Building service level management into business continuity planning
Mention the term business continuity and most people will talk about the need to plan for the unexpected and ensure that you can recover your data and systems should the worst happen. They would be right but for one thing. As more and more organizations embrace the on-demand culture, so the need to validate service levels becomes ever more critical. It is no longer enough to simply affect a recovery. What is equally important is the knowledge and reassurance that key IT services and applications continue to be delivered at the agreed levels. To accomplish this, organizations must add service level management (SLM) into their business continuity plans. Aligning IT with business objectives is a long term vision for many CIOs. An indication of the significant progress that has been made in this quest lies in the creation of in-house service level agreements (SLAs). The expectations that once hovered over the IT department have given way to formal agreements that translate these aspirations into measurable, manageable deliverables. Service level management has come of age and is now recognised as an integral part of a CIO’s tool set to help deliver IT value. Yet a gulf remains between SLM and business continuity planning. There is no logical reason why this should be the case. If service delivery is acknowledged as a key factor in the performance of an organization, then surely it must feature in any business continuity plan. What is service level management and where does it fit in with business continuity? In a similar fashion, effective business continuity plans draw on an accepted methodology to ensure the organization is able to react and respond to a disaster. The first step in developing a business continuity plan is a risk assessment and BIA (business impact analysis). Typically, these consider the range of threats that the business may face, assessing the potential impact on the business and considering the likelihood of each threat occurring. From an IT perspective, the emphasis typically tends to focus on the back-up and data recovery strategy and the development of a resilient IT infrastructure with built-in redundancies. Yet little thought is given to the service aspect and how this should be addressed. If IT departments are expected to maintain agreed service delivery levels post disaster, then they need to factor this into their business continuity planning before they embark on the risk assessment / BIA stage. You can’t manage what you can’t measure. An obvious statement perhaps but it highlights why SLM must form part of any business continuity planning. An organization may recover from a disaster, but its survival can often depend on how it performs during the initial phases of the recovery. An SLM system will assist the IT department in re-establishing the key services that the company depends on are running at the levels prior to the disaster. Developing a solid SLM program prior to the risk assessment phase takes the guesswork out managing your IT infrastructure and applications and ensures that the IT department can focus on the tasks and priorities needed to get the company back on its feet more effectively. Implementing SLM Effective SLM follows a five-step process. The approach ensures that the user expectations and deliverables are captured and the true value of IT is realised and recognized throughout the organization. The five steps are as follows: * Define parameters The first step is to determine which services require management. This will involve clarifying the service itself, associating the key IT components needed to deliver it and identifying the critical business objectives. This exercise is important as it helps draw out and define the parameters needed to deliver the service effectively and helps identify the metrics that are available or need to be captured. The second step is to establish a baseline to evaluate existing service levels. Conducting an end-to-end response time exercise provides the necessary data and allows a detailed analysis to establish the current capabilities of the infrastructure and the opportunities for improvement in service delivery. This analysis is critical as it forms the basis for negotiating service level agreements. Step three involves negotiating and setting the SLAs. The objectives must be set jointly by the parties involved and be realistic, attainable, and meaningful. There is also the factoring of a cost element. The use of charge-back for the cost of IT services is growing and turning many IT departments from cost-centres into profit centres. Internal users within the business must understand the costs involved in delivering a certain level of service. This helps IT departments allocate their limited resources more effectively. Having set the SLAs, the forth step is to monitor and assess the objectives. The IT department will monitor the level of service delivery and review it against the service level objectives. Existing management tools are giving way to more sophisticated monitoring tools that are better suited to help IT departments manage and deliver against the agreed SLAs. The final phase is to evaluate which service deliver can be refined and improved. Expectations and requirements change as the business landscape changes. In a service-led environment, it is beholden on the IT department to take the initiative and aim to deliver greater value. These five simple steps can make all the difference between simply recovering from a disaster or recovering and delivering. Conclusion
If you have any questions regarding the points raised in this article, please contact Nimsoft at PR_inquiries@nimsoft.com
•Date: 9th March 2007• Region: US/World •Type: Article •Topic: IT continuity |
Author: Gary Read, President and CEO, 
