|
|
7.6.1 The Corporate challenge
7.6.2 Future developments
7.6.3 In conclusion
There are numerous challenges that face all organisations in the future - this Section outlines some of the influencing factors and highlights how they are likely to affect ITSCM.
As the corporate world develops through the use of technology and an ever increasing demand on optimisation, globalisation and an ever increasing competitive Environment, the dependence upon technology in the work place and within Business processes increases. This direct correlation instils the need for a co-ordinated ITSCM and Change Management Programme that spans business processes and their supporting Infrastructure. This has already been discussed at various stages throughout this Chapter. However, when this need is directly referenced against ongoing initiatives within many organisations today, the need becomes even more apparent.
The influence of technology in the workplace today cannot be underestimated. The rapid improvements in the Cost/benefit of processing power, disk storage and global connectivity now allows organisations to achieve speeds of information processing and transfer that could not even be dreamed of previously.
This evolution has enabled organisations both to centralise and de-centralise functions to suit the particular needs of a business stream, division or office. Where technology may be centralised in a data centre in one part of the world, business activities may take place across the globe using those systems in order to provide access to local markets and resource. Conversely, technology and IT processes may be de-centralised where business activities are centralised, making use of inexpensive labour in other countries.
This new reality allows organisations to choose how they operate their business, with few limitations, and corporate management focus can now be on the most efficient method. Consequently the Impact on IT Services is immense.
As businesses merge, or Change their operating structure or strategy, in many cases this has a direct impact on which business processes continue to be the most critical and which elements of those business processes are more at Risk. Unless organisations undertake to re-assess their Business Impact analysis and risk assessment as part of this Process, the Continuity or recovery mechanisms put in place and being maintained to support the business will not support all the elements of a critical business process (and it therefore fails) or will not support new critical business processes (therefore they run the risk of failure or disruption).
People, processes, organisation structures and information systems are focused on helping the organisation achieve its objectives. In order to do this, management essentially has to do three things:
The modern business environment is characterised by risk. ITSCM aids an organisation in reducing its exposure to risks. Effective and efficient management of key risks to the organisation through ITSCM is therefore essential if business objectives and targets are to be achieved and maintained. Decisions to exploit new opportunities must also balance benefit against cost and risk and incorporate potential changes to ITSCM initiatives as part of the decision making process.
ITSCM addresses risks that could cause a sudden and serious impact, such that they could immediately threaten the Continuity of the business. These typically include the following subset of the risks described earlier:
Where these risks affect critical business processes the consequences can be severe and include substantial financial loss, embarrassment and loss of credibility or goodwill for the organisation concerned. The consequential damage can extend much wider impacting on staff welfare, Customers, third parties, shareholders and the general public. Ultimately they obstruct organisations from achieving their objectives and targets.
Organisations that practice ITSCM effectively will have assessed the risks to Business Continuity, identified minimum acceptable levels of business and put in place tested plans to ensure that these can be maintained.
If an organisation does not manage Business Continuity effectively, the chances are that it does not even understand its minimum acceptable levels of business. Should a serious Service disruption occur, there will not be a consistent corporate view of priorities and the organisation will not have the Infrastructure, plans and procedures in place to deal with the crisis. In these circumstances, survival of the business will then depend entirely on:
These days, such a reactive approach to dealing with risks to Business Continuity is not acceptable. Directors have a 'duty of care' to their shareholders, Customers and creditors and could find themselves personally liable if they have been negligent, whatever their professional discipline.
Over the next few years the greatest challenge facing organisations will be the move to electronic business and many organisations will need to re-invent themselves to prosper in the new digital world. ITSCM will need to react to changes in the business world that it is there to protect. These changes will make business even more dependent on technology than it is already. In order to address these risks, resilience, security and ITSCM will have to be designed into electronic business services from the outset in a way that is only partly done today.
Technological development, the need to optimise efficiency and reduce Overheads will force changes to other parts of the business Infrastructure. For example, the emergence of a smaller number of huge warehouse and distribution facilities from which goods can be delivered direct to the home, at the expense of the existing large network of retail outlets. Disruption to a major distribution centre could halt the business at a time when timely delivery and Customer Service Levels are a key differentiator between competitors or could result in increased costs of operations to meet Customer requirements, negating the efficiencies and cost reductions expected. Again, one would expect part of the investment in this new Infrastructure to be in building resilience and security into the Infrastructure.
Risk Management and Business Continuity Management will be fundamental to the re-design of business for the information age. Technology will be able to support this and, in the future, successful organisations will be those that can not only exploit the opportunities of new technology but can also harness it within their business to minimise risk by building fully resilient and secure systems and business processes. This will require ITSCM to be implemented as an integral part of the development process.
ITSCM is a critical tool in the armoury if today's business environment is to continue to operate in spite of the plethora of risks faced. As organisations strive for greater efficiency, so the use of technology and the consequent dependence upon it increases; thereby the requirement for ITSCM increases in order for the business to be able to sustain its operations. Failure to implement adequate ITSCM measures will impact that organisation's ability and its perception by Customers following an interruption.
The Business Continuity Infrastructure developed must be able to respond quickly and efficiently to changes in the organisation and be regularly tested to ensure that the different components of the IT environment will work together.
The commercial world today is realising its dependence upon, and requirement for, technology and the disciplines that have to run in parallel, including ITSCM. There are greater demands being placed on organisations by clients, third parties, shareholders and regulators for directors of organisations to perform better Risk Management i.e. the appropriate implementation of BS 7799, Data Protection Act and the Turnbull Report (see Chapter 11). This in turn requires ITSCM to become an integral part of corporate management.
|
|
