For too long, ICT and the business have pulled in different directions when it comes to Business Continuity Management—and in many other respects, cynics might add. But the publication last year of the ISO22301 standard for Business Continuity Management has put renewed emphasis on the costly impact this diverse approach can have on an organisation.
Because business is so dependent on ICT, it stands to reason that ICT’s ability to recover from a disruption is integral to the business’s ability to do so. Trouble is, ICT Disaster Recovery has traditionally been a highly technical discipline with scant attention paid to the needs of the business.
That’s all set to change as specialist ICT Continuity consultants like ContinuitySA take the lead in helping to move ICT professionals from the “Disaster Recovery” mind-set to a more framework orientated “ICT Service Continuity Management” approach. ICT Service Continuity Management addresses ICT Continuity in parallel with the wider Business Continuity Management Programme ensuring joint ICT and business objectives, outcomes and maximising synergies to ultimately reduce cost and effort.
The impetus behind this welcome move is the fact that the ISO22301 standard references ISO27031, a little-known standard for ICT Service Continuity Management, dating from 2011. The crux behind ISO27031 is to move the focus away from purely technical ICT recovery issues to look at ICT Service Continuity as holistic framework of steps that form an integral and interdependent cog in the Business Continuity Management Programme of work. (See Figure 1 for an bird’s eye view of ISO27031.)
For this reason, ContinuitySA offers a two-day course for ICT professionals structured around the ISO27031 standard for ICT Service Continuity Management. The course aims to bridge the gap between business and ICT, so that ICT Service Continuity Plans reflect the recovery needs of the business—and thus can motivate for the right level of budget allocation. Course attendees will receive training to enable them to understand the needs of business, perform a Business Impact Analysis for each component of the ICT system and then exercise the solution to provide assurance to the business that the ICT recovery is indeed achievable within the business required timeframes.