Going for gold in business continuity

Business of IT: London 2012 has the potential to bring serious disruption to some companies, making now a good a time to update business continuity plans.

As one IT director put it, there is little point in having IT systems running at full tilt in a backup datacentre if staff cannot use the main office, because there is no catering, and no-one to clean the toilets.

This does not mean that every company should have to comply with a detailed business continuity planning standard, such as the recently-launched ISO22310 (formerly BS25999). For some smaller suppliers, the level of work involved cannot be justified. But enterprises and public sector organisations do need to pay as much attention to their supply chains, as they do to their own continuity and recovery plans.

Floods to 'flu: non-IT threats

It is also a mistake to see business continuity only as an IT issue. Basic IT backup and recovery is important, and no organisation can afford to overlook it. But businesses also need to anticipate a wider range of threats, especially those that affect staff.

Advertisement
Advertisement - Article continues below

A few years ago, pandemic planning was top of the business continuity agenda. More recently, UK businesses have been forced to react to transport disruption, and to floods. Companies have also had to deal with supply chain problems, following the earthquake and tsunami in Japan.

"You should not look for a single business continuity planning solution. Multiple strategies are valid. You can contract to have a workplace recovery site, and you can build in processes to make users, or the IT organisation, more BCP aware," he advises.

And you can nurture working from home programmes. The important point is to have a framework."

Businesses should, he says, start by assessing their risks, and listing their most critical systems and operations.

Some people, and some IT resources, will be critical to the company's operations in an emergency, and some will be vital for the business to trade. Those should be recovered first. Other, less critical systems can come back online later, and some staff may be able to work from home for longer.

What matters is to have a plan, to test it, and to ensure that everyone knows who will be in charge. The best person to run an emergency response team might not be the CEO or MD, and it might well be the head of IT.

"For most companies, it is a question of tiering applications," says Sungard's Tilley. "You probably won't have 100 per cent availability of all systems; there will be some that are needed fairly quickly, and others you can manage without for a few more days."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019