From its adoption as a discipline in the 1980s,

Transcription

1 DISASTER RECOVERY From its adoption as a discipline in the 1980s, Disaster Recovery has come a long way. Since the publication of PAS 77 in 2006 (the precursor to BS25777 published in 2008), even its name has changed to reflect growing recognition and importance. Disaster Recovery (DR), or as it s more commonly referred to now, IT Continuity Management (ITCM), was, when it started, firmly rooted in large mainframe computer environments and had little strategic effect on the organisations it supported even when events conspired against the status quo! How times have changed! The nature of distributed computing, global always-on operations and the internet where the desk-top and blackberry user currently holds sway has ensured that. And as computing has matured so has DR planning: its many business benefits having become much better understood. This article takes a timely look at the importance of ITCM and its relationship with Business Continuity Management (BCM), its corporate benefits, key business drivers and milestones in the process, the current threats to operations, and the impact it is having on the resilience agenda. WHY IT CONTINUITY MANAGEMENT? To explain why IT Continuity Management has become such an important part of, and integral to, sound business as well as IT planning, we need to understand and acknowledge corporate vulnerability, technical dependency, the consequences (rather than merely the causes of disruption), and how senior management make decisions while operating under pressure. Organisations have become leaner, highly available and more responsive to their customers. This has also CHARTECH ISSUE 165 APRIL

2 meant an explosion in the amount of available data for decision-makers some or much of which is vital in managing major incidents. The downside of this efficiency is that it tends to make businesses more brittle and prone to disruption. Being resilient increases flexibility in a way that compensates for the brittleness caused by efficiency. So, while bombs, fires and floods may grab the headlines it is a fact that most incidents and 90% of serious disruption to IT service provision are caused by mundane events. By understanding that the output from a suite of IT continuity plans assists corporate decision-making after all it is people operating under immense pressure supported by their plans which will recover operations rather than the plans themselves businesses become more resilient and able to cope when disruption occurs. ITCM provides us, therefore, with the flexibility of mind as well as a process framework to manage and mitigate the gathering storm. The remainder of this article explains how but first a definition of ITCM. WHAT IS IT CONTINUITY MANAGEMENT? The British Standards Institute define it thus: the capability of an organisation to plan for, and respond to, incidents and disruptions in order to continue ICT service at an acceptable predefined level 1. The BSI defines ICT service as a combination of human, physical and logical assets together with data which supports an organisation in its daily activities and consists of tools and/or facilities provided to access and 14 icaew.com/itfac

3 FEATURES use information and to communicate both internally and externally. IT service provision then is so much more than just managing boxes of tin! A PROCESS APPROACH IT provides us with the information architecture on which the modern business functions. Without it business ceases to work in any credible sense. If you need proof of that try switching off your network at on a Monday morning! We need a process therefore for coping with this sudden loss of functionality and IT as a potential single point of failure. This process should identify what your business-critical functions and outputs are and the threats to them; supported by measures to eliminate these threats. If this is not possible, then contingency plans must be developed to mitigate and manage these threats: small-scale as well as headline threats. Cast in these terms ITCM is much more than recovering from a disaster and is not, therefore, just a one-off planning exercise. It is a genuine risk management process which must be woven into the fabric of normal business operations and business decision-making. Legal counsel in the wake of the Canary Wharf bomb puts it thus: records; At a fundamental level, therefore, ITCM addresses these issues and is a planning process: rather than the causes; dispersion; capabilities, information management, teamwork and mutual support; and rehearsals; formal crisis management structure owned by a senior management team; corporate governance. If you have a plan, and you operate that plan to the best of your ability even if you may get something wrong on the day, at least you are defendable at a tribunal, a public enquiry or in court. But: if you have no plans made, then you are not defendable, and you are on your own. So, while bombs, fires and floods may grab the headlines it is a fact that most incidents and 90% of serious disruption to IT service provision are caused by mundane events. Businesses are more likely to be disrupted by unspectacular events roadworks, damaged power cables, loss of staff and data etc. Since so many business services are delivered online and supported by remote call centres and innovative ICT, the ability to respond and continue delivering as normal is compromised if plans are ineffective or non-existent. The drivers for the process therefore include: order of business priority; CHARTECH ISSUE 165 APRIL

4 Figure 1. Relationship between ICTM and BCM. Source: BS25777:2008. KEY MILESTONES The process of implementing and maintaining ITCM involves: manner; recovery strategy; normal is possible; ITCM AND ITS RELATIONSHIP WITH BCM ITCM is related to a number of other risk management disciplines and should be undertaken with a thorough understanding of business objectives, policies, standards, processes and supporting services for: ITCM, IT STRATEGY AND BUSINESS BENEFITS ITCM has a significant influence on IT strategy and helps to identify information systems and services which require high levels of resilience, availability and capacity. An IT strategy must be developed with an eye to the key question what happens if? and the benefits which flow sit at the heart of business decision-making. They include: within ICT services; ICT services; The outcomes of ITCM mean business-critical activities are identified and protected, and so their continuity is ensured; a business can invoke their incident management capability thus avoiding incidents becoming crises; a business better understands itself and its relationships with other organisations (e.g. supply chain, regulators etc); staff are trained to respond to and cope with incidents; stakeholder requirements are understood and met; business reputation is protected and you remain compliant and legal. 16 icaew.com/itfac

5 Figure 2. Key ITCM timescales. Source: BS25777: Source: BS :2008. THREATS TO OPERATIONS In summary: and espionage; networks, communications, technology enablers, less central control, new entry points for intruders; managers, business partners, auditors and regulators all demanding more protective measures. Specifically ITCM addresses those risks, or threats to operations, which cause a sudden and serious impact, such that business continuity is threatened. These typically include: services; distributors or other third parties; systems both from within as well as outside the perimeter fence. SUMMARY When ITCM planning is twinned with BCM and the two disciplines must support each other the process and outputs have a positive impact on business resilience. The key to planning is to consider the consequences rather than the causes as these are more easily predicted and steps can be taken to reduce their effects before an incident ever occurs. While it is possible to have an IT continuity plan without an incident ever occurring, it is impossible to manage a major IT incident without a plan. Planning however is often managed as an operational activity assigned to individuals without strategic responsibility. As the effects of major disruption are almost always strategic in their reach, senior business decisionmakers must learn to confront their dependencies and vulnerabilities in order to improve their understanding and awareness of IT risk management specifically threats to operations. A flexible framework stressing the importance of plans which assist decision-making is the key to success, enabling senior decision-makers to take a firm and responsive lead, while confirming business priorities when invocation is approved. About the Author James Royds FBCI is vice-chair of the Business Continuity Institute and a Director of Security Risk Management Ltd. CHARTECH ISSUE 165 APRIL