Disaster Recovery Journal Winter 2024

same root cause. The various scenario pain points need to flow out of the trunk of the same tree. Separate, unrelated, and distinct events will not appear viable and will result in a loss of attention and heavy critique of the event scenario and its author. For example, due to a water main break, the firm experiences flooding at the facility that results in a building evacuation and factory shutdown. At the same time lightning strikes the facil ity and shorts out the data center due to a power spike. Can these unrelated events truly happen somewhat coincidentally? Of course, but it will be greeted with doubtful and questioning attendee eyes, which could undermine the whole exercise from the outset. The situation cited can and does happen, but you won’t be able to sell it. Conversely, if the building does experience a flood – which not only results in an evacuation but also a flood of the data center (impacting all IT operations) – that is viable. If a flooded data center becomes an electrical hazard due to live wires, that too is credible since it is rooted in the original flood event. Flooding could also cause doors to unlock automatically if electricity is lost (safety precaution) and result in the need to deploy security personnel at portals as a corrective control. This can go on and on and on, rooted in the original, single, flood event. Event linkage is critical and unlike managing my system backups, in this case “air gaps between crisis events are not my friend.” (Sorry, could not resist). The focus on a root cause brings to mind the old proverb, “For Want of a Nail,” citing the loss of a horseshoe nail ultimately resulting in the loss of a kingdom: Maybe this is far-fetched, but domino effects do exist, and you have poetic license to use cascading actions in a reasonable manner for the scenario you write. Recently, I had a sequence of crazy, unrelated events that would be difficult to envision and accept as credible. First, I lost my LinkedIn account. Not sure how exactly but in signing in, I actually signed up and set up with a brand-new empty account. This disabled my existing account. Needless to say, the subse quent days were a painful scramble to get this resolved, involving heavy use of the phone to contact folks who would normally be contacted via LinkedIn. Over the course of five days, it did get resolved as LinkedIn service was excellent, but it was difficult as privacy and security were major (and admittedly proper) road blocks. No more issues … until three days later. My cell phone just plain died; no power, can’t turn it on, can’t charge, etc. Repair folks said the mother board went, and it was a well-documented situation with this version of phone. For want of a nail the shoe was lost. For want of a shoe the horse was lost. For want of a horse the rider was lost. For want of a rider the message was lost. For want of a message the battle was lost. For want of a battle the kingdom was lost. And all for the want of a horseshoe nail.

(Who knew?) Suddenly, the heavy activity shifted to LinkedIn as I worked through getting the phone assessed and ultimately replaced. Had these LinkedIn and phone outage windows over lapped it would have been crazy difficult. Did it happen? Yes. Is it readily believable. Well, not really. Again, a reality of life is not always a candidate to be used in a scenario that seems far-fetched. Still, wherever you land regarding a scenario, the requirement to engage all parties persists. That data center flood scenario above has to have a role for finance, HR, audit, etc. In order to be successful, you do need to know exactly who will be attending the senior crisis session. Individuals outside of the senior crisis team may be invited by you or others for their insight. You will need to incorporate a need for their insight and expertise into your scenario, so they will engage and collaborate with those in the exercise. If not, they will either disengage or disrupt. One approach toward this engagement is to identify injects to the scenario that target their areas directly. Recognizing the issues must still be spawned from the original root cause, but the mani festations may need to branch out to somewhat tangential areas: n By way of example(s) in this hybrid working environment, how will the firm ensure everyone evacuated safety from a facility disaster? HR almost always has a role here. n An employee strike is operationally disruptive involving security, facilities, etc. of course, but may involve legal in a union contract review or procurement to look at alternate sourcing. n A chemical spill brings environmental health and safety to the forefront, but engages internal audit in a look at historical facility reviews. The list is endless, but not obvious. To be effective, the sce nario needs to place the issues directly on the shoulders of those involved, even if remotely. Hopefully, the actual scenario dia logue will result in broader engagement. However, this cannot be counted on either. Imperative to a successful event of any kind is the acknowl edgement of critical success factors; elements which are neces sary but not necessarily sufficient for success. In other words, satisfying them gives you a shot at success, but without them you are guaranteed to outright fail. Your exercise has at least two critical success factors; the rea sonableness of the scenario and engaging everyone by addressing broad organizational issues. Missing either of these is a recipe for failure. This is a tall order. Formulating a plausible exercise while keeping all parties engaged positions you for success. Otherwise, you are setting the table for a long day. v Mark Carroll is founder of the graduate degree in enterprise risk manage ment at Boston University, teaching more than 3,000 global graduate stu dents. Carroll is a risk and recovery professional with more than 25 years of experience in the fields of business continuity, disaster recovery, and crisis management. Carroll launched the very first BC and DR programs for BIOGEN, built the global Gillette crisis and continuity program to 150 locations worldwide, and led business continuity globally for Fidelity Enterprise Operations.

10 DISASTER RECOVERY JOURNAL | WINTER 2024