recovery. The results can be found on page 18 to 22.
WAR is dead. Really! Michael Davies covers why he feels that work area recovery is still very relevant within business
continuity.
Tracey Linnell highlights why the Good Practice Guidelines 2013 has grown Business Continuity as a discipline and
how GPG 2013 goes beyond descriptive statements and gives practical advice, so as to ensure business continuity
measures stay effective.
Planning – Life, Death and Resilience is a humorous and lighthearted article to show organisations that they should
be more resilient.
The average absenteeism rate amongst SA companies is estimated between 3.5 and 6 per cent per annum and
trends show continuous increases and this looks like it could definitely be a growing crisis for companies and even
the economy. Terry Booysen, CEO of the CGF Research Institute, covers absenteeism in the workplace.
On that note, ContinuitySA has several BCM training sessions for the remainder of this year, so if you require any
form of BCM training then be sure to view our upcoming events on our website which will give you full details on
what our five-day BCM training covers or contact our training department via training@continuitysa.co.za.
Just a reminder that we are continually looking for contributions of articles, case studies and white papers to
include in our future issues of our newsletter, so for any submissions please feel free to contact me.
Wishing you all health, wealth and resilience.
Cindy Bodenstein
Q3 2013
Keeping ContinuitySA
clients informed
1
It seems that industry, media and events companies are all focusing on business
continuity management and disaster recovery in the later part of this year.
There are several BCM and DR events and conferences taking place in
September and October, not forgetting the BCI World Conference in November,
so be sure not to miss out on these strategic events.
In this Issue
Editor’s Note
BCM, DR and Resilience2 WAR is dead!
4 New Good
Practice Guide-
lines take BC to
the next level
5 Migration &
Cross-Platform
Data Sharing
Solutions
6 BCM: the value-
add for business
interruption
9 BCM is good
governance
11 Planning - Life,
Death & Resilience
14 Triple4: Simple &
affordable enter-
prise backups
15 ContinuitySA
launches virtual
fax solution
16 Absenteeism:
Eroding Company
Profits
18 IT DRP Benchmark
Survey Now
Online
19 Preliminary DRPB
Results Report
2013
25 Can your business
survive disaster?
27 BizStrat’s 3rd
Annual Confer-
ence Agenda
33 ContinuitySA
Training Dates
All Links
are now
Interactive!
2. 2
Work Area Recovery (WAR) is dead’ so they say, but from experi-
ence I do not believe that. Virtualisation, cloud computing and
a more mobile work force has definitely impacted the way organi-
sations conduct their Business Continuity Management (BCM)
programmes and changed them in a positive and more effective
way. Technology is changing and evolving at an accelerating rate
and bandwidth is becoming more accessible and cheaper which
makes it an exciting time to be in as virtually all organisations rely
heavily on their ICT systems to operate.
Organisations are looking towards elegant
IT solutions for organisational resilience and
there is a tendency to think that mobilising
a work force around the Cloud is the way
to go. This has an appropriate place in an
effective BCM programme but it is not THE
BCM programme. In addition to the mo-
bile work force concept we have increas-
ing adoption of ‘Bring Your Own Device’
(BYOD) policies which allow employees to
use personally owned technologies such
as laptops, tablets like the iPad and smart-
phones to access privileged company in-
formation and applications. BYOD is
gaining more acceptance by businesses
as increased productivity is becoming ev-
ident with employees using both personal
and business devices.
In an article by Heino Gevers published in
the Business Day (14th August 2013) he
states that South African Organisations are
gradually losing control of critical business
information and that ‘A study shows that
81% of IT managers in British and US mid-
sized organisations are concerned that
employees are putting sensitive data onto
consumer-grade cloud storage and serv-
ices. It is important for any CIO and risk of-
ficer to acknowledge that there are
certain limitations and challenges with re-
gards to relying on the Cloud and mobility
as the backbone of a Business Continuity
Plan (BCP) and I would suggest that the
following points are considered;
• Reliable connectivity is critical and
should be planned to be resilient. The
issue is not when 20% of your staff are
mobile, such as a sales or consulting
team, that remotely connect for work
purposes but when a disaster is in-
voked and your BCP is for 1,000 em-
ployees to remotely connect to the
network.
• As employees introduce their personal
devices to company networks, security
and protection of company informa-
tion will become a greater challenge.
Business critical data stored on mobile de-
vices is growing thereby making security
more important and remote access to
such devices needs to be thought through
with regards to policy.
• The proliferation of BYOD and an in-
creasing mobile workforce necessi-
tates deploying a remote access
service that provides a layered security
approach that mirrors the organisa-
tion’s security and access to informa-
tion policies.
• As more employees become part of
the mobile work force relying on the
Cloud and the organisation’s network
a highly scalable VPN infrastructure is
required.
By Michael Davies, Chief Executive Officer, ContinuitySA
WAR is dead!…
…and other fallacies
3. TOPICS ON THE AGENDA
Recognising the threats: An as-
sessment of the top business
continuity threats South
African organisations face
Managing the risk: Planning
and developing a business
continuity solution in line with
the organisation’s risk profile
Ensuring resiliency: Having ef-
fective backup and efficient
recovery to ensure resiliency
across all layers of the business
Achieving compliance: Under-
standing legal requirements
and the role of corporate gov-
ernance in your business conti-
nuity plan
Enabling flexibility: Having suf-
ficient adaptability to handle
ever-changing business
requirements
Realising a return on your in-
vestment: Utilising business
continuity management as a
platform to increasing growth
Who’s getting it right and how:
A collection of local case
studies highlighting how SA
corporates have successfully
addressed specific business
continuity challenges
3
If your organisation manages to overcome
the challenges then it can benefit from
such things as;
• Having a mobile work force which
presents a good BCM strategy by de-
fault as users become accustomed to
working from various locations.
• Mobile users are better equipped to
deal with mundane interruptions, e.g.
severe traffic congestion and lack of
access to the normal work place.
• With the rapidly evolving consumerisa-
tion of mobile IT devices, organisations
embracing the technology now should
aim to be dynamic thought leaders
adopting to the ever changing IT land-
scape as opposed to setting fixed, rigid
technology strategies.
But WAR is by no means dead. In most or-
ganisations there are certain departments
that will require an office to work out of for
a number of reasons. For most part, fi-
nance and legal are just two of such de-
partments which require access to original
documentation and tend to be office
based by the nature of the work. Call cen-
tres are another example of employees re-
quiring office space in time of disaster,
should they not be able to work at their
normal place of work. One could not
imagine 600 call centre agents being de-
ployed to work from home, for numerous
reasons, security and remote connectivity
to start with.
Furthermore, there is already a feeling that
mobile users work against the harmony
and integration people build when work-
ing together in an office. With little team
interaction apart from through the internet
and emails, cohesion between working
teams breaks down. Some companies are
bringing people back to the offices revers-
ing ‘work from home’ or alternative loca-
tion trends.
I am all for technological advancement
and welcome the Cloud and growing
mobile workforces to improve resilience
and business continuity within organisa-
tions but also recommend that these fit
into sound comprehensive BCM principles
for the organisation. The Business Continu-
ity Plans of an organisation should be en-
abled by IT and not driven by IT.
To this extent most organisations will still re-
quire work area recovery incorporated
into their BCM strategies into the future.
Long Live WAR!
Say goodbye to downtime
Book for ITWeb's Business
Continuity 2013 today.
...because business doesn’t have
a pause button
In today's interconnected world, virtually
every aspect of a company's operation is
vulnerable to disruption. Some risks could
take your business offline for days, but in a
competitive environment, even four hours
of downtime could prove fatal. Yet in this
context, business continuity has to become
better, faster and cheaper.
Your business must demand an uncompro-
mising commitment to ensuring the resilience
and recoverability of systems. You will learn
how to achieve this at ITWeb’s Business
Continuity 2013.
So, future-proof your business by booking
your seat today.
4. 4
Updated Good Practice Guidelines recently issued by
the Business Continuity Institute offer practitioners and
companies alike a significantly improved set of
methodologies that are easier to follow and implement.
“Business continuity has grown consider-
ably as a discipline, and the new guide-
lines reflect that,” says Tracey Linnell,
general manager: Advisory Services at
ContinuitySA. “Good Practice Guidelines
2013 go beyond descriptive statements to
offer practical ‘how-to’ advice in layman’s
language. They will contribute to making
business continuity measures much more
effective.”
Linnell says that the Good Practice Guide-
lines complement the International Stan-
dards Organisation standard for business
continuity (ISO22301): following the guide-
lines will help companies ensure they com-
ply with ISO22301.
Among the improvements in the 2013
Good Practice Guidelines, Linnell singles
out the greater focus on the supply chain
and outsourcing. The guidelines go into
much greater detail to show how business
continuity plans must include suppliers.
“You are responsible for ensuring that your
suppliers have adequate business continu-
ity plans and systems in place,” Linnell
explains. “These guidelines take into
account that businesses operate in, and
are dependent on, complex ecosystems
and that business continuity needs to span
all their components.”
Another important improvement is the
guidelines’ deeper focus on the responsi-
bility of top management to support
business continuity initiatives – and how to
make that support a reality. For example,
they suggest building business continuity
into executive performance appraisals.
“Executive buy-in has been a problem in
the past, so practical advice on how to
obtain it is welcome,” she says.
A related issue is the embedding of busi-
ness continuity into the way a company
does business. Here again, the guidelines
notably shift focus from theory to action.
In general, says Linnell, this is an area that
receives too little attention but is vital if
business continuity plans are really to be
effective.
The 2013 guidelines also amplify guidance
regarding business impact analysis, and
show how this can be undertaken at
various levels: strategic, tactical and oper-
ational.
One area in which the 2013 guidelines fail
to deliver improvement is in the validation
process, where the 2010 guidelines offer a
set of processes that are more thorough.
However, says Linnell, the review portion of
the validation process is much improved.
“Once the business continuity plan has
been completed, it needs to be reviewed
for effectiveness. The 2013 guidelines offer
functions, execution processes, methods
and techniques as well as outcomes for
each of an expanded number of areas,”
Linnell says. “Crucially, the review process
also incorporates supplier performance –
another welcome recognition that a
company’s business continuity efforts must
cover the entire ecosystem on which it
relies.”
By Tracey Linnell, General Manager: Advisory Services at ContinuitySA
5. 5
Migration and Cross-Platform
Data Sharing Solutions
The recent data explosion has IT departments scrambling to adopt new storage
solutions. At the same time, aging first-generation systems are becoming a
liability, while new legislation is driving regulated industries to evolve their
infrastructure for increased security and availability. As if all of this isn’t enough,
mergers and acquisitions are at an all-time high and enterprises must quickly
integrate teams and functionalities using varied legacy platforms.
M
igration & Cross-Platform Data Sharing
solutions from Vision enable you to per-
form easy, no-risk, near-zero downtime
migrations to and from any combination of physi-
cal, virtual or cloud platforms. And, if you need to
share business-critical information between data-
bases, applications and platforms as rapidly as it
becomes available, we have the solution that
gives you the competitive edge you need.
Near-zero downtime migration solutions for any
combination of physical, virtual or cloud platforms
A Complete Migration Competency that Helps You
Succeed
Today, organisations deploy new technology
quickly to keep up with competitive forces and
expectations for profitability. With a long laundry list
of technology to-dos, your finite IT resources are
often stretched to the limit.
Vision Solutions has competency in the skills and
toolsets needed to eliminate the strain on your
resources; dramatically reduce server downtime,
and offset the risks associated with migrating
complex, multi-layered computing environments.
Regardless of OS or hypervisor, Vision Solutions
offers the technology needed to make every in-
house migration a success. And if you need more
horsepower, our professional services experts can
put their knowledge and best-practices method-
ologies to work for you. We’ve successfully
migrated tens of thousands of servers and have
several different ways to handle yours.
- Deploy strategic new systems more quickly
- Ease the strain on your internal IT resources
- Eliminate downtime
- Mitigate the risks associated with untested
processes
Migrations Made Easy
Double-Take Move allows you to migrate physical
and virtual workloads with real-time replication
from a single, intuitive user console. Protect your
productivity with resource friendly technology that
eliminates user and application downtime during
migrations. Double- Take Move migrates your entire
environment including the file system, permissions,
attributes, compression and encryption settings
without suspending production operations.
It also moves database files regardless of whether those files are locked by
applications. True data replication functionality precisely duplicates the appli-
cation’s native write processes with real-time transaction awareness.
Double-Take Move advantages:
- WAN-friendly, real-time data replication
- Moves operating systems, applications and data from one make, model and
server configuration to another
- Continuously captures byte-level changes to a server’s OS, applications and
data
- Hardware independent; can also be used for migrating virtualised workloads
back to physical servers
To learn more, watch our videos, read our product datasheets, listen to live-
conference from our expects, and download free white ‘Solving the Technol-
ogy Migration Puzzle’ and much more, visit the websites:
http://www.prodata.co.za/products/double-take/
http://www.visionsolutions.com/solutions/migration_overview.aspx
Contact us today:
jay.bradley@prodata.co.za / +27 11 561 0900
Wouter@visionsolutions.com / +971 (0) 50 847 6734 / +32 (0) 473 672974
6. 6
Business continuity management:
the value-add for
business interruption
Business interruption (BI) insurance provides businesses with vital protection against the possibility of a
severe disaster – something that, according to one source, one in every 500 businesses will experience.
When directors and executives look at ways to mitigate this risk and give the company its best chance
of returning from such a disaster, business interruption insurance is an obvious answer.
However, it must be understood that the
chances of a company surviving a major
disaster are slim. A leading brokerage
noted that 43% of companies that experi-
ence a disaster never reopen their doors
and that 29% close down within two years.
It follows that preventing a disaster from
happening in the first place should be a
businesses number-one priority, with the
second being a resilient and tested plan
for returning to the normal operational
state as soon as possible.
It is here that business continuity manage-
ment represents a massive untapped op-
portunity for insurance companies to
differentiate themselves from competitors,
and position themselves as true business
partners to their clients rather than simply
“premium-takers”.
Building this type of relationship with clients
is vital for insurers, given the trends that are
changing the industry. The main driver of
these trends is the increasingly connected
nature of business. This connectedness
has interlinkedsuppliers, providers and,
crucially, customers more closely and trans-
parently than previously – and has empow-
ered customers like never before. Thanks to
the Internet, both corporate and individual
customers now have unprecedented ac-
cess to information about competing prod-
ucts and services they wish to purchase –
including insurance. Customers’ expecta-
tions for personalised offerings and service
have also been raised.
And, as we all know, the Internet also fur-
nishes a platform on which customers can
broadcast displeasure at poor service or
unfulfilled expectations.
This type of transparency means that
insurers are under tremendous pressure to
provide products that are highly differen-
tiated and tightly focused on delivering
customer value.
When it comes to business interruption,
I would argue that business continuity
management offers a way to achieve
both goals. In a sense, business continuity
management and business interruption
insurance are sides of the same coin – pro-
tecting the customer from catastrophic
loss – and complement each other.
It’s important, though, to understand how
they differ. Business interruption insurance
kicks in after a disaster occurs.
Its value lies in the accuracy with which
the customer’s potential losses have been
calculated, and the length of time (in-
demnity period) for which they will be cov-
ered. It’s obviously vital in providing a
company with the cash flow needed to
pay those expenses that continue despite
the disaster (such as salaries) and also the
resources for re-establishing operations.
Business continuity management, by con-
trast, is more proactive because it provides
an holistic process to identify potential
threats and their impacts. Crucially, it also
offers a rigorous framework for building
organisational resilience, including the
capability for effective disaster response.
In short, while business continuity manage-
ment cannot prevent all disasters from
happening, it can reduce the likelihood of
one occurring, and can contain the loss of
revenue and reputational damage linked
with a disaster that does occur. It is a
mature discipline, and the recent intro-
duction of an ISO standard (ISO22301)
further strengthens it.
One might argue that by helping compa-
nies to reduce their risk, business continuity
management actually could reduce an
insurer’s premium income. But the fact of
it is that the majority of clients are already
underinsured for business interruption – by
30% according to one broker. This means
that when one gets to the claim stage, the
By Ryan Holmes, Business Development Manager: Western Cape, ContinuitySA
7. 7
Should you have any enquiries as to how you can make
a difference or would like to be included in regular
communication, please contact:
Louise Theunissen (MBCI)(PMP), BCI SADC Chapter Board Member
Mobile: +27 82 928 7158 or Mail to: bciafricaevents@gmail.com
BCI SADC Chapter Forums
insurer faces protracted disputes and the
risk of negative perception in the market-
place. In fact, as I have already argued,
it’s likely that the customer will go out of
business altogether, which means a total
loss of that income stream for the insurer.
By contrast, by working with a reputable
supplier of business continuity manage-
ment services, the insurer can position itself
as providing a more comprehensive ap-
proach to business interruption, one that
encompasses risk mitigation as well as risk
cover, and one that enhances the
chance of the client recovering from the
disaster. By providing these capabilities,
business continuity management should
ultimately lead to higher levels of customer
satisfaction, and perhaps the opportunity
to broaden the scope of the relationship
between the customer and the insurer – as
well as improved marketplace reputation.
And isn’t a good reputation one of the
foundations of the trust on which a suc-
cessful insurance business is built?
8.
9. By David Bollaert, Senior Advisor, Business Continuity Management at ContinuitySA
9
Business continuity
management is good
governance
“Corporate governance aims to put in
place the mechanisms necessary to en-
sure a company is sustainable, in every
sense. Business continuity management
has an important role to play in achieving
this goal because it identifies threats and
provides a framework for responding to
them,” says David Bollaert, senior advisor,
Business Continuity Management at Con-
tinuitySA.
The bitter truth is that controls don’t always
work to protect organisations against all
threats. When a catastrophe occurs, busi-
ness continuity management provides the
safety net that aids recovery. Bollaert cites
research by Rory Knight and Deborah
Pretty showing that companies with a re-
covery plan were able to respond better
to a crisis and were ultimately able to in-
crease their value relative to unprepared
companies by 22 percent by the 225th
trading day. Other research indicates that
25 percent of those companies that are hit
by a disaster simply never recover at all.1
It’s also worth noting that the sustainability
trends and risks faced by companies over
the coming decades are growing in com-
plexity and impact. Among them we
should list climate change and associated
extreme weather; scarcity of energy,
water and materials; increased popula-
tions; wealth disparity; increased consumer
demands; food security and massive ur-
banisation.
Other risks include increased global out-
sourcing, supply chain complexity, re-
liance on third parties and ICT to operate,
and a client base that is more aware and
demanding of demonstrated resilience
capabilities.
Perhaps unsurprisingly, the average
Global 1 000 company gives itself a 40
percent chance of suffering a catastro-
phe that would destroy more than 30 per-
cent of its market value over any five-year
period.2
“And yet, most firms are not adequately
prepared for disaster. However, those that
are prepared are far more likely to sur-
vive – and may even be able to take ad-
vantage of opportunities that might arise
during a crisis,” comments Bollaert. “For
that reason, the question of business re-
silience has entered law, through the
Companies Act, codes like King III, and
regulations like PASA. However, many of
these place too great an emphasis on IT
and not enough on the bigger business
continuity picture.”
Given the key role that business continuity
management can play in creating resilient
companies, its own governance is vital.
Released in May 2012, ISO22301 is the
global standard for business continuity
management, and provides a clear
framework for the policy and programme
management, ongoing monitoring and
reporting, and also the routine gover-
nance tasks that are needed.
Bollaert adds that business continuity man-
agement can also help companies realise
the benefits of sustainability. As compa-
nies reshape the way they do business in
order to take into account the need to be
sustainable, new opportunities for revenue
growth from environmentally-friendly
products and new markets open up. At
the same time, the pressure to drive re-
source and operational efficiencies can
help to reduce costs, and improved trans-
parency in identifying and mitigating risk
will enhance a company’s ability to sur-
vive and prosper.
“Sustainability and business continuity
management are closely interrelated,” he
says. “If they are seen as potential profit
centres, and levers of competitive advan-
tage, then they are likely to obtain greater
support from the board – and to be able
to present a better account of its strength
to investors and other stakeholders in its
integrated report.”
Good corporate governance is now mandated by law through the Companies Act. Compliance with the King
Code of Governance (King III) has also become a requirement for listing on the Johannesburg Stock Exchange.
Corporate leaders now recognise it as a prerequisite for good management and long-term sustainability of their
companies. Less widely recognised is the link between good governance and business continuity management.
1
JP Morgan Chase & Co, “Disaster preparedness planning: Maintaining business continuity dur-
ing crisis, disruption and recovery”, Perspective (2009), available at https://www.chase.com/
online/commercial-bank/ document/Perspective_DisasterPreparedness.pdf, p 2.
2
Intercep, “The business case for preparedness”, available at http://www.nyu.edu/intercep/
research/pubs/annotated-business-case_20-aug-2007.pdf, p 3.
10.
11. 11
1 Humour …
This article is not for everyone and I apolo-
gise in advance for those who might be
offended. Seriously though – take the hu-
mour with a pinch of salt.
2 Do you have a plan ….
I do hate hearing that phrase! In many an
organisation a plan is still about “burst
water pipes” and I am conscious that
there is a stigma in the upper echelons of
business which pegs Business Continuity
Planning at that level.
Scary! Isn’t it?
3 Human frailty ….
Interestingly enough we as humans go
through so much in any day (BAU) where
we plan activities, expedite those that
come naturally, make risk assessments
whilst drawing off experience and core
knowledge. We change the course of
activities, deal with issues, constantly man-
age our existence on tight budgets, build
resilience to cater for lean times and YET -
the moment we enter our business prem-
ises we shrug off all those qualities and
expect someone else (usually the senior
management) to hold our hand, protect
us and make all the decisions on our be-
half. As humans we face an inordinate
amount of risk and threats in any one day
and yet we make it through the day –
admirably so.
4 The organisation
I reflect on my slightly ageing body and
marvel at what a wonderful organisation
it is.
The brain (exec) is still pretty dynamic, it’s
mature (well not always as I am a boy at
heart, so slightly risk tolerant), and it has
developed a remarkable propensity for
survival in spite of the many crises
(resilience) – instinctively reacting to
circumstances and making decisions all
the time – some at lightning speed (adapt-
able).
It is creative, passionate, competitive and
professional (amongst other qualities). My
brain however isn’t very resilient - it occu-
pies a small but key piece of my body ter-
ritory - and I don’t have a spare one if this
one goes defunct. The best my brain can
do is tell the rest of the body not to do stu-
pid things that puts it in harm’s way. Yes -
my brain can subconsciously manipulate
my body to instinctively avoid immediate
dangers and while that characteristic has
matured quite well over the years it is still
reliant on the rest of the body being in
good condition - so regular maintenance
of the limbs and internal organs (opera-
tional bits) is mandatory. More so the skin,
hair and nails need to be kept tidy, in
good health and toned (branding). The
face, gestures, postures and clothing re-
flects upbringing, culture and style of my
“organisation” (more branding and some
marketing).
Fortunately we have some spares (contin-
gency options) which we could cope
without but with some limitations (arms,
legs, eyes, ears, lungs, kidneys and those
things). In some cases we have lots of
spares for the things we use the most (such
as fingers).
The way the brain interacts with other
humans (societal organisations) reflects
the standards my organic organisation
adopts. It stands to reason therefore that
if other humans do not adopt equally high
standards and decent behaviours that my
brain (exec) is unlikely to interact with
them - and in most cases may well avoid
those people.
There are many benefits which my brain
(exec) enjoys from keeping this organic
organisation in a good state. As a result
the rest of the body gets plenty of rewards
- but more importantly the family of
related organic societal organisations
(wife, kids, in-laws, grand children, siblings,
friends, colleagues, etc) benefit from this
one enterprising existence.
Of course - it (the organic organisation)
cannot go on forever but the values,
passion, reputation and standards are
passed on in some way to all those who
are a constant in the lifespan of my
existence and so, even in death, my
existence continues - just more widely
spread (succession planning) and no
doubt branded differently (changed).
I could extract this analogy to fill another
20 pages but you get the idea!
By Eugene Taylor
FBCI MIoD(UK)
TaGza (UK and RSA)
www.TaGza.Biz
Organisational Resilience
Planning - Life,
Death and
Resilience
12. 12
5 A day in the life ....
My exec (the brain) has a number of vital
objectives to achieve each day and then
it has other objectives as part of it’s never
ending medium and long term goals -
often requiring tweaking of plans as a
result of circumstances in a constantly
changing environment.
Here is my story for
one day ....
I get up reasonably early and contem-
plate my objectives, have a shower and
a shave (health and safety) and contem-
plate my objectives some more. I have a
cup of coffee (mandatory compliance).
I kiss the wife (more mandatory compli-
ance but also good public relations man-
agement). Some of my objectives need
re-arranging as the wife needs me to pop
by the shops on the way home (project
management and change). I look at her
stunning features and have some naughty
thoughts (and book mark an idea for the
board / brain).
I get dressed and prepare to go to work
(governance compliance, branding, rep-
utation, survival). I contemplate my objec-
tives some more. Then I get side tracked
and dwell on this “going to work”
malarkey. Why go to work? Well I don’t
own a farm and need some food and if
that naughty thought is to see the light of
day I need to get some collateral to set
the scene - house, car, flowers, diamonds,
new after shave (major cost impact con-
sideration, review of revenue generating
strategy and serious project management
needed).
Oops! I have been distracted from my
core business of survival - but the benefits
far outweigh the risks (entrepreneurial
development in progress with some risk
assessment). I bring myself back to reality
and focus on more achievable objectives
- driving to work (mundane BAU stuff - all
risks having been assessed and mitigated).
I don’t remember picking up my keys
(pure habit from having a standard
approach). I don’t remember even open-
ing the garage door to get my car out
(objectively focussed and risk resilient).
I do remember kissing the wife (more good
public relations - fuelling an option for ex-
ploring that naughty thought - which is fast
becoming a sub conscious objective).
I drive to work – I don’t remember how
many traffic lights I went through or even
what colour they were. I don’t remember
how many bicycles I swerved past. I don’t
even remember how many expletives
came to mind when encountering the less
competent and downright overly risk tol-
erant organic organisations along the
way.
Heck! I don’t even remember which route
I took or whether I changed my mind. I
definitely know what speed I drove at be-
cause I drive at the speed limit - of a jet
plane.
I didn’t even give a thought to the
amount of fuel I had or the condition of
my tyres (resourcing). I don’t even remem-
ber putting my brief case in the car or
even checking its contents (security).
I don’t even remember checking my wal-
let (funding) to see if that naughty thought
had a chance - thank the lord for debit
cards, overdraft facilities and credit (risk) -
now I remember why I have to go to work.
I get to work safely and haul out my secu-
rity card (security management) - didn’t
even bother to check I had that. I think I
greeted the reception security and I must
have swiped my card - I really don’t re-
member doing that.
Suddenly - I am no longer operating within
the realms of sub-conscious competence
(doing things effectively without thinking
about them).
I am now a mound of jelly trying to re-
member the gazillions of policies pub-
lished on the intranet and waiting for the
booming voice of my boss to re-direct MY
objectives that I have carefully consid-
ered throughout the morning.
She’s quite sweet actually (my boss) - no
naughty thoughts there (against one of
our policies) - but I don’t like the beard nor
the swash buckling cutlass she carries
under her arm - I DO remember that, al-
though I think it was her iPad with a copy
of all the policies - waiting for a chance to
catch me in breach - which she won’t
(corporate culture and behaviour is in-
grained).
I remember what I am employed to do,
avert Madame Black Beard and get
started (dedication).
I read through some 200 eMails and idly
calculate that a) there are a lot of people
with no life who work until midnight and b)
if each email takes me 20 seconds to
briefly scan to decide whether it needs an
action then I am spending ONE Hour a
day of my precious time reading diatribe
from others who don’t know how to use a
phone as a phone any more. I work out
further that on average I need to deal
with at least 20 of these mails and those
take about 10 minutes a pop! So another
THREE+ hours on email (time manage-
ment). OK - so 3 hours left to do my job
which includes sitting in boring unstruc-
tured meetings for 3 hours (strategy and
delivery management)! Ah! Now I know
why those others work until midnight (re-
source management, commitment).
I reflect on the possibility that I am more
grumpy than usual (incident manage-
ment) and so I turn my attention to that
naughty thought to cheer me up and de-
cide I WILL take lunch and to heck with
the ever increasing pile of work (risk assess-
ment).
Anyhow - the day goes on and everything
gets further out of control (crisis manage-
ment). I fast track some of my work by
sending emails and temporarily transfer-
ring the liability (risk management), catch
up with a lot of proper work (efficiency
and quality), manage lunch (pause and
reflection) and notice Madam Black
Beard has put away the cutlass (customer
satisfaction). She’s also stopped growling
and barking orders so I must have done
something right (performance assess-
ment). So, that’s HER objectives sorted
then (project management).
I make a decision to come to work early
the next day (loyalty).
I go through the same conscious compe-
tence routine to leave work as when
arriving at work - naturally I don’t walk
backwards or out the entrance gate
(security).
I somehow manage to get back home
without incident (sub consciously compe-
tent) - except someone at the shop had
been noshing garlic for lunch (incident
management). I like garlic but it’s not that
great on someone else after 3 or 4 hours
fermentation in the executive suite (the
mouth).
13. 13
6 That naughty thought .....
There is a spring in my step when I walk
through the door. I am armed with all the
collateral to woo my good lady. I kiss her
gently behind the ear - and she shivers
(but it is cold here in the UK and the door
is open).
I uncork the wine, pour her a glass, haul
out the flowers and arrange them near
her favourite spot in the house (all con-
sciously designed).
The scene is set ..... (planning)
I now lean over, tickle her ear (which has
warmed up) and whisper sweet nothings
in an alluring purring voice (marketing).
Actually what I said was ......
“I have the Jeremy Clarkson box set of Top
Gear and wondered if you would enjoy
watching them with me”.
Voila! Instant acquiescence - a thought in
the morning materialising in a result!
7 Messages
If you managed to read through this article (resilience) there are many messages how
we apply ourselves naturally to the ever demanding tasks of getting through one day.
Throughout the day, starting from when we wake up to when we go to sleep we are
dealing with a myriad of disciplines (risk, threat, incident, project management, strategy,
planning, security, quality, health and safety - to highlight a few).
Yet - when we get to work we have to consciously focus on corporate behaviour re-
quirements, compliance requirements and most importantly our day job. We regularly
and formally change our working plans to accommodate objectives and management
needs. Yet we manage our personal lives pretty routinely - even though there are many
more responsibilities and ad-hoc activities that we subject ourselves to.
Business Continuity Management is the one symbiotic discipline that encourages that
very subconscious competence within people. It shouldn’t be hard, or require particular
focus. It is a mature subject and needs to be fully understood.
Planning is not just the “burst water pipe” plan. It’s about all the disciplines in an organ-
isation working as one cohesive product as a fundamental strategic element for devel-
oping resilience and response capability. It allows us to get through each day pretty
unscathed.
We are remarkably resilient as humans. We should be remarkably resilient as organisa-
tions so that communities can sustain life, continue in spite of death and further develop
ongoing resilience (Societal Security).
Planning - Life, Death and Resilience
14. 14
That’s a problem which can be solved with today’s technology,
says Scott Orton, sales director at Triple4. “The answer is a man-
aged backup service which ensures backups are always done –
and always done properly,” he points out.
All well and good, but Orton says there is one other criterion which
isn’t particularly liked by those who sign the cheques. “There’s a
definite perception that managed backup means a high cost and
therefore doesn’t add as much value as it should. As a result, while
many systems administrators are well aware of the availability of
backup services, it’s the price that keeps them doing it manually.”
Triple4 is setting out to challenge the status quo by introducing busi-
ness-grade managed backup services at what Orton describes as
an ‘affordable price’. “We’ve taken the approach of providing a
simple, affordable, yet enterprise capable backup service,” he
confirms.
Simplicity is built into solution, with a straightforward structure de-
signed to meet the backup requirements of the vast majority of
customers. Features of the Triple4 backup service include:
• A single per-gigabyte cost based on customer production
data. Triple4 doesn’t charge for the amount of data consumed
in its cloud environment
• All enterprise-class application-aware backups are included
• Customers can backup locally and replicate to an offsite data
centre, all inclusive in the per-gigabyte cost
• Daily backups are retained for two weeks, monthly backups
for 12 months and a yearly backup is retained. This is all-inclu-
sive in the per-gigabyte pricing
• Day to day management of the solution is included
• Triple4 provides a ‘pay per use’ Disaster Recovery model that
can be added to the backup service for those clients who re-
quire it
• A web portal is available for customers to remotely view and
download their data as required.
“We’ve set out to create and deliver a solution that is big on value
but small on cost. It is a fully inclusive enterprise-grade backup serv-
ice that only charges for the amount of data customers are using
in production, and not the amount that is stored in the data cen-
tre,” says Orton.
So confident is he in the value and performance of the Triple4
backup solution that he says IT administrators (and financial man-
agers) are welcome to contact the company for a free proof of
concept. “We think our solution offers great value – and we also
think anyone who sees it for themselves and sees the pricing, is in-
clined to agree.”
Triple4 offers simple and affordable
enterprise backups
Ask any IT administrator which task is the most painful for them and the chances are very
good they will reply ‘backup’. While this has never been a popular or enjoyable job for
the vast majority of those tasked with doing it, backups are also enormously important,
with their value often only appreciated when it hasn’t been done properly.
For more information contact
sales@triple4.co.za
or visit www.triple4.co.za
15. 15
ContinuitySA launches
cost-effective, secure
virtual fax solution
Fax remains a widely used technology in certain industries and geographies, and yet many companies
have not taken advantage of new technology approaches to reduce costs and improve performance,
says Rudy Sutton, solutions architect at ContinuitySA.
The facts speak for themselves. More than
16 billion faxes are sent each year, ac-
counting for 10.3 square miles of forest and
adding unnecessary expense to the office
budget.
“Government, banking, finance and insur-
ance are just three industries that continue
to rely heavily on faxing, and yet somehow
the technology they use remains rooted in
the past,” Sutton says. “Traditional faxing is
far from secure as fax machines are gen-
erally shared, and the paper and ink costs
can be horrendous. Even those compa-
nies that are using fax-to-e-mail solutions
are spending more than they need to.”
One reason for this overspending, Sutton
explains, is that companies are paying for
premium fax numbers without even being
aware of it. Another issue is the constant
need to upgrade the technology, imple-
ment patches and so on.
ContinuitySA has partnered with the Virtual
Group to create a virtual, hosted fax solu-
tion that brings this still-useful technology
into the 21st Century.
“Because it uses the cloud computing
model, the virtual fax solution is billed per
use using true per-second billing, and we
offer our clients up to 10 years archiving at
no cost. We also provide them with high
security via an access-controlled fax vault,
which can be managed remotely,” Sutton
says. “It’s also very quick—around one
minute to transmit one fax page. And be-
cause it is hosted by ContinuitySA, the
leading African business continuity
provider, the entire fax environment has full
disaster recovery in place, so data is al-
ways safe.”
Sutton says that the solution typically
shaves off 20-30 percent of the cost of a
traditional fax-to-e-mail solution.
When used from a PC, the user simply
sends an e-mail using the e-mail
programme to the fax number@
faxsend.co.za. Incoming faxes are re-
ceived the same way. No fax machine, no
paper, no ink. The system automatically
generates delivery notifications and has
an automatic retry capability. It takes, says
Sutton, a very short amount of time to get
a user with an existing e-mail address and
Internet protocol address up and running.
“ContinuitySA is using the solution and we
found it was extremely easy to get all our
offices connected,” Sutton observes. “We
are starting to take the solution to our
clients and they are very interested in the
cost savings, the security and archiving,
and the ease of use. Faxing really has en-
tered the Cloud Age.”
By Rudy Sutton, Solutions Architect at ContinuitySA
16. 16
ABSENTEEISM: ERODING
COMPANY PROFITS
Article by CGF Research Institute
A
s the world economy struggles
to regain its former pace and
growth since the onset of the fi-
nancial crisis in 2008, companies
and their leadership may have overlooked
a growing area of risk which could be
costing them dearly. In almost all cases
companies are able to count their losses
in, for example, a line item which has an
attached tangible value on their balance
sheet from one period to the next. And
these losses – or profits as the case may
be – are invariably linked to a known risk
which has been, or is still in the process of
being managed. The point being that
whether such a loss (or profit) is made, is
normally directly linked, defined and
clearly understood by the people respon-
sible for ensuring the financial health of a
company. Indeed, these people – who
comprise the chief executive officer, the fi-
nancial director and even the internal au-
ditors -- are generally considered the core
leadership team who are responsible for
the proper governance of the company’s
daily operations, which entails both the
financial and non-financial aspects of the
company. Whilst there have been numer-
ous corporate governance recommenda-
tions documented across the world,
notably those such as the King Report on
Governance for South Africa 2009 (‘King
III’) which emphasiSes the need for inte-
grated reporting amongst other issues;
one can’t help but wonder whether or not
the company’s leadership have suffi-
ciently applied their minds and reported
the costs attached to their Human Capi-
tal, especially when employees are
absent from their workstations and without
proper permission?
In many companies, Human Capital has
been considered a ‘soft issue’ and not
much attention is allocated to this critical
‘asset’, unless of course there is a blatant
problem, say for example a looming strike
or a contagious health outbreak amongst
employees or worse, the death of an em-
ployee. Clearly these types of examples
pose tremendous risks to a company and
its sustainability, and they are not such ‘soft
issues’ especially when the business’ con-
tinuity is negatively affected. On the con-
trary, whilst these risks – which are quite
obvious and visible – can also have signif-
icant impact upon a company’s produc-
tivity and its profits, there is yet a further risk
which is much greater than these already
mentioned, namely absenteeism.
“While it is possible that high levels of
absenteeism may be as a result of the
nature of the work or the physical
environment in which it is carried out, in
many cases I believe the root cause is
more likely to be lack of job satisfaction
or motivation on the part of the employ-
ees. In short, if people enjoy their work,
enjoy the environment in which they
work and feel valued, they are far less
likely to take time off unnecessarily.”
Alistair Schofield
Article: Absenteeism - problem or
symptom?
At the face of it, absenteeism may initially
be completely undetected, and in fact
not known about, or completely misunder-
stood and not managed. In many re-
spects, absenteeism can be likened to a
‘silent cancer’ that slowly erodes the com-
pany’s profits, productivity, morale and
even its culture. In the workplace, absen-
teeism is one of the most common
problems facing South African (‘SA’) com-
panies and it is estimated to be costing the
South African economy – according to
the South African Chamber of Commerce
By Terry Booysen – (CEO)
CGF Research Institute (Pty) Ltd
17. 17
(‘SACOB’) – between R12bn to R20bn
each year. In its most common form, em-
ployees will claim to be ‘sick’ and then
stay away from their workplace to maxi-
mize their days for annual sick leave, and
even exceed their benefits well beyond
reason. Expectedly, an unsuspecting com-
pany may not at first easily detect such
abuse against the company (especially in
larger companies and state owned enti-
ties), mainly because the stay-away may
have appeared legitimate as the em-
ployee may have produced a doctor’s
certificate to validate their ‘illness’.
But absenteeism need not necessarily
mean that an employee has to physically
be away from their employer’s premises
without their employer’s permission. Ab-
senteeism also covers instances where
employees are physically away from their
work stations and are therefore unable to
fulfill their obligations to their employer.
Such circumstances include the employee
habitually arriving late or leaving work
early; taking extended tea, lunch or toilet
breaks; taking excessive and unreason-
able time to complete work assignments
and attending to personal issues such as
shopping during working hours.
The average absenteeism rate amongst
SA companies is conservatively estimated
between 3.5 and 6 per cent per annum,
and with its increasing trends, suggests it
may be a growing crisis within companies
and the economy. And with the recent
Reserve Bank announcement that South
Africa was unable to attain a full one per
cent (1%) GDP in the first quarter of this
year; it’s clear that an unhealthy, lethargic
workforce is not going to assist to rapidly
improve this dire situation. Companies who
are plagued with this scourge, and more
particularly those who do not take proac-
tive action to remedy the situation, will
most certainly feel the direct and indirect
effects on their bottom line earnings. Some
of the expenses linked directly with absen-
teeism include payments for employees
who are not at work, increased insurance
premiums, additional salary compensa-
tions, benefit payouts, or paying for em-
ployees who are at work but who are
“disengaged” and therefore not adding
to the overall profits of the company (pre-
senteeism).
Many organisations are mostly worried
about absenteeism levels and the
management thereof. However, research
has shown that presenteeism proved to
be more costly to organisations because
it directly impacts on productivity and
service delivery. It is estimated that pre-
senteeism is costing US companies
$150 billion per year. The term presen-
teeism has been defined in 1994 by
UK Professor Cary Cooper. He defined
presenteeism as "workers who remain on
the job but who are not as productive as
usual due to illness, stress or any other
type of distraction".
Saehws Afriforte
Article: Identify and Manage
Presenteeism Risks
Let us also not be tempted to believing
that absenteeism occurs only amongst the
lower-level workers; it also happens
amongst professional employees, and is
sometimes worse at the higher levels com-
pared to what is recorded at the lower
ranks. Whilst there is limited research pub-
lished in SA regarding the management or
control of ‘sickness’ absence, according
to the Adcorp Employment Index (April
2012), there has been a four-fold increase
in absenteeism due to sickness since 2007.
Moreover, in 2001, whilst 0.7 percent of SA
employees were absent from work due to
sickness, this percentage increased to 3.4
percent in 2011 despite no notable in-
crease in the number of people employed
over the past decade. Considering these
facts, companies need to not only address
their management and policy processes,
but they may also need to consider the
reasons behind absenteeism and which
appear to be escalating this trend. Some
of the reasons cited by employees that ex-
acerbate absenteeism include;
• poor income levels of employees,
• poor communications and relations
between management and employees,
• poorly managed workplace disciplinary
procedures,
• unincentivised employer productivity
programmes,
• poor working conditions and / or the
boring or repetitive nature of work, and
• unfavourable geographic location of
the workplace and / or workstation.
Finally, caution must be exercised by com-
panies who may choose a more dracon-
ian approach to stamp out absenteeism.
Remember of course that an employee
has many rights (as does the company)
and these are essentially found in our con-
stitution, our common law, the Basic Con-
ditions of Employment Act 75 of 1997 and
the Labour Relations Act 66 of 1995
amongst other legislation. No matter how
your company may wish to address this
escalating problem, sadly, research sug-
gests that notwithstanding the most noble
sickness-management systems and pro-
grammes being implemented, few com-
panies have effectively managed to solve
this problem which is eroding the com-
pany’s profits.
Perhaps companies should be involving
their employees more fully into the com-
pany’s strategy and explain to them how
they will personally stand to benefit from
the company’s overall performance? This
may change the employee’s attitude to-
ward the company and hopefully they will
be more willing to support the company
with better workplace attendance and
personal performance within a shared
stakeholder governance model. Of course
there’s no telling what the outcome will be
if the company is continually posting
losses, or if the employee is also going to
be held responsible with management
when productivity is down? But then
again, the company also has its rights, and
employees who are caught defrauding
the company of time through this mali-
cious practice could find themselves fac-
ing disciplinary action, being placed on
terms, or simply fired once they have been
proved guilty.
18. As recent cyber-attacks and natural dis-
aster events have shown, the need for
IT disaster recovery preparedness has
never been greater. However, research
indicates that less than half of all com-
panies have a disaster recovery plan in
place, and even fewer have actually
tested their plans to see if they will work
as expected.
This need to uncover the value of disas-
ter recovery planning and testing, as
well as gain a better understanding of
DR best practices to make prepared-
ness more cost-effective and efficient
was the driving force behind a recently
created Disaster Recovery Prepared-
ness (DRP) Council. Formed by IT busi-
ness, government and academic
leaders to address these issues, its mis-
sion is to increase DR Preparedness
awareness, and improve DR practices.
The DRP Council has developed an on-
line Disaster Recovery Preparedness
Benchmark (DRPB) Survey. The survey is
designed to give business continuity,
disaster recovery, compliance audit
and risk management professionals a
measure of their own preparedness in
recovering critical IT systems running in
virtual environments.
Tweet This: @DR Preparedness Compli-
mentary Online Survey Now Available
http://bit.ly/ZiAxyl
Founding members of the DRP Council
include:
• Steve Kahan, Council Chairman,
PHD Virtual
• Dave Simpson, Sr. Analyst, 451 Group
• Bilal Hashmi, Sr. Systems Engineer,
Verizon
• Michael Sink, Director Data Center
Technologies, University of South
Florida
• Steve Lambropoulos, University of
South Florida
• Darren Hirons, Principal Systems Engi-
neer, UK Health & Social Information
Centre
• Tyrstan Trenberth, CEO and Manag-
ing Director, Trenberth LTD
• Riaan Hamman, CTO, Puleng Tech-
nologies
• Carlos Escapa, Council Research
Director , PHD Virtual
• Anita DuBose, Council Research
Director, PHD Virtual
“Users can now benchmark their own
disaster recovery preparedness and
find out real answers on how they
would be able to get their IT systems up
and running within a realistic time-frame
to meet stringent business require-
ments,” said Steve Kahan, Chairman of
the DRP Council. “Just 10 minutes of
their time will provide them with some
immediate feedback and a bench-
mark score that rates your DR prepared-
ness with other companies that have
participated.”
“I am unsure if our current best prac-
tices are the best or most efficient ways
to deliver our SLA,” said Darren Hirons,
Principal Systems Engineer, UK Health &
Social Information Centre. “Learning
about best practices through the Disas-
ter Recovery Preparedness Benchmark
could help us learn new ways to shorten
the SLAs and deliver better service to
our businesses.”
The DRPB survey provides a benchmark-
ing score from 0-100 that measures the
implementation of IT disaster recovery
best practices. DRPB benchmarking
scores parallel the grading system famil-
iar to most students in North America
whereby a score of 90-100 is an “A” or
superior grade; 80-99 is a “B” or above
average grade; 70-79 is a “C” or aver-
age grade and 60-69 is a “D” or unsat-
isfactory grade. Below 60, rates as an
“F”, or failing grade.
Supporting Resources
Disaster recovery Preparedness Council: http://drbenchmark.org/about-us/our-council/
Disaster Recovery Benchmark Test: http://drbenchmark.org/benchmark-survey/survey-overview/
18
Groundbreaking IT Disaster Recover
Preparedness Benchmark Survey
Now Online
South African, Riaan Hamman, from Puleng Technologies,
appointed to a New Global Research Advisory Council
Created to Help Provide IT Professionals with a Reflective
Measure of Their Own DR Preparedness.
Preliminary Results Report 2013 available on the pages following this article
25. 25
Do you know how well
your business could
survive a disaster?
A business’s ability to survive disaster is a key competitive advantage – and
demanded by regulators and shareholders. What are the key success factors
you should be evaluating?
As members of boards and key board
committees like the audit committee,
chartered accountants play a well-recog-
nised role in South African corporate life.
Those oversight roles increasingly include
risk management, an area into which busi-
ness continuity management clearly falls.
Business continuity management involves
planning for possible future disasters in
order to protect the company’s critical
business processes – and thus its value
streams – from disruption. The discipline
arose out of the need to protect IT systems
(IT Continuity) but now has come to a
more holistic view, hat cuts across all key
components of an enterprise, ranging
from workforce continuity concerns to sup-
ply chain matters.
The growth in importance of business con-
tinuity management can be traced also
to the broadening understanding of cor-
porate governance and risk management
contained in the King Reports, the new
Companies Act, JSE requirements and the
Code of Practice of the Institute of Risk
Management. These South African drivers
are strengthened by international devel-
opments such as the Basel Accords in
banking, Solvency II in insurance, the Cad-
bury Turnbull or Combined Code Reports
in the United Kingdom and the Sarbanes-
Oxley Act in the United States.
The need to measure
For all these reasons, people with very dif-
ferent skillsets became involved in business
continuity one way or another. Addition-
ally, of course, organisations are at differ-
ent stages of business continuity maturity.
It became apparent that members of
boards and their committees needed a
consistent, objective way to measure the
effectiveness of business continuity man-
agement programme.
In order to discharge their responsibilities
effectively, boards are finding it helpful to
have a clear structure in place to assess
their business continuity arrangements.
In my experience, there are 12 success
factors for effective business continuity
management, and so I recommend using
them as a way to provide a structured and
logical way for people with varying skills
to get an objective view of their com-
pany’s business continuity management
capability.
In the remainder of this article, I propose to
explore some of the key elements in each
of these success factors.
Executive support. Governance and
executive support are crucial for success.
It’s important to assess whether business
continuity management has become part
of the corporate culture. Is there a high-
level, defined objective with a policy
framework aligned to the business? Is
there a steering committee of some kind
and, very important, a budget?
Resources and expertise. No business en-
terprise can be successful without the right
people. Given its magnitude, more than
one person is likely to be required. Other
considerations include skills, training and
performance appraisal.
Core enterprise threat assessment. The or-
ganisation needs to understand which re-
sources it relies on, and what the impact
of a disruption to each would mean. It also
needs a thorough assessment of the
threats to each of these critical resources.
Extended enterprise threat assessment. All
businesses to a greater or lesser extent de-
pend on a wider network of suppliers and
business partners. This extended value
chain requires the same assessment. Reg-
ulatory and legal risks would fall into this
category.
Continuity strategies. Having completed
the previous two assessments, the organi-
sation also needs to have identified possi-
ble solutions, and evaluated each one
based on a cost/benefit analysis that
takes into account its appetite for risk. This
evaluation should culminate in the selec-
tion of various Continuity strategies.
Incident management framework. The or-
ganisation’s framework for dealing with a
disaster should include management ac-
tions at the strategic, tactical and opera-
tional levels. It’s very important that there
be defined communication links between
these levels, both during the event and
thereafter – the latter in order to assess
success and learn lessons. The framework
needs the right infrastructure to operate in
the form of, perhaps, a command centre
and a bulk-SMS capability.
Incident response. In the event of an inci-
dent, are there processes in place to pro-
tect the organisation’s most valuable
assets: its people.
Reputation management. Depending on
the company’s business and the nature of
the incident, its reputation could be dam-
aged.
By Karen Humphris, Senior BCM Advisor, ContinuitySA
26. 26
Is there a crisis media management plan
and policy in place, and is there aware-
ness in the organisation about the reputa-
tional implications of a possible incident?
Business continuity plans. These plans
need to be based on agreed objectives
about the initial response, and how long it
should take to resume normal business op-
erations.
Recovery infrastructure. Has the organisa-
tion provided an alternative infrastruc-
ture? This infrastructure would include
work areas for administrative staff, and/or
specific equipment in the case of a man-
ufacturing operation. Are there supporting
resources in the event that it becomes
necessary to move to an alternative site?
Such resources might include, for exam-
ple, a “battle box” that contains staff con-
tact details and the business continuity
plans – basically what would be necessary
to get the workplace successfully shifted
to the alternative site.
Other considerations would include an as-
sessment of the risk profile of the alterna-
tive site. Is it sufficiently distant from the
primary site, and does it have sufficient in-
frastructure in the way of utilities and so
on? And whether the alternative site is
managed by a third party or the organi-
sation itself, it is imperative that there are
service level agreements in place and
that the service provider has its own busi-
ness continuity management plans in
place.
Testing. Inevitably, testing is the success
factor that companies find most difficult
to get right – but one needs to admit that
if a business continuity management plan
is not regularly tested, its effectiveness is al-
ways in doubt. A disaster is not the time to
discover holes in your business continuity
thinking and arrangements!
There are various testing methods, among
them desktop walk-throughs and simula-
tions. Many companies also perform real-
life drills, in which they inform a particular
division that a specified disaster has oc-
curred and then let it activate its business
continuity plans for real.
Assurance reviews and audits. In this final
success factor, one needs to look at
whether a change management frame-
work is in place, plus an audit function and
management reviews. All of this is neces-
sary to ensure that there is a culture of
continuous improvement within the busi-
ness continuity management area.
Scoring
As will be clear, business continuity is a
complex and far-reaching discipline, but
breaking it down into these 12 factors
makes it easier to assess methodically.
Each factor can be scored according to
international standards and good prac-
tice guidelines. Our scoring distinguishes
between five levels of maturity, from Level
1 (cannot recover from or survive a
disruption) to Level 5 (recoverability is cer-
tifiable). These levels correspond to per-
centage ranges, and so each success
factor’s elements can be rated in terms of
percentage to generate an overall level
for that factor.
The assessment results are granular
enough to provide many different analy-
ses; for example, business units or individ-
ual sites could be assessed.
Having thus provided a snapshot of where
the organisation is at present, it’s now
much easier to identify where it wants to
be – and how to get there.
And that’s surely the key, because better
business continuity management is aimed
at ensuring a company that is more re-
silient and thus at protecting shareholder
value.
Prodata Distribution, is a value added ICT Distribu-
tion Company headquartered in Lyme Park,
Johannesburg, South Africa.
Established in 1992 it works with an extensive
network of channel partners in the Sub-Saharan
African region, and offers a wide range of
software and specialist hardware solutions to
meet the requirements of corporate, public
sector and educational institutions.
Direct Enquiries to: enquiries@prodata.co.za
0861 PRODATA | +27 11 561 0900
www.prodata.co.za
27. BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
“CREATING
STRATEGIC
BUSINESS
PLATFORMS
FOR
INTELLIGENT
INNOVATION”
Conference Overview:
It is of vital importance, for the sustainability of a Company/ Organisation, to have an ongoing Man-
agement Level Process IN PLACE to ensure that necessary steps are taken regularly to identify probable
Accidents, Disasters, Emergencies and Threats. Every Company/ Organisation has an obligation to en-
sure that it is adequately prepared to deal with unexpected events and those Companies/ Organisa-
tions which disregard this obligation face a gauntlet of unacceptable Risks. This involves assessment of
the potential effect of such events, development of recovery strategies and plans. Moreover, there has
to be a stable maintenance of readiness through Personnel training and testing. As a result, it is crucial
for a company to adopt a Business Continuity methodology for manifestation to value disruptions that
might occur at any given time. Effective Business Continuity Management helps to minimise the effect
of symic events/ disruptions on a Company/ Organisation and also reduces the Risk of Financial loss.
BizStrat’s 3rd Annual BCM & Disaster Recovery Conference will highlight the core Issues and Solutions of
Business Continuity Management with regard to Enterprise Risk Management, Disaster Recovery and
Scenario/Contingency Planning etc. The Conference will bring together Business Continuity Profession-
als, Risk Management Executives, and Disaster Recovery Specialists etc. from all Industry Sectors as well
as Government Departments & State Owned Companies, who have the desire to increase their knowl-
edge base and gain insightful information regarding Best Practices and Strategy. Our Speaker panel
consists of Senior Executives, Directors and Industry experts, who will be identifying and examining pro-
cedures as well as Strategies, which will enable Companies to respond to Accidents, Emergencies and
Disasters without any stoppage or hindrance to its key operations. This Conference will also provide
Strategies to enlighten and enable the recovery of your critical systems within an agreed timeframe.
Inaugural BCI Africa Awards: The BCI Global Awards recognise and celebrate the fantastic achieve-
ments of Business Continuity professionals working out in the field in every country in the world.
The awards are one of the key outputs of the institute and provide an important platform to put the
spotlight on some of the amazing talent working in this rising industry as well as to highlight the need for
organisations of all sizes to start putting business continuity high on their strategic agendas. It also pro-
vides a platform to encourage new blood into the industry. The BCI SADC Chapter in support will be
hosting the Inaugural BCI Africa Awards this year and will be opening the awards to everyone working
in the business continuity industry across Africa. The BCI Africa Awards will be held on the evening 10th
of September in conjunction with the BizStrat BCM Conference scheduled for the 10th and 11th of
September in Sandton.
Key Topics to be addressed include:
• Your Risk Thermometer
• Building Organisational Resilience – ERM
meets BCM
• The Risk in the Cloud, Management
Systems in BCM
• Incorporating Risk Management into the
BCM
• Developing an ERM program
• Scenario Planning as part of the BCP
• Building a Governance Framework for
your Risk Management
• Black Swan Risks
Who must attend?
• Senior Executives with the authority to Plan and
Execute Strategy in their Organisations including
CEO’s, MD’s, CIO’s, IT Directors/Managers,
CRO’s, CTO’s etc.
• Group Strategists
• BCM Directors, Managers, Specialists
• Strategic Planners
• Business Strategists
• Risk Managers
• Compliance Managers
• Contingency Planning
• Business recovery Specialists
• Disaster Recovery
Platinum Sponsor:
Endorsed by:
28. BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
CONFERENCE CHAIRMAN:
MICHAEL DAVIES: Chief Executive Officer, ContinuitySA has been involved in the Busi-
ness Continuity Industry for almost ten years, progressing from Financial Manager to
Financial Director and ultimately CEO of ContinuitySA. He has spoken on Organisa-
tional Resilience at BCM Conferences and heads up the largest independent BCM
supplier in Southern Africa. Michael has completed a B.Com degree from the Uni-
versity of Natal and a MBA from the Henley College in the UK. He is an affiliate of the
Business Continuity Institute based in London and a member of the Institute of Direc-
tors. Michael has previous experience in the IT industry within companies such as Di-
mension Data, Enterprise Technologies, Amdahl, Computer Configurations Holdings
and MGX Holdings.
SPEAKERS:
BRIAN HENRY: Chairman, BCI SADC Chapter is a Fellow of the Business Continuity Insti-
tute in London, (since 1994). He has practiced in the field of Business Continuity since
1986 and is a certified ISO 22301 Auditor and ISO22301 Lead Implementer. He currently
serves as the Chairperson for the BCI Chapter in the SADC region. He served as a
Management Consultant with three of the Big-4 consulting houses, providing support
to Client management on business systems issues including Security, Business Conti-
nuity, Risk and Impact Assessments, Organisational Restructuring and Strategic
Planning.
LOUISE THEUNISSEN: Board Member, BCI SADC Chapter has, since 2001, gained exten-
sive experience in the South African business continuity industry. She has been in-
volved in all aspects of Business Continuity Management (BCM), and the Project
Management thereof, encompassing a wide range of industries. Besides her MBCI,
Louise holds a PMP (Project Management Professional) accreditation. At the end of
2010 Louise was elected as a member of the BCI Global Membership Council serving
for a two year term. Louise currently plays a strategic role in the establishment of the
BCI SADC Chapter and a number of other BCI SADC initiatives and is an elected
member of the BCI SADC Chapter Board
TRACEY LINNELL: General Manager, Advisory Services, ContinuitySA. Tracey Linnell has
been involved in Business Continuity Management (BCM) and ICT Continuity since
2003. She is a member of the BCI and holds the CBCI certification. Tracey is currently
the General Manager of Advisory Services at ContinuitySA and is responsible for the
operations of the Advisory practice. Tracey has worked on a number of assignments
locally and internationally and spent 2 years as a BCM consultant in the UK. Tracey
has many years of experience as a consultant and as a BCM practitioner. She previ-
ously headed up BCM for Standard Bank Investment Banking and has significant
financial services experience.
HORST SIMON: Head of Risk, Ubank, South Africa. Horst is currently the Director of Risk
Management at Horwath MAK, a member firm of Crowe Horwath LLP based in the
Dubai International Financial Centre (DIFC). Horst held previous senior positions with
Mashreq Bank, Emirates NBD, Barclays Bank plc and with the Standard Bank Group
of South-Africa Ltd. He lived in four countries and worked in more than twenty. His
special interest is in the field of People Risk and he has delivered presentations at
international conferences on the Mitigation of People Risk and other risk management
topics. He has also facilitated Risk Management training workshops for banks and
banking
PETER HILL (CISA, CISM, CGEIT) is an IT Governance Specialist with over eighteen years
related experience.. He is currently a director of the IT Governance Network, a com-
pany specialising in IT Governance, King III, COSO, COBIT, ISO 38500, ISO 27001 and
ITIL implementation, training, and software solutions. Peter has assisted clients in the
US, United Kingdom, Europe and Southern Africa. Amongst Peter’s clients is NASA
in the United States who requested him to provide guidance on implementing IT
Governance and building a sustainable approach to Information Technology
Management.
CONFERENCE CHAIRMAN AND SPEAKERS
BizStrat develops
major sector focused
events, providing
business learning and
networking opportuni-
ties across a variety
of industries and
professions
BizStrat is comprised
of the following
divisions:
• Conferences
• Workshops
• Seminars
• In House Training
• Congresses
For more Information
please contact our
Offices:
Tel: +27 11 0271200
Fax: +27 11 7815242
www.bizstrat.co.za
Platinum Sponsor:
Endorsed by:
29. BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
SPEAKERS: Continued
GARTH BELL: Chief Executive Officer, Colbrad International (PTY) LTD. Garth has over
20 years’ experience and an impeccable track record of directing successful, highly
complex, multidisciplinary Value and Growth Transformation projects and initiatives
that deliver tangible results. His breadth of experience includes Strategy, Leadership,
Human Capital, Customer Management and Organisation Design & Change capa-
bilities that improve business performance and enhances value and growth.
DEBBIE VAN ZYL: ITS BCRS Leader, IBM South Africa. Debbie is a well-respected and
highly valued member of the Global Technology Services management team with
current responsibilities for Business Continuity and Recovery Services (BC&RS) across
South Africa. She has 24 years in the IT industry, with experience in the financial serv-
ices and government sectors along with almost 16 years at IBM with focus on the IT
industry supporting clients across multiple industries in a technical, executive, man-
agement and sales capacity. Her previous roles in the financial and public services
sectors have complimented her professional skills with a real understanding of the
client experience.
KEANAN REIS: Communications Consultant. For the last 6 years, he has been involved
in a wide swathe of Marketing Communication disciplines, ranging from Consumer
Engagement, to Public Relations, Media Strategy and Social Media Community Man-
agement. In these years, he had the opportunity to work with Industry leading Or-
ganisations such as Japan Tobacco International, Diageo, Eskom and Roman's
Pizza. Keanan knows the importance of Effective Communications on Business sta-
bility and Continuity all too well. More recently, his focus has shifted to Stakeholder
engagement, and the development of communication plans and platforms to en-
sure effective, integrated communications
WILLEM OLIVIER: BCM Head, Cell C. Willem has been involved in the IT / Electronics /
Consulting industry since 1986 after completing mhis studies in electronics (National
Diploma). Renound companies he has worked for include: Siemens; ContinuitySA
(Largest disaster recovery company in Africa); Liberty Holdings; Standard Bank and
currently Cell C and specialises in Business Continuity Management.
RAY STRIDE: Managing Director - Global Continuity. Ray is a specialist in Business Con-
tinuity Management, Risk Management and Information Technology Management,
having been involved in the industry for over 20 years. Global Continuity South Africa
(GCSA) is a provider of innovative, cost-effective and tailor-made Business Continuity
Management (BCM) and Information Technology Service Continuity (ITSC) solutions
MICHAEL BROWN: Independent Consultant. Michael has a B.Com from Rhodes Uni-
versity, a PGCE from Unisa and a Master of Business Administration from Gordon Insti-
tute of Business Science (Gibs). He started his career as a stockbroker and was
admitted as a member 15 July 1999. His status is currently non-practicing member.
Michael spent four years in the Insurance Industry where he analysed alternative so-
lutions to Risk Management before running his own property company for 5 years.
He spent two years teaching while doing his MBA part-time and is now an Independ-
ent Consultant specialising in Entrepreneurship and start up companies.
ALICIA SWART: Head of Risk Services, Africa - Turner & Townsend. Alicia Swart is a risk
turnaround specialist in the consulting industry of South Africa and currently the Head
of Risk Services: Africa for Turner and Townsend. Turner and Townsend specialises in
construction and management consulting and delivery. She has developed a strong
reputation for her ability to roll out industry benchmarked Integrated Risk Manage-
ment Programs.
NICK SMITH: IBM. Nick specialises in the sales of Business Continuity and Resiliency
Services.
CONFERENCE CHAIRMAN AND SPEAKERS
BizStrat develops
major sector focused
events, providing
business learning and
networking opportuni-
ties across a variety
of industries and
professions
BizStrat is comprised
of the following
divisions:
• Conferences
• Workshops
• Seminars
• In House Training
• Congresses
For more Information
please contact our
Offices:
Tel: +27 11 0271200
Fax: +27 11 7815242
www.bizstrat.co.za
Platinum Sponsor:
Endorsed by:
30. CONFERENCE DAY 1
08:00 MORNING TEA & REGISTRATIONS.
08:20 WELCOME & OPENING REMARKS BY CHAIRMAN: MICHAEL DAVIES
08:30 BCI Address: LOUISE THEUNISSEN
08:50 The Impact of Privacy Legislation on Business Continuity Management: PETER HILL
The Protection of Personal Information Legislation requires all Public and Private bodies
to apply the conditions for lawfully processing personal information. Failure to comply
will have serious consequences. Included in these conditions is the need to ensure the
“availability of information”. Who will be responsible and what is expected?
Presentation outline:
• The Eight Conditions for lawfully processing personal information
• Why business continuity matters?
• How far are you expected to go in planning for a disaster?
• Why a risk based approach is important
09:30 Building a Governance Framework for Business Continuity Management: TBC
10:15-10:30 NETWORKING TEA, COFFEE & SNACKS
10:30 Scenario Planning as part of the BCP: TRACEY LINNELL
• Making the reaction routine
• Levels of scenario exercising
• Planning for and running an exercise
• Outcomes of running an exercise- lessons learned
11:15 Your Risk Thermometer: ALICIA SWART
How do you create a Risk Environment that gives you an understanding of when your
context becomes to Hot to Handle.
This presentation will cover the following:
• Building a Risk Governance framework that enables and supports your Business
Resilience Strategy.
• Understanding your KRI's (Key Risk Indicators) and early warnings and how they
contribute to your Organisational Reliance Factor.
• Ensuring Integrated Strategies to move towards better response to Business
disruptions
12:00-13:00 NETWORKING LUNCH
13:45 The Risk in the Cloud: RAY STRIDE
There is a headlong rush to Cloud Computing:
• What does it mean
• Are all cloud offerings the same
• If you have a cloudburst - how will you be affected?
• Where do you fit in your cloud suppliers DR plans?
14:00 Managing Reputational Risk: DEBBIE VAN ZYL
• Enabling the resilient enterprise
• Maintaining continuous business operations
• The IT Risk Spectrum
• Key indicators of business continuity exposure and maturity
15:00-15:30 CLOSING REMARKS, NETWORKING TEA & COFFEE
15:30 END OF CONFERENCE DAY ONE
BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
UPCOMING EVENTS:
• Overhead Line
Engineering
• Forensic Investigations
& Fraud Prevention
• Customer Analytics &
Marketing Optimisation
2013
• Stores & Inventory
Management
• Leadership Risk,
Development &
Coaching
• Hard Rock Mine
Ventilation 2013.
• Financial Wellness
In House Training:
Dean Richards on:
+27 11 0271200
Case study:
Using Scenario
Planning to
build Executive
buy-in
Platinum Sponsor:
Endorsed by:
31. CONFERENCE DAY 2
08:00 MORNING TEA & REGISTRATIONS
08:30 OPENING REMARKS BY CHAIRMAN: MICHAEL DAVIES
08:40 BCI Africa Awards Dinner feedback: LOUISE THEUNISSEN
08:45 Revealing Five Risks of Do-It-Yourself Disaster Recovery: NICK SMITH
With falling hardware costs and the demands of an always-on, always-available world,
many organisations have moved Disaster Recovery (DR) in-house. Forrester surveys re-
veal unforeseen issues and significant challenges to successful do-it-yourself DR. Avoid
the misconceptions and make better informed sourcing decisions.
09:30 Management Systems and Business Continuity -BCM Comes of Age: BRIAN HENRY
• The concept of a Management System
• Implementing a Management System
• BC as management discipline
• The new view of BC from ISO
• Practical lessons
10:15-10:30 NETWORKING TEA, COFFEE & SNACKS
10:30 Building Organisational Resilience – Enterprise Risk Management (ERM) meets Business
Continuity Management(BCM): HORST SIMON
Organisations are at different levels of maturity and different stages of implementation
of Enterprise Risk Management.
• How do bring ERM and BCM together?
• How to drive value from ERM & BCM
• How to mitigate BCM risks
• Building a culture of disaster resilience
• Tested plans?
11:15 Black Swan Risks: MICHAEL BROWN
Analysing recent black swan events and how they have changed the world we live in.
• Dot Com bubble in the late nineties
• The success of Google
• World Trade Centre Attack
• Financial Crisis of 2008
• Profiting in the post Black Swan Event
• Protecting oneself against a Black Swan Event.
• Discussion/ Questions
12:00 Leadership as a BCM Risk: GARTH BELL
12:45-13:45 NETWORKING LUNCH
13:45 Effective Communication and Business Continuity Management: KEANAN REIS
• Overview & background
• Relationship between Communication & Business Continuity
• Preventative measures
• Crisis Communication best practices
15:15-15:30 NETWORKING TEA, COFFEE & SNACKS
15:30 Business Continuity Management within Africa: WILLEM OLIVIER
16:15 CLOSING REMARKS & END OF CONFERENCE
BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
UPCOMING EVENTS:
• Overhead Line
Engineering
• Forensic Investigations
& Fraud Prevention
• Customer Analytics &
Marketing Optimisation
2013
• Stores & Inventory
Management
• Leadership Risk,
Development &
Coaching
• Hard Rock Mine
Ventilation 2013.
• Financial Wellness
In House Training:
Dean Richards on:
+27 11 0271200
Platinum Sponsor:
Endorsed by:
32. Terms And Conditions: Please
read carefully.
The following T’s & C’s apply:
• All payments to be made di-
rectly to Servigraph 30 cc t/a
BizStrat, Payment is required
in full, 5 days from date of in-
voice.
• No seats will be reserved, un-
less otherwise agreed to by
Servigraph 30 cc t/a BizStrat,
Servigraph 30 cc t/a BizStrat,
reserves the right to change
speakers, program content ,
date and venue, due to cir-
cumstances beyond the
control of Servigraph 30 cc
t/a BizStrat,
• The signed registration form is
a legally binding document.
• The conference / workshop
fee includes: conference /
workshop material, Lunches
and refreshments.
•Servigraph 30 cc t/a BizStrat,
is not liable for travel and ac-
commodation expenses un-
less otherwise stated in
writing.
Cancellations
• All cancellations will be sub-
ject to approval by Servi-
graph 30 cc t/a BizStrat
management.
• All cancellations made 14
working days prior to date of
the mentioned event will be
subject to a 50% cancella-
tion fee.
• Cancellations made within 7
days or less of date of the
mentioned event, will be
subject to a 100% cancella-
tion fee.
• There will be no refunds or
credit vouchers unless
agreed to by BizStrat Man-
agement in writing.
Substitutions
• Delegates, or any substitu-
tions, must notify Servigraph
30 cc t/a BizStrat, in writing.
• There is no charge for substi-
tutions. Servigraph 30 cc t/a
BizStrat will not be held liable
for incorrect delegate details
on certificates due to late
substitutions being made on
the day of the conference/
workshop.
• Views expressed by speakers
and facilitators are not nec-
essarily those of Servigraph
30 cc t/a BizStrat
BizStrat’s 3rd Annual Business Continuity Management
& Disaster Recovery Conference
10 - 11 September 2013 • Sandton Convention Centre
E-Mail/Fax Completed Form To: admin@bizstrat.co.za / 0027 11 7815242
Pricing: Tick box to choose Option
Conference & BCI Awards Evening:
per Delegate excl. VAT
Conference only:
per Delegate excl. VAT
BCI Member (10% discount) DD
Company Name:
Type of Business:
Address:
Tel:
Fax:
VAT Number:
Name: Position:
Signature: Date:
Authorisation: Signatory must be authorised to Sign on behalf of Company (This is a legally binding document)
Delegate 1:
Position: Email:
REGISTRATION FORM:
R8 490
R7 990
Delegate 2:
Position: Email:
Delegate 3:
Position: Email:
Delegate 4:
Position: Email:
Delegate 5:
Position: Email:
PAYMENT METHODS:
1. Cheques made Payable to: Servigraph 30 cc
2. Bank Transfer: Servigraph 30 cc t/a BizStrat
Bank: FIRST NATIONAL BANK
Branch Name: Bank Street
Account No: 62322454422
Branch Code: 250655
Swift Code: FIRNZAJJ
33. The two-day course, the IT Service Continuity Training is
targeted at IT and Business Continuity Management (BCM) pro-
fessionals responsible for the continued uptime of IT services
within their organisations.
Key elements of the IT Service Continuity Course include:
• The link between BCM and IT Service Continuity Manage-
ment;
• The evolution of IT Service Continuity;
• The latest concepts and trends in IT Service Continuity;
• Conducting an Infrastructure Impact Analysis;
• Formulating and implementing cost effective IT Service Con-
tinuity strategies to meet business requirements;
• Security management in IT Service Continuity;
• Testing the IT Service Continuity framework; and
• A Continuity-as-a-Service case study.
Attendees will not simply be bombarded with theory, but will
be taught skills proven in the real world by active BCM practi-
tioners with MBCI (Member of the Business Continuity Institute)
certifications.
The course is based on the Good Practice Guidelines of the BCI
and complies with the new ISO22301 standard to ensure it is on
par with international best practices.
The 5 day Complete Continuity® Practitioners
Programme is designed to equip business continuity prac-
titioners within any organisation in all aspects of implementing,
managing and maintaining an effective business continuity
framework in their respective environments.
The course is based on the Business Continuity Institute’s Good
Practice guidelines and ISO22301 international standard.
Key elements of the 5 day Complete Continuity® Practitioners
Programme include:
• Introduction and Origins of BCM
• Trends and Observations
• Standards and Compliance
• Elements of the BCM Lifecycle
• BCM policy and Programme Management
• Embedding BCM in the Organisations culture
• Understanding the organisation
- Business Impact Analysis
- Continuity Requirements Analysis
- Risk Assessment
• Determining BC Strategy
- Selecting strategies and tactical responses
- Consolidating Resource levels
• Developing and Implementing a BC response
• Exercising, Maintaining and Reviewing
• Measuring BC Maturity
ContinuitySA
Training Dates
Africa’s largest Business Continuity service provider, ContinuitySA,
has enhanced its Complete Continuity Training Academy
For more information on these courses, contact: training@continuitysa.co.za
or call +27 (0)11 554 8000.
33
Dates for the IT Service Continuity course are
as follows:
IT Service Continuity Programme
(2 Day Training)
4th & 5th September – Johannesburg
Dates for the 5 day programme are as follows:
Complete Continuity Practitioner
Programme (5 Day Training)
16th to 20th September – Johannesburg
14th to 18th October – Cape Town
20th October to 1st November – Botswana
18th to 22nd November – Johannesburg