2016-02-29

step by step towards assurance

In order to obtain assurance, your qualified continuity plan should be tested.

Don't wait for it to be "perfect". Test soon, and use the test to find weaknesses.

The effort you put into testing will depend on risk. Begin with a desktop test, discussing the plan step by step with stakeholders.

Iterate the test and watch your plan improve, as well as your ability to execute it.

Nothing beats reality. A realistic simulation is the next best thing. It won't be cheap or simple, but certain scenarios need to be simulated.

2016-02-18

crystal ball out of service

Retirement planning and pension savings is one of the most difficult, long-term decisions most of us will ever face. At a recent seminar, Nordea offered a list of issues to think of, focusing on today's rulebook, how responsibilities are shared between state, employers and individuals. But the system keeps changing. We're all literate, we can read up on current rules. As experts, bring your crystal ball, help us understand trends and scenarios. What might the system look like 30 years from now?

2016-02-08

it's not the technology, stupid!

I used to think that proactivity in security is all about Risk Management. Then I found myself involved in Crisis Readiness. Still with an eye on risk exposure, preparedness adds a human as well as organizational  capability dimension. How good are we at dealing with difficulties, improvising and being creative from a platform of plans and structures? The crisis perspective makes security more challenging. but it does confirm an old belief - it's not the technology, stupid! Think people and processes.
20240205