Thursday, May 8, 2008

ERM - BC - COOP: Call me Para Noid

I'm hardly a "neat freak" and during normal working hours my desk may seem cluttered, but I strongly believe in electronic housekeeping. (After hours, 90% of everything that was on the desk is put away under lock-and-key; nothing really "secret," just good business practice.)

At least once-a-day I go into the browser (in this case, IE 6 and 7) and purge all cookies, temporary Internet files, and the history.

With one exception, my StatCounter ( cookie, there are no others I need to keep. Reinstalling the cookie from the StatCounter site is a no brainer, so the global purge is OK.

I know where to find cookies, temporary Internet files, and the browser history on the hard drive, and sometimes, "just to be sure," after instructing IE to purge everything, I'll go look at the "folders" (nee' sub-dirs) where Windows stores them to confirm that they really are empty.

The same with email.

I rarely open anything that is unexpected, particularly if it is (a) from a name I don't know or (b) lacks a subject.

I understand, because I too am guilty, that sometimes an email gets away sans a subject, so if I know the originator I'll "probably" open the post.

I'm also suspicious, as is an acquaintance in Sri Lanka, about things that "fail to compute."

My acquaintance wants to become certified by The Business Continuity Institute (The BCI).

He knows The BCI ( is headquartered in Blighty.

He received an email from The BCI, but the physical address was Vienna Virginia USA.

Since he knows I am a BCI'er, he sent me an email asking if the Vienna operation was kosher.

I didn't know (I apparently missed an announcement from the island).

But I do know some BCI people both in the Several States and at HQ, so I asked them.

Turns out the Vienna address is "kosher" (maybe not Bet Yosef*, but "kosher").

I am an enterprise risk management / business continuity (COOP) practitioner; I am not an InfoTech specialist (anymore than I am an HR or Finance specialist) so my concern for cookies and emails comes from general awareness - an awareness level that all computer users should reach, perhaps with a little help from their friends behind the data center doors.

To me, daily housekeeping is just good business, and being aware is what should be expected of anyone who "thinks ERM."

Now - to get others to "think ERM" even if only for a moment or two each day.

My contention: You don't need to be in my business to be aware of risks.

* Bet Yosef See

John Glenn, MBCI, SRP
Enterprise Risk Management/Business Continuity
Planner @

No comments: