Disaster Recovery Journal- Volume 13, Issue 3 - Summer 2004 Issue - Traditional Business Continuity Views Have Changed

Return to the
Summer 2004 Issue

DISASTER RECOVERY
JOURNAL

P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276
Fax: (314) 894-7474
Internet www.drj.com
E-mail drj@drj.com

PUBLISHER &
EDITOR-IN-CHIEF
Richard L. Arnold, CBCP
richard@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

MANAGING EDITOR
Jon Seals
jon@drj.com

ASSOCIATE EDITOR
Ed Pearce, CBCP
ed@drj.com

COPY EDITORS
Richard Sandhofer
richards@drj.com
Pamela Clifton
pamelaclifton@hotmail.com

ADVERTISING
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
mercedes@drj.com

CIRCULATION
Laura Baugh
laurab@drj.com

EXECUTIVE COUNCIL
Jeff Dato, MBCP, KPMG
John Jackson, IBM
Edward S. Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting Inc.
Pat McAnally, SunGard Availability Services
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard

INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity
Phone: 0161-237-1007
thomh@tempus.demon.co.uk

Australia: Anthony J. Harvey
Journal of Business Continuity
Phone: 0011-613-953-0055-8
fax: 0011-613-953-0528
sector@notability.com.au

Japan: Shinji Hosotsubo
Quake Japan Co., Ltd.
Phone: 03-3215-2880
fax: 03-3215-2881

Brazil: Jose Carlos Ferreira
Disaster Recovery Mercosul
Phone: 55 11 3666-9506
conc2000@uol.com.br
www.drms.com.br

Click Here for a Printable Version

INDUSTRY TREND

Traditional Business Continuity Views Have Changed

By MARTY KOWALSKI, MBCP

Change. It remains the one constant in modern business organizations today. Whether subtlety displayed in policy or vividly culminated in corporate downsizing, change is recognized as an ongoing part of business and organizational life in all industries.
Business continuity is no stranger to change. No longer a “techie” responsibility handled by the information technology (IT) department, effective business continuity planning is the responsibility of each business unit. And whether or not that responsibility is handled with innovative thinking can be the key to a business thriving or not surviving after a change.

Change: Data Complexity
Back in the 1980s, when disaster recovery emerged as a formal discipline and a commercial business, the focus was on protecting the data center – the heart of a company’s heavily centralized IT structure. This model began to shift in the early 1990s to encompass distributed computing and client/server technology. Today, critical business data can be found across the entire corporation – on desktop PCs, distributed computing, Web-based hosting, departmental local area networks, and data centers – which has made business processes extremely complex.
This complexity has driven the need for more effective and comprehensive planning. It has changed the focus of disaster recovery planning (DRP) to prevent the loss of data as well as to continue the business in the event of a disaster. Practitioners, in fact, now refer to this discipline as business continuity (BC) planning, a proactive term as opposed to the reactive term, disaster recovery (DR). No matter what terms are used, the fact of the matter is this: with more data saturating the entire corporate environment, the stakes are higher, the risks are greater, and the need to handle change successfully has multiplied exponentially.

Change: Accountability
To grasp the problem faced by business continuity professionals in the current corporate environment, it is important to understand corporate structure, as well as the role that education plays in the corporate environment. Today’s corporate directors and officers of companies can be held responsible for the consequences of business interruption or the loss of business-critical information. This liability could be compounded given the nature of business. For example, companies that suffer online business disruptions of nearly any magnitude often make headlines, with individuals singled out by the media and corporate leaders finding their personal reputations at risk.
In addition, serious business interruptions are now measured in minutes rather than hours. What was once considered only a minor problem can cause the same level of loss as a major problem (such as a power outage or a flooded data center) if a critical business process is affected. Furthermore, the law, particularly for a public company, may require adequate protection of data by companies. Many companies stipulate in their contracts that suppliers of services must deliver those services under any circumstances.

Change: Continuity at the Core
The business rules have clearly changed; therefore, the paradigm for managing business continuity must change. But how?
Plans are evolving from recovery to continuity, and their content must focus on the effect rather than the cause. A business function goes away; the reason why doesn’t matter. Virtual organizations will emerge, but the more companies become virtual in scope, the more susceptible they become to cyber risk. Furthermore, IT governance compels companies to exhibit fiduciary responsibility. BC/DR should be managed as a business expense, determining the total cost of ownership (TCO), defining the return on investment (ROI), establishing uniform budgeting guidelines, and increasing the need for BCP staff with business management skills.
Companies that spend more (as a percentage of their total capital budget) on BC/DR capabilities are more resilient to business disruptions. Companies that spend less time on BC/DR do so because their business model has the BD/DR business function reporting to the information technology area. Companies that spend more time on BC/DR do so because their business model has the BC/DR business function reporting to the senior executive. These companies have embraced BC/DR as a core value across the organization.

Change: Innovation as the Key
The mantra of change seems so simplistic; however, implementation is often a complicated and flawed process. Change requires innovation, which, although necessary to the success of every organization, remains one of the greatest challenges for a firm to manage. The high levels of uncertainty and the complexity of today’s environments have increased both the opportunities and the threats in managing innovation.
Organizations need to innovate to thrive and, sometimes, even to survive. This suggests the managers within these organizations need to continually challenge the status quo. They cannot be content with doing things the same way. Nor can they be content with offering the same old products and services. Resting on the laurels of past successes is the kiss of death to any organization. Some experts have even suggested that the seeds of an organization’s success quickly become the seeds of its downfall. What worked in the past will not necessarily work in the future. So what actions do organizations need to take?

Change: Decentralization
Innovative organizations tend to be decentralized and strive for more open communication systems. They listen to their customers, both internal and external. In a highly centralized organization, the majority of the decisions are made at the top after information slowly makes its way up the organizational hierarchy. In a decentralized organization employees are empowered to make more decisions, thereby enhancing the organization’s ability to be responsive to changes as they are detected in the environment.
It is critical for a company to have positions that reach out and respond to comments and concerns of the customer, rather than wait for customers to relate what they want. Today’s proactive organizations must be close enough to their customers to be able to anticipate what they may want in the future – before the customer even realizes it. The key is to anticipate what the customer needs and then deliver it before the customer asks for it. As this shows, BC/DR is best supported when this anticipation of the customer’s needs occurs.

Change: For the Better
While there are risks inherent in innovation, there are greater risks involved in ignoring the power to be harnessed in becoming an innovative organization. The opportunities that then present themselves to the innovative organization (and the people within that organization) increase astronomically. All the previous evidence supports that only those organizations that are committed to innovation on an ongoing basis will thrive in the competitive landscape of the 21st century.

Marty Kowalski, MBCP, is a business resiliency consultant with Solution Technology Inc./Mindgent based in Chicago. He is a graduate of DePaul University with a B.A. in business continuity/disaster recovery and currently serves on the certification commission and the educational advisory council of DRI International.