Similar to other management systems standards, ISO 22301 is based on the ‘Plan-Do-Check-Act’ model that seeks to improve – in a continual manner – the effectiveness of the organization’s performance through proficient planning, implementation, supervision, review and…

Brian Zawada, FBCI | Jan 14, 2013

Many organizations struggle to define the best method to meet business expectations regarding information technology (IT) recovery. ISO 27031 provides guidance to business continuity and IT disaster recovery professionals on how to plan for IT continuity and…

Avalution Team | Nov 09, 2012

The introduction of ISO 22301 (Societal security – Requirements – Business continuity management system) more closely aligns business continuity to the broader risk management discipline.  A major contributor to this alignment is the standard’s requirement to understand…

Brian Zawada, FBCI | Jul 02, 2012

Though many business continuity standards emphasize the importance of tracking corrective actions to address identified issues, the recently published ISO 22301 (and previously BS 25999-2) also requires conducting a root cause analysis – looking not just at…

Avalution Team | Jun 06, 2012

As Posted in the Digital Edition of Continuity Insights Magazine Admittedly, I wrote this article to better get my mind around the swirling debate regarding the concept of organizational resilience and what it means – or better…

Brian Zawada, FBCI | Apr 04, 2012

Since 2005, Avalution Consulting has performed hundreds of business continuity exercises with organizations in every major industry and sector throughout the United States.  No matter the scope of the exercise or the level of complexity, several key…

Avalution Team | Feb 08, 2012

I recently read a column in the Disaster Recovery Journal where the editor interviewed John Copenhaver regarding Standards, Resilience and the Future of Business Continuity Management (BCM). John made the following statement when asked about the importance of…

Brian Zawada, FBCI | Jan 16, 2012

We see a lot of confusion specific to the topic of force majeure. Often, executive management has the belief that force majeure clauses in their contracts protect them from a wide variety of disruptive events, and thus…

Avalution Team | Nov 30, 2011

Many organizations think having a disaster recovery plan is all the protection they need from disasters. However, there is so much more to disaster recovery than just a plan! That’s why most industry professionals see disaster recovery…

Avalution Team | Oct 13, 2011

Online Exclusive – as published on drj.com  | Updated June 2012 [EDITOR’S NOTE – Brian Zawada is a member of the US Technical Advisory Group to ISO Technical Committee 223. Zawada participated in the 2011 and 2012 meetings as a…

Brian Zawada, FBCI | Aug 11, 2011

A Business Continuity Scoping Approach That Contributes to Better Management Engagement and Prioritization of Risk Management Efforts One of the most common questions business continuity professionals ask is how to keep management involved in the ongoing preparedness…

Avalution Team | Aug 09, 2011

After approval by the ISO member bodies, the ISO Technical Management Board Working Group on risk management released ISO 31000:2009, Risk Management – Principles and Guidelines in November of 2009. The authors designed the standard to be…

Avalution Team | Jan 19, 2011