Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Avoiding and rebounding from enterprise risks

Enterprise risks cost more than downtime. Learn how to identify, respond to and recover from disruptive incidents in this expert podcast.

In this podcast Q&A with SearchCIO.com Executive Editor Christina Torode, disaster recovery and business continuity expert Paul Kirvan explains why data analysis is key to an enterprise's ability to avoid business disruptions and delves into the key attributes of a resilient enterprise.

Paul Kirvan, FBCI, CBCP, CISSP

Paul Kirvan, 

SearchCIO.com: What enterprise risks does a company take by not building a resilient IT and business infrastructure?

Paul Kirvan: If the organization doesn't have the capability to recover and return to business operations following a disruptive event, it could fail, or it could be significantly impaired. Downstream implications of such a failure could impact many other organizations that are part of the firm's supply chain and stakeholders. If the organization is unable to identify, respond to and recover from disruptive incidents, its reputation could be irreparably damaged. Its stock price could fail, it would have difficulty recruiting staff and its overall competitive position could be destroyed. Organizations that are not resilient are rolling the dice, hoping they will not be adversely affected by an event outside of their control.

More on disaster recovery strategies

Gains and losses for disaster recovery management

E-zine download: Business continuity and disaster recovery strategies

Cloud solutions can make disaster recovery, business continuity easier

How is resilience different from enterprise risk management?

Kirvan: Think of resilience as one way to manage risks. Risk management identifies risks to an organization, quantifies their impact at all levels of the business and then identifies strategies and techniques to address the identified risks. Resilience is a way to facilitate that last characteristic of risk management. Achieving resilience requires a focused commitment, plus financial support from the firm's senior management team and quite likely the board of directors.

Being able to ferret through all the data to obtain usable business information is a key capability of resilient enterprises.

Paul Kirvan, FBCI, CBCP, CISSP

Besides an ability to respond to an enterprise risk incident, recover from it and resume business operations, what else is needed to achieve enterprise resilience?

Kirvan: There's a need to be able to gather, sort and analyze and act on a wide variety of information that is constantly being disseminated through the media, including traditional online and print media and now also social media. Embedded within all the data being generated is information that a business can use to make business decisions and also to be aware of possible threat situations. Being able to ferret through all the data to obtain usable business information is a key capability of resilient enterprises.

Another key attribute is the ability to sense the emergence of situations, even in their very early and formative stages, that could threaten the business. Analysis of data is one way to achieve this, but even more important is a business culture in which employees at all levels of the organization are regularly attuned to dynamics of domestic and global business market activity.

Click here to hear more about the downside of not achieving enterprise resiliency.

Paul Kirvan, FBCI, CBCP and CISSP, has more than 20 years' experience in business continuity management as a consultant, author and educator. He is also secretary of the Business Continuity Institute USA Chapter.

Let us know what you think about the story; email Christina Torode, Executive Editor.

This was last published in September 2012

Dig Deeper on Enterprise disaster recovery and business continuity planning

Join the conversation


Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Does your company plan to invest more or less in disaster recovery and business continuity in 2013?
Companies are becoming more focussed towards building resilience to reduce the likelihood of imoacts caused due to a growing global uncertainty on natural, socio-economic, social, political, technological areas.
To whom it may concern,
As much as our organisation need business continuity to remain resilient, a need alone without understandingthe mechanics is not enough. By so sa, we need to be enlightened on how to start using BCM