Flawed IT Disaster Recovery Plans

Many IT Disaster Recovery plans are fundamentally flawed.

Many I.T. managers tell us that their board / senior management expects IT services to be restored within 48 hours or so of a disaster, Sysop research indicates that it may actually take six months before all services are returned to normal.

Incorrect assumptions
The mismatch between expectation and practical delivery is caused by a number of incorrect assumptions, including:

  • that non-critical systems can be recovered in similar timescales to the “mission critical” systems for which formal ITSCM plans have been developed.
  • that all applications can be recovered to readily available “commodity hardware”.
  • that suitably-qualified IT personnel will be available to support the recovery in the numbers required.

But crucially, the most significant factor is the high support effort required to sustain the newly-recovered applications. This support commitment will drastically reduce the resource available to recover the remainder of applications. Most IT departments have around 20% of their applications defined as “mission critical” in a total population in excess of 50.

Some 80% of applications will take more than two weeks to recover; 50% will take more than a month; 25% will take more than three months.

IT Services Need to be Available in a Crisis

Experience of major contingencies (i.e. those that affect more than just IT infrastructure) reveals that emergency co-ordination teams need effective IT immediately. As the precise nature and impact of the contingency cannot be predicted, IT specialist resource is needed to provide emergency co-ordination teams with their requirements in an efficient and flexible manner. This activity will always take priority over the recovery of routine IT. As organisations become increasingly IT dependent it becomes even more necessary for routine IT (and the data / information upon which management depend) to be available to manage the crisis.

I.T. departments do not have the luxury of staff employed to do little, indeed most I.T. staff already have a very full support workload. As the recovery process succeeds the recovered applications will begin to demand at least the amount of support resource they required before the disaster. It is more than likely they will require significantly extra resource to cope with the difficult circumstances of a recovered operation.

As the I.T. department responds to the support load of the recovered systems, less resource will be available to perform recovery activities. The recovery process will slow and may actually grind to a halt.

Taking this factor into account I estimate that some 80% of applications will take more than two weeks to recover; 50% will take more than a month; 25% will take more than three months. Indeed it could be almost 6 months before the final applications are recovered.

My contention is that no organisation can wait this length of time for even non-critical systems to be recovered

The ITIL® framework provides sound guidance on IT Service Continuity Management but isn’t able adequately to deal with some of the practical considerations – particularly as these related to organisations with limited resources and budget.

That is why Sysop consultants have developed a practical workshop to help clients explore better ways of protecting the organisations for whom they work. More information: http://www.sysop.co.uk/training-courses/61/practical-workshops

Stuart Sawle
www.sysop.co.uk

Green IT – Not just “nice to do”.

News this week from the IPCC (International Panel on Climate Change) – “the impacts of global warming are likely to be “severe, pervasive and irreversible”. After a winter in the UK that has seen major storms and rainfall we can expect more incidents of severe weather as we go forward.

Worldwide, the carbon footprint of IT is actually larger than that of the airline industry – and it’s growing. As more and more of the developing world adopt information technology, the carbon emissions generated will increase with it.

There was political news too. Centrica warned that government policy would likely lead to energy shortages in the UK and electrical black-outs. Strangely, this isn’t new. In 2012 the government forecasted a 20% shortfall in electricity forecast for the years 2015-2017. This, they said, was due to a number of factors that would create “a perfect storm”.

  • Dirty, coal powered power stations that fail to meet agreed emission targets must close by 2015.
  • Existing Magnox nuclear power stations are reaching the end of their life.
  • Wind, renewables and AGR nuclear plants will not cover the shortfall.
  • Reduced demand due to the recession has delayed the build of new capacity. Even if the building programme is restarted, it is unlikely that any new plants will be online before 2017.

Whatever way you look at it, we must all do whatever we can to reduce our energy usage.

Data Centres continue to grow exponentially and even though the latest servers are more energy efficient, the number deployed is ever-rising as too is the number of desk-top and mobile devices.

In these circumstances is it not incredible that few IT Managers are held accountable for the energy cost of the IT deployed to support the business. Sure, they have initiated hardware rationalisation projects but the outcomes of these projects are measured in cost savings not energy savings.

We must push ‘Green IT’ higher up the strategic agenda. The government has done much to “Green” governmental ICT. The Greening Government ICT strategy is intended to minimise the impact of the UK Government on the environment and reduce both green-house gas emissions and waste in support of the Government’s commitment to achieve a 25% reduction in green-house emissions by 2015.

It’s time IT Manager’s followed this lead and set their own targets for energy reduction and carbon emissions. Highly principled, reputable companies like Unilever do this. Let us all follow suit.

Stuart Sawle

Sysop

http://www.sysop.co.uk/green-it

Scary Thoughts on Energy

I put my Green IT hat on and went to a meeting in London this week to learn more about the Carbon Management Association. Our host was Lord Redesdale a Lib-Dem Peer and former spokesman on Energy.

Lord Redesdale opened the meeting with a startling government projection. The government estimates that UK will need around 30-35GW of new electricity generation capacity over the next two decades as many of the UK’s current coal and nuclear power stations, built in the 1960s and 1970s, reach the end of their lives and are set to close.
He went onto highlight a number of specific concerns for anyone engaged in IT Management.

The first is that there will be insufficient energy available to satisfy peak demand from 2015 onwards. The second related is that the price of energy is set to rise even more sharply than it has so far as the combined effects of the Climate Change Levy and the underlying increase in cost of energy continues. His third point is that IT infrastructure continues to expand massively and is set to consume around 10% of the UK electricity supply if it doesn’t do so already!

A study from IT services supplier Computacenter and Fujitsu Siemens Computers, for example, shows that the UK’s top 200 listed companies waste more than £61m in electricity a year by not maximising the energy efficiency of their desktop computers. With the IT industry accounting for more carbon emissions than the airline industry our appetite for energy seems almost insatiable.

In these circumstances is it not incredible that IT Managers are rarely held accountable for the energy cost of the IT deployed to support the business. Sure, many have implemented power-management software on desk-top PC’s, but this is rarely ever part of a coherent energy management strategy.

There is a real need to extend the education of IT professionals to include energy management as part of their responsibilities. The ISEB Foundation Course in Green IT is a significant first step but more, much more needs to be done, urgently.

Stuart Sawle                           www.sysop.co.uk

Formulating a Strategy, Setting Objectives

Lately, I’ve been involved with a committee that’s been developing a three year strategy. They’re not ITIL people. Many are not managers at all. Their stated objective was to develop a strategy that was “aspirational”. They argued that without aspirational objectives the strategy would not be challenging enough in today’s tough climate.

This set me thinking.

I agreed entirely with their sentiments but I was concerned they would fail because the objectives / goals they were setting were not SMART. By that I mean they needed to be:

• Specific
• Measurable
• Achievable (Attainable)
• Relevant
• Time Bound

Setting a challenging goal can sound quite specific (e.g. reduce expenditure by 75%, increase profits by 50%) but without any hint / outline of how this is to be achieved it fails the “Achievable” criterion. When the goal stretches beyond what is possible it fails the “attainable” criterion.

What we need to do is to take each of the goals we set ourselves and break them down into lower-level SMART objectives that, much more specifically, state what is to be done, by whom and by when and how this is to be achieved – the road map if you like.

A specific goal will usually answer the five “W” questions:

  • What: What do I want to accomplish?
  • Why: Specific reasons, purpose or benefits of accomplishing the goal.
  • Who: Who is involved?
  • Where: Identify a location?
  • Which: Identify requirements and constraints.

The Achievability term stresses the importance of setting goals that are realistic and attainable. While an attainable goal may stretch a team in order to achieve it, the goal should not be extreme. That is, the goals are neither out of reach nor below standard performance, as these may be considered meaningless.

When you identify the goals that are the most important to you, you begin to figure out ways you can make them come true. You develop the attitudes, abilities, skills, and financial capacity to reach them. Attainable goals encourage goal-setters to identify previously overlooked opportunities that will bring them closer to the achievement of their objectives.

Stuart Sawle               www.sysop.co.uk

Selling Change to the Team

Isn’t it amazing how we can use a simple phrase that would actually lead to our undoing – making it difficult, if not impossible, to actually achieve what we intend.

If your approach is to “sell” the idea of change to the team they will see right through you. The change becomes more about what you want; change is being imposed; those whose co-operation you seek will react with the smile that says “yes boss, no chance”. And that’s the best you can hope for – the more recalcitrant ones will actively work against you.
Change needs to be managed, people need to be understood and involved.

I well remember a reorganisation at Woolworth’s when a manager, I regarded as a fool, was appointed as my boss. He took the trouble to have a face to face chat with me. He allowed me to express my fears and concerns. He listened to me and sought to find ways in which we could work together. It worked. Not only did we develop a fruitful, purposeful relationship – we became firm friends and still are – some 30 years later. He even acted on some of my advice to downplay some of his traits that led people like me to dismiss him as fool!

If you think a change is needed quickly, take time out to assess whether the drivers are really that urgent. We can be so go-minded that we can overlook this simple check. Consider would a more relaxed time-frame still achieve your objectives? Would taking a little more time to consult and truly involve those affected make your decision more acceptable? Would the ideas and discussions allow you to improve the quality of the change?

As a senior manager you probably relish change and thrive on it. Be aware that the chief insecurity of most staff is change itself. Their first reaction will be to feel threatened.

Remember, like grief, there is a series of stages that people go through before they become accepting of change. From suspicion, through curiosity, to visualisation, acceptance and finally commitment, your team members need to be allowed the time, and your time, to explore, understand and respond.

Stuart Sawle              http://www.sysop.co.uk

Apollo 13, A Study in Service Management

Almost everyone knows the story of Apollo 13. Indeed it was made into a highly successful film starring Tom Hanks as Jim Lovell the mission commander. It illustrates how human ingenuity and carefully thought-out processes can be used in even the most challenging of circumstances to deliver success.

The parallels with IT service management best practice are striking.

There is a service desk (CapCom) handling all the communications between the astronauts and mission control. There are professionals dedicated to incident and problem management.

There are carefully thought out processes and a robust change management team responsible for making absolutely certain that the safety of the astronauts is never compromised by a poorly tested change. There is a carefully crafted strategy with clear mission objectives that had to be re-evaluated in the light of the catastrophic explosion.

Yet in all of this, the astronauts were returned to Earth safely.

Whenever Sysop consultants run our Apollo 13 simulation as an ITSM learning workshop, they observe the ITSM professional participants disregarding all that they have learned about ITIL® best practice. Processes, designed by the team to see them through the simulation, are forgotten and abandoned; communication breaks down; leadership seems to be lost in space.

The lesson from this, of course, is that this is exactly what happens in the workplace when best practice processes are stress tested by a major crisis. Just when reliable resilient processes are needed to support problem-solving and crisis management, best practice goes out of the window.

We often say that adopting service management best practice is as much bringing about culture change as it is about rolling-out the framework set out in the core volumes. If an organisation fails to win the hearts and minds of everyone involved in the provision of IT services, then an implementation of best practice, no matter how well intentioned, is doomed to failure.

Education or Training?

It’s an easy category to assign to us here at Sysop – we’re an IT Training Company aren’t we? Well actually it’s not as simple as that.  Although we’re probably best well known for out ITIL® training courses – they are actually education courses.

Our PRINCE2® courses are very definitely training courses, in that you would return to your office well-equipped to use the PRINCE2 methodology to manage any project for which you are responsible. ITIL® is different. There is no doubt that following your ITIL course you will better understand the ITIL framework and recommended best practice but putting that into practice will still present major challenges.  Chief amongst these is the cultural shift you need to bring about in your organisation – and that’s where the training begins.

Training is about helping people to do things in the workplace in a particular way – equipping them with skills, purpose and methodology. You and your colleagues will need to have a common understanding of exactly how ITIL best practice is to be implemented.

A Forrester report revealed that the biggest reasons for ITIL initiatives failing is resistance to change 52%, failing to get buy-in and acceptance , the second reason was lack of business support.  The training agenda that we have developed outside of our scheduled examination courses can help you to:

• identify, recognise and agree what challenges are faced by your organisation;

• look at these challenges from the perspectives of the various stakeholders;

• identify how stakeholders are impacted by current poor practice;

• facilitate practical workshops to identify problem areas;

• discuss and agree the consequences and risks of these problem areas;

• recognise and create ‘buy-in’ to the ‘need’ to find a solution to resolve them;

• identify stakeholders that need to be involved in process improvement;

• discuss and agree the solutions required to make process improvement happen;

• provide input to ‘Continual Service Improvement’ initiatives.

The experience we gain through this “training” work, of course, adds considerable value to our educational courses. But there is no substitute for focused training delivering clear and measurable objectives.

 

ITIL®, PRINCE2® are Registered Trademarks of the Office of Government Commerce in the United Kingdom and other countries