Managing Enterprise Risk: Understanding the 8 Risk Domains
In enterprise risk management (ERM), risk is commonly divided into eight distinct risk domains, some strategic and some operational. In today’s post, we’ll look at what these domains are, reveal which tend to get overlooked, and […]
FFIEC: An Introduction to BCM’s Gold Standard
Most business continuity professionals think of FFIEC as a business continuity management standard that is only relevant to financial institutions. However, many other types of organizations would benefit from adopting this set […]
All About BIAs: A Guide to MHA Consulting’s Best BIA Resources
We write a lot about BIAs in our blog and ebooks, and no wonder: the business impact analysis is the cornerstone of a sound business continuity program. In today’s post, we list, […]
Single Points of Failure: Protecting Yourself from Hanging by a Thread
Many organizations are at risk of experiencing an outage due to the breakdown of a so-called single point of failure (SPOF), a resource that has no redundancy. In today’s post, we’ll identify […]
CMT 101: Crisis Management Team Roles
The consequences of having the wrong people on your corporate crisis management team can be severe. In today’s post, we’ll look at the departments that need to be represented on your organization’s […]
Beginner’s Guide to Recovery Exercises
Recovery exercises are an undervalued but critically important aspect of business continuity. In this beginner’s guide to recovery exercises, we’ll provide answers to some of the questions we are most frequently asked […]
Getting Started with Enterprise Risk Management
Risk can never be eliminated but it can be mitigated. In today’s post, we’ll take a look at how organizations can get started using Enterprise Risk Management (ERM) to reduce their exposure and improve their resilience. Related on MHA […]
MHA and Kroll: Coming Together to Move Ahead
The recently announced partnership between MHA Consulting and Kroll is a tremendous win for both firms and their clients. It’s also an exciting milestone for me personally as someone who, twenty-five years […]
At Risk of Distraction: The Seductive Appeal of RMIS Software
An emerging hot topic in business continuity and risk management is the software known as a risk management information system (RMIS). An RMIS can help an organization identify, assess, monitor, and mitigate […]
The Rise of “Quick and Dirty” DR Testing
Fifteen years ago the prototypical IT disaster recovery (IT/DR) exercise was preceded by months of meticulous preparations and took place over an extended period of time in the equivalent of a hermetically […]
Rehearsing Plan B: The Importance of Mastering Your Workarounds
In terms of bang for the buck, not all business continuity activities are created equal. One of the most valuable ways BC practitioners can spend their time is making sure their organizations […]
BCM Basics: Business Continuity vs. Business Resilience
This post is part of BCM Basics, a series of occasional, entry-level blogs on some of the key concepts in business continuity management. The terms business continuity and business resilience are superficially […]
Planning to Fail: 10 Common Mistakes Companies Make with Their BC Plans
Most organizations recognize the importance of having a sound business continuity recovery plan, but many plans are undermined by the presence of overlooked weaknesses. In today’s post, we’ll look at 10 mistakes […]
BCM Basics: Introduction to Business Continuity as a Service (BCaaS)
This post is part of BCM Basics, a series of occasional, entry-level blogs on some of the key concepts in business continuity management. Many people are familiar with Software as a Service […]
Zero Trust Security: What BC Practitioners Need to Know
Zero Trust is the emerging approach to network security that requires verification of all traffic, external and internal. Here’s what business continuity professionals need to know about the rigorous new security framework […]
Get Cyber Smart: How to Make Sure Recovery Plans Align with Information Security Needs
Recovery plans and strategies cannot be created in a silo. Instead, they should be developed in coordination with the cybersecurity department to ensure that recovery measures do not inadvertently create vulnerabilities that […]
Fire and Rain: Adapting to an Era of Global Instability
Geopolitical risk is arguably at the highest level it’s been in 50 years. Here’s what organizations can do to protect themselves. Related on MHA Consulting: Global Turmoil Making You Ill? Try a […]
Be a Hard Target: Train Your Employees in Security Awareness
Most organizations today are justifiably obsessed with cybersecurity, but many overlook their greatest IT vulnerability: their employees. The best way to strengthen a company’s defenses is by providing every employee with security […]