• Home
• News
  • Business Continuity News
  • Regional news
  • Sector news
  • Events Diary
  • Newsletters
  • Newsfeed
• Jobs
• Topics
  • BC: Facilities & Buildings
  • BC: General
  • BC: Markets & Companies
  • BC: Plan Development
  • BC: Software
  • BC: Statistics
  • BC: Testing & Exercising
  • Crisis Comms & Management
  • Critical Infrastructure Protection
  • Disaster Recovery
  • Emergency Management
  • Enterprise Risk Management
  • Operational Risk Management
  • Pandemic Planning
  • PS Prep
  • Standards
  • Terrorism
• Technology
  • Cloud Computing
  • Data Center / Centre Issues
  • ICT Continuity
  • Information Security
  • Recovery Facilities
• Resources
  • Webinars
  • BC software directory
  • Newsfeed
  • Twitter
  • Advanced BC information
  • Advanced ICT information
  • Basic BC information
  • Basic ICT information
  • How to advertise
  • About us
  • Contact us
  • Privacy
• Newsletters
• Training

WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

People as single points of failure

By Alan Walker, MBCI.

All too often we allow people to become single points of failure (SPOF) in our organizations. How should business continuity managers identify and manage such people?

IT departments generate more than their fair share of people SPOFs. It’s a very easy trap to fall into. Many systems or applications require specialist knowledge to resolve problems, support developments and provide recovery. It is not possible to make every team member a subject matter expert for every system or application, plus people have different skills, knowledge, aptitudes and roles.

The typical pattern is that one or two team members become the experts during the implementation phase but then quickly move onto new tasks or roles once the project is completed. Whether by accident or design the organization is then left with one person as the best person to speak to and after a few months they actually become the ONLY person one can speak to on the topic.

Another way these People SPOFs are created is by individuals themselves. This is based on the ‘knowledge is power’ principle. ‘I can write my own pay cheque’ and ‘they can’t fire me’ are two beliefs these people maintain and indeed seek to exploit.

I have seen examples of both. In one case the person had built a closed shop around his activities. Neither his team nor his boss had sufficient knowledge of how the infrastructure and services for which he was responsible were delivered. Following a forensic audit it was discovered that he was up to no good and he was immediately marched out of the building. He was not as indispensable as he thought!

People SPOFs do not just occur in IT of course.

Low frequency processes can be particularly vulnerable to being taken over by SPOFs. I’ve seen two examples of large scale remuneration processes that have been managed exclusively by one person within the organization without even the back up of documented procedures. Imagine telling a global salesforce that you cannot pay their commission this month because Harry is off sick!

Each of the above scenarios was different and needed to be tackled appropriately. The risks to the organization were, however the same: ‘if he/she falls under a bus tonight, what are we going to do?’

There are some warning signs to look for.

1. People SPOFs will avoid documenting their procedures or information;
2. People SPOFs are often reluctant to take holiday;
3. People SPOFs insist on being on call 24/7;
4. If you don’t know what they are doing, it may be because they don’t want you to.

For some reason organizations are all too often either blind to the risk or reluctant to do something about people SPOFs, almost out of fear of upsetting the individual. This just hands the SPOF more power and the longer the situation persists the greater the risk to your organization.

There are some key points to consider in this area:-

• Your people SPOFs are staring you in the face – if you know your organization well you will be able to identify who they are.
• Do not be held to ransom by these people – they could resign tomorrow.
• Deal with it – take action before it’s too late.
• De-personalise the situation – it’s about your process not the individual.

Make a comment

The author

Alan Walker, MBCI, is an independent business continuity consultant who has helped several organizations develop and improve their plans and capabilities. Contact E: awcontinuity@btinternet.com T: +44(0) 771 788 6213. www.awcontinuity.co.uk

•Date: 14th Sept 2012 • UK/World •Type: Article • Topic: BC general

Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.