Risk management is by no means a new concept, but the way it is implemented these days has changed dramatically. In the 1970s and much of the 1980s, businesses simply insured themselves financially against risk.
But what happens when enterprises are built (as they are today) on data warehouses of information? These include intellectual capital, technology investment, the overheads thereof and, most importantly, the data collected.
What happens to an organisation when systems fail, key employees leave and the data corrupts? Companies need to understand that insurance can only replace the monetary value of these things. Their collective histories and, in some instances, the basic cultures can be lost for good.
Such losses can erode the basic processes of an organisation. A series of knock-on effects can be set off; effects that can be felt in the bottom line. In a time when margins are squeezed and competitors are plentiful managers need to take these fundamental resources seriously.
I asked experts at software client consultants Dell what they would suggest a company should do if it faces such loss. Their answer was a set of strategic steps in a line of business solutions they term “business continuity”. This is not all that different from its corporate predecessor, damage control.
Technology often baffles the minds of executives, even within their own companies. Many a mechanic bases his livelihood on drivers’ ignorance about how, exactly, their cars run.
Technology, in many instances, will do its job without any need for executives to know what it is doing. But ignorance is not bliss when an entire organisation’s wellbeing rests on the value of its data.
Dell’s strategic checklist aimed at ensuring business continuity includes such questions as: What external factors can disrupt a business? What systems does it run and what steps does it have to take to safeguard these? Lastly, and often more importantly, what about the people performing in the environment?
Recent data collected by international research house International Data Group (IDG) reflects the following concerns for the CEO and the chief information officer when it comes to business continuity:
Software or hardware failure;
failure of internal data backups;
risk of a power cut or surge;
data security;
virus attacks;
fire or flood risk;
insurance requirements;
increased use of networks;
risk of security breaches;
increased risk of human error;
risk of theft.
It is likely that many companies have felt the impact of these problems.
IDG goes on to emphasise the organisational and cost constraints associated with business continuity and the value businesses attach to data, which is critical in ensuring the security of one of their most valuable assets. Data is an asset — and a tangible one at that.
IDG also highlights the fact that businesses operating in the financial sector have to adhere to a host of legal requirements. In the insurance sector it is law to record all customer transactions. E-tailers and online transaction houses have to ensure that a database is kept of every financial interaction. The cost of the database is potentially infinite — overheads have to be carefully monitored and factored in when addressing any level of business continuity. As for the public sector, imagine having the entire Department of Home Affairs registry wiped out, with no back-up.
Corporate governance is becoming more critical to an organisation’s future — and is no longer exclusive to the more traditional corporate hierarchies but is increasingly becoming the responsibility of the IT department.
Research indicates that customers are demanding cost reductions, less technical jargon, more comprehensive offerings, more competent staff, more flexibility, better documentation, a better understanding of user requirements and more specialisation.
For businesses to realistically meet these demands, they need to team up with IT business consultants and take time to map out the external factors, the processes, systems and the people they need to survive in a cut-throat market.