1-888-PIVOT-POINT | 1-888-748-6876 info@pivotpointsecurity.com
Talk with an Expert »
Select Page
Access Here >> The Recipe & Ingredients for ISO 27001 Certification
Reading Time: 3 minutes

Who Are Your Critical Operational Superheroes?

Recently I’ve been working on a business impact analysis (BIA) with a major law firm. A contact on the client side was responsible for scheduling the BIA interviews.  He mentioned that he planned to schedule shorter, 30-minute interviews with the practice support and accounting teams and longer sessions with the attorneys and other “key” staff.

“You have that backwards,” I thought.  “The support and administrative staff are the people who really understand how your firm operates.”

It’s the paralegals who keep the lawyers out of trouble. Attorneys are busy day and night meeting with clients, taking depositions, making court appearances…  Meanwhile, guess who coordinates their calendars and keeps them synced with Outlook, drafts documents and correspondence, organizes their case files, makes their travel arrangements and countless other critical tasks?

“This illustrates why it’s absolutely essential to identify these key people.”

Similarly, Pivot Point Security would grind to a halt without our finance person. She handles accounts receivable, accounts payable, AMEX reconciliation and so much more.  I couldn’t do what I do without her, and neither could any of the other consultants.

Many smaller businesses depend on these “Radar O’Reilly” types of people for day-to-day operational support.  Therefore, it’s critical to identify and interview them as part of your BIA and, recovery planning process. Otherwise many of your everyday business functions—never mind recovery procedures—could remain ineffective.

How do you find these unsung superheroes?  When you’re interviewing the people everyone “thinks” are important and asking them about what they do, how they do it and what they need to do it, you start hearing the same few names over and over.  (Hint: They probably work on your admin/support, finance and/or marketing teams.)

From a disaster recovery standpoint, consider when you really need to recover an entire department with ten or more functions (accounting, for instance).  How far can we stretch the real experts? What happens if a disaster occurs during their vacation? (you do let them go on vacation, don’t you?) That’s where cross-training, “desk guides” or SOPs come in really handy. It helps the pinch hitters’ effectiveness.

It may make sense to have that expert on the crisis management team to get through the first three to five days of a crisis instead of recovering the entire department. If your accounting “superhero” was assigned to support the crisis management team, they could likely handle all the necessary crisis-related accounting functions.

This illustrates why it’s absolutely essential to identify these key people.

Going back to my law firm client, as we were conducting our interviews, I kept hearing about one individual who heads their practice support team.  She was the one who trained everybody on court document templates, kept an eye on everyone’s calendars, took over when people went on vacation, handled everyday problems and questions, and so on and on.

I nudged the “IT guy” who’s our point of contact at the firm and said, “This one lady needs to be on your crisis management team, because she’s an expert on everything your firm does.”

He looked across the table at her and said, “Consider yourself appointed.”

To talk with an expert about conducting a BIA or other business continuity planning activity, contact Pivot Point Security. We specialize in empowering our clients to efficiently and cost-effectively handle disruption.

Also, fun fact… PPS was just added to the Top 100 Cyber Security Blogs!

ISO 27001 Recipe TNISO 27001 Recipe & Ingredients for Certification eBrief
Discover what you need to achieve ISO 27001 certification!

This eBrief will give you a quick and easily digestible introduction to the ISO 27001 standard and the process of becoming ISO 27001 certified.

close

Enjoy this blog? Subscribe to get new posts immediately!

Get new posts by email:
You can easily unsubscribe at any time - See our Privacy Policy here.
LINKEDIN