Once again there is a post on one of the boards. A recent post reads
- "I work for a local authority (government) in the UK and I have been given responsibility for reviewing our current BCP's. These have been written by each department (17) on a template designed in 2005. Obviously when I have gone to review these against BS25999 they are nowhere near up to scratch.
We are looking at various options to 'encourage' the departments to seriously look at their plans and one of these is to basically start again using a software package which would guide them through the process with minimum input from our team (only 2 of us for all emergency planning and BC work).
I am very new to BC so had to use google to find software packages, SunGard's LDRPS looks like a good package that also has the management/administrator function that we require to oversee the process.
Does anyone have views on this particular product and experience of using it in the public sector?
I would really appreciate any advice you could give to a novice in BCM!
Many thanks,
Note that the writer admits he is "very new to BC" and later in the post adds he is "a novice in BCM!"
To the poster's credit, he asked a list (Yahoo's discussbusinesscontinuity group) and he has received a number of good responses.
My concerns are that the local authority gave responsibility for business continuity to a novice and that the local authority seems to believe specialty software will save the day.
SunGard's (nee' Strohl's) LDRPS is a heavyweight tool that requires trained and dedicated-to-its-management personnel to take full advantage of it. It also takes a fair amount of IT resources to tailor it to each organization. I've worked for five organizations - four commercial and one government entity - that owned LDRPS and none - not one - implemented the program. I also know there are many organizations that swear by - vs. swear at - LDRPS; it would not be the 800-pound gorilla in its niche if it failed to do what it promised.
Remember, our local authority BC person - I'm not certain "practitioner" is appropriate at this point in his professional life - noted that there are "only 2 of us for all emergency planning and BC work."
At least one of the responders suggested that whatever product was used to create and maintain business continuity to BS25999 (the poster's goal) the tool should be easy for the people covered by the plan to use; they will be expected (both the responder and I believe) to provide document input and to use the program's reports.
There ARE some applications on the market that probably would be more appropriate for our tyro and his local authority. EMC's newly acquired Access might be OK; it seems fairly (and I cringe as I write this) "user friendly" and easily adaptable. I've seen several demos - but never an evaluation copy; there is a BIG difference between watching someone else drive and actually having hands-on time with the program - but I confess I was impressed.
But, I have been plying my trade for more than a baker's dozen years and I am supposed to know what I'm doing.
My worry is than in the hands of a business continuity innocent, the application will drive the plan rather than the planner; the novice won't see what may be missing for his particular situation. He also may be left wondering how to respond to a software-generated query that does not apply to his local authority.
It could be worse.
One organization that contracted my services proudly showed me the $200 package of Word templates it bought. At first blush, the package was impressive, but on closer examination it turned out to have more holes than a Swiss cheese.
Since our novice is in the UK I suggested, in a private response, that he contact the Business Continuity Institute (http://www.thebci.org) and check out the organization's mentor program. Although I am a BCI "member" I'm not certain he'll get the help he needs, but hope springs eternal.
Thrusting a novice essentially alone into a planning role is akin to asking a pilot whose total air time is 10 hours in a Aronica Champ to fly a Lockheed L-1011 from New York to Tel Aviv with an equally novice co-pilot. I'll wait for the next flight, if you don't mind.
Again, to our poster's credit, he DID ask others what they would recommend and to several of the responders' credit, they cautioned him that software was not the answer; not LDRPS or any other product.
John Glenn, MBCI
Enterprise Risk management practitioner
Hollywood/Fort Lauderdale Florida
Looking for work in - or from - southeast Florida
No comments:
Post a Comment