The tough get going - RAVI PARWAN, TIMES NEWS NETWORK
[ MONDAY, DECEMBER 04, 2006 02:41:58 AM]
BCP is a constant requirement for all organisations that is probably why they have chosen me as the moderator for this event. So that mankind is least affected in case some calamity occurs here. I must be their BCP."
This was how Ambarish Das Gupta, head TAS, PwC, started off the ETIG Knowledge Forum on business continuity planning in Mumbai. Also, "I am a consultant and I only know how to ask questions."
On a more serious note, he said that BCP holds special significance for all organisations since the threats to a business are continuously evolving and changing. There is an inverse correlation between the probability and the scale of a disaster.
“We need to have a methodology of assessing the same and devising the amount of investment to mitigate that risk. We were not even aware of any threat to business from terrorism till a few years ago. That changed with 9/11. Now, it is part of any BCP,” he added.
Bimal Basak, executive advisor, TCS, added that 9/11 was a watershed event, which prompted TCS to revamp their BCP data recovery program (DRP). They quickly realised that with a multiple site and multi product network their DRP was very cumbersome and expensive. The conditions in the service level agreements (SLA) were also crucial. Getting lower service levels from providers put them in a tight spot with their clients.
Clients wanted higher and higher amount of service for their sites. This necessitated adoption of newer technologies providing the required better service, higher resilience and redundancy at costs according to the service level. Now, TCS has a system in place that can continue to function even if one centre fails completely. Arun Dagar, country manager, Singtel had a very interesting piece of information that he brought to the discussion. "According to a study done in the US, 60% of organisations suffer losses if their normal services are disturbed for more than 48 hrs. And per hour cost can be as high as $250/ hour.
There has been a case during New York Blackout where a company lost $6.75 million within 24 hrs. Another finding was that less than 40% of the companies had a BCP in place." Mr Dagar further added that most companies should look at more reliable communication links as backup so that in event of calamity striking; the communication network does not collapse.
Daryl Francis, executive director, Morgan Stanley, gave the example of their communication system that continued functioning during the 9/11 tragedy, thanks to the built in redundancy. This raised another point of debate between outsourcing and in-housing.
He also said that the need to segregate people from the data centres so that the risk to any single site is minimised. At the same time, you need to keep in mind whether movement would be possible in the case of any calamity. Therefore, they have now come up with remote computing solution to overcome that. He also emphasised the need to continuously monitor and upgrade the BCP.
Safir Adeni, CEO, Sitel India, made an excellent point about unpredictability of the direction from which a threat to business can come. As the CEO of a young organisation, he found out that the world cup happening in Mumbai was an event for which a BCP needs to be in place.
This was because of the high absenteeism it caused. Another pertinent point he raised was the cost of the redundancy built in for a disaster recovery. According to him, the points to focus on while designing a BCP were the timeline and the response time required.
In the end it is the credibility required with the client that is of paramount importance. According to Mr Adeni, the impact of any disaster needs to be measured on the infrastructure, the people, the connectivity and networks and the data. This would help to come up with mitigation plans for each of these areas.
P.S: Thanks to Anthony for sharing.