Reboot Your Records Retention Strategy

1.15 Under the Federal Rules of Civil Procedure (FRCP), organizations must demonstrate that their electronic information is complete, accessible, and reliable. As a result, companies must formalize their retention management strategy and rapidly put in place the organizational and technological changes required to retrieve any given record. more…

US National Response Framework released

Yesterday, January 23, 2008, 8:53:28 AM

IT-related business continuity threats on the increase

Yesterday, January 23, 2008, 8:53:28 AM

According to latest SteelEye Business Continuity Index survey.

 

E-Z Data Receives ISO 27001 Certification

Monday, January 21, 2008, 12:00:00 AM

Data, provider of front-office systems for insurance companies, general agents, banks, Investment dealers, agents, and financial advisors, announced that it has received ISO 27001 certification. ISO, the International Standards Organization, creates standards that specify worldwide requirements for products, services, processes, materials and systems. ISO 27001 is the new international standard created specifically for Information Security Management Systems. In our industry, independent agents and financial advisors must be assured of the security of their client data, said Scott Weber, Assistant Vice President of Operations Technology for PartnersFinancial/NFP in Austin, TX. E-Z Data?s ISO 27001 certification gives us even greater confidence in the fact that our member firms? data is as secure as it can possibly be.

 

IT and Compliance: 10 Big Predictions for 2008

Wednesday, January 02, 2008, 2:00:00 AM

Service-oriented IT processes and technologies will help managers bring the enterprise into line in 2008—perhaps not a moment too soon. We can’t shake the feeling that something big and very bad is lurking ’round the corner. Grab a security blanket and carefully read on for the hopes and horrors of 2008.

PL 110 – 53 Title IX

On Aug 3, 2007, President Bush signed into law ‘PL110 – 53 Implementing Recommendations of the 9/11 Commission Act of 2007’. One of the provisions of the law – Title IX - was to call for businesses of all sizes to voluntarily plan for and be prepared for a disaster or emergency.

A key provision to Title IX, directs the Department of Homeland Security (DHS) to create a voluntary certification program for private sector preparedness. This program should be developed with mutual cooperation between DHS and qualified private sector entities.

 To this end a number of initiatives have begun including a national forum sponsored by the Sloan Foundation. Their findings were published in the last couple of weeks and can be found at http://www.nyu.edu/intercep.

Having recently participated in BSI’s October launch of BS25999- Business Continuity Management System, I whole-heartedly agree that a standard is needed that is developed by knowledgeable parties and allows for accreditation of the company, and not the continuity professional who developed a company’s plan. It is through this type of company accreditation that businesses large and small can build plans based on a common framework. This consistency of framework, then allows companies to speak a consistent language and address continuity issues throughout the supple chain.

BS25999 which places emphasis on the creation of a management system which provides for continuous improvement and also provides an auditable standard for a companies Business Continuity Management effort, is a good example of a standard that allows companies flexibility to develop their plans and yet provides a common guide to those plans. Another benefit of the standard is that it provides a company focus to move the plan from a project to an integrated part of the companies overall management system.

 Its an exciting time to be part of the Business Continuity Community with the legislative and private sectors moving closer to an understanding that businesses need BC Management in order ‘Expect the Unexpected’ and respond appropriately.