Career Opportunities
Events
Career Forum
News & Articles
Recruiters
Register For Our Weekly Newsletter
Catch Up On The Latest Headlines
Thought Leadership Articles
Submit Thought Leadership
 
<< Back

BS 25777 will push IT Service Continuity up the Strategic Agenda

David Davies

The paradox of IT Service Continuity (ITSC) Management is that while IT managers and service managers agree on its importance to the organisation, this is frequently not reflected in the focus given to it.

The paradox of IT Service Continuity (ITSC) Management is that while IT managers and service managers agree on its importance to the organisation, this is frequently not reflected in the focus given to it. Typically the following situations are frequently found in organisations:
• An historical lack of investment in developing recovery capability.
• Lack of understanding by senior management and the IT department on the ‘gap’ between recovery requirements and recovery capability.
• New projects and change management processes do not incorporate ITSC requirements.
• The extent of ITSC testing and technical recovery documentation is limited at best.

There are several reasons why this situation has evolved:
The organisation does not take ownership of its IT recovery requirements
ITSC is often regarded as being owned by the IT department, and the IT department will certainly own the technical recovery solution. However, to arrive at requirements for the technical solution, the organisation must understand its own recovery needs.
Lack of incentives
ITSC can be easily perceived as a limited-gain, long term overhead. Quick, high visibility projects can be far more attractive and perhaps more urgent in immediate terms. At an individual level, ITSC management is frequently not perceived as a stepping stone on the IT service management career path.
Lack of synergy between ITSC and business continuity
Business continuity and ITSC career paths within organisations are often separate. Practitioners in one often lack a clear understanding of the other, which can hinder the development of requirements and recovery solutions.
Pressure for testing to present a successful picture
The ITSC test programme must be brutally honest, or it is flawed. Testing selectively, making generous assumptions, and overlooking reasons to fail a test may seem harmless or even helpful at the time. However, this means that issues are overlooked which may surface in a real recovery, with potentially serious consequences to the organisation.

To resolve the current ‘paradox’, the board must recognise the need for effective IT service continuity and sponsor the development of it within the organisation. To achieve that, the following changes are needed:
• Resources must be assigned to support the ITSC programme.
• ITSC must align with business continuity requirements to support the organisation’s requirements during recovery.
• Career and service delivery incentives should be put in place to protect the quality of ITSC delivery.

ITSC is a difficult concept to promote within an organisation. However, the publication of a new British standard - BS 25777 ICT Continuity (a working title) later in 2008 / 2009 should change this situation and push ITSC onto the strategic agenda where it needs to be.

If BS 25777 follows the principles adopted for BS 25999, it will define what an ITSC management system should look like, providing a framework for audit and recognised certification. Organisations seeking to achieve certification should do so through a UKAS accredited body with proven competence, impartiality and performance capability. Since ITSC is a specialist field, many organisations would benefit from involving subject matter experts to bring them to certification level.
Organisations will do well to develop ITSC management now, rather than to wait for publication of BS 25777. For implementing ITSC, there is no time like the present.