BCP & Regulatory Oversight
There seems to be a common thread of late in industries that are regulated in regards to business continuity and disaster recovery planning. That common thread is complacency. I have had the opportunity to work with several clients that are regulated, and they have done an excellent job in developing BC / DR plans that not only meet their industries regulatory expectations and they have also developed plans that would indeed work should the need arise. I know many of you that read this blog have either developed such a plan or have worked with those that have.
BC / DR plans are typically put in place to ensure recoverability in order to protect the organizations shareholders – at least that’s the intent. Regulators charged with overseeing BC / DR expectations and ensuring plans are in place give little consideration to the components or elements that they themselves have “suggested” or “mandated”. Thus the reason for complacency! Many organizations have put significant time, effort, and real dollars into ensuring that not only the regulatory expectations are met, but that the plan is executable and viable as well. I’m all about protecting the client or customer, but I can certainly see the point of those being instructed to put BC / DR plans in place – doing just enough to get by.
The regulatory world, if they are truly concerned about BC / DR being done and being done the right way, in an effort to protect the consumer, needs to step it up and audit to the level of their expectations. They must ensure accountability. It is one thing to suggest or mandate BC / DR expectations, but it’s another thing to measure the planning effort to those expectations. Until that happens, the various regulated industries (healthcare, government, finance and utility sectors) will continue to be complacent about their planning efforts and when the time comes – their plans (if they have one) won’t work — thus defeating the purpose for regulatory oversight and the protection of each and every one of us.
Private Sector Preparedness
Courtesy of Continuity Central — On Thursday June 3, the chairmen of the Senate and House Homeland Security Committees urged the Department of Homeland Security to step up its implementation of PS-Prep, the voluntary program to help private sector companies develop preparedness, response, and business continuity plans.
About
John Ames, Dir., Business Continuity Practices, IT-Lifeline
“The only thing harder than planning for an emergency is explaining why you didn’t”
Unknown
John has been involved in disaster recovery and business continuity planning for over 35 years. His work experience includes over 18 years with Washington Trust Bank, and 8 ½ years with Database, Inc. (now Iron Mountain) and Database Recovery Services as a Disaster Recovery/Continuity Planner. Prior to joining IT-Lifeline, John was the Manager of Business Continuity Planning & Corporate Records for Metropolitan Mortgage & Securities and Western United Life Assurance Company for 7 ½ years. John is a recognized leader in the local disaster planning community. John has been the Chair for the Alliance for Business Continuity & Disaster Preparedness since 1998. He is a member of the Spokane County Citizen Corp Council/Disaster Committee, representing business & industry since 1998, and served as its Co-chair in 2005 and 2006. In addition, John currently is the Chair for a Spokane Regional Health sub-committee that is addressing pandemic planning for business & industry.
-
Archives
- September 2010 (1)
- August 2010 (1)
- July 2010 (1)
- June 2010 (2)
- May 2010 (1)
- April 2010 (1)
- March 2010 (2)
- February 2010 (1)
- January 2010 (1)
- December 2009 (2)
- November 2009 (2)
- October 2009 (1)
-
Categories
-
RSS
Entries RSS
Comments RSS
