Applying a Layered Framework to Disaster Recovery

Building highly available information technology (IT) infrastructures has become critical to many corporations’ survival. However, the disaster recovery (DR) industry lacks a common enterprise framework to capitalize on the value that DR provides corporations due in part to inadequate conceptual frameworks for DR that can facilitate the alignment of corporate efforts toward corporate resiliency. To address this problem, we propose a new conceptualization for the DR of enterprise architecture. This conceptual framework comprises DR layers that describe the nature of DR and its related components from a functional and technical point of view. We discuss the benefits of these DR layers to DR teams and compare our approach to traditional thinking. Further, we present a case study, its findings, and their implications for DR. As a result, we demonstrate how our layered framework of enterprise architecture provides a unified understanding of the DR practice, which one can then use to support decision making and corporate alignment of the DR practice and its associated technology

Podpora kritičnemu multi-organizacijskemu sodelovanju v primeru odziva na katastrofične dogodke

The past two years have shown both the power of nature and the complexity of preparing for and responding to extreme events such as earthquakes, tsunamis, hurricanes/typhoons, and floods. These events, and future catastrophic events, will require coordination and collaboration between multiple government and non government organizations across national and state borders. This collaboration will require the discipline necessary to share common processes and procedures, and the agility to improvise plans and actions as situationally required. Information technology must be used to create an eRegion, enabling the shared situational assessments and adequately supporting the collaborative, distributed decision making to produce required decisions and future action plans. The role of information technology in developing these capabilities is discussed in the context of two seismic scenarios, the US New Madrid Seismic Zone, and the Adriatic Seismic region.Zadnji dve leti smo bili priča tako môči narave kot tudi zapletenosti priprav na odziv in tudi samemu odzivu na nekatere ekstremne dogodke kot so potresi, cunamiji, orkani/tajfuni in poplave. Ti in pa bodoči katastrofalni dogodki bodo zahtevali usklajevanje in sodelovanje med mnogimi vladnimi in nevladnimi organizacijami prek nacionalnih in državnih mejá. To sodelovanje bo zahtevalo disciplino, ki je potrebna pri delitvi skupnih postopkov in procedur in pa prožnost pri improviziranju načrtov in ukrepov z ozirom na situacijo. Za vzpostavitev e-regije se mora uporabiti informacijska tehnologija, s čimer bi se omogočilo skupno ocenjevanje situacije in ustrezna podpora medsebojnemu sodelovanju in porazdelitvi pri sprejemanju odločitev, kar naj bi pripeljalo do ustreznih odločitev in bodočim akcijskim načrtom. Vloga informacijske tehnologije pri razvoju teh zmožnosti je obravnavana v kontekstu dveh potresnih scenarijev, v ameriški potresni coni New Madrid in v jadranski potresni regiji

A review of lean and agile management in humanitarian supply chains: analysing the pre-disaster and post-disaster phases and future directions

Disasters have quadrupled over the last two decades leading to unprecedented loss of life. The objective of disaster-focussed humanitarian supply chains (HSCs) is to ensure saving maximum lives with limited resources; despite severe uncertainties. Therefore, significant research has investigated lean and agile in HSCs; to effectively source and speedily deploy resources, with minimum wastage; in each disaster life-cycle phase. However, the literature and research findings are currently highly disjointed regarding how lean and agile principles may be aligned with different HSC activities in the disaster management lifecycle; and do not provide a collective understanding for practitioners and researchers. This paper reviews and organises the literature on HSCs in relation to lean and agile paradigms, focussing on the pre-disaster (mitigation and preparedness) and post-disaster (response and recovery) phases. Findings reveal, all phases benefit from both lean and agile, with agile benefitting the response phase most. The phases are inter-dependent and identifying optimum decoupling points for lean and agile principles are crucial. Majority research has focussed on individual or a couple of phases. Therefore, authors recommend research on integrating the functions of the different phases by employing lean and agile principles, to generate rapid response, economies of scale and cost minimisation

Increasing resilience in privileged access management

This Master of Science in Technology thesis, developed in collaboration with a target company, focuses on increasing resilience and disaster recovery planning for a privileged access management tool. The research was conducted using online sources and supplemented by available frameworks and best practices while working for the target organization. The thesis explorers several critical questions regarding privileged access rights: their nature, necessity to secure them, appropriate protection mechanisms, and ensuring the resilience of the protection mechanisms during potential disaster recovery scenarios. The research adopts design science research methodology, commencing with a literature review of identity and access management. The thesis progresses by identifying and assessing possible threat, incident and disaster scenarios for privileged access. The research then presents the most relevant scenarios and solution to enable resilience through high availability. The solutions is then evaluated. The research culminates in a conclusion that answers the set research questions

Global Risks 2014, Ninth Edition.

The Global Risks 2014 report highlights how global risks are not only interconnected but also have systemic impacts. To manage global risks effectively and build resilience to their impacts, better efforts are needed to understand, measure and foresee the evolution of interdependencies between risks, supplementing traditional risk-management tools with new concepts designed for uncertain environments. If global risks are not effectively addressed, their social, economic and political fallouts could be far-reaching, as exemplified by the continuing impacts of the financial crisis of 2007-2008

The tensions of cyber-resilience : from sensemaking to practice

The growing sophistication, frequency and severity of cyberattacks targeting all sectors highlight their inevitability and the impossibility of completely protecting the integrity of critical computer systems. In this context, cyber-resilience offers an attractive alternative to the existing cybersecurity paradigm. We define cyber-resilience as the capacity to withstand, recover from and adapt to the external shocks caused by cyber-risks. This article seeks to provide a broader organizational understanding of cyber-resilience and the tensions associated with its implementation. We apply Weick’s (1995) sensemaking framework to examine four foundational tensions of cyber-resilience: a definitional tension, an environmental tension, an internal tension, and a regulatory tension. We then document how these tensions are embedded in cyber-resilience practices at the preparatory, response and adaptive stages. We rely on qualitative data from a sample of 58 cybersecurity professionals to uncover these tensions and how they reverberate across cyber-resilience practices

Agile Project Management: A Systematic Literature Review of Adoption Drivers and Critical Success Factors

With an emphasis on adaptive processes that respond to uncertainties, the Agile Project Management (APM) approach has evolved the way projects are managed beyond the traditional processes. This study aims to investigate recent literature on APM to discover the adoption drivers and the critical success factors that influence APM success and provide recommendations for the development of APM best practices. The study conducted a literature search on academic databases ABI/Inform, ACM Digital Library, EBSCO Host, and IEEE Xplore with keywords ‘agile’ and ‘project management’ for peer-reviewed English language articles published between January 2015 and January 2020 to discover insights regarding adoption drivers and critical success factors. Nine (9) drivers of adoption and thirteen (13) critical success factors related to the project dimensions of Project, Team, and Culture. The findings of this study outline the current state of APM adoption and use and is relevant to project management practitioners and researchers

Assessing Resilience in Power Grids as a Particular Case of Supply Chain Management

Electrical power grids represent a critical infrastructure for a nation as well as strategically important. Literature review identified that power grids share basic characteristics with Supply Chain Management. This thesis presents a linear programming model to assess power grid resilience as a particular case of Supply Chain Management. Since resilient behavior is not an individual or specific system\u27s attribute but a holistic phenomenon based on the synergic interaction within complex systems, resilience drivers in power grids were identified. Resilience is a function of Reliability, Recovery Capability, Vulnerability and Pipeline Capacity. In order to embed heterogeneous variables into the model, parameterization of resilience drivers were developed. A principle of improving resilience through redundancy was applied in the model by using a virtual redundancy in each link which allows reliability improvement throughout the entire network. Vulnerability was addressed through the standard MIL-STD 882D, and mitigated through security allocation. A unique index (R) integrates the resilience complexity to facilitate alternate scenarios analysis toward strategic decision making. Decision makers are enabled to improve overall power grid performance through reliability development as well as security allocation at the more strategic links identified by the optimal solutions. Moreover, this tool lets decision makers fix grid variables such as reliability, reduced pipeline capacity, or vulnerabilities within the model in order to find optimal solutions that withstand disruptions. The model constitutes an effective tool not only for efficient reliability improvement but also for rational security allocation in the most critical links within the network. Finally, this work contributes to the federal government mandates accomplishment, intended to address electrical power-related risks and vulnerabilities