Continuity Management and Business Resilience

Download this Page as a PDF

Introduction

The concept of Continuity Management and Business Resilience has evolved over the years, developing into an overarching mixture of various components, including IT Disaster Recovery (DR), business continuity planning (BC), Enterprise Risk Management (ERM), and crisis/emergency management. The scope has expanded from a reactive practice, to a more proactive discipline, enabling organizations to not only recover essential business functions, but (in some cases) to be able to continue operations in spite of disruptive events, with minimal impact to business processes.

Fires permanently close 44% of the business affected, and According to the Small Business Administration, 52% of companies will go out of business as a result of a disruptive event. In the 1993 World Trade Center bombing, 150 businesses (of the 350 affected) failed to survive the event. In short, a scalable methodology that organizations can use to identify essential processes, define/mitigate threats and document response requirements is necessary for survival.

How N&ST Can Help

In order to help organizations manage the various components of Continuity Management, Network & Security Technologies, Inc. (N&ST) has developed several specialized capabilities for assessing and improving existing processes, i.e. identification of critical business functions, implementation of recovery processes, execution of emergency communication plans, and conducting comprehensive exercises. N&ST assessments
examine all aspects of resilience and continuity programs, in order to identify not only potential issues but also to point out procedural gaps and inconsistencies that may impact the effective recovery of essential business functions. 

Standard N&ST services can be categorized as follows:

  • Business Impact Analysis (BIA) - N&ST will conduct a BIA, and/or help organizations understand BIA results, in order to align business objectives with IT capabilities.
  • Continuity/Resilience Plan Development or Review - N&ST will develop appropriate plans, identify process gaps in existing plans, provide efficacy metrics, and gauge compliance with industry Disaster Recovery and Business Continuity practices.
  • Exercise Facilitation - Based on extensive experience with both technology and business process risk management practices, N&ST will develop and execute scalable recovery exercises ranging from plan walkthroughs and “tabletop tests” to escalating exercise scenarios which may include all aspects of a disruptive event; from crisis management to full-scale business process recovery.

Professional Service and Experience

In addition to being trained and certified NERC CIP auditors, N&ST consultants have extensive experience in the areas of Continuity Management and Enterprise Risk Management. N&ST has worked with numerous organizations to implement Disaster Recovery (DR) and Business Continuity (BC) programs, develop and execute recovery/resilience solutions, and conduct spot audits of industry compliance programs.

N&ST consultants use their expert knowledge and experience to help clients address the challenges of continuity management and recovery effectiveness in numerous ways, including:

  • Program assessment and remediation activities
  • Evaluation of process effectiveness and efficiency
  • Exercise analysis and facilitation
  • Documentation review and development
  • Alignment with existing programs and processes (Compliance, HR, Security, etc.)

Only N&ST can deliver the right combination of veteran business resilience understanding and risk management experience to successfully implement and sustain continuity program efforts.

Consistent and Effective

N&ST helps clients gauge the effectiveness and maturity of their continuity management programs, remediate compliance gaps, and implement efficient, executable processes to ensure consistent program support and maintenance. All N&ST consultants are full-time
employees with extensive experience in computer networking, cyber security and enterprise risk management.

N&ST understands that Continuity Management and Business Resilience pose unique challenges to each client, therefore we choose to focus on individually-tailored solutions, rather than form-based questionnaires, scripted interviews or "standardized" document templates.

All client engagements are professionally managed to ensure complete satisfaction.



NEWS & EVENTS

EIA Releases Annual Energy Outlook
The U.S. Energy Information Administration has released their annual Energy Outlook, which can be downloaded here


NERC-led Industrial Controls Cybersecurity Workshop
January 21-29
Download the official announcement at the NERC website here.


NIST issues "Guide to Industrial Controls Systems (ICS) Security"
Recommendations of the National Institute of Standards and Technology. Download now...