Critical software applications and business continuity

22. July 2008 04:09 by enassar in General  //  Tags:   //   Comments (0)

In the past, the concept of business continuity was typically associated with a company's ability to recover from natural disasters (fires, flooding, earthquakes, hurricanes). The events of September 11th changed the paradigm, ending the somewhat lax attitude towards business continuity planning and turning attention to those threats having an element of human intent. Moreover, business continuity planning began focusing not only on allowing an organization to continue functioning after and during a disaster, but on reducing its impact, hence minimizing the risk of extended disruptions.

Undeniably, the traditional approach to business continuity requirements has shifted, driven by the demands of globalization and high-tech society. It has grown out of the response and recovery focus and into prevention strategies and techniques. Under this new paradigm business continuity emphasizes on managing mission critical business assets and processes to ensure continuous availability.

Business continuity planning is a crucial part of an organization's overall risk management, and in a world where information is power and technology is a decisive business enabler, every analysis around contemporary threats with a potential of causing severe damage to the organizational infrastructure leads to the assessment of operational risk linked to information systems. This certainly recognizes the value of software assets in today's business infrastructure, taking into account the fact that significant investments in intellectual capital have usually been embedded in the systems over the years, comprising the back-bone of many companies. Therefore, a modern structured approach to managing uncertainty related to threats encompasses all the necessary averting to ensure reliability, correct functioning and scalability of business critical applications.

Modern organizations must secure their continuity considering the increasing complexity and interconnection brought by the reliance on technology to accomplish their goals. Those with business critical applications will certainly realize the grave impact of system malfunction upon business continuity, and the implications for stakeholders of damage to the organization naturally deems it as unacceptable. Protecting the financial health and stability of an organization is an essential issue for management, and the high impact risk associated with vital software applications make this area of business continuity planning highly relevant on many companies.

Risk avoidance or reduction strategies linked to information assurance have to deal with the applications' security, performance and other technical capabilities, with development and maintenance costs and support availability constituting critical issues to consider. In fact, governmental entities and organizations in the power, telecommunication, health, banking and financial industries are subject to regulations that aim to protect public interest, including systemic failure among its previsions to ensure information confidentiality, integrity, authentication and availability.

But the concept of business continuity is not limited to regulated public utility infrastructures only. Of course, it's fairly obvious how some minutes of downtime can seriously affect a large financial institution, but losing access to information systems has consequences on any type of business. Business continuity is vital to business success, and in today's interrelated world, practically every aspect of a company's operation is vulnerable to fatal disruption. And the aforementioned value of software assets applies to any type of organization, making it an objectionable operational risk to maintain exposed, unsupported critical applications that may not run properly. And modernizing them through non-disruptive methods like automated software migration effectively contains the issues.