IT Preparedness in Business Continuity Planning: 5 Tips to Get You Started

As we all know, business is increasingly a 24/7 activity, one that relies heavily on the capabilities of complex, interconnected business systems and networks. IT professionals’ ability to keep everything running is therefore more important than ever, and when you throw in the occasional emergency situation – a network failure, business system outage, power blackout or pandemic – things become even more complex.

One of the most valuable things I’ve learned about emergencies is that business continuity plans are only as good as the IT strategies that enable them. IT departments must play a pivotal role in every aspect of business continuity, from strategy and planning to resource allocation to implementation and monitoring.

It’s not that every IT manager needs to be an expert in this field, but you do need to understand your role in the larger picture. That means acting as the in-house expert on network and communications technology to ensure that your business works at maximum efficiency, no matter what the situation.

Here are five important things to consider when you’re helping your organization implement a business continuity plan.

1. Get proactive.

Business continuity is not something you implement at the time of a disaster – it’s all about proactive planning and assessing your risks before a problem occurs. You need to learn how IT fits into every aspect of your organization’s operations, from deliveries to ordering, from voice capabilities to data storage and retrieval. By knowing how your IT operations are connected to these functions, you’ll be able to work with colleagues in other departments to develop an effective, cross-functional business continuity plan. Remember: failure to develop an effective plan can prevent you from delivering your products and services on time, resulting in lost customer confidence, decreased sales and revenue, and possibly a big hit to your reputation and future profits.

2. Evaluate your communication dependencies.

To be an effective partner in the business continuity process, you need to identify your organization’s most valuable assets and critical business functions – i.e., those that must be preserved in an emergency – and then determine how dependent those assets and business functions are on the company’s business systems and networks. Think about it this way: organizations are connected across offices, cities and continents; workers collaborate using mobile devices, laptops and tablets, from remote sites and from home; meanwhile, your customers and partners expect instantaneous access and response times. Now ask yourself: in the event of disaster, outage or shutdown, which of these technology channels would be absolutely essential to keeping your most important business assets functioning? Which functions could your business do without, and for how long? Knowing the answers to these IT questions will go a long way toward building a business continuity plan that works.

3. Understand your vulnerabilities

You also need to help identify your company’s critical components, such as facilities, employees, business processes, IT systems, applications, data, platforms and networks. Understanding which components are most important to your daily operations will help you identify the vulnerabilities in your business processes and network infrastructure. It will also help you assess the impact a disaster, outage or shutdown would have on employees, customers and partners.

4. Set Priorities for Risk Mitigation

It’s essential to determine how long you can afford to be inoperable, and to define the impacts of a disruption to every level of your organization’s operations – business, financial and communications platforms. From there you can begin to develop a risk mitigation strategy that takes into account each of those impacts, and to identify objectives, requirements and priorities for the recovery of critical business components.

5. Develop Your Recovery Plan

This is an essential point, because no matter how many preventive measures you have in place, disruptions still happen. You can greatly reduce the negative impact on your business and speed up recovery times by preparing your network and IT procedures in advance:

• Implement system and data backup arrangements and the procedures to support your recovery strategy.
• Negotiate vendor contracts and/or lease agreements to acquire equipment and services that will help you in the event of a disaster.
• Upgrade network and business data security such as firewalls, intrusion detection, hacker protection, password authentication and data encryption.
• Assess and strengthen your network redundancy and re–routing capabilities, as well as your work–around procedures and/or contingency plans.
• You should also determine critical vendor and business interface disaster recovery capabilities in the event that they’re impacted by the same disaster.

The role of IT managers and planners will only increase as more business processes move onto company networks and into the cloud. These are just a few very high-level considerations to think about from an IT business continuity perspective. If you have not addressed all these issues, you should create an operational-friendly business continuity plan for your business (facilities, employees, processes, systems, data, platforms and networks). And make sure that you exercise / test your plan to learn how well it will perform during an emergency.

Please feel free to ask me any questions in the comments section, and we’ll continue the conversation from there.