The latest and greatest from Sungard AS



Business Continuity

Plans and Testing Don’t Deliver Outcomes – People and Processes Do

17th April 2014

iStock_000017907816LargeBy Bob Bates, delivery manager, technology consultant and Murray Truman, ICT disaster recovery consultant

Companies now recognise they cannot afford to be unavailable for any significant period of time – customers will simply go to a competitor – and, consequently, organisations are becoming ever more aggressive with their availability and recovery goals.   Adding to the challenge, globalisation means today businesses need to recover on a wider geographic scale than ever before.  

There are many reasons why organisations fail to meet high availability and recovery targets – among them lack of resources, skills, testing and plans  – but one of the most common problems is IT disaster recovery plans being out of sync with the production environment.  This is perhaps unsurprising when with today’s complex production environments just one change a month per system can result in more than 10,000 configuration changes before each annual test.

In addition, the majority of organisations focus testing on recovering IT systems rather than recovering business services and applications, creating a potential shortfall in meeting stakeholder exepctations when recovery is for real.

Last year, we developed our Managed Recovery Programme (MRP) to help organisations align their recovery plans to their business continuity objectives and provide the skills and resources to fully document the recovery processes and undertake the recovery during testing and invocation.  This service enables organisations to focus their valuable resources on their production environment.

The underlying philosophy of the service is to recover customers’ business processes and applications, not just their servers and reduce downtime to the absolute minimum.  We recognised that by applying our Business and ICT Continuity expertise, as well as our experience of performing recoveries and managing critical systems, we could remove unnecessary pain points while giving customers the assurance of achieving an application recovery time to an SLA.

But MRP is not just for those customers who experience problems.  Regular testing is vital – whether to comply with regulatory or audit requirements or provide stakeholder reassurance – but it can be costly, time-consuming and takes resources away from running production projects the business depends on.  For this reason, MRP can benefit all types of organisation, not only those that have experienced the headaches and expense of a difficult test or recovery as we can run the tests on their behalf.  Here are some of the reasons why MRP is proving an attractive proposition for many companies:

  • Plugs skills gaps and people shortages – tests can be planned but an invocation occurs without warning. Our onsite recovery specialists perform successful recoveries week in, week out – not once or twice a year.
  • The reassurance of 24/7 service availability – and compliance statements for regulatory or audit purposes.
  • Backed by service level agreements.
  • Allows the testing budget to be ringfenced.
  • Reduces the risk of tests being cancelled due to staff shortages or business priorities, which only increases the likelihood of future failures.
  • Lessens dependence on the skills and knowledge of individual employees/contractors, which creates a vacuum when they leave.
  • Eliminates the issues that typically frustrate the recovery process – the MRP change management process ensures the recovery environment stays in sync with production and remains aligned to business recovery objectives.
  • Frees up staff to focus on projects that add value to the business – People cost money: Could their time be better spent concentrating on the production environment rather than testing? Using MRP to undertake routine tasks can be more cost-efficient.
  • Automates elements of recovery through the use of toolsets for critical applications.

So how does MRP work in practice?  MRP is delivered following a 10 stage ITIL-based process. From the start, Sungard AS deploys an MRP team to work with the customer to review existing practices and develop a recovery solution that will deliver against the business recovery objectives. A complete set of ITIL-focused processes and documentation is produced so that at time of test or invocation Sungard AS is in a position to recover the customer’s environment, to the agreed level of service, allowing them to concentrate on their core activities.

Service design and onboarding

This first stage is a recovery information gathering exercise that starts with a workshop involving core management team and technicians to enable SunGard to fully understand the application landscape and assess the requirements of a recovery solution.  We then start developing a recovery solution and associated plans and procedures to meet the business continuity objectives.

Service transition

Following the initial set of documentation we conduct a Procedure Verification Test in partnership with the customer to verify that all the knowledge gained, documentation produced and solution implemented are all valid and proven. It’s about proving we are able to achieve the customer’s objectives before moving on to an SLA-backed managed recovery service.

Service operation

The service now moves into the ‘business as usual’ state whereby the operations teams conduct tests, and recover applications on a client’s behalf.  We embed ourselves into the client change management process in order to manage change control throughout the life of the contract, maintain recovery documentation and conduct regular reviews with key stakeholders to ensure contract schedules are aligned, services are up-to-date and that the recovery strategy continues to meet the changing needs of the business.

To find out how HCL Insurance BPO Services Ltd benefitted from MRP, click here