Beyond Disaster Recovery: 5 Steps to Creating Real Business Resiliency
Let’s acknowledge it up front. Traditional disaster recovery is passé. Daily data breaches, Big Data, a digital world and, yes, CIO survival have shunted it aside for the bigger issue of business resiliency. Today, organizations must work actively and relentlessly to prevent, not merely deal with, a business disruption. They must focus on business stability that enhances and protects an organization’s human resources, revenue streams and future growth.
In short, they must embrace chaos–those now-routine complete confusions and disorders in which behavior and events aren’t controlled by anything. Think explosions, disasters or simply an Apple store when a new product launches. Chaos can sneak up and strike when we least expect it.
For complacent organizations, those attacks come in the form of cybercrime and denial of service; terrorist targets of opportunity, vulnerable wireless devices and business partner connectivity; and public infrastructure concerns. And they threaten protection of human capital.
Organizations–particularly chief information officers–must welcome this chaos that defines today’s fast—changing business landscape and has radically altered risk management and business continuity. CIOs must seize on this opportunity and be much more proactive in advancing and adopting risk intelligence and business continuity awareness. Simply employing a prevention mindset isn’t sufficient any longer.
Savvy CIOs already grasp this and are adopting advanced risk intelligence. They’re much more proactive within their organizations, aligning their goals to corporate objectives and enhancing revenues and ROI rather than simply managing risk from the protective confines of their IT operations. They recognize in this digitally driven world that businesses that use technology to create innovative products and services break away from the competition. They’re more agile. They’re more cost effective. They’re leaders in their industries.
These CIOs understand they are expected to go beyond managing traditional IT environments. They must act as change agents–using IT as a tool to benefit the business. They need to influence and provide governance for other department’s investments in software and IT services. In our client research, CIOs said their job today is much more than, “is the business still on?”
In short, they appreciate that a strong business continuity program isn’t merely a thick manual gathering dust but a plan with intelligent strategies and workable tactics for securing resilience that can be applied as each new project or initiative emerges. This is business continuity taking a seat at the table. No longer can an organization wait until an initiative or product launches to assess what might happen if a disruption occurs as customers are using it.
Consequently, this new-breed CIO is becoming increasingly visible within the corporate hierarchy. Yet, even they often ask themselves, “Am I doing my job well enough and what might I do to enhance it?” They recognize that every role and responsibility within an organization today relies on technology. They also grasp that business discontinuity damages organizations financially, operationally and reputation.
They are busy framing a successful operational resilience strategy that combines the needs of both IT and the organization’s lines of business. And it involves employing a handful of practical and proactive steps for orchestrating real resiliency. Combined, they underscore that no matter your business, it’s now a digital one and downtime simply isn’t acceptable. These steps include:
Challenge your business continuity and disaster recovery methodology
Turn it into a resiliency strategy. Determine how to align your methodology with the business results your organization seeks. Adopt techniques that make you nimbler and more responsive. Choose technology that will help achieve this and grow your business–and your worth.
Reassess your business impact analysis process.
Nowadays, organizations are launching– and changing–business processes and applications constantly. So it’s critical to work them into your business continuity plan immediately and not wait until a customary annual BIA review. Prepare a plan that encompasses these new processes, products and applications before they make their way into the production environment. And assemble a BIA group that besides includes a representative of risk management, legal, financial and compliance, among others and has the full support of senior leadership and the board of directors. This group should serve as the anchor for ensuring that business continuity and resilience gets the proper attention it deserves today.
Reinvent intelligent plans
Again, simply challenge traditional ways of doing things and consider today’s challenging business landscape with its menaces. Develop a fresh strategy for handling business continuity crises that encompasses what to do as situations unfold and change rapidly. It should be a targeted weapon–equipped with up-to-date, accurate data and incident-management techniques– to combat any attack, interruption or disaster.
Foster collaboration and communication
Internally, the CIO should work to generate watchdogs within the organization, which recognize the critical importance of being vigilant on the business-continuity front. They should encompass intelligence gatherers and monitors as well as active supporters of efforts to stay ahead of the curve on availability issues and trends. The CIO must be the cheerleader and leader, underscoring what the consequences are on people and profits should disruption or disaster occur.
Externally, the CIO should proactively communicate and collaborate with customers, vendors, regulators and others to stay on top of business continuity defenses. Consider establishing an approach to managing vendors that includes resiliency strategies and tactics. And think about joining an industry security group and retaining a business continuity consultancy or vendor to stay atop developments and trends.
Pilot innovation in your resiliency roadmap
Take the initiative to ensure you are managing, monitoring and analyzing your data constantly and effectively. Make sure your roadmap aligns with your organization’s objectives and that resiliency processes reside in every operation of the company. When any business unit is developing a new process or product, be sure you’re part of the process for business continuity reasons.
For CIOs, there’s no time to lose in pursuing this new mission of resiliency– one which centers on being proactive. Instead of protecting your employees, empower them. Rather than safeguard your brand reputation, promote it. Inspire customer confident, don’t merely preserve it. And drive your competitive edge rather than imply defend it.