In the past, the concept of
business continuity was typically associated with a company's ability to
recover from natural disasters (fires, flooding, earthquakes, hurricanes). The
events of September 11th changed the paradigm, ending the somewhat
lax attitude towards business continuity planning and turning attention to
those threats having an element of human intent. Moreover, business continuity
planning began focusing not only on allowing an organization to continue
functioning after and during a disaster, but on reducing its impact, hence
minimizing the risk of extended disruptions.
Undeniably, the traditional
approach to business continuity requirements has shifted, driven by the demands
of globalization and high-tech society. It has grown out of the response and
recovery focus and into prevention strategies and techniques. Under this new
paradigm business continuity emphasizes on managing mission critical business assets
and processes to ensure continuous availability.
Business continuity planning is a
crucial part of an organization's overall risk management, and in a world where
information is power and technology is a decisive business enabler, every analysis
around contemporary threats with a potential of causing severe damage to the
organizational infrastructure leads to the assessment of operational risk linked
to information systems. This certainly recognizes the value of software
assets in today's business infrastructure, taking into account the fact
that significant investments in intellectual capital have usually been embedded
in the systems over the years, comprising the back-bone of many companies.
Therefore, a modern structured approach to managing uncertainty related to
threats encompasses all the necessary averting to ensure reliability, correct
functioning and scalability of business critical applications.
Modern organizations must secure their
continuity considering the increasing complexity and interconnection brought by
the reliance on technology to accomplish their goals. Those with business
critical applications will certainly realize the grave impact of system
malfunction upon business continuity, and the implications for stakeholders of
damage to the organization naturally deems it as unacceptable. Protecting the
financial health and stability of an organization is an essential issue for
management, and the high impact risk associated with vital software
applications make this area of business continuity planning highly relevant on
many companies.
Risk avoidance or reduction strategies linked to information assurance
have to deal with the applications'
security, performance and other technical capabilities, with development and
maintenance costs and support availability constituting critical issues to
consider. In fact, governmental entities and organizations in the power,
telecommunication, health, banking and financial industries are subject to
regulations that aim to protect public interest, including systemic failure
among its previsions to ensure information confidentiality, integrity,
authentication and availability.
But the concept of business
continuity is not limited to regulated public utility infrastructures only. Of
course, it's fairly obvious how some minutes of downtime can seriously affect a
large financial institution, but losing access to information systems has consequences
on any type of business. Business continuity is vital to business success, and in
today's interrelated world, practically every aspect of a company's operation
is vulnerable to fatal disruption. And the aforementioned value of software
assets applies to any type of organization, making it an objectionable
operational risk to maintain exposed, unsupported critical applications that
may not run properly. And modernizing them through non-disruptive methods like automated software migration
effectively contains the issues.