Enterprises implementing business continuity and security programs often overemphasize the technological aspects of the projects and overlook the human capital required to support these programs, reports people3 Inc., a Bridgewater, New Jersey-based research firm and software developer.

Companies should re-evaluate the people component of their business continuity plans, people3 says. Their focus, the firm notes, should include strategy assessment – which reassess the risks in an organization’s overall business and information technology strategies and identifies ways to close the gaps – and policy and governance, in which the company establishes a chief information security officer to clearly state and monitor security processes and procedures.

Emphasis also should be on resource planning – in which a budget for staffing, security and continuity procedures is created – and the communication process, in which policies and procedures are shared throughout the organization. The goal is to create an environment where all employees consider security and business continuity their responsibility, people3 notes.

"In most security and business continuance programs, the vast majority of resources have been dedicated to technical aspects, leaving the human capital element as an afterthought," says Linda M. Pittenger, people3 president. The concern, she adds, is that while many organizations have created state-of-the- art technology defenses for their IT environment, those defenses will ultimately fail due to the lack of an effective human capital infrastructure.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access