IT Business Continuity

Introduction

Business Continuity (BC) is the capability of an organization to continue the delivery of products/services at acceptable predefined levels following disruptive incident [Source: ISO 22300].

BC is extremely important to the survival of any organization in turbulent times. It is crucial for organizations to predict, get prepared for and respond to serious incidents in order to survive and continue their critical business operations. Organizations with robust Business Continuity Plan (BCP) can predict the unexpected and provide timely response. According to the Business Continuity Institute, organizations with BCP have 87% faster response to incidence. Disruptions to business operations can result in serious repercussions to organizations.

Information Technology Business Continuity (IT BC)

IT BC in the context of this article can be construed as IT Disaster Recovery. IT BC is a subsidiary of business continuity, with focus on minimizing business downtime and getting technical operations back to normalcy in the shortest possible time after an incident.

IT BC is the ability of an organization to restore its critical IT infrastructure (hardware, software, network, meatware and data) that runs the business after an incident. One key consideration for an IT BC is how quickly an incident can be recovered and restored.

Some organizations overlook the meatware (IT Professionals) aspect of the IT infrastructure when planning for IT BC. There have been several instances where organizations have experienced severe shocks to their operations upon the exit of key IT employee(s).

IT Business Continuity Plan

IT BC Plan (Plan) is a business plan that provides instructions on how business operations can be restored quickly and effectively after a disaster. IT BC planning forms part of BC planning but has its focus on the critical IT infrastructure of the organization. It contains measures to minimize the effects of a disaster so that the organization can quickly resume critical functions.

According to phoenix NAP, 93% of organizations without disaster recovery plan who suffer a major data disaster go out of business within a year.

The Plan should contain approaches to ensure uninterrupted delivery of critical IT services and identify all the resources required to maintain the critical IT infrastructure.

A robust Plan is one, which ensures that critical business operations continue to run during an incident or disaster; without interrupting services to clients.

Benefits of IT BC Plan

There are enormous benefits to be gained for having a viable Plan. The following are some of the benefits:

  1. It helps to provide adequate protection and redundancies for the entire IT infrastructure of the organization.
  2. Regular testing of the plan helps organizations to be more prepared for any incident before they occur.
  3. It helps organizations to quickly and easily recover critical IT infrastructure. Hence, significantly decreases down time during incidents.
  4. Being able to recover faster helps avoid loss of revenue, customers and market opportunities. This saves cost for the organization.
  5. It helps protect the organization’s brand and reputation, and instil confidence in its clients and stakeholders.
  6. It helps organizations to deliver products and services unabated.
  7. It helps organizations to pay lower premiums on insurance.
  8. It helps organizations to fulfil legal, regulatory and contractual obligations.

Conclusion:

Critical IT systems ought to be setup to withstand disruptions. This can be achieved through building redundancy around all critical IT systems, including proper succession planning.

Organizations; irrespective of size and industry can experience some form of disaster at any time. It is therefore imperative on them to put in place measures to circumvent or reduce the impacts when they occur. IT BC plans need to be regularly tested and updated; an untested plan is as good as no plan.

Without a robust and regularly tested Plan, organizations can loss colossal amounts of money due to fines, loss of customers and inability to meet contractual obligations. Their brand and reputation may also be ruined through negative publicity. Sanctions can also be imposed on them by regulators. Stakeholders; including customers, prospective customers, shareholders, suppliers and the general public may loss confidence in them.

Some organizations bank all their hopes on insurance policy to safeguard themselves in times of disasters. However, it should be noted that, insurance only covers loss or damage to tangible assets and not the organization’s brand and reputation.

Organizations must strive to have BC plans, which holistically protect their operations. They can comprehensively safeguard themselves with the adoption or implementation of a Business Continuity Management System (BCMS). BCMS will ensure the continuity of all the critical business functions within the organization during major disruptions or disasters.

Author:

Sherrif Issah – Member: Institute of ICT Professionals, Ghana, and Consultant @ Digital Jewels Ltd

For comments, contact author sherrifi@digitaljewels.net  Mobile: +233243835912