How many times growing up did my mother say to me after I did something particularly stupid, “I hope you learned your lesson!” Luckily it wasn’t that often, but on those occasions I usually did learn a lesson. However, what was painful was the lesson came after I had made the mistake and suffered the consequences. I’ll never forget the time my mother looked down at me sprawled on the ground in a heap after a very gnarly skateboard wipeout, and say, “that wouldn’t have happened if you had been at work with your father.” Thanks mom.
Anyway, mothers are usually pretty forgiving, but the world of business isn’t always so. We only have so many chances to learn from our mistakes, especially when crises or business disruptions occur, because the ramifications can be so high.
Business Continuity Planning (BCP) and Crisis Management (CM) are disciplines built on the foundation of preparing, planning, testing, assessing risks and other proactive measures so that when a real crisis occurs we are as prepared as we can be. However, you’ve heard the saying that there’s no substitute for real experience? Well, we always learn things when a real crisis occurs that we could not even think to plan for, and it is important to capture those lessons learned and incorporate that insight into our planning and preparation for the next inevitable event. Hence, the reason we have added a Lessons Learned Assessment (LLA) into the RSA Archer Resiliency Management use case.
The RSA Archer Resiliency Management use case (Check out the Business Resiliency Use Cases) enables organizations to manage disruptive events as they occur. The use case integrates with Emergency Mass Notification Systems (EMNS) to manage crisis communications, and helps users activate Business Continuity and IT Disaster Recovery plans to recover parts of the organization disrupted during the crisis. What the LLA adds is an easy, yet inclusive way to capture feedback from each member of the crisis teams after the crisis event is under control, such as what occurred, what could have been done differently to handle the event and so on. The LLA is in a survey format using our new advanced workflow, which makes it easy to identify team members and ask them questions based on their role. For example the Human Resources (HR) person responds to the HR questions and so forth. The results of the surveys are compiled, issues and follow up actions are captured and the information can be easily viewed via Archer reports and dashboards. In short, the LLA is a very practical and simple way to capture real-time, valuable insight from those closest to the crisis event. That insight can later be used to adjust crisis response plans or recovery strategies, as examples.
The LLA was introduced in the RSA Archer 6.2 launch in December 2016. This release also includes other valuable platform and solution enhancements you can see here (6.2 Release Update). One of those is how the updated Issues Management use case now integrates with the Business Continuity and Disaster Recovery Planning use case. This is powerful because you can now create and track issues and remediation plans raised directly from BC/DR plan tests or crisis events, and take advantage of new advanced workflow to better manage the issues. I’ll be talking more about and showing a demo of the LLA on the January 21 Free Friday Tech Huddle (Free Friday Tech Huddles), so dial in and learn more.
To conclude and give my mom some credit, she also says, “If you want to be successful, learn from successful people”. Well, input from many successful people went into developing this new LLA (kudos to the BCM Working Group and our internal SME team). However, success is not only built on smarts and hard work, but lessons learned along the way. Hopefully this Lessons Learned Assessment will help you be more successful in your efforts to better manage the crises your organization faces. As always, send me your feedback at Patrick.firstname.lastname@example.org, and good luck!