As suggested in 'Avoiding disaster recovery disasters' numerous groups must participate in the triangulation process of assessing the business impact of a disaster, justifying expenditures and ultimately implementing a solution. These include:
- Line of business (LoB) heads to assess revenue impact
- The CEO/CFO/Board to guarantee the initiative is of a high enough priority to receive funding
- LoB application owners to help understand the business process effects,
- Risk management to provide depth to loss mitigation strategies,
- Corporate audit to ensure standards are put in place and met,
- Chief security officers to understand and mitigate exposures to the extent possible,
- Facilities and logistics experts to establish contingency plans and scenarios,
- And of course, IT.
As the saying goes, 'there is no such thing as an IT project' and this is especially true for disaster recovery. IT's vital role is to facilitate the initiative by building awareness, educating constituencies and driving common definitions and coordination activities. Indeed, communicating the nature of the problem is in and of itself critical as it will be easy for executives to mistakenly buy in to industry hype about 'systems that never go down.'
Action Item: IT must clearly articulate its role in justifying and optimizing disaster recovery investments and limit its scope of responsibility to communicating the need, establishing common definitions, coordinating activities and educating key constituencies about technology tradeoffs and associated risks.
Footnotes: