IT Service Continuity Management
Once the policies, strategies and prevention and recovery plans have been put in place, it is essential that these are followed and that the IT organisation is ready to implement them correctly.
This depends on two key factors: the proper training of the people involved and the continuous monitoring and evaluation of the plans to ensure they match real business needs.
It is no use having comprehensive prevention and recovery plans if the people who have to put them into practice in the event are not sufficiently familiar with them.
It is essential that ITSCM:
- Make the prevention and recovery plans known to the organisation as a whole.
- Provide specific training on different prevention and recovery procedures.
- Perform periodic drills for different types of disasters in order to ensure the personnel involved are properly trained.
- Provide permanent access to all the necessary information, for example, over the Intranet or the company's B2E portal.
Updates and audits
The policies, strategies and plans need to be updated from time to time to ensure they meet the requirements of the organisation as a whole.
Any change to the IT infrastructure or business plans may require a thorough revision of the plans in effect and a subsequent audit to evaluate how well the plan matches the new circumstances.
When the dynamics of the business and IT services make it advisable, these update and audit processes may be established on a regular basis.
Change Management plays an essential role in ensuring that the recovery and prevention plans are updated and in keeping ITSCM informed about any changes that have been made or are planned.