IT Service Continuity - Plan and Template
Introduction to IT Service Continuity Management
IT Service Continuity Management (ITSCM) defines a standardized procedure for developing restoration, recovery and continuity mechanisms for IT Infrastructure. It ensures that the IT services are available, continual and recovered within agreed timescales as defined in SLA.
IT Service Continuity Management (ITSCM) works closely with Business Continuity Management (BCM) and supports the business goals. ITSCM plans differ by region, size of the organization, type of business operation, and etc.
ITSCM Process Description
IT Service continuity management sub processes can be defined as:
Initiation
The initiation process involves defining the ITSCM policy and communicating throughout the
organization so that all those concerned are aware of the need for ITSCM.
In the initiation phase, the IT Service Continuity Manager will identify define the scope of ITSCM and identifies the appropriate roles and responsibilities for ITSCM related activities. S(he) will determine of the command and control structure required to support a business interruption.
For the identified roles and responsibilities, the ITSCM manager will identify and allocate
resources and familiarize and/or train staff to accomplish the ITSCM related tasks, like BIA, Risk
Assessment, etc.
Requirements analysis
Based on the business plans and business continuity plans, IT service continuity management staff will do the Business Impact Analysis, and will identify the Vital Business Functions and related IT services. They shall quantify the impact to the business due to loss of service (such as it could be a ‘hard’ impact that can be precisely identified – such as financial loss – or ‘soft’ impact – such as public relations, morale, health, and safety or loss of competitive advantage).
Strategy development
Based on the BIA and Risk Assessment, IT service continuity management staff will prepare the IT Continuity Strategy with an optimum balance of risk reduction and recovery or continuity options.
The strategy would typically include:
Risk reduction by taking suitable prevention measures such as:
- Define recovery procedure
- Build components redundancy
- Improve availability detection
- Refine maintenance scope, frequency
- Appropriate recovery mechanisms (such as Manual Workaround, Reciprocal Arrangements, Gradual Recovery, Intermediate Recovery, Immediate Recovery
Planning and Implementation
Based on the ITSCM strategy, IT service continuity management will plan the implementation of ITSCM by preparing detailed IT Plans, Recovery Plans, and Procedures. These include plans such as:
- Emergency Response Plan
- Communication Plan
- Disaster Recovery Plan
Operational management
In operational management, the ITSCM manager and coordinator shall periodically review the IT service continuity and DR training material for any updates. Further, they shall oversee and ensure that the Training is being conducted as per the planned schedule.
Disaster Recovery
In this phase, the ITSCM Manager will initiate the execution of the ITSCM & DR Plan and closely monitor the execution till the services have returned to normal. After the services are back to a normal state, the ITSCM Manager will:
- Produce a report of disaster recovery and mention what went right and what went wrong
during the execution. - Send the report to senior management for review.
- Record any identified improvement opportunity in the CSI register.
- If required, update ITSCM & DR plans (after due approvals from the Change management
and relevant stakeholders)
Metrics
- Time to recover and restore services after an outage
- Number of changes to continuity plans
- Frequency and number of periodic reviews
- Number of tests on VBFs
- Costs involved in storage.