IT service continuity
IT Service Continuity is a subset of Business Continuity Planning (BCP) and encompasses IT disaster recovery planning and wider IT resilience planning. It also incorporates those elements of IT infrastructure and services which relate to communications such as (voice)telephony and data communications.
It is a systematic process to prevent, predict and manage Information and Communications Technology (ICT) disruption and incidents which have the potential to disrupt ICT services and should result in a more resilient IT service capability aligned to wider organisational requirements.
Background
IT Service Continuity evolved from IT Disaster recovery which began to develop in the mid- to late 1970s as computer centre managers began to recognize the dependence of their organizations on their computer systems. At that time most systems were batch-oriented mainframes which in many cases could be down for a number of days before significant damage would be done to the organization.
During the 1980s and 1990s, IT disaster recovery awareness and the disaster recovery industry grew rapidly, driven by the advent of open systems and real-time processing (which increased the dependence of organizations on their IT systems). Another driving force in the growth of the industry was the advent of attacks (particularly those associated with the Irish Republican terrorism in the UK) on business centres and natural disasters which disrupted essential physical infrastructure. In addition increasing regulation required business continuity and integral IT response and recovery plans for organizations in various economic sectors around the world.
In recent years, Information and Communication Technology (ICT) has become integral to many of the essential activities carried out by organizations. The advent of the Internet and other electronic networking services together with the current and developing capabilities of systems and applications, has also meant that those organizations have become more and more dependent on reliable, safe and secure ICT infrastructures.
At the same time the need for business continuity management (BCM), including incident preparedness, disaster recovery planning, and emergency response and management, has become steadily more prevalent in developed and developing economies. Failures of supporting ICT services (including information security issues such as systems intrusion and malware infections) are recognized as having the potential to impact the continuity of business operations. As a result managing ICT and related continuity and other security aspects forms an essential component of business continuity requirements. In addition it is often the case that critical business functions that require business continuity are usually dependent upon ICT. This dependence means that disruptions to ICT can constitute strategic risks to the reputation of an organization and its ability to operate effectively.
IT Service Continuity is essential for many organizations in the implementation of Business Continuity Management and Information Security Management and as part of the implementation and operation information security management as well as business continuity management as specified in ISO/IEC 27001 and ISO 22301 respectively, it is critical to develop and implement continuity for the ICT services to help ensure business continuity.
Principles
IT Service Continuity planning may make use of any combination of recovery and/or restoration strategies including; hot, warm, cold standby data centres or servers; high-availability services within the same or across multiple data centres; services may be active/active or active/passive; it may utilise a ship-on-demand, shared services or cloud services, or other approach. IT Service Continuity, in itself, does not prescribe or refer to any one strategy.
In 2008 the British Standards Institution launched a specific standard connected and supporting the Business Continuity Standard BS 25999 titled BS25777 specifically to align ICT Service Continuity with Business Continuity. This was withdrawn following the publication in March 2011 of ISO/IEC 27031 - Security techniques — Guidelines for information and communication technology readiness for business continuity.
The IT Service Management Continuity link redirects to this page. Here is the downloadable link for the ITIL® glossary and abbreviations: http://www.itil-officialsite.com/InternationalActivities/TranslatedGlossaries.aspx. Not being certain of reprinting rights, only the link is provided. The glossary gives a comprehensive definition of ITSCM and other related definitions. It can be downloaded free of charge and is a comprehensive compilation of ITIL® terms.
See also
- Recovery Point Objective (RPO)
- Recovery Time Objective (RTO)
- Recovery Consistency Objective (RCO)