Business Continuity Planning Methodology (Lindstrom,

Business continuity planning Methodology (Lindstrom, Samuelsson, Hagerfors, 2010) the authors provide insights into how three organizations have structured their continuing planning from an IT security perspective. The authors contend that only 30% of middle and senior-management executives realize that IT security is a strategic weakness in organizations that must be continually improved upon and kept current to protect information assets. The authors make this point to underscore the critical need for having a continuity planning methodology that encompasses not just systems, but processes and the roles.

One of the major outcomes of their research is the definition of a maturity model that is shown in Figure 1 of this analysis. Continuity Planning As a Strategic Task Citing the results of their studies throughout three different organizations that support the hypothesis that contingency planning is only managed at the IT level, not the process or role-based level, the authors contend that much greater levels of education and commitment on the part of senior management is needed.

There are several studies cited by the authors that show what a difference senior management support and commitment make to the development of an effective business continuity strategy. Underscoring these studies that are corroborated with the author teams' own research about the lack of commitment, ongoing education and preventative strategies in place within organizations.

Another study shows that smaller organizations are also facing comparable challenges in terms of ongoing training and as a result have taken a much more cyclical model to the definition of business continuity strategies to enable greater learning (Botha, Von Solms, 2004). This approach to creating cyclically-based strategies has helped to alleviate the time constraints on companies over time when it comes to managing the process of education and gaining senior management commitment.

The smaller incremental gains made in these smaller organizations have actually proven to be more effective at deterring potential threats as knowledge is accumulated over time and change is gradual (Botha, Von Solms, 2004). The studies that are the theoretical foundation of Business continuity planning Methodology (Lindstrom, Samuelsson, Hagerfors, 2010) illustrate what a critical role senior management has in promoting and financing ongoing education of business continuity from the standpoint of IT security and lifecycle planning. The maturity model shown in Figure 1 explains the progression of business continuity from the.