Preface
In our last Newsletter we presented the high level areas that make up ITSM Service Continuity methods and processes and presented in detail those items that make up Business Impact Analysis in these areas.

Introduction
This newsletter for July/August, 2003 is the second of several parts that will present in detail the processes and methods required to define, characterize, and develop ITSM Service Continuity best practices and deal directly with Disaster Recovery Planning.

What is ITSM Service Continuity?
In review, ITSM Service Continuity typically includes the following major elements:
      Business Impact Analysis (Last Newsletter)
      Disaster Recovery Planning (This and the Next Newsletter)
      Information Technology Infrastructure for Service Continuity (Future Newsletter)

It should be noted that business impact analysis is included as the initial and critical purpose of any disaster recovery effort since a business impact analysis is necessary to provide input to a subsequent disaster recovery planning effort. Subsequently, disaster recovery is a main and critical component of ITSM Service Continuity.

Disaster Recovery Resource Requirements
Based on the business impact analysis findings, this information has an application system granularity level:
     1) Enter the estimated maximum amount of technology required by this application system for normal operation
           Amount of Processor, Memory, Disk Space (Gigs), Bandwidth, etc.
           Number of Devices: Servers, Workstations, Disk, CD, Tapes, Printers, etc.
           Number of Communications Devices: Routers, Hubs, etc.
           Physical and Logical Configuration and Communication of Network.
           Any other Special Considerations
     2) List all databases/files by ID that are required to restart this application system after a total disaster. Include filename/ID, whether backups are stored onsite or offsite, and the frequency of the backup
     3) List all actions or steps to restart this application system after a total disaster

Make certain that this area is verified and signed off on by both the Customer and IT.

Disaster Recovery Business Requirements
Based on the business impact analysis findings, this information has an application system granularity level:
     1) Enter the Customer, Department, Date, Application System Name and Number (if applicable)
     2) Enter the Disaster Recovery Priority assigned for this application and whether it is agreed by both Customer and IT. List the reasons if there is disagreement.
     3) List the Business Functions supported by this application.
     4) Operating impact if this application is lost.
     5) Legal and regulatory impact (if applicable) if this application is lost.
     6) Financial impact - Cost to the Agency, organization, or loss of profits if this application is lost. For 1 hour, 1 day, 2 days, and 1 week. Describe how this was calculated.
     7) Intangible losses if this application is lost.
     8) What are the important time cycles for this application (if any)?
     9) Could you use alternative methods to replace this application for a temporary period of time? If so, for how long?
     10) Would the loss of this application affect Customers? If so, then how and to what extent?
     11) If a disaster caused a loss of data entered the past day, two days, etc., how far back could that data be obtained and reentered? If so, then would this be done and how long would that take?

Make certain that this area is verified and signed off on by both the Customer and IT.

RL Consulting IT Service Management Tools and Workshops

RL Information Consulting Announces an ITSM Self Assessment Solution Package
   » Documented Proprietary Methodology
   » Proprietary Excel Spreadsheet
   » GAP Analysis
   » Criticality Matrix
   » Evaluation Checklist
   » Orientation Presentation

CLICK HERE - For Additional Information and Pricing

Utilizing SolutionMethod™ proprietary questions and evaluation processes, RL Consulting employs 3 automated tools; ITSM Assessment Worksheet, ITSM ROI Worksheet, and ITSM Implementation Readiness Worksheet.

Education and Training - 1, 2, and 3 Day ITSM Workshops that offer a broad range of training beginning with Management level, through Strategy and Planning, to Implementation.

To Learn More About These Tools and Workshops and How They Can Help You - Click Here -

Find Out About Our 4 Week ITSM Maturity Assessment Service
and How It Can Assist You
- Click Here -


ITSM Service Continuity Methods and Best Practices
The disaster recovery planning methodology consists of many disaster recovery planning processes. The contemplated disaster recovery planning effort, which will be performed after the disaster recovery business impact analysis, will be accomplished utilizing the disaster recovery planning processes, which are summarized below.

Please note that the sections on Application Inventory and Criticality Ratings, Critical Application System Resource Requirements, and Alternate Processing Strategies are partly covered in a business impact analysis, but are included here for completeness.

Important ITSM Service Continuity Information Areas (1-7 of 14)
     1) Overview - The overview is the first step addressed in the disaster recovery planning process. The project boundaries (purpose, scope, objectives and assumptions) to be used in developing the disaster recovery plan should be defined, documented, and approved by management. The types of disasters addressed by the disaster recovery plan will depend upon the physical location of the company and its information processing facilities.
     2) Application Inventory and Criticality Ratings - In a business impact analysis, all application systems are identified and categorized as to their criticality relative to the continuation of the business operations. To define the criticality and recovery sequence of an application system, its major functions, size and complexity, impact on other systems, and processing schedule should be taken into consideration. Processing of critical systems should be resumed as quickly as possible after a disaster. Less critical systems should be processed as soon as possible after data processing operations are restored or if time and resources are available, after restoration of critical systems. Non-critical systems should be restored when data processing services are available.
     3) Disaster Recovery Teams - Establishment of functional teams and identification of individuals is necessary to assure preparedness in the event of a disaster. Designating personnel to be responsible for specific functions before, during and after an emergency situation is essential to assure that the proper actions will be taken expeditiously. Team members must participate in the disaster recovery planning process to assure that responsibilities and roles are defined, documented, assigned to specific individuals, understood, executable and accurately represent what is required for a successful recovery.
     4) Off-Site Backups - The required off-site movement of software, associated data, documentation, and any additional resources needed in the event of a disaster should be identified, documented and implemented. The backup scheme used should respond effectively to the most likely problem situations while still providing a tolerable solution in major recovery situations. Criticality and execution frequency of each application system will determine the frequency of backup and the safeguards designed into the backup scheme.
     5) Critical Application System Resource Requirements - Once critical systems have been identified and restoration sequences defined, the resource requirements needed to process each critical system must be determined. The resource and processing requirements identified for all critical systems are analyzed in the recovery and alternate processing strategies process to determine the minimum resource requirements and configuration (hardware, software, communications, forms, supplies, special equipment, etc.) required to process all critical systems in the event of a disaster.
     6) Alternate Processing Strategies and Inventories Required - The overall recovery strategy and listings of the hardware, software, telecommunications, support equipment, forms, supplies, etc. needed in the event of a disaster must be identified and documented. The recovery strategies to be used in the event of a disaster should be based upon a summary of the requirements and resources identified for each critical system. The strategy decision must be unique to the particular company and situation. Seldom will a single strategy be the optimum solution. For instance, a single strategy for disaster critical applications might be considered, with reduction or withdrawal of services for less critical or non-critical applications.
     7) Operating Procedures - The capability to recover from both major and minor disasters necessitates the availability of a comprehensive set of operating procedures describing the steps required to re-establish data processing in the event of a disaster. Therefore, the documentation required should consider the various levels of disasters that could occur and support the objectives, assumptions and strategies of the Disaster Recovery Plan. Operating procedures can be incorporated either in the disaster recovery plan, or separately with a reference note in the disaster recovery plan. The procedures must be available to technical support and operations personnel with a current copy placed in the off-site vault. The procedures needed to recover from a disaster will be specific for the actual restorations and, in most instances, for normal processing will be the same as those used in daily operations. Existing procedures should be used where possible to satisfy disaster planning documentation requirements. This will minimize the effort necessary to produce procedures and the training of personnel in the recovery process. Disaster recovery procedures should be tested periodically and also modified as changes in the data processing facility and environment occur.

In the next Newsletter we will finalize the 14 necessary components and steps to developing an effective ITSM Service Continuity, Disaster Recovery Plan

Is Your Company Triple "A" Rated?

      Aware - Of internal and external factors that could impact your business
      Adaptable - To change the focus of your company's resources and expertise depending on changes in internal and external factors
      Agile - To focus your company's resources and expertise effectively and efficiently in the quickest manner possible


What if you could do this proactively?


RL Consulting Utilizes:
The Proactive Business Model, Realization of Benefits, ITSM ROI,
SAGA Business Strategy, and Enterprise Infrastructure Architecture


Leveraging Knowledge Management to Optimize Decision Support Systems Proactively
One step beyond IT Service Management,
One Generation beyond Information Systems

Downloads

White Papers:
   » SLA Description and Templates
   » Consolidation Questionnaires
   » Service Continuity Methods
   » Project Management Practices
   » Developing a Communication Plan
   » Data Management Process
   » Proactive Business Model
   » Realization of Benefits
   » SAGA Business Strategy
   » Enterprise Infrastructure Architecture

Service Briefs:
   » ITSM Maturity Assessment
   » Incident and Problem Management
   » Service Continuity
   » Configuration and Change Management
   » Service Level Management
   » Capacity Management
   » Availability Management
   » Release Management

- Click Here -

Additional Information
Visit www.itsm.info to learn about ITSM, IT Infrastructure Library (ITIL), and SolutionMethod™ (a Policy Based ITSM Approach). In addition, you can download free and informative white papers, questionnaires, and service briefs. This includes more in-depth information on the topics presented in this newsletter.

To learn how RL Consulting can assist in achieving IT Service Management goals and our full range of solutions:
Contact us at RL_Consulting@ITSM.info or phone us at 602-996-6830

Tell a fellow IT Professional

Sign up for our Monthly ITSM Newsletter

* In the upcoming months this newsletter will contain important information concerning the various aspects of IT Service Management. If you no longer wish to receive this newsletter simply reply to this message with "REMOVE" in the subject line.

Volume 6 - July/August, 2003
This newsletter and the information contained herein is maintained by Rick Leopoldi and property of RL Information Consulting LLC.