How to Involve the Business to Create a Solid Continuity Plan

Best practices from CIO Executive Council members who have made continuity planning an integral part of their organizations.

By Carrie Mathews

Sat, October 01, 2005CIO Business-continuity planning has grown more sophisticated in the past few years, going beyond the technical recovery of IT systems and getting networks back online. Whether it’s a carryover from Y2K and 9/11, or the demands of Sarbanes-Oxley, CIOs find themselves in the position of not only making sure technical disaster-recovery plans are in place and working but also coordinating larger continuity efforts with all business functions.

Members of the CIO Executive Council recently identified business continuity as a topic for future Council activities and research. Twenty-seven members also participated in a June 2005 conference call on business-continuity planning. The following are some best practices from members who have made such planning an integral part of their organizations.

1] Attach a business owner as the main driver. Business continuity is not about IT; it’s about the business. Therefore, it only makes sense that someone from the business be the owner of this significant undertaking. By not identifying business continuity as an IT project, its importance to the company as a whole becomes clear and more widely accepted. The Board of Trustees at The George Washington University, for example, hired an assistant vice president in 2003 who sits outside of IT and is charged with coordinating business-continuity plans for the university, with significant day-to-day assistance from IT.

At Eastman Chemical, business-continuity planning is specifically linked to the company’s Sarbanes-Oxley efforts, which are sponsored by the CEO. At Intelsat Global Services, a Washington, D.C.-based satellite and telecommunications company, CIO and Senior VP Joe Kraus sits on the crisis management team, which is made up of 20 senior representatives from business units such as HR, facilities, security, corporate communications and the medical unit. This team, led by Intelsat Global Service’s president, is responsible for managing communications in the event of a disaster. The team meets quarterly, providing a forum for senior business leaders. Given the strong infrastructure emphasis of the business-continuity planning process, IT is responsible for the program’s day-to-day operations. A business rep is responsible for guaranteeing business-side participation.

2] Encourage business members to understand and document core business processes. It’s hard to write a business-continuity plan if you don’t understand all the details of your business. Dave Swartz, VP and CIO at The George Washington University, was surprised by the large number of managers who lacked a solid understanding of the university’s business, and therefore had not accurately documented how they ran their functions. "The first exercise that the business units underwent was to examine the business processes, including people involved, relationships with different units and their specific reliance on technology systems," says Swartz. "It was interesting to see the new points of risk that were identified that people hadn’t been aware of."

CIO
Loading...
Security MarketSpace
8 Tactics to Combat Vulnerabilities
This white paper reviews 8 key elements of vulnerability management and provides advice on combating known vs. unknown vulnerabilities. Learn more »
Email and Web Threats Require a Layered Defense
Learn how web threats are changing and how using a layered defense strategy can give you the security you need. Learn more »
The Case for Data Protection for SMBs
Take Fraudsters Out of the Game
Easily identify account-device relationships and get data for in-depth forensic analysis. Learn more »
Mobile Security Landscape
This paper examines the current mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy. Learn more »
Reducing Energy Costs in Your Data Center
This white paper examines the most common roadblocks to improving data center efficiency. Learn more »
Security convergence equals network security cost savings
 Security convergence equals network security cost savings Learn more »
IBM ISS X-Force Threat and Risk Report
Read this Trend and Risk report from IBM® ISS X-Force® to learn statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. Learn more »
 
SPONSORED LINKS
 

Mobile Security: The Essential Ingredient for Today's Enterprise

IDC White Paper: CCM for IT Compliance and Risk Management

Keeping Your Members Safe from Online Scams and Predators

Learn about the growing threat of insider data theft.

Cut Costs & Green Your IT Operations with PC Power Management

White Paper: 4 Customer Service Myths

White Paper: Improve Agility with Operational Responsiveness

White Paper: Legacy Tools: Not Built for the Helpdesk

Taking a Seat at the Executive Table: The Reality of Virtualization

White Paper: Next Generation Remote Infrastructure Management

Seven Design Requirements for Web 2.0 Threat Protection

Generation Remote Infrastructure Management - Changing the Paradigm

Cloud-Based Email Management: Opinion Shifts In Favor

eBook: How Can You Make Your People Productive Anywhere?

Achieving Business Agility with Application Grid

Ready to virtualize tier one applications? Check your virtualization maturity.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion

Read the RSA report: Security for Business Innovation

Webcast: Looking to the Cloud for Email and Collaboration Services

64-page prescriptive guide to security, compliance, and IT operations.

Keep your IT expertise up to date. Join the Intel Premier IT Professionals.

A Clear View Toward Virtualization

Virtualization Technology as a Business Solution

White Paper: Managed Security for a Not-So-Secure World

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

White Paper: A Security Blueprint Delivered From within the Network

See how AT&T can help protect your network.

Webcast: Unleashing the Power of Customer Data

White Paper: 5 Best Practices for Smartphone Support

Global Research: CIOs Weigh In On Virtualization

5 Key Virtualization Management Challenges

The Total Economic Impact of Network Security Intrusion Prevention

Join us at the US-Brazil IT-BPO Summit, on November 10th in New York.

Increase UPS efficiency without sacrificing protection.

Learn how advanced forecasting tools can deliver significant business results for global corporations.

Lower IT Costs with Oracle Database 11g Release 2

White Paper: Visibility and the New Normal of Mobile Work

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Top Five CIO Challenges

Streamline IT Costs. Boost Performance with WAN Optimization.

Want to know how you can maximize employee productivity?

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

A new fleet of PCs with a total ROI in 10 months. Find your ROI.

eZine: A Roadmap to Reducing IT Complexity

Reduce risk, gain agility. See how Progress can help your business.

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords