No matter what happens, you
cannot afford to let your business fail, or for that
reason, even temporarily lag. So how do you ensure that?
This formed the center point of the recently held seminar
on 'The changing economics of Business Continuity'.
Held on April 29 and April 30 2003 respectively at New
Delhi and Mumbai, the seminar featured prominent speakers
such as Dr. Kevin McIsaac, Program Director, Infrastructure
Strategies, META Group; T Srinivasan, Country Manager,
India, EMC; and Val Souza, Editor, Express Computer.
The event opened with a presentation
titled 'Ensuring Business Continuity' by Val Souza.
The Express Computer editor helped clear many of the
misconceptions that surround the term Business Continuity
Planning (BCP). According to Souza, the primary goal
of BCP is to deliver the right data without data loss.
The primary goal of accurate data delivery might be
impeded by risks such as those at the customer, supplier
end; with the hardware & software; with core business
processes, and also at partner ends. This is where BCP
comes into play.
Today, most businesses are
dependent on information, and thereby IT, to a very
large extent. Businesses have also started interacting
with the outside world using IT on a scale that's never
been seen before. This has created a scenario where
there is no room for data. Add to this, the explosion
of data due to new entrants like ERP and SCM, Souza
drove the point home citing a KPMG study which shows
that few Indian organizations are going in for BCP.
Even if implemented, few of them actually test it.
The next speaker was T. Srinivasan
and he spoke about the latest trends in business continuity.
Srinivasan described how aspects like the criticality
of data, consistency of data, and distance increases
in the enterprise, have made it crucial for business
continuity to take center stage. He also pointed out
that businesses tend to focus only on business resumption
from a remote site in most cases. In such a scenario,
many of the routine business tasks might be neglected.
Business resumption from a remote site is very critical.
However, it is more important to concentrate on the
day to day tasks that users have. This is where there
is need for actual BCP in organizations.
According to Srinivasan, there
are three essential components for a BCP to be in place.
These are consolidation, centralized control, and business
continuity. In terms of storage, business continuity
involves features such as data replication & recovery,
and resumption of operations.
Then came the highlight of
the eventa presentation on 'The Economics of Business
Continuity' by Dr Kevin McIsaac. The META Group analyst
started his presentation with how applications have
become more externalized over the years. He made a clear
distinction between terms like Business Continuity (BC),
Disaster Recovery (DR), and High Availability (HA).
According to McIsaac, most of the organizations are
inadequately prepared in case something goes wrong.
"Almost 85 percent of
US companies altered BC/DR plans after September 11.
So you need to be prepared for the unthinkable,"
said McIsaac. McIsaac said CIOs need to be more proactive.
They should learn how to sell HA/DR to the business.
Some of the main issues they will be confronted with
are understanding downtime, justifying DR & HA spending,
and selecting the solution.
When it comes to downtime CIOs
should be able to define availability and categorize
downtime. Mean time to failure and mean time to recover
are more important than almost 100 percent availability
levels in this scenario.
McIsaac highlighted the fact
that technical people tend to focus only on unplanned
technical outages most of the time. This is only a very
small percentage of downtime. While unplanned downtime
can be dealt with by putting in more redundancy, there
needs to be more process-oriented efforts to deal with
planned downtime. For example, planned downtime could
be downtime due to scheduled backups. This is where
organizations need to become more process-oriented,
While all the technical factors
can be dealt with, CIOs have a bigger challenge. This
is in justifying downtime and its effect on the business.
"Your job is to ensure
that businesses understand the need for disaster recovery.
Businesses need to see the risks induced due to unavailability
of an application," said McIsaac.
Offering a few words of advice,
McIsaac said that the CIO should limit himself/herself
to providing the management with the various options
they have, and let the business figure out the costs.
The CIO should educate the business about the pros and
cons of each solution. Selection of the appropriate
solution should be left to the business head. McIsaac
also emphasized the fact that DR has to be done at the
initial stage itself.
The event featured speakers like T Srinivasan, Country
Manager (India), EMC
The event was attended by prominent CIOs and CTOs
CIOs need to be more proactive - Dr Kevin McIsaac,