It might be one of those quirks of human nature – or perhaps just an aversion to seemingly redundant spend – but it tends to take a disaster or some other kind of major ‘outage’ before executives take the issue of business continuity seriously. By then it is usually too late.
The events of the last two months have pushed this apparently distant topic back onto the agenda. Businesses that preferred to leave things to chance were caught out by the extraordinary series of blackouts that swept the world in August and September, plunging entire cities in the US, the UK, Canada, Norway, Sweden, Italy, Malaysia and Australia into darkness and leaving torch-wielding IT staff scrambling around for disaster recovery plans.
As this month’s cover story, ‘Be prepared… be very prepared’, highlights, the power failures stripped away any lasting, post-9/11 veneer of impregnability to reveal IT systems more vulnerable than even the most pessimistic of people had suspected. System back-ups were interrupted and databases corrupted; web servers crashed, costing businesses millions in lost revenue; and valuable hours (and days) were wasted re-starting applications and recovering data.
Some experts say that lessons of past disasters have not really been taken to heart. Yet such analysis may be too harsh. Heads of IT are well aware both of the dangers of outages, viruses, fire and terrorist attacks, and of the monumental cost of protecting every single part of the IT infrastructure. Perhaps the only criticisms that could be levelled at some IT managers affected by the blackouts is that consolidating and centralising IT systems might have reduced the points of failure to a dangerous level and that, ultimately, they may have got their risk equations wrong.
Not that it necessarily takes a power cut to highlight the vulnerability of IT departments . Another of this month’s articles, ‘Re-tooling IT’, reveals the often rudimentary nature of so called ‘IT governance’. Large organisations are often managing hundreds of IT projects using little more than white boards, wall charts and spreadsheets. The result: 90% of IT projects are late (the Aberdeen Group), 50% are delivered over budget (Gartner), 50% fail to meet their objectives (Gartner) and 30% are cancelled altogether (Aberdeen). That is something of a disaster in itself, but one that just might – with the application of IT to IT processes – be recoverable.