Ask any business leader what the main challenge of 2020 was, and I would wage that managing a dispersed workforce would be near the top of many lists.
This year has been the ultimate test of organisations’ Business Continuity (BC) plans, and in a year littered with bad news, it has been good to see how many UK companies have managed to adapt and thrive under such challenging circumstances.
However, it does seem that a return to normal office life is still some way off. The UK continues to go in and out of lockdowns and employees will not be rushed back into the office before they feel safe. Therefore, a resilient IT infrastructure will remain just as crucial in 2021 as it has been this year.
The transition to working from home resulted in organisations becoming significantly more reliant on IT systems to ensure they remained productive and operational. Recent research from the BCI’s Technology & Business Continuity in Organisational Resilience report shows IT Resilience ranked as a top reason for successful responses to COVID-19. Given the heightened importance of technology and IT systems though, it’s surprising to see how low technology capabilities rank. Just two-thirds (67 percent) consider IT service continuity to be a core component of resilience, with IT disaster recovery ranking even lower (49 percent). Just over a quarter of professionals (28 percent) consider high availability services a top five issue. Such lack of prioritisation hints that greater levels of communication and awareness are needed between IT and other parts of the business.
So, as we head into the New Year, what are the key considerations for IT teams and business leaders looking to ensure IT resilience becomes a priority?
Keep BC departments engaged with IT
The aforementioned report found that IT and IT Resilience departments that work closely with BC teams that implement “non-siloed” working practices have the most resilient working practices. A massive 89 percent of respondents ranked BC as one of their top five capabilities in the foundation of a resilient organisation. This proves the widely considered view by the contributing professionals that the foundations of resilience are built on the sum of many departments, overseen by strong leadership.
This is a clear example of the importance of effective collaboration. Business leaders must make sure priority products and services are mutually agreed between departments. This ensures business critical activities can be continued or restarted in line with the BC plan, and also ensures the agreed critical processes are mapped correctly.
An individual with a BC background should be placed within the IT Resilience team – or vice versa. The report showed that individuals with a good understanding of the processes and requirements of both departments were able to help generate best practice for IT resilience within their organisations. Better collaboration will ensure any business continuity plan is implemented in the most efficient way possible.
Be diligent with information sharing
When it comes to IT risk, the report shows its the IT department or a specialist IT Resilience department which commonly takes ownership of technology risks. In over half of organisations (55 percent), the IT or IT resilience department follows good practice and shares the risks with the wider organisation as part of the wider risk profile. However, not all IT departments are as diligent with their information sharing processes: 13 percent of respondents report the IT department takes ownership but does not share the risks with the wider organisation. Although some IT professionals argue that they should take control of the IT risks owing to the “technical” nature of them, such an approach could lead to these not being included correctly, or being poorly represented within the wider risk profile.
In 14 percent of organisations, it is the BC department or another resilience function which takes ownership; working closely with the IT department to ensure they have the necessary plans in place to remediate from an operational perspective. Many organisations who adopt this process frequently report having a business continuity manager on site who has a technology-related background and can work effectively and efficiently with the department. Whichever team is taking ownership, it is vital the risk is communicated clearly throughout the organisation. One team alone can’t prevent risk company wide, so preventing such a scenario must be a collaborative effort.
Communication failures can lead to resilience process failures
The report found that a fifth of organisations are not confident that business critical activities could be continued or restarted in line with their business continuity plan, and one in ten have failed to map critical processes. Many respondents attributed this failure to a lack of communication between departments, with priority products and services not agreed between departments. The presence of incumbent legacy systems also remains a reason for process failures.
Whether IT Resilience is the responsibility of BC or IT, business leaders must ensure both departments always remain in close communication so priorities match. This helps with avoiding unnecessary tensions in a crisis scenario as well.
Keeping IT at the forefront of BC plans
IT is a crucial part of the resilience jigsaw, and without it, most organisations would at best flounder, and at worst, cease trading. The importance of a resilient IT infrastructure has become more obvious to business leaders throughout the UK as they adapted at speed to a remote workforce.
For the beginning of 2021, many workforces will undoubtedly remain dispersed. Therefore, team collaboration and clear communication between both IT teams and BC teams will be curicial to ensuring businesses can compete and grow.
About the Author
Chris Butler is Lead Principal Consultant, Resilience and Security at Sungard AS. Sungard AS partners with customers across the globe to understand their business objectives, identify gaps in their current infrastructure technology environment and tailor a plan to deliver the highly available, cloud connected infrastructure services they need to achieve their desired business outcomes.
Featured image: ©Oleskii