Triumph of the Long View
If structured correctly, an organization’s business continuity program should give it a flexible and focused framework for addressing multiple risks and security issues simultaneously in a way that involves all critical business units in designing and executing the plan. The resulting approach will promote cooperation across all significant technology and non-technology functions in the corporation, which is vital but a difficult management challenge for most companies.
As with all ambitious efforts atop the corporate agenda, a business continuity plan must have strong support from the chief executive; there must be a clear commitment to never let disruptions seriously hurt a company’s performance. Short-term thinking is often the reason this backing is missing — in other words, the CEO is simply not willing to sanction the expenditure of the money, time, and management resources necessary to make business continuity a core strategic objective and operating principle. When a crisis occurs, though — and serious vulnerabilities are suddenly uncovered — the result for companies can end up being much more costly long-term pain.
Gary Lynch, [email protected]
Gary Lynch is a Booz Allen Hamilton vice president in New York, responsible for the Commercial Information Assurance and Business Resilience practice. With over 20 years of experience as a business and IT professional, he works with senior corporate executives to help manage operational risk, specifically in the area of business continuity and information security.
Karen Avery, [email protected]
Karen Avery, a principal at Booz Allen Hamilton based in New York, is responsible for commercial information assurance solutions. Formerly, she was the chief information security officer at GE Capital.