Wednesday, December 17, 2014

Safety at Home

Throughout the year, our news briefs bring you information on safety at work. At this time of year, we provide you with information on keeping yourself and your family safe at home. Do you have a plan for your family if disaster strikes? If not, it's time to make one. This week's articles will provide helpful information toward that end.

The Red Cross cautions that you be as prepared as possible for disaster at home. (Item #1)   What's your family's plan for coping with disaster? (Item #2)   Violent weather is common; prepare your family to be safe during such events. (Item #3)

What should you tell children about disasters? (Item #4)   Here's some help to plan for and survive earthquake disasters. (Item #5)   After the disaster: what to do when you return home. (Item #6)

Subscribe at

Thursday, December 11, 2014

Testing/Exercising Your Business Continuity Plan

You may have a great plan, but until you test it you won't really know. Not only will exercising the plan let you know how well it works, it also will help your people build confidence and competence in using the plan. In this week's articles, you can find various methods of testing your plans as well as advice on digital testing for cyber plans.

How do you practice responding to an incident that can be caused by any number of different reasons, at any time, and may also result in different impacts occurring depending on its magnitude? (Item #1)   The types of tests we conduct and how we go about them can vary greatly. (Item #2)   So why do organizations continue to place training at the end of a long list of priorities?  (Item #3)

Why use the term "exercise" instead of "test?" (Item #4)   Integration of the various continuity plans, processes and procedures is an essential factor in providing evidence that the enterprise is prepared to weather any disruption. (Item #5)   With the increase of security incidents, organizations can practice regular ‘digital fire drills,' to be prepared for when the inevitable attack or breach does occur. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, December 3, 2014

Winter Weather

The huge snowfall in Buffalo brought home only too well the fact that winter is upon us, and it’s time to make sure we are prepared for the potential disruptions of winter weather. A severe winter can lead to property damage, employee illness or injury, and possible business closures. You need to prepare to minimize any damage, plan for employee unavailability and enable your business to recover quickly after a winter storm disruption. This week’s articles should help you do that.

This checklist can help you determine your preparation level. (Item #1)   If telecommuting is part of your winter survival strategy, how effective is your remote access strategy? (Item #2)   Small businesses do have some unique needs in winter weather. (Item #3)

Severe weather habitually effects routine business operations and profitability. (Item #4)   Safety should be the first consideration in all of your planning. (Item #5)   When getting into the holiday spirit, make safety a priority. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, November 19, 2014

After the disruption...

By now many, if not most, of businesses have made plans for getting through a disaster or disruption by creating business continuity plans. But does your BCP contain enough information to get you past the disruption and through the next several months if necessary? As we all know, the percentage of businesses that don't survive disruptions is very high. This week's information could help increase your odds of survival.

Have you made plans for the survival of your business after a disaster? (Item #1)    Here are some tips for surviving a natural disaster. (Item #2)    When is the best time for you and your team to prepare a post-disaster to-do list? (Hint: It's not during the hurricane.) (Item #3)

Business survival is not assured by reopening the doors. (Item #4)    What do you need to do to return to "business as normal?" (Item #5)    Although aimed at earthquake victims, this information is good advice for getting back on track after any disaster. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, November 12, 2014

The Holidays & Business Continuity

There are only 42 days until Christmas, so it's definitely time to consider the kinds of issues that face organizations during the holiday season. From the potential problems of holidays parties to ensuring you can satisfy employee time-off requests without weakening your business continuity plans, it's a season fraught with decisions that can cause all kinds of problems, including legal ones. This week's articles focus on avoiding the pitfalls of Christmas/holiday parties as well as managing continuity planning over the holiday season.

What possible legal issues could you face from an office party? (Item #1)   Combine social media tweets and posts with holiday parties, and you could have a serious problem. (Item #2)   Here are some tips for a trouble-free holiday party. (Item #3)

Read this employer's guide to Christmas: office parties, religious discrimination and Christmas bonuses. (Item #4)   By clearly communicating to employees up front, you can ensure your employees enjoy a well-deserved break while ensuring business continuity during the holiday season. (Item #5)   One of these five tips could help your holiday continuity planning. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, November 5, 2014

Business Continuity Planning

When you envision the way your business continuity plan will be put to use, what do you think of as the cause... a natural disaster, bombings, shootings? While these things may possibly be the cause of using your plan, it’s probably more likely that something of a lesser scope -- power outage, lack of internet access, flooded roads, for example -- may require that you implement your plan. So, if you’ve put off creating or updating your plan because you can’t envision a huge disaster occurring on your watch, perhaps you should change your mind. This week’s articles shed light on a number of topics that could help.

The biggest risk a company faces in today’s uncertainty of cyber-attacks is not being prepared. (Item #1)   Here is a suggested structure for a business continuity plan. (Item #2)   A comprehensive business continuity program involves not only a solid plan, but also the resources and the staff to execute on that plan. (Item #3)

Your human resource manager or designate needs to form a people-oriented business continuity plan for handling emergencies. (Item #4)   When developing a plan, input is needed from just about everyone. (Item #5)   As business continuity planners you may have experienced or are experiencing the journey through the Nine Circles of Planning Hell. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, October 29, 2014

Ebola & Business Continuity

As most of our readers know, this is the time when we usually publish our Halloween edition. The current Ebola epidemic, however, is scaring many people and we thought instead it might help to shed some light on this issue and let you know some things you should be considering during this or any health crisis. It is likely an epidemic will not occur in the U.S., but we should know what to do if even a small outbreak happens.

Take some time to review and reflect about the current situation and determine what steps your firm can take to prepare your organization and employees for the potential threats that are growing and spreading around the world. (Item #1)   What should business continuity professionals be doing about Ebola now? (Item #2)   It is time to dust off your pandemic preparedness and response plan in order to prepare your organization for the impact on business operations due to an outbreak of the Ebola virus. (Item #3)

Some experts recommend doing a business impact analysis to ascertain the possible consequences of a disruption due to an Ebola outbreak. (Item #4)   Ebola may never reach endemic levels in your area, but recognizing the signs, having a strong plan in place, and being health conscious will offer you greater success in the event that it or any other infectious disease heads your way. (Item #5)   Here is a guide for the best sources of information about Ebola or any medical crisis. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, October 22, 2014

Insurance & Business Continuity

Whether you've bought business interruption insurance or you’re just thinking about it, it’s important to understand how it works. What does it cover or not cover? At what levels? How important is it to business continuity? These questions and more are answered in this week’s articles, which include a new insurance just introduced: business interruption Ebola insurance (see item #6).

Most business owners view the whole insurance purchase and claims process as a black art; here’s a plain-language focus on explaining it. (Item #1)   Business continuity planning might or might not lower insurance premiums. (Item #2)   Is life insurance on key people in your organization part of your BC planning? (Item #3)

When do small businesses need interruption insurance? (Item #4)   Before you get business interruption insurance here are some issues to consider. (Item #5)   As Ebola appears in various spots across the globe, the insurance industry this week launched a new product to provide coverage for losses incurred as a result of government-mandated closures. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, October 15, 2014

Crisis Communication/Reputation Management

One of the oldest maxims in media training is "If you don't want to see it in print, or hear it on the news, then don't say it." Once you've said it, it can't be unsaid, and your organization could suffer from a thoughtless or careless remark. Today, there are even more ways than interviews to get in trouble;  Twitter, Facebook, and the many other instant communication sites have caused embarrassment to more than one company or individual. (See Item #6) So, if you can't take back what you said, what can you do to protect your reputation and diminish the impact of your mistake?

What are some of the key issues to consider when contemplating the development of a crisis communications program?  (Item #1)   A good crisis communications plan doesn't just build itself. (Item #2)   As the ultimate unplanned activity, a crisis does not lend itself to conventional "command and control" management practices. (Item #3)

Chief executives are now generally expected to be good communicators. (Item #4)   For businesses and individuals that might be prone to online criticism, there are rules to live by. (Item #5)   The primary task for social media handlers is to engage with users at every available opportunity, but doing so can backfire if you’re not careful. (Item #6)

Past issues of the NewsBriefs can be found at

Wednesday, October 8, 2014

Meetings & Events

As you plan your meetings & events, you always need to ensure you have a backup plan in case something happens that would seriously impact your event. Those experienced with event planning know that, as the saying goes, anything that can go wrong will. The only way to guard against total meeting failure is to plan ahead to deal with identifiable risks... and hope you haven’t missed any. This week’s articles can help you focus.

What if a major storm or other external crisis disrupted one of your big events? What would you do? (Item #1)   As the variety of event venue options available to planners grows, so do the challenges associated with site safety and security. (Item #2)   A recent study took a look at top technology concerns of event planners and determined that content security was the top technology concern among them. (Item #3)

Any special event introduces new variables into the security equation (Item #4)   This article explores the first two of the vital "steps" to event safety. (Item #5)   Here's what you need to know to be prepared for your next event. (Item #6)

Subscribe and read past issues of the NewsBriefs at

Wednesday, October 1, 2014


Hurricane season will be with us until November, then winter storms will be coming. Severe storms of any kind could require that you shelter in place in your office building or at home. Other incidents -- accidents, toxic spills, gunshots, etc. -- also could mandate that you shelter in place. This week’s articles focus on how to prepare to shelter in place. Share these with your employees, colleagues and family to ensure everyone is safe in the event of a major storm.

In some cases, sheltering in place may be required by circumstances or by local authorities. (Item #1) If you are told to shelter-in-place, follow the steps below to keep you and your family safe during an emergency. (Item #2)   Shelter-in-place plans at your workplace should include the items in this article. (Item #3)

Are you prepared to stay in your home or office for several days if need be? (Item #4)   Sheltering in place at your workplace is similar to sheltering in place at home, but there are significant differences. (Item #5)   This information from FEMA will help you put together a shelter-in-place kit. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, September 24, 2014

Fire Prevention

Fire Prevention Week, this year October 5-11, has been observed since 1922 to commemorate the Great Chicago Fire, which occurred Oct. 8-9 in 1871. An even larger fire occurred on the same day -- the Peshtigo Fire, the most devastating forest fire in American history. The fire prevention campaign now lasts all of October, so you have plenty of time to check your evacuation and other safety plans and, most important, to practice them, as well as to make any updates necessary. And please, share this info with your employees so they can make plans at home.

All the facts you wanted to know about fire... and some you didn't. (Item #1)   Make sure everyone at home knows what to do in case of fire. (Item #2)   Fire safety practices can save jobs. (Item #3)

Being proactive and implementing simple fire prevention plans and programs can reduce the likelihood of experiencing a fire in the workplace. (Item #4)   You no doubt have fire extinguishers in your building, but do your employees know how to use them? (Item #5)   This item provides good information on evacuating during a fire; it could help save lives. (Item #6)

Subscribe or review past issues of the NewsBriefs at -

Wednesday, September 17, 2014


With most of the world concerned about the terrorist threat of ISIS/ISIL (*--see below), we should revisit the potential for terrorist attacks that impact our organizations directly or indirectly. In today’s world, terrorism is incredibly more complex than in the pre- or post-9/11 world. Several of this week’s articles describe the face of terrorism in 2014, as well as the likelihood of terrorist acts in the UK and the US.

U.S. officials now see ISIS as a credible threat, on a par with al Qaeda. (Item #1)   American intelligence agencies are working on a thorough assessment of the strength of ISIS. (Item #2)   How to be prepared for a terrorist attack. (Item #3)

The terrorism danger is more complex than ever, NY intelligence officials believe. (Item #4)   Peter Power looks at how the UK terrorism threat is changing and what business continuity managers can do to ensure their organization is prepared. (Item #5)   The most bloodthirsty terrorist group in memory is also a canny manipulator of social media. (Item #6)

* We’ve heard ISIS (Islamic State of Iraq and Syria), ISIL (Islamic State of Iraq and the Levant) or the Islamic State, depending on which official or network you listen to. The Washington Post discusses the politics of these different names for the same group of terrorists at  

Past issues of the NewsBriefs are available at

Thursday, September 11, 2014

Employee Issues

Yes, employees are one of your most valuable assets, but they also can be a source of legal problems for an employer. Hiring, firing, and other issues all hold the potential for trouble if you aren’t aware of how to go about them in the best way. This week we look at some employee issues that can cause problems and what you can do to navigate the minefield of those issues.

Employee relations involves all aspects of an employee’s relationship with an employer. (Item #1)   Small companies aren't immune from workplace behavior problems. (Item #2)   If you have determined that there is a need to monitor employees’ computer usage, you need to know the legal risks. (Item #3)

What companies don’t know about a job applicant can hurt them. (Item #4)   You can fire employees legally and ethically. (Item #5)   Sooner or later, every employer will face the need to investigate one or more of its employees. (Item #6)

As always, we look forward to hearing about your concerns with regard to business continuity. If you have a topic you’d like to see covered, please email me at

Subscribe to email deliver or just browse past issues of the NewsBriefs at

Wednesday, September 3, 2014

Online Reputation Management

What are people saying about your organization online? If you don’t know, you should. Monitoring your online presence is one of the key steps in managing your online corporate reputation. We all know how important a company’s reputation is, but many of us don’t do enough to ensure that our corporate reputations remain intact. This week’s articles can help you boost your online reputation management activities.

Develop a system to monitor your reputation and take action when necessary to keep it stellar; in the end it will be worth the time and effort. (Item #1)   Knowing how the online world works is the first step toward improving an online reputation. (Item #2)   By following this simple list of tips you can put your business in a stronger position if or when someone decides to write a negative comment or review. (Item #3)

What people are saying online about your brand -- the good, the bad and the oftentimes inaccurate -- makes all the difference when it comes to winning or losing customers. (Item #4)    Your business’ online reputation might be worth its weight in heavy gold; when it takes a hit, it can be so searingly painful that recovery becomes a slow and groggy process. (Item #5)   Here’s how eight companies successfully handled threats to their corporate reputations. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 27, 2014

National Preparedness Month

September is National Preparedness Month (NPM) and is a great time to make sure we are prepared for and can respond to all types of emergencies, from natural disasters to terrorist attacks. We have hurricane season coming up soon along with tornados and other storms that can cause flooding and wind damage. Wildfires have been incredibly active this year. Are you prepared for any of these potential disasters coming your way? If not, take action now. This week’s articles can help.

If you haven’t planned any activities for NPM, this document will help you get started. (Item #1)   Here are three ways small businesses can be prepared for the worst and always keep their data secured. (Item #2)   Once disaster strikes, it’s far too late to begin educating your employees... the time to start is now. (Item #3)

Developing an emergency preparedness plan is one of the most important strategic decisions you will make as a small business owner. (Item #4)    You can greatly increase your ability to cope during a natural disaster, terrorist threat, or bio-terrorism event by simply planning ahead. (Item #5)   You may have had drills and exercises to prepare you at work, but what have you done to stay safe at home? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 20, 2014

Business Continuity Planning & Management

When business continuity was a new concept, it seemed enough to plan for terrorist attacks, natural disasters and other local disruptions. Today, in our global economy, disasters don’t have to occur nearby to eventually cause business disruptions. It is especially important, then, to be sure that your plans include the possibility of disruptions anywhere along the supply chain. This week’s articles can provide you with food for thought along these lines.

Here are 10 reasons why a well thought out plan will benefit your business and give you peace of mind. (Item #1)    There are three important elements that too many business continuity plans are missing -- even plans that are well-developed based on traditional good practice. (Item #2)    Is the aim of recovering to a minimum business continuity objective acceptable? (Item #3)

This article describes the basics of BCM and provides a list of resources that you and your organization can use to improve your ability to survive any unexpected and undesirable turn of events. (Item #4)   No one can predict when the next disaster or business disruption will strike; the only certainty is that something untoward will happen, at some time. (Item #5)   In this op ed thought experiment, David Lindstedt looks back from the year 2027 and highlights some pitfalls that the resilience road could lead to. (Item #6) 

Past issues of the NewsBriefs are available at

Wednesday, August 13, 2014

Cyber Issues

The number and complexity of cyber threats continue to increase and so does the risk they pose to organizations. As this week’s quote states, cyber attacks are now viewed as the fifth dimension of warfare; we already have seen hacking by China and Russia on both government and private sector databases. If you haven’t made a plan to deal with cyber threats, now is the time to get started. This week we provide information and tips on cyber security that may help you in your efforts.

As the world becomes increasingly interconnected, Business Continuity/COOP professionals must pay more attention to the security of their organization’s connections. (Item #1)   Cyber security incidents can have business continuity implications and impacts that extend far beyond IT. (Item #2)   Research points to a widening range of technology vulnerabilities and potentially huge losses in value tied to innovation. (Item #3)

A computer network assessment will help you begin a cyber security plan to mitigate the largest risks to your business. (Item #4)   Protecting your company online begins with ensuring your employees are prepared to assist in keeping your computers and networks safe. (Item #5)   How would you know if you were the victim of a denial-of-service attack? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 6, 2014

Getting Management Buy-In

Although business continuity planning is considered by many to be critical, there may be some executives who still don’t see the need and are unwilling to invest money in BCP. If you work in such an organization, this week’s articles may provide you with some helpful information and tactics you need to get buy-in to begin or expand your business continuity plan.

Statistics and scare tactics don’t work on senior management; instead the starting point is ensuring that you have a deep understanding of the business landscape, strategies and risks. (Item #1)   Here are a few tips that can help you in getting internal buy-in for your BC program. (Item #2)   Aside from pulling the plug, here are some strategies for selling DR to the C-Suite. (Item #3)

Continuous commitment by senior management helps in institutionalizing business continuity into organizational culture. (Item #4)   In the absence of an event or other external mandate, how do you keep management engaged and willing to continuously invest in organizational preparedness? (Item #5)   How do you ensure buy-in when by definition top management is, well, at the top? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 30, 2014

Workplace Violence

Roughly two million American workers are victims of workplace violence every year. The annual cost of this violence is estimated to be in the billions. Organizations are affected in many ways, and it’s unclear whether the impact on employees can even be measured. This issue focuses on how and why workplace violence occurs, the warning signs, and what you can do about it and its aftermath.

Workplace violence is receiving increased attention thanks to a growing awareness of the toll that violence takes on workers and workplaces. (Item #1)  Avoid thinking that most workplace violence happens because an individual has “snapped,” going violent spontaneously without provocation. (Item #2)  The personal and economic toll can be incalculable in terms of loss and suffering. (Item #3)

Protecting employees, customers and clients from harm should be the primary concern of any company's security personnel as well as its senior executives, but planning should also include looking at longer-term impacts of violence. (Item #4)  There are a number of legal theories that could lead to civil liability following an incident of workplace violence. (Item #5)  Only planning and training for workplace violence will mitigate your risks for accidents and threats. (Item #6) 

Past issues of the NewsBriefs are available at

Wednesday, July 23, 2014

Testing, Training & Evaluating Your BC Plan

If you don’t exercise your business continuity plan, you’ll be using it at your own risk. What if it doesn't work? What if some critical information hasn't been updated? Not only do exercises help you determine if the plan is viable, they also can point out weaknesses in the plan that should be addressed before a disruption occurs. This week’s articles discuss testing, training and evaluating and should be helpful to you in determining how you are going to test your plan.

Why don’t more organizations actively test their BC plans? (Item #1) If you going to develop a plan you’d better make sure it’s going to work. (Item #2) The best-laid recovery plans count for nothing if they don’t deliver when needed. (Item #3)

There is a need for employee awareness training. (Item #4) Which employees need awareness training only and which need training & exercising? (Item #5) When IT experiences a service disruption, so does the entire business. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 16, 2014

Benefits & Economics of Business Continuity Planning

We've all been there... you’re in the budget meeting fighting for money for business continuity planning and competing with other departments that are perceived as profit centers. Many of us have not been able to win the fight. This week’s articles discuss the benefits and economics of BCP in ways that we can use to discuss the ROI of business continuity in financial and other terms.

This list of BCP benefits was compiled from readers of Continuity Central and provides some interesting reading. (Item #1) If you can determine the financial consequences of a disaster, you can better argue for the resources to prevent one. (Item #2) Consider this author’s quantitative approach to business continuity investment when you’re preparing for your next budget meeting. (Item #3)

This list of benefits might come in handy for your budget proposal as well. (Item #4) Here’s a discussion of why organizations make or should make the decision to invest in BCP. (Item #5) When deciding how to allocate funds for BCP, make sure you understand the difference between what contributes to the perception of safety and actually being safe. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 9, 2014

Crisis Communications

How would you define a crisis for your organization? Power out? Building inaccessible? Environmental disaster? Whatever your definition, you need to have a communication plan for as many possible scenarios as you can imagine. You'll never be able to plan for everything, but much of your plan will be usable for whatever happens. This week's articles focus on the strategy behind crisis communication, how to put everything into play, and the importance of drilling to ensure the plan works.

If you view crisis communications as the ultimate firefighting exercise, you can deal with it effectively. (Item #1) If you've ever wished for a chart to guide your crisis communications activities, here's your wish fulfilled. (Item #2) As the ultimate unplanned activity, a crisis does not lend itself to conventional “command and control” management practices. (Item #3)

You have as many spokespersons as you have employees; are you training them in how to react in a crisis? (Item #4) You'll be both surfing and swimming in the midst of a crisis situation; you need to understand the role of each. (Item #5) It's critical to put your communications plan to the test... will it work? (Item #6)

All issues of the NewsBriefs are available at

Wednesday, June 25, 2014

Identity Theft and Fraud

As you’re probably aware, phishing attacks can cost organizations anywhere from thousands to millions of dollars per attack in fraud-related losses. Now, however, in addition to the internet, you can be a fraud victim via voice and text as well. How familiar are you with pharming, vishing and smishing? Is your organization prepared to guard against such attacks and prevent costly disruptions? Check this week’s articles to see if your plans and policies cover everything they should. Remember that many of these attacks originally aimed at individuals have easily become attacks on businesses.

You can learn more about how email and website spoofing work in this article. (Item #1) Spear phishing is a more sophistical phishing attack. (Item #2) Read here to discover six key ways to protect your firm from the growing dangers of spear phishing. (Item #3)

There is a new form of internet fraud out there these days:  it is called Vishing. (Item #4) Business ID theft can turn your business dream into a personal nightmare. (Item #5) Identifying a smishing scam is the first defense against becoming a victim of the crime. (Item #6)

All issues of the NewsBriefs are available at

Wednesday, June 18, 2014

Meetings & Events

You should have a continuity plan for all your events, large or small, in order to be ready to respond to the unexpected. Even if you've had 50 events with no issues, don’t assume you never will have a disruption or disaster that you need to deal with. And never assume your venue has a plan... make sure you see it and know what it covers. This week’s articles contain good information for you to consider when making or updating your plan.

Sometimes even the most thoroughly planned events have unexpected incidents that are beyond anyone’s control. (Item #1)   There are numerous examples of accidents/incidents occurring within the events industry on a daily basis; risk management planning can’t be left to chance. (Item #2)   A mathematical equation helps determine event risk. (Item #3)

Here’s a checklist detailing safety, contingency and disaster preparedness for the meetings, events, conferences and conventions. (Item #4)   Preparing to send employees to far off and unfamiliar lands for a meeting or event? (Item #5)   With a little due diligence, you can avoid problems with the fire marshal. (Item #6)

All issues of the NewsBriefs are available at

Wednesday, June 11, 2014

Safety and Security in the Workplace

How safe and secure is your workplace? Have you really taken a look at all the potential risks and come up with a plan to mitigate them? If you have, you’re to be congratulated. We often look at all the potential external risks but fail to see the internal potential for accidents and security issues, which may just be waiting to happen. This week’s articles can help you focus on your workplace safety and security to ensure that you’ve done all you can to keep everyone safe.

The key to a safe workplace is having effective safety and security policies in place and to communicate these policies to all employees. (Item #1)    No matter the size or type of the business, workplace safety procedures are a necessity for all staff. (Item #2)    Here is general information for use in addressing security in the workplace issues. (Item #3)

To help you lead safely at work, here are seven very important thinking points. (Item #4)    The National Crime Prevention Council has produced a booklet focusing on workplace safety as everybody’s business. (Item #5)    Do you know the four steps of workplace fire prevention? (Item #6)

All issues of the NewsBriefs are available at

Wednesday, June 4, 2014

National Safety Month

Each June, the National Safety Council celebrates National Safety Month, and we see this as an opportunity to call your attention to safety in the workplace. Whether your employees work in your office or at home, there are dangers that could cause injury and entangle you in lawsuits that impact your bottom line... not to mention the potential for bad publicity that could damage your reputation. Take a look at this week’s articles to see where your organization could improve safety measures.

The safety and health of your workers is essential to your business. (Item #1) You need to know the health and safety rights and obligations of employers and employees. (Item #2) What kind of safety training do your teleworkers get? (Item #3)

If you can improve the safety consciousness of your employees, accidents and other incidents may decrease. (Item #4) Is your workplace lung friendly? (Item #5) Nonprofit Risk offers questions and answers about workplace safety. (Item #6)

All issues of the NewsBriefs are available at

Wednesday, May 28, 2014

Mass Notification Emergency Communication

Communication is critical during and after an emergency... to maintain continuity of operations, protect organizational reputation, providing customer/member satisfaction. What is your plan for identifying and implementing your critical mass communication needs? From how emergency notifications work to how to sell them to the management team, this week’s articles can help you figure it all out.

Poor communication is often to blame for turning an emergency into a catastrophe. (Item #1) Counting on the fact that everyone has a cell phone could be a grave error for emergency planners. (Item #2) It’s not enough to blast a message to everyone. It’s crucial that the message is understood. (Item #3)

Here are 12 best practices that apply to the corporate world. (Item #4) Do you know what issues to consider when pricing an emergency notification system? (Item #5) Today, most Business Continuity professionals recognize the need and value of an emergency notification system, but, as with so many other BCP requirements, the budget isn't there. What to do? (Item #6)

The entire issue is available at

Wednesday, May 21, 2014

Hurricane Preparedness

According to the National Weather Service, a lack of hurricane awareness and preparation are common threads among all major hurricane disasters. You can reduce the effects of a hurricane disaster if you know your vulnerability and what actions you should take in the event of a storm, plus you can improve your odds for recovery from a disaster. National Hurricane Preparedness Week runs from May 25-31 this year, so now is a good time to get ready for hurricane season - Atlantic season begins June 1 and runs through November 30, while the Eastern Pacific season began May 15 and also ends November 30.

On average over the last few decades, hurricane seasons brought a total of 16 named tropical storms, with five growing into stronger hurricanes. (Item #1) Information here from the National Hurricane Center could save lives. (Item #2) The only effective way that a business can mitigate or diffuse the effects of a hurricane is to prepare for it. (Item #3)

Hurricane Sandy taught many companies unfortunate lessons about the importance of disaster recovery planning; here are some of the lessons learned. (Item #4) The time to prepare is now, not while the hurricane is bearing down on your location. (Item #5) While not prepared for hurricanes only, this publication from FEMA can be immensely helpful in your preparations. (Item #6)

The entire issue is available at

Wednesday, May 14, 2014

Business Continuity Planning

Globalization, climate change, and other developments have complicated the business continuity planning process. It’s no longer enough to plan for what can happen to your organization directly; you have to take into account how major disasters anywhere can impact you. In addition, you need to know what to do post-disaster so you can keep operating. This week’s articles shed light on some of those concerns.

Currently there’s no science that can predict when or where the next disaster will strike or, more importantly, whether it will impact your company’s operations; fortunately, you can prepare. (Item #1) The post-crisis recovery phase is one of the least addressed in planning, training and simulations. (Item #2) This article explores different types of plans and examines their purpose within a wider business continuity strategy. (Item #3)

This article explains why coordinating of BC management with governance, risk & compliance is important, and provides some real examples, practical tips and advice on how to integrate them. (Item #4) A business impact analysis helps organizations recognize and prioritize which information, hardware and personnel assets are crucial to the business so that proper planning for contingency situations can be undertaken. (Item #5) Climate change causes some to ponder data center relocation and other, less drastic hardening measures. (Item #6)

The entire issue is available at

Wednesday, May 7, 2014

Email Retention

Just about all organizations archive emails, but how many of us retain email? With archiving, you might keep emails forever. With an email retention policy, however, you are setting up specific times that various types of emails are kept before being automatically deleted. And the decision on how long to retain these documents can be impacted by laws or regulations. If you don’t have an email retention policy, this week’s articles may be of help in getting started on one.

Learn about email retention policies and how to determine which policy is right for you. (Item #1) A retention policy for electronic information defines how long the information should be stored until it’s deleted. (Item #2) One of the thorniest issues of records and information management is how to address e-mail. (Item #3)

Does your organization require an email retention policy? (Item #4) As email’s storage role grows, so too does its evidentiary value, making the need to formally retain, effectively archive, and quickly search and produce email business records essential business functions. (Item #5) Here’s a sample email retention policy you can use or modify. (Item #6)

The entire issue is available at

Wednesday, April 30, 2014

Testing, Training & Exercising Your Business Continuity Plan

If, as this week’s quote says, everyone’s IQ in an emergency goes to zero, how can you get around that problem? Well, the answer is the same as the one to the question, “How do you get to Carnegie Hall?” Practice, practice, practice. It’s why schools and other organizations have fire drills... if everyone knows what to do, they are more likely to be able to do it if they have practiced it several times. So don’t forget the critical step of testing your plan and providing some training for your employees. This week’s articles can help shed light on how to do this.

One of the most frequent questions asked when discussing business continuity is: how often should I test my plan? (Item #1) A plan is only as good as its implementation. (Item #2) How can you train your employees within your BC plan? (Item #3)

The objective of a post-development employee awareness training program is to raise the level of awareness of employees' role prior to, during, and after an emergency event. (Item #4) The purpose of DR/BC testing is to achieve organizational acceptance that the business continuity solution satisfies the organization's recovery requirements. (Item #5) While there are numerous disaster recovery plans on the Internet that can be used to structure a recovery effort, what is often overlooked is whether the plan will work when it really has to. (Item #6)

Wednesday, April 23, 2014

Getting Buy-In

We all know how difficult it is to get management -- and even employees -- to care about programs aimed at preventing anything, even when there are plenty of examples of disasters and terrorism to point to as potential risks. Business continuity is often viewed as a money pit that negatively affects the bottom line. The challenge, therefore, is to get everyone to understand the potential benefits of business continuity and disaster recovery programs. There are some good ideas in this week’s articles.

Use these four tips to gain upper management attention. (Item #1) One of these five methods of securing buy-in might work for you. (Item #2) What do you address when presenting the need for BC/DR investment to management? (Item #3)

Current thinking demands a more integrated participation level by those responsible for leading an organization. (Item #4) In order for any business continuity effort to be positive, employees need to buy into the new system. (Item #5) Here are the root causes for your employees’ lack of interest in business continuity. (Item #6)

Wednesday, April 16, 2014

Social Media and Business Continuity

Social media has become an essential tool in the lives of people everywhere. It is used in major and minor disasters, as a marketing tool, and in many other ways by businesses and individuals, and its use is growing every year. There are some pitfalls, however, when using this medium, including damage to your organizational reputation. This week we look at the state of social media in business continuity, making and avoiding social media mistakes, and some statistics on social media use that could have you rethinking your use of this tool.

Social media is a powerful tool that can produce desired results when harnessed properly within a strategic plan. (Item #1) If you’re serious about managing your company’s online reputation, then you need to avoid these mistakes. (Item #2) Here are some tips on how to avoid social media mistakes. (Item #3)

Social media crises can happen to the best of brands, but even they don’t always respond in the best manner. (Item #4) Know what the fastest-growing demographic on Twitter is? Or how many new members join LinkedIn every second? The answers will surprise you! (Item #5) Social media is increasingly being integrated into disaster response plans and activities. (Item #6)

Wednesday, April 9, 2014

Crisis Communication

Crisis communication is a hot topic right now, especially in the wake of the recent disappearance of the Malaysian airliner. The experts are talking about what was wrong with the airline’s crisis communication and how it could have been better. Today, we can almost guarantee that every organization will have to deal with some sort of crisis at some time. For that reason, we think reading this week’s articles could help you prepare for and deal with your eventual crisis.

Emergencies require nearly simultaneous communication activity in all priority response areas; the more promptly actions are taken in response, the more quickly recovery can occur and production of victims can cease. (Item #1) Technology has changed the way crisis communications are handled. (Item #2) The five C’s of crisis communications detail the five attributes that executives and spokespersons must convey during their press conferences and interviews. (Item #3)

Who should speak for your organization in a crisis? (Item #4) Here are nine things to keep in mind while developing your crisis communications plan. (Item #5) The author thought it might be useful to put together a playbook that every leader should have ready for when it hits the fan. (Item #6)

Wednesday, April 2, 2014

Workplace Violence

The Alliance Against Workplace Violence (AAWPV) will commemorate the month of April, 2014, as Workplace Violence Awareness Month. This will be the third year that a national observance of workplace violence awareness is being held. The organization encourages employers to help raise awareness of violence in the workplace and to take steps to help prevent it from happening in your organization. This week’s articles should help you with that goal and also with creating your own plan for violence prevention.

This useful and practical guide from the FBI is aimed at helping businesses, small and large, and government in implementing a proactive workplace violence prevention strategy. (Item #1) The National Center for Victims of Crime has released new statistics on violence in the workplace. (Item #2) The key to preventing the escalation of workplace violence is to be alert and vigilant to any early signs of conflict. (Item #3)

Workplaces must stay vigilant by enforcing their own workplace human resources/security policies. (Item #4) While policies and raising awareness can't completely insulate any nonprofit from the risk of workplace violence, incorporating some of the recommendations in this article can help. (Item #5) If there has been violence in your workplace, mental health resources are a must. (Item #6)

Wednesday, March 26, 2014

Online Reputation Management

When your prospective customers, members, clients or employees search for you online, what do they find in your top 10 search results? Is there anything there that would discourage anyone from doing business with, joining, or working for your organization? If you haven’t paid attention in the past to reputation management, this may be the time to start. This week’s articles provide information on managing your online reputation.

No matter the size of your business, they (prospects, customers, clients... anyone and, potentially, everyone) are talking about you. (Item #1)     Why are companies using the same reputation strategy they have used for the past number of years? (Item #2)     This article aims to simplify online reputation management and provide you with the most useful and necessary tips. (Item #3)

As important as building an enduring reputation is, it remains as elusive as ever. (Item #4)     It seems there is much currently happening that is unseemly and even illegal in the world of Online Reputation Management. (Item #5)     There is no way to put a price tag on corporate reputation management. (Item #6)

Wednesday, March 19, 2014

Meetings & Events

What’s the probability that a natural disaster or other disruption will impact your meeting or event? It’s probably greater than you might think - it can happen to you! You need to have a plan for mitigating and/or responding to any kind of disruption that could derail your meeting. This week’s articles can help you with your continuity and disaster response efforts.

Even the threat of a disaster can have a profound impact on meetings and conventions, ranging from the cancellation of flights to the postponement of meetings - here’s why you need a plan. (Item #1) If the worst happens, you’ll be happy to have these four tips on disaster preparedness. (Item #2) Canceling all or part of a convention is a nightmare that no event planner or destination convention organization ever wants to deal with. (Item #3)

How would you deal with these three scenarios? (Item #4) Florida is a popular meeting and event destination; here’s what you need to know to prepare for your next Florida event. (Item #5) The best way to plan for the unexpected at your next event is by having a solid disaster management system in place. (Item #6)

Wednesday, March 5, 2014

Shelter in Place

In some emergency situations, the safest thing to do is to remain indoors in a protected area. While we often hear of building evacuations, sometimes leaving the building could be more dangerous than staying inside. In many such situations, local officials may even mandate shelter in place as a course of action. Regardless of why the decision to shelter in place is made, it’s important to have a plan for this action. This week’s articles can help you develop your own shelter-in-place plan or perhaps beef yours up if necessary.

OSHA offers specific procedures for shelter-in-place at a worksite. (Item #1) Here’s a sample shelter-in-place plan that you can use as a model for yours. (Item #2)  Here's what landlords need to know in order to comply with a shelter-in-place order.  (Item #3)

Shelter-in-place situations occur more often than you might think... check this list. (Item #4) Breaking down a BCP into 10 key steps can help facility professionals develop a plan that will best prepare their organizations to resume normal operations as quickly as possible after disaster strikes.  (Item #5) Emergency Evacuation Planning is something quite specific and should not be mistaken for the more general subject of emergency planning. (Item #6)

Wednesday, February 26, 2014

Facility Security & Continuity

Although you have to think of people first in any disaster or disruption, it’s also important to protect our work locations -- our building, our offices. This has become more complicated in recent years as new technologies have become part of facility management and as social media has increased its influence in work locations. Read this week’s articles to learn more about protecting your facility.

A business continuity program goes through several stages during its development and implementation and all can involve the FM in some way. (Item #1) Facility Management should play a crucial role in Business Continuity - they manage the 2nd largest and most consequential business “assets” (after IT) on which day-to-day business operation rely. (Item #2)  Here’s a facility manager's guide to using Facebook, Twitter, LinkedIn, YouTube and more to make business better. (Item #3)

New equipment and systems may present the need to expand the security operations of a given facility as well. (Item #4) Breaking down a BCP into 10 key steps can help facility professionals develop a plan that will best prepare their organizations to resume normal operations as quickly as possible after disaster strikes.  (Item #5) Emergency Evacuation Planning is something quite specific and should not be mistaken for the more general subject of emergency planning. (Item #6)

Wednesday, February 19, 2014

Testing & Training

Will our business continuity plan work? Everyone wonders about that once the plan is established, but not everyone takes the step that would answer that question... testing & exercising. The only way to find out if it will work is to use it, and we don’t mean in the next disaster. The safe way to find out if it works is to test it. This week’s articles provide information on the value of testing and on different ways to do it.

Bring some creativity to your business continuity exercises. (Item #1) Whatever scenario you use for your testing, it should be relevant to your business. (Item #2)  There has been a sea change in business continuity and disaster recovery planning. (Item #3)

Testing your plan could be easier than you think. (Item #4) Here’s information on how to design a cost-effective yet valuable training program. (Item #5) Testing will help staff understand what the plan is and what their roles are. (Item #6)

Wednesday, February 12, 2014

Cyber Issues

As fast as the experts come up with ways to defeat various cyber intrusions, the hackers and other intruders come up with new cyber threats. Read this issue to catch up on what’s happening now in cyber space and see what the experts suggest to defeat these threats.

Cybersecurity remains a formidable challenge. (Item #1) Are you aware on the key cyber issues? (Item #2)  Cyberbullies have a new arsenal of tools. (Item #3) 

Read about the top cybersecurity threats of 2014.  (Item #4) Most cyber-attacks make it into the organization through the end user. (Item #5) Spear phishing is not what it sounds like. (Item #6)

Wednesday, February 5, 2014


In the workplace of the 21st century, many experts believe that privacy - especially data privacy - will be one of the key issues for employers and employees. Have you covered these issues in your business continuity plan? If not, read this issue and consider whether privacy should have a more prominent role in your plan.

Read this article for the latest on key privacy issues. (Item #1) In your attempts to maintain employee privacy, be careful not to create a hostile environment. (Item #2)  Do you understand the concept of a reasonable expectation of privacy? (Item #3)

Can you use information found online to fire, suspend, etc., an employee?  (Item #4) Privacy is the hot workplace issue of the 21st century. (Item #5) Data privacy issues are prolific. (Item #6)

Thursday, January 30, 2014


Can you identify the most serious risks to your organization? Did your risk analysis identify catastrophic risks like earthquakes, tornadoes, etc.? If so, you’re not alone. Most organizations focus more on natural disasters and other catastrophes but less so on the more common risks that can cause problems any day of the week. This week’s articles may help you better assess your actual risks and prioritize them as well.

Before they actually happen incidents are called threats and each is a type of risk with a likelihood of occurrence and a potential impact if it does. (Item #1) Effective risk assessment is increasingly important to the success of any business. (Item #2) Risk and emotion are inseparable. (Item #3)

In order to manage change, it is important to understand the key assumptions done when assessing risks.  (Item #4) Are you familiar with the various types of risks? (Item #5) In common with any risky situation normal risk assessment rules apply to managing social media - identify, record and mitigate risk. (Item #6)

Wednesday, January 22, 2014

Insider Threats to Business Continuity

Insiders are possibly the most dangerous threat to business continuity. Organizations today are more vulnerable to such attacks, which are more difficult to detect. It stands to reason, therefore, that your business continuity plan should look at the risks of insider threats and how to deal with them. This week’s articles can be helpful toward that end.

Ericka Chickowski named five lessons learned from an FBI presentation at this year’s RSA Conference, which gives us some sobering food for thought. (Item #1) Are you ready for the conscientious objector in your midst as well as wearable technology? (Item #2) While the motivations are usually the same, there are three distinct, but different, types of insiders that can pose a threat to your organization's security. (Item #3)

For more than a decade, researchers have studied the impact of malicious insiders; the unintentional insider threat has only recently come under scrutiny. (Item #4) The CERT top 10 list for winning the battle against insider threats offers insight into the issue. (Item #5) This report identifies widespread concerns and how they can be addressed. (Item #6)

Wednesday, January 15, 2014

Flu & Business Continuity

It’s flu season again, and across the country more and more cases are being reported. If you haven’t planned for how to deal with the absences flu can cause, there’s still time to figure out how you’ll deal with things as the flu season progresses. And it’s not too early to start planning for the 2014-15 flu season!

The Centers for Disease Control provides information on the flu season and more. (Item #1) This guidance for employers can help reduce employees’ exposure to flu. (Item #2)  Here are some tips to help in planning for a safer, flu-free workplace. (Item #3)

Don’t think flu can affect your business? Think again. (Item #4) This article offers employers best practices for preventing the spread of flu. (Item #5)  Plan for the impact of a flu pandemic or epidemic. (Item #6)

Wednesday, January 8, 2014

Business Continuity Trends for 2014

None of us knows what’s in store for 2014, but plenty of experts have identified trends that will affect business continuity and disaster recovery this year. If you’re contemplating updating or changing your plans, this week’s articles may provide insight into how to be better prepared.

The article describes six emerging technology trends that will need consideration during 2014. (Item #1) What changes do organizations see in the way they handle business continuity in 2014? (Item #2) For 2014, Control Risks has identified a number of factors that will cause concern for companies, no matter which continent they do business in. (Item #3)

Booz Allen has compiled areas of focus for its annual list of the “Top Financial Services Cyber Security Trends for 2014.” (Item #4) What challenges threaten to impact on the integrity of enterprise IT systems during the year ahead?  (Item #5) From increasingly sophisticated DDoS attacks to stuxnets to insider threats, companies have plenty to worry about when it comes to enterprise security in 2014. (Item #6)