A Quick Recap of Solutions 2019

We’ve wrapped up Solutions 2019. Here is a rundown of the three-day event!

Welcome Reception

The Welcome Reception was a hit! Clients connected with each other and prepared for the coming week of exploring and learning. Many settled in and charted some Chicago adventures after the summit.

Day 1

It was a great first full day. Things kicked off with a welcome speech from CEO and Founder David Nolan who passed it over to our opening keynote speaker John Iannarelli, retired FBI Special Agent Executive. John shared his stories from more than 20 years of service in the FBI and his perspective on how to respond to threats including cyber, active shooter, and terrorism.

After the keynote session, attendees picked their own path from the specialized program tracks: business continuity, risk management, IT disaster recovery, program management, platform administration, and possibilities. Some mixed and match to tailor their experience for their program.

During the Fusion Leadership Panel led by Chief Revenue Officer Paul Ybarra, Director of Technology Evangelism Ramya Ragavan, Risk Solutions Manager Alex Toews, VP of Account Management Elissa McCulla, and SVP of Strategic Engagement Mike Geier covered topics like digital transformation, industry convergence, security, customer engagement, and third-party management.

The Client Innovation Panel was moderated by VP of Client Engagement Tracey Rice. We heard stories from panelists with a diverse array of knowledge and industry experience. They shared their insights from being program ambassadors and mastering company engagement to how they transformed their programs. Each discussed their journey in the industry and provided tips and tricks for the Fusion community.

The day ended with the Community Happy Hour. Attendees networked with our sponsors and Fusion staff.

Day 2

The Product Vision keynote started the day off with Chief Product Officer Steve Richardson and Chief Technology Officer Cory Cowgill. Clients were excited about learning what’s coming next at Fusion and discussing hot topics such as cybersecurity initiatives, new data privacy regulations, and the ever-changing industry certifications.

Clients attended a variety of breakout sessions throughout the day including Leveraging Fusion Mobile Capabilities, Security Best Practices, and Preparing for ISO 22301. The Lightning Showcase highlighted the features provided by the Salesforce Lightning Platform.

Our evening event at Punch Bowl Social was the highlight of the day! The pictures say it all! Many played games, sang karaoke, and enjoyed hanging out together.

 

Day 3

We had some great town hall sessions with some amazing clients. Everyone enjoyed hearing their stories. From Ask Mike Anything to Creative Use Cases for Communities, the breakout sessions wrapped up successfully.

The energy was high heading into in the Closing and Awards Ceremony. Congratulations to all of our award winners! We appreciate your generosity to help those in the Fusion community and beyond. Solutions 2019 came to a close with delicious food and hugs at the Engagement Luncheon. Everyone is looking forward to 2020!

A special shout out all of our wonderful speakers and presenters! We appreciate everyone’s support of the Fusion community.

Overall, Solutions 2019 was a successful event, and we invite everyone to join us next year at Solutions 2020! Be sure to continue the conversation. Let us know your favorite part about Solutions19. Follow us on LinkedIn and Twitter and use #Solutions19.

Solutions is Fusion Risk Management’s annual customer success summit. Established in 2017, this summit gathers clients from all over the world for three days of networking, education, and innovation. Learn more at solutions.fusionrm.com.

 

Thank you to our sponsors!

Automating the Flow of Information Across Risk Management

Up-to-date and accurate information is mission-critical for risk management. It was also next to impossible to achieve when Excel, Word, and SharePoint were the industry-standard tools, since documents became outdated almost as soon as they are created. The situation improved with the evolution of solutions such as business continuity software, crisis management programs, emergency notification applications, and the like. These tools often use automation to collect and update data on an ongoing basis.

Unfortunately, solutions all too often exist in silos sectioned off from one another. These walls prevent businesses from leveraging automation to collect, distribute, and analyze information from an end-to-end risk management perspective. This poses a barrier to top-level planning, management, recoverability, and resiliency.

Digital transformation is essential to integrate the full suite of risk management tools and allow automation to thrive across all areas of risk. Consider the following benefits of end-to-end automation:

  • Information can be entered once and applied in multiple areas. People become irritated if they are asked to provide the same information time and again for various risk management functions. But if risk management systems are integrated through digital transformation, people’s expertise can be solicited once and applied seamlessly across systems, greatly increasing operational efficiencies and ensuring data accuracy.
  • Huge and cumbersome once-a-year updates disappear. Massive updates that require the tedious manual review of global information to check for needed changes are eliminated with digital transformation. They are replaced with automated self-checks where the system regularly evaluates existing data across risk domains to identify where updates need to be made and then collects or solicits that information directly or sends an alert about the required update. Automated workflows and approval processes also serve to keep information accurate and up to date year-round.
  • Enterprise-level reporting is made easy. If risk management tools and systems are siloed, global reporting is a challenge. With full integration, reports can be run instantly that provide the data and insight necessary to make strategic decisions about risk management, resource deployment, and organizational resiliency.
  • Gaps that represent risk can be readily identified. It is very difficult for risk management personnel to detect missing, improper, or inadequate recovery strategies when faced with hundreds of different departments, functions, and applications. An integrated risk management system can do so automatically. It can not only identify gaps, but can also prioritize and locate where greater risks exist. For example, the system can differentiate between a critical business process that has gaps in its recovery capabilities and a lower-tier service based on the connectedness of the data.

Ultimately, digital transformation opens the door for automation that fundamentally changes how companies collect, manage, use, and act upon data. This automation enables businesses to work from a common operating picture, strengthen recovery strategies, and respond quickly and confidently to any crisis or incident.

The Fundamentals of Business Impact Management

Let’s start from the beginning: what is business impact management and what does it entail?

  • A process is a fundamental business function that provides a product or service as a benefit to the organization.
  • When the ability of a process is disabled, compromised, or lost, the organization experiences what is called a business impact.
  • Business impact management is the practice of understanding the risks your business processes face and mitigating, or formally accepting, the impact of those risks.

 

business team around table

Effective business impact management requires an avenue to understand your business processes and how to address potential impacts. It should allow you to go beyond simply understanding, by enabling you to determine gaps and ways to address them and improve your program over time. Your employees and colleagues have valuable information about how their processes’ work, and you need to extract that information in an objective, understandable manner. Begin with the end in sight – determine the information most crucial to keep your business up and running. Then, start with these five tips to better understand business impact management.

Determine What’s Best for You

Everyone wants a “best-in-class” program. You can get there, but first, take the time to look at what’s best for your organization, and then compare that to your desired end goal. Through knowing what information is important to your organization, you can leverage reporting to focus on key metrics and enable your data to drive answers.

Ask the Right Questions

Ensure your question format makes sense. Ask the right questions, in the right way, and determine what information is necessary rather than just “good-to-know.”

  • Keep questions concise and to the point
  • Use terminology familiar to the subject matter expert
  • Identify similar questions, and try to consolidate into similar fields to avoid user fatigue

Consider Dependencies

The practice of business impact management involves leveraging available tools to help address your organization’s potential impacts. It’s important to also consider processes’ dependencies and how they could affect recovery objectives. Ensuring your processes’ requirements are up and working when the dependent process needs them is crucial to avoiding additional disruptions. Business impact management also involves taking the information surrounding your process and its dependencies and using it to mitigate the potential Impacts.

Work Incrementally

Business impact management alleviates work through time by refreshing and improving data rather than starting from scratch. Mature your program incrementally – at a pace that works and as more data is needed. Consider how you will use your data and use the appropriate configuration. Manage your program year-round by utilizing reporting, gap analysis and metrics.

Review Feedback

Review feedback from subject matter experts to determine areas that need improvement:

  • What worked?
  • What was difficult to understand?
  • Is there anything missing?
  • What was overwhelming?

Sounds like a lot of work, right? Well, I am going to be honest: the first year can be painful, but it pays off tremendously in the subsequent years, which are mostly about updates. Business impact management helps you understand your business, learn more to leverage your data, and determine process priority. By doing so, it identifies gaps, allows you to mitigate potential impact, and structure your program to be iterative. Overall, managing data with this approach greatly reduces your organization’s exposure to risk.

Want to know more about business impact management? Fusion can help you! Learn more about our advisory team committee, Fuel.

You may be thinking, “What about a business impact analysis?” BIA’s are the traditional approach that is focused on a point in time. They can evaluate a process in terms of its impact, criticality, and mitigation factors. Business impact management is more holistic and evolving. BIAs are great when used in alignment with business impact management but will not give you a comprehensive approach for mitigating risk alone.

To better understand how to leverage BIAs, check out our blog post Identifying the Optimal Process and Department Level to Perform a Business Impact Analysis.

What to Expect at Solutions 2019!

Are you ready for the client summit of the year? We are! Over the course of the summit, attendees will hear inspiring stories from peers, participate in networking sessions, learn best practices that can transform their programs, and learn about what’s next at Fusion from our leadership team. Here is what you need to know about Solutions19.

Tailored Content

This year, Solutions features six tracks to ensure you get the most value out of your time in Chicago. Unsure which one is best for you? Here are some insights.

  • Business Continuity: From topics on optimizing BIAs to automating development and distribution of plans, you’re sure to come out with new ways to manage your program.
  • Risk Management: See how to extend Fusion into your risk program and better understand the convergence of risk and resiliency in the market.
  • IT Disaster Recovery: Learn how to better manage recoveries, conduct exercises, and improve outcomes.
  • Program Management: Strengthen the quality and resilience of your program. Gain insights on best practices and new trends to own your program.
  • Platform Administration: Master the fundamentals. Be a part of core platform sessions applicable to every discipline.
  • Possibilities: Discover something new! We’ll show you exciting and innovative new ways to use Fusion; the sky’s the limit.

Or you can mix and match! We’ve provided a variety of topics so you can choose the type of experience you want. Each program is different from the other, so we want to make sure you’re attending the sessions that are right for you. Manage your agenda on our new event app! You’ll also be able to give feedback on all the sessions and engage with other attendees at the summit!

Networking and More

Making new relationships, sharing stories, and learning are just a few things in store for you. In addition to the structured networking sessions, we’ve got some fun activities planned:

Punch Bowl Social

You can cozy up in a booth and pick the brain of someone new or stir up a little competition with some of your colleagues. From karaoke to games and dancing, Punch Bowl Social has it all.

Scavenger Hunt

Throughout the conference you can participate in our scavenger hunt. If you finish it and turn it in, you’ll be entered into a raffle. It’s also a great way to “stretch your legs” in between sessions.

Photo Opps

And of course, we’ll have some fun cutouts that you can take pose with and snap a picture. Be sure to share on social with #solutions19 and on the Solutions19 app. And, feel free to live tweet throughout the conference.

Keynotes

This year, we are welcoming John Iannarelli, retired FBI Special Agent Executive, as our keynote speaker! Hear his stories from more than 20 years of service in the FBI and his perspective on how to respond to new threats.

Get the scoop from Chief Product Officer Steve Richardson and Chief Technology Officer Cory Cowgill! They’ll share where we have come in the last year as well as the product roadmap for the next year and beyond. We’ve also got some special announcements! And of course, you’ll be the first to know all of the new and exciting developments happening at Fusion.

Partner Pavilion

Don’t forget to say hello to our sponsors, located in the Partner Pavilion. We’ve invited the best of the best to compliment your experience. Our community is stronger when we work together, so stop by the Pavilion and don’t forget to network with them during the Community Happy Hour.

Whether you’re new to your industry or have decades under your belt, Solutions19 will not only immerse you in the Fusion Community but also enhance your industry knowledge! For those registered, let us know what you’re most excited about for Solutions19 on social media. Follow us on LinkedIn and Twitter and use #solutions19.

Solutions is Fusion Risk Management’s annual customer success summit. Established in 2017, this summit gathers clients from all over the world for three days of networking, education, and innovation. At Solutions, you’ll interact with colleagues, strategic partners, and industry experts about topics including business continuity management, IT disaster recovery, integrated risk management, third-party management, and crisis and incident management. Learn more at solutions.fusionrm.com.

Business Continuity and Vendor Management: Better Together

In the Better Together blog series, we take a look at how business continuity can support other functional areas by creating an information foundation from the data that business continuity collects from multiple sources across the enterprise. Here, we explore how business continuity and vendor management are better together.

With enterprises increasing their reliance on vendors in support of critical business functions, the role and visibility of third-party or vendor management has grown substantially.

The production priorities of this function include:

  • Vendor qualification
  • Contract negotiation
  • Capability assessments
  • Service level agreement monitoring

Business continuity has worked with third-party or vendor management for many years to ensure that business continuity language is included in contractual agreements, thereby reducing operational risk. But can business continuity further assist third-party or vendor management with their priorities?

Absolutely! Take the scenario that an equipment supply vendor’s contract is coming up for renewal. Vendor management can access the information foundation to see that the vendor currently supports two business processes. Plus, vendor management can readily see if there is an alternative vendor already working with the company who may provide the same services. These factors can be taken into account in the upcoming contract renewal decisions.

For more real-world examples of the information foundation in action, read our whitepaper Creating the Foundation for Increased Business Resiliency and Efficiency.

Here’s How to Keep Your Programme Under Control

Vulnerabilities are endless — resources are not. Maintaining information from across your organisation and managing risks from internal and external sources is difficult. There are an endless number of risks, but only limited business continuity team resources. No matter what, the numbers don’t sound great.

Knowledge must be consolidated to even scratch the surface of being in control of your programme. Most enterprise companies – especially as they grow and expand — work in some sort of a silod environment. IT doesn’t know what sales is doing – sales doesn’t know enough about product development and so on. Peoples’ knowledge is limited to what they do on a daily basis, fighting their own fires. If their work requires perusing additional knowledge, they might do so, but often, people don’t even know where to start.

That can lead to a myriad of problems. If there is little to no interdepartmental communication or knowledge, what will happen when disaster strikes? Every department for itself isn’t going to work. Coordinating teams that don’t really understand what’s important to others also doesn’t work in crisis. Continuity efforts will either elongate or fail if there is a complete lack of coordination.

In order to have a streamlined operation that is secure, it is imperative that all stakeholders have full knowledge of operations, so they can respond to any need across the organisation with confidence. Historically, information consolidation wasn’t possible, but now with technological advances and digital transformation, you no longer have to file everything away on paper documents that become outdated almost immediately. There is no excuse for not having an information foundation. Especially during a crisis or disaster.

An information foundation consolidates and centralises data, so all of your information is in one location. It should be accessible to everyone that needs it, all while being secure. This allows for data over documents and knowledge over plans. Instead of having a binder of outdated plans, you have all of the organisational knowledge you need for decision making.

Organisational knowledge isn’t new – it’s always been critical for businesses to understand potential threats and determine the most effective ways to address them and to recover should they occur. What has changed is our ability to organise, share, access, and delegate information. Everything people need to know about contingency plans and business continuity should be contained in a virtual one-stop shop where data is constantly updated, redundancies are eliminated, and roles are clearly defined.

A good information foundation provides you with the organisational knowledge you need to:

  • Understand your business and its goals
  • Proactively plan
  • Adjust as things are constantly evolving
  • Empower executives to empower you
  • Break down silos

All of this enables wisdom and encourages collaboration. It makes interdepartmental communication easy. After that comes prioritization of the endless vulnerabilities. Proactive planning and a firm grasp on every piece of information needed makes for the best chance at a full recovery in the least amount of time possible. That’s why it’s important to possess something — probably a software solution — that pulls all of the necessary processes into that all-important information foundation. You can use your knowledge from the information foundation as power.

Because this information is so valuable, why let it stop with just being useful to the business continuity team and maybe the disaster recovery team? Once the knowledge base is assembled, organisations will find there are many ways to leverage this newfound asset, including:

  • Mergers, acquisitions, and divestitures
  • Investment banking
  • Personnel decisions
  • Vendor management
  • Budgeting
  • Procurement
  • Risk Management

Power comes to individual practitioners who embrace and execute on building an information foundation for organisational knowledge. People who are in the know and can help others make better decisions are more valuable to their organisations. Really, there isn’t anyone at your company that doesn’t benefit from a complete information foundation. Again, the emphasis becomes on who will come to you for information rather than you going out and collecting scraps of data when it’s time to update your BIA and plans. Think of what you already collect — adding in more information is a small effort that pays off in incredibly big ways.

By consolidating information, using data for decision making, and breaking down silos, you’re able to gain control of your programme and go beyond to create a business continuity and risk management focused approach in your organisation.

Company Engagement Series: Give Your Business Continuity Program a Wellness Check

Wellness checks are conducted every day for people who don’t feel sick to make sure there are no hidden problems which could impact their health, strength, and vitality. Giving your business continuity management program a wellness check is important for exactly the same reasons. Here are seven “diagnostics” you can use to determine the overall health and wellness of your company’s program:

1. How connected is business continuity to your company’s vision, mission, goals, and strategy?

If the answer is “not at all” or “not much,” your program has a systemic weakness. To strengthen it, you need to learn everything you can about your company so that you can connect and align business continuity management with your company’s “big picture.”

2. How does business continuity support what your company is selling?

The health of your company is directly related to its success in selling products or services. If business continuity is not actively engaged in supporting customer sales, satisfaction, and retention, the business as a whole will suffer.

3. Is your program focused on the company’s key priorities?

Businesses today are vitally concerned with maintaining business operations and avoiding or mitigating any impact a disruptive event might cause. Since that is a top organizational priority, it needs to be acclaimed as the top business continuity priority.

4. What is the general perception of business continuity management’s value to the company?

If its perceived by company staff in general as a cost center whose only value is loss avoidance, you have work to do. Create a new “elevator pitch” for business continuity management to clearly communicate all the ways in which it aligns with and supports the company’s vision, strategy, priorities, operations, and sales.

5. Do business continuity management personnel have a seat at the decision-making table?

As the central repository of a wealth of knowledge, business continuity can be a major contributor to business decisions on a day-to-day basis, not just when the company is in crisis mode. If you don’t have a seat at the table, it’s time to prove that you deserve one.

6. How informed and engaged are people across your organization with business continuity?

People take ownership for what they help create, so the more you involve people, the more business continuity will become the cultural norm for your enterprise. Ask for input, engage people in tests and exercises, provide training, and keep communication flowing!

7. How are you measuring the performance of your program?

Wherever your program and culture is today, you’ll never know if you’re getting better unless you measure. By measuring your performance, you will be able to make informed decisions and take targeted actions to improve that performance. Be sure to establish metrics that give you actionable data about what you are doing, what impact you are having, and what results you are getting.

If you would like to know more about how to ace your next BCM wellness check, read the white paper 8 Steps to Building an Engaging Business Continuity Management Culture.

Company Engagement Series: In BCM, Metrics Drive Behavior – and Improvement

Management thinker Peter Drucker affirmed, “If you can’t measure it, you can’t improve it.” Wherever your business continuity management program and culture is today, you’ll never know if you’re getting better unless you measure. But if you are measuring your performance, you will be able to make informed decisions and take targeted actions to improve that performance. Metrics drive behavior.

Here’s what you should be sure to measure!

Measure things that answer WHY business continuity is important, such as:

  • The number of single points of failure

  • The percentage of revenue exposed to single points of failure

  • The number of client contract requiring it

  • The percentage of new opportunities requiring business continuity

Measure WHAT you are doing, such as:

  • Plan coverage

  • Exercises conducted

  • Reduction in expected loss outage and outage duration

  • The number of contracts and revenues associated where business continuity was a criteria for winning business

Measure things that confirm HOW the program is doing, such as:

  • How efficient and effective it is

  • How current and complete it is

  • How reliable and cost-effective it is

  • How aligned with business objectives for revenues and profit it is

Think for a moment about all this information can for you. With measurements and metrics in hand, you can deliver reports that will help keep business continuity in front of the company executives. You can demonstrate how you are supporting business goals and objectives. You can track the percentage of plans that are completed, the updates that are being made, the improvements that are being executed, and other relevant data. You can continuously expand and enhance your program until you have established a true business continuity culture in your organization.

Find out more on how to build a business continuity culture by reading the white paper 8 Steps to Building an Engaging Business Continuity Management Culture.

Company Engagement Series: If You Want to Engage People in a BCM Culture … Engage Them!

A common lament of business continuity management professionals is that their leaders and fellow employees aren’t interested in business continuity. But if you ask, “What have you done to engage people in business continuity?” the answer is often a sheepish, “Well, nothing!”

If you want people to be engaged with your program, you have to take the initiative and engage them! Intentionally facilitate and inform people at every level about business continuity and the value that it delivers, as well as about how they can be involved and make a difference. Remember that people take ownership for what they help create, so the more you interact with people, the more business continuity management will become the cultural norm for your enterprise.

There are countless ways in which you can embed business continuity into your organization. For instance, you can:

  • Engage executives and department heads in tests and exercises. These tests and exercises can be designed to accomplish a variety of purposes, such as educating participants about critical components of business continuity management or testing participants’ abilities to respond appropriately to a completely unexpected “curve ball.”

  • Establish annual mandatory training for all employees. The training should explain what business continuity is, how the process works once an incident is declared, and what is required of employees.

  • Launch an internal business continuity website. The site can house the plans that are in place, provide additional resources, and instruct employees how to be prepared at work and at home for a disaster.

  • Disseminate information on a regular basis. Take advantage of departmental meetings, lunch-and-learn events, newsletters, social media, and more to keep business continuity in front of employees.

The key here is to be consistent so that the message is being transmitted constantly across the organization, and to be creative so that people want to listen to and engage with the message!

Find out more on how to build a business continuity culture by reading the white paper 8 Steps to Building an Engaging Business Continuity Management Culture.

Company Engagement Series: How to Get a Seat at the Table

Business continuity management tends to be perceived by leadership in general as a cost center whose only value is loss avoidance. It is no surprise, therefore, that business continuity rarely has a seat at the executive decision-making table.

It is time for that to change. Consider what business continuity has to offer at the strategic level! You centralize key data from all across the organization, you have relationships with every department, and you have mapped out all the critical processes of the organization including where they are located, what technologies they rely on, which people and vendors they involve, and how they are interdependent. With this wealth of information in hand, it is time to work your way into the strategic decision-making process.

You deserve a seat at the table because you have the data, knowledge, and insight – the information foundation – to be a major contributor to business decisions on a day-to-day basis, not just when the company is in crisis mode. For example:

  • If your company is closing down a facility, you can instantly provide information about what operations take place there, what technology is housed there, and what critical processes could be disrupted during the course of a move.

  • If your company is upgrading IT storage, you can identify which servers the old storage frame is connected to and which processes it supports, thereby avoiding a negative impact on enterprise operations.

  • If your company is considering a contract with a new vendor, you can provide information regarding the recovery time objectives and service level agreements that are needed for the various business processes the vendor would interact with, which will assist procurement in negotiating the best contract.

Remember, knowledge is power! Business continuity has immense knowledge at its fingertips through the information foundation it manages. That knowledge can be a game-changer for the company. Take or create opportunities to demonstrate that you can have a positive effect on other areas of the business, and you will win a seat at the table!

Find out more on how to build a business continuity culture by reading the white paper 8 Steps to Building an Engaging Business Continuity Management Culture.