An insight into the BCI World Virtual 2021 by Luke Bird FBCI
I wanted to share my experience of this year’s BCI World Virtual Conference to give those who couldn’t attend and may have wondered what was on offer and how it went.
Let me tell you it did not disappoint. I really enjoyed it.
*My interpretations of the sessions below are exactly just that and others may have heard/seen them differently!
Business Continuity and Risk Management
The first session I attended (because I locked myself out!) was for Federica Maria Rita Livelli’s presentation on risk management and business continuity. I am a big fan of hers because she produces impressive pieces of content for the BCI and on her LinkedIn profile across a number of different themes of resilience. I was excited to listen to what she had to say. Also, as a major strictly come dancing fan, the fact that she could crowbar in the Paso Doble into the relationship between business continuity and risk management was something else. I loved it!
Federica argues that business continuity is more tactically focused, which I’d be inclined to agree. She also suggests that a more a strategic approach combining risk management would allow greater focus on the analysis of a potential crisis. The main point of the presentation is that the two disciplines need to work together in harmony for a truly successful outcome.
This presentation also asks professionals to take a more human centred approach to develop their relationships across the various business domains and top management to maximise the incident response effectiveness.
Business Continuity or Operational Resilience, presented by Sarah Garrington
I then watched Sarah Garrington’s session on the difference between business continuity and operational resilience.
Sarah begins her presentation with a very easy to understand and high-level overview of what business continuity management is. I think the ability to do this is often overlooked because as professionals we often over complicate it. I was taken by how Sarah – in only seven minutes - was able to clearly explain business continuity and why it is needed to an organisation. That is something that I believe is a key skill that is needed to be an effective business continuity manager! I think we all need to practice this and get just as clean and under seven minutes!
Her presentation goes on to provide the origins of regulatory focus on operational resilience citing some heavyweight resources such as Basel, FCA, and Gartner. A key message put across was that we work on the basis that the bad stuff has and will happen as opposed to possibly, which is empowering for resilience professionals to redefine their arrangements.
Sarah also argued that successful process mapping can benefit from the skills of a business analyst or continuous improvement teams. These individuals can help to define a process. This needs to be bookended with the perspective of a “doer” and a manager to then marry up the gap.
Another key point raised is the broad possibilities when an organisation considers its impact tolerances beyond the traditional recovery time and point objectives. This gives you an opportunity to become more customer centric in your thinking by leveraging the wider stakeholder group help define more meaningful thresholds.
This session just got better and better as it went on. I’ve listened to Sarah at a previous event and on a podcast session with Rina Singh. Sarah covered the complex list of core domains considered for operational resilience and the things that the resilience professional will need to think about.
My key takeaway from this session is to broaden and expand your perspective.
The Ru Paul Effect on Business Continuity, presented by Penny Killow
This was so much fun! I loved every minute of this. Not least because I’m a big U.K drag race fan but also the idea of using it to illustrate advice to our community - and the presenter, Penny Killow, smashed it. She was great!
Penny first touched on the initial similarity of the diverse skill set amongst the resilience community just as there is within the drag race community. The argument here is that on RuPaul’s Drag Race some queens are dancers; some are designers some are dressmakers etc. Similarly, in business continuity we have a mixed bag of people that have moved from a completely different career into this profession, those that fell into the profession by accident and stuck around and those that have come straight from university having studied business continuity direct into a related role. On top of this, we have professionals within our community operating in different organizational structures, sectors and regions, which provide a varied range of skills and perspectives to share. Penny’s point is that one’s strengths may be another’s weakness and vice versa. As a resilience professional one should look at the core competencies framework and consider their strengths and weaknesses against this so that they may upskill themselves.
The next similarity relates to the famous lip sync contest between the two queens that stand for elimination at the end of the episode. She points out that this is a crucial moment where their performance is expected to be well rehearsed and polished. This very much aligns to the way in which resilience professionals should have their message on the benefits of the program and the return on investment to the organization. When the time comes to presenting to key stakeholders / top management we must be prepared, fact-checked and rehearsed. If you don’t prepare you may be seen as unprofessional and given less airtime in the future.
The session then goes on to compare aspects such as collaboration during routines, passion for the what the queens are doing and their ability to exude confidence when it matters. All these core skills can equally become a part of the resilience professionals “make up”.
Well done Penny! Shante, you stay
An Effective BIA, presented by Shane Mathew
I went to this session because there has been a long-lasting debate online about the BIA. Some say it is an ineffective practice and some say that people aren’t doing it properly… and on we go.
Shane Mathew provides a really positive, practical, and balanced presentation on how one might improve their approach to BIA.
He shared Tips on reducing the scope and the number of questions. Bringing consistency to risk tolerance level and the positions of those who participate.
Shane also offered some thoughts on how to encourage the business to give you the required information via aspects such as gamification techniques.
Application Continuity, presented by Scott Baldwin and Agnidipta Sakara
I know sometimes business continuity professionals often groan when discussions about technology come about. Our best practices and competencies to fulfil this role do not require us to be an expert in deep technology requirements. However, having spent several years across banking technology, I now can’t help myself but deep dive into the tech side (as much as I can understand). Therefore, I was drawn to the session because the title was music to my ears.
Scott Baldwin has a significant degree of experience in several technology organizations and Agnidipta Sakara is a very worthy host who has clearly cut his teeth with tech recovery. It was nice to hear two professionals chat it out. I would personally love to hear a follow up on this because it was right up my street, and I felt the discussion could go even further. Scott has a skill for bringing the scenario right back to the core points which really helps to simplify the discussion if you’re not into the techy stuff. Clearly a very good communicator!
The session covered technology dependencies, approaches to prioritisation and challenges with testing modern infrastructure. As I say it was a lot to cover in a short amount of time. Encore! Encore!
Resiliency in the Third-Party Sector, presented by RV
The final session for me was the one presented by Vaidhyananthan Ramachandran (AKA - RV). I was aware of RV before this session as a popular professional in the global BC & Resilience community, so I was excited to watch his presentation. Not least because I have spent the last year in a third-party resilience program and I have been exposed to so much I wasn’t previously aware of.
He didn’t disappoint as his presentation delivered a very comprehensive overview of a third-party program. He also offered suggestions on how to enhance third-party arrangements for those that are still trying to mature this area of their business. From what I’ve seen in the last 12 months, everything in this presentation is exactly what is being discussed across the regulatory landscape and the third-party professional network. Resilience professionals attending the conference will benefit from the overview even if not directly involved in their current role.
His session covers the broad components of a framework that if put in place would put your organization on the right path. This included: the need for scope criteria, assessment approaches, contact clauses, testing, reporting and metrics. You leave the session equipped with a good introduction to this space (speaking from what I’ve seen already). Well done sir!
This is one of the few live sessions I was able to attend live and it was followed up by a Q&A session, where RV was able to talk in more detail and several of us managed to discuss the evolution of third-party resilience over the last 20 years and how well the conference had featured this is a key topic this year.
One word sums up this year’s conference and that is CONTENT. So, so much content. The beauty of a globally placed virtual conference is the availability of experts from all over the world; and BCI World Virtual provided a wealth of insights to choose from. I found it hard to pick with the limited time I had during the two days.
I was covering a number of my team this week so I couldn't make many of the live sessions, but the on-demand service really helped me dive right in when it suited my schedule. I was able to balance my time to really enjoy a broad range of topics that I can bring back to my organisation. I can also go back and look at sessions I couldn’t make (if I can find the time!).
I hope this gives members and non-members, who perhaps haven’t attended the conference, a useful insight to what you can get out of it. I should add that I didn’t even cover the panel sessions, the exhibitors and keynote speakers! There was just too much to cover for one article but hopefully you get an idea!
About the author
Vice President - Business Continuity and Disaster Recovery
Award-winning continuity & resilience professional working in financial services.
Global Board Director for the Business Continuity Institute.
Business Continuity Institute Scotland Chapter Committee Member.
*All opinions shared are mine and not those of the BCI board, which is a collective decision-making body.