Disaster Recovery Journal Spring 2023

other measures fail. This ties in with the requirement for information security to have availability of the data. Additionally, it is worth noting while organizations might adopt one system over another depending on their specific needs, it often

meetings where they discuss their respec tive objectives and successes as well as any issues or concerns which may arise during their workflows. This will help them stay on top of any changes in the environment or technology landscape which could impact the organization’s overall security posture. It will ensure they quickly address any inci dents or problems if they occur since early intervention can help prevent more serious consequences further down the line. In conclusion, by collaborating effec tively with one another on strategies related to data protection and availability of data and systems, business continuity staff and information security staff play key roles in helping organizations develop strong sys tems for mitigating risks while preserving their operations over time. As such, estab lishing clear protocols for communication between these two groups is essential for organizations looking to build resilient BCMS and ISMS which provide long-term protection against disruptions in service. v org). She is a retired lieutenant from the US Army. She completed four years on active duty and 28 years in the National Guard and Reserves. Redmond is an expert in the fields of business continu ity, information security, and cyber security. She has been a professional in the field for more than two decades and holds many ISO certifications from the Professional Evaluation and Certification Board (PECB), the Federation of Business Continuity International (FBCI), Master Business Continuity Professional (MBCP), and Certified Emergency Manager (CEM). With her extensive experience, Redmond has consulted with numerous Fortune 500 companies across a variety of industries to create tailored solutions to meet their spe cific needs. She frequently participates in industry events around the world as an invited keynote speaker or panel member sharing insights into risk trends facing businesses today. Redmond has become widely acclaimed for her various publications, with a wealth of knowledge in the areas of consultation, auditing, training, and international public speaking. She is a highly regarded expert in risk management with strong credentials in both compliance and technology. She holds degrees from some of the finest academic insti tutions. She obtained a Ph.D. in psychoneurology, an MBA from Fordham University in international business and marketing, and an MBA from PECB University in risk man agement. Redmond is currently completing her thesis for an MBA in information security from PECB University and will graduate in February 2023. Michael C. Redmond, Ph.D., is the deputy chief information security officer (CISO) of a large city and the founder and CEO of Redmond Worldwide, a risk management consulting firm (www.redmondworldwide.

Successful Implementation The successful implementation of a BCMS and ISMS require effective collab oration between business continuity staff and information security staff. These two groups are responsible for mitigating risks

“

and reducing vulnerabili ties in the organization. Through their combined efforts, the organization can benefit from a well structured system which is designed to protect its data, reduce downtime, minimize losses, and ensure continuity of oper ations. To achieve these goals, it is essential both busi ness continuity staff and information security staff work collaboratively. They should understand each other’s roles within the organization, identify areas where their exper tise can be used to support one another’s objectives, develop protocols for communication and col laboration with each other, and coordinate their efforts to ensure all threats are addressed holistically. Working together also requires both teams have

makes more sense for them to invest in both given their importance for any enterprise. Understanding the Differences BCMS and ISMS share many similarities due to their common objectives of protecting data privacy and security within an organization, they do differ in terms of scope being differ ent approaches tailored toward different risk types. It is important for companies investing into either system understand their differences and functionalities adequately so they can select the best one for their needs. BCMS and ISMS are two important areas of information security which organizations must adhere to in order to main tain a secure environment. While both these topics strive for the same goal,

Through their combined efforts, the organization can benefit from a well structured system which is designed to protect its data, reduce downtime, minimize losses, and ensure continuity of operations.

access to the same infor mation. This includes having visibility into each other’s plans so they can iden tify overlaps or gaps in their strategies. It also involves having access to incident reports related to either team so they can review any vulnerabilities or weaknesses in the system which need to be addressed. Additionally, both teams should have access to tools like vulnerability scanners and malware analysis software so they can detect potential threats before they become an issue. Communication and Collaboration It is important for both teams to main tain open communication channels with one another. They should have regular “

they have different approaches to achiev ing it. While business continuity management and information security management sys tems share a common goal – protection of organizational digital assets – these two topics have different approaches toward achieving said goal due mainly because each one has its own distinct set of docu mented information such as policies, pro cedures, guidelines, standards baselines, and worksheets each with its own purpose and characteristics without which proper implementation and maintenance of an effective ISMS could not take place suc cessfully.

DISASTER RECOVERY JOURNAL | SPRING 2023 33