Print Document                                                          http://my.gartner.com/portal/server.pt/gateway/PTA...
Print Document                                                        http://my.gartner.com/portal/server.pt/gateway/PTARG...
Print Document                                                                     http://my.gartner.com/portal/server.pt/...
Print Document   http://my.gartner.com/portal/server.pt/gateway/PTARGS_0_24...4 of 4                                      ...
Upcoming SlideShare
Loading in …5
×

Best practices in managing business resumption issues

393 views
301 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
393
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Best practices in managing business resumption issues

  1. 1. Print Document http://my.gartner.com/portal/server.pt/gateway/PTARGS_0_24... This research note is restricted to the personal use of Aristotle Castro (accastro@gwu.edu). Best Practices in Managing Business Resumption Issues 27 August 1998 | ID:BP-05-6289 Kathie Cleary "Business resumption" is the more accurate view of disaster recovery. User involvement, annual review and testing of plans, and vendor involvement are the key elements for success. Analysis Situation: While the majority of typical data centers have some sort of backup plan in place, we believe that there is plenty of room for improvement. As the scope of recovery encompasses not only the mainframe area but also includes centralized servers and midrange platforms, there needs to be an increased focus on the processes surrounding this critical activity. Observation: Until recently, full responsibility for disaster recovery was the IS organizations, if a plan existed at all. Now, whether due to the unfortunate frequency of natural disasters, increased reliance on systems to support the day-to-day business functions, greater emphasis on "data" being valued as a corporate asset, or some combination of these ideas and more, "disaster recovery" has become "business resumption" - and has suddenly become everyones job. We offer three "best practices" for managing business resumption strategies. Best Practices: 1. Include the customer in the resumption planning process. This helps the IS organization determine both the effort involved in supporting those needs and whether other solutions exist that can achieve a similar level of recovery, but at a lower cost to the organization. Communicate the cost of recovery to the users. Unfortunately, for many users, it is easier to label everything "critical" than to make the effort to evaluate applications. Users that understand the cost impact on the department/corporate bottom line tend to put more emphasis on determining true criticality and establishing more realistic priorities for the particular applications. The ratio of contracted capacity vs. the installed base for MIPS and DASD is a good place to start looking for potential inconsistencies or inefficiencies in the plan. The recovery commitment is even more important in industries where "time is money," as reflected in Figure 1. Requirements that include high capacity and minimal time-to-recovery tend to carry a higher price tag. 2. Complete an annual review of contingency capacity requirements and implement rigorous testing processes. As the environment grows and changes, appropriate adjustments must be made to the plan to support that growth. In conjunction with that growth, adequate testing must be performed in order to validate plan objectives and guidelines. Testing should include not just bringing up the systems but the customer1 of 4 9/23/12 4:09 PM
  2. 2. Print Document http://my.gartner.com/portal/server.pt/gateway/PTARGS_0_24... applications as well. A minimum of two tests a year is advisable - many organizations go through three or four recovery exercises annually. User involvement in applications testing is key to the success of the plan. This will also help provide open communication and awareness between IT and users in terms of recovery issues. 3. Use aggressive negotiation strategies with vendors when acquiring contracted support. Many organizations, when renewing their contracts, have been able to sign agreements that either include increased capacity at the same cost or the same capacity at a lower cost. Contract lengths should be limited to one to three years or, if longer, should include clearly stated "out" clauses. Vendor competition may result in lower costs, but keep in mind the criticality of the service being purchased. It is not necessarily in the best interest of the company to change vendors strictly to achieve cost savings if the current provider has successfully met the needs of the organization. Negotiate lower costs consistent with declining hardware prices. As shown in Figure 2, the GartnerMeasurement database reflects the decreasing annual costs of both MIPS and DASD. It is important to make sure that the vendor is passing on these savings in the contract. Bottom Line: To be successful, the business resumption plan, whether supported internally or with vendor participation, should include user/client communication, annual reviews of critical requirements with an emphasis on testing and, if applicable, aggressive vendor negotiation strategies. A failure to apply the appropriate attention to any one of these areas could have a serious impact on not just the IT area, but the company as a whole. Core Topics IT Measures and Metrics: Aligning IT Investments With the Business; IT Process Management; Strategies for Improved Performance Figure 1. Disaster Recovery Cost per MIPS Source: GartnerMeasurement Figure 2. Unit Cost Improvement - Mainframe and DASD2 of 4 9/23/12 4:09 PM
  3. 3. Print Document http://my.gartner.com/portal/server.pt/gateway/PTARGS_0_24... Source: GartnerMeasurement © 1998 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.3 of 4 9/23/12 4:09 PM
  4. 4. Print Document http://my.gartner.com/portal/server.pt/gateway/PTARGS_0_24...4 of 4 9/23/12 4:09 PM

×