Carl Weinschenk spoke with Geary W. Sikich, principal, Logical Management Systems. Sikich's book, "Protecting Your Business in a Pandemic," will be published in June by Greenwood Publishing.

Weinschenk: Once a company decides it needs to pay attention to disaster recovery/business continuity, what is the first step? In essence, what is the beginning of the beginning of addressing this large issue?
Sikich: The beginning of the beginning is an assessment of what the risk tolerance of the organization is. It's not so much the processors and hardware or workstation recovery — which are traditional areas — and recovery time and recovery point objectives, but more on how long can my customers be without my services or products before they go elsewhere or how long can their business survive?

Weinschenk: So it's a more comprehensive measure.
Sikich: That bridges into a broader risk perspective that includes financial risk of non-traditional business interruption. For example, I saw Jeffrey Imelt from GE on a program — it was Charlie Rose, I believe — and he talked about the fact that he took over GE just prior to 9/11. The corporate goals and objectives were to grow at a certain percentage. Then, he said, planes with my engines in them hit a building I insured and I still had to get 11 percent growth out of the company. There can be a huge disconnect between business continuity and disaster recovery and corporate goals and the company's strategic objectives. Unless the two are married, the business continuity and disaster recovery plans don’t reflect the business. They reflect a very tactical level of recovery, which in a sense is really an insignificant item on a CEO's list of things that are important.

Weinschenk: The bottom line is that a checklist of servers that need protection isn't going to do the trick. Is that so?
Sikich: I am doing copy edits on a book I am writing — "Protecting Your Business in a Pandemic," which is coming in June from Greenwood Publishing. One thing that is in the book is the fact that business continuity efforts have traditionally focused on facilities and information and systems and applications. The hardware part of the process, if you will. They’ve always assumed people are going to be there. Now suddenly, the industry hot button is the people issue. I say that they always were the issue. In this context, we are looking at the fact that most, if not all, business continuity and disaster recovery plans do not have adequate succession built into them. They don’t reflect how corporate goals or objectives are achieved in a disruptive environment.

Previous Page Next Page