Computerworld - The events of Sept. 11, 2001, resulted in CIOs scrambling to implement business continuity planning (BCP). Companies such as Snap-on Inc. and Commerzbank AG invested large sums of money in BCP after 9/11. However, today's numbers show that business continuity investments are 1% to 2% of total IT budgets, a fraction of the 2% to 8% they should be, according to various sources. Business continuity investments appear to have been only a spike after 9/11. Today, business continuity has slid down on the CIO's priority scale.
Several sources suggest that most organizations don't have working business continuity plans in place. In a survey it conducted during the winter of 2000, Dataquest Inc. found that over 60% of the businesses that responded didn't have a basic plan for BCP. Gartner Inc. analyst Roberta Witty estimated last July that even after the terrorist attacks on the U.S., less than 25% of large enterprises have comprehensive business continuity plans. Another survey, conducted by a consortium of 50 companies, found that two-thirds of the thousands of enterprises surveyed had no business continuity plans. Among the businesses that had such plans, four-fifths had never tested them, and among the companies that had tested their plans, only 17% of the plans had passed.
Results found in a recently completed 20-year study of Fortune 500 crisis readiness by the University of Southern California's Center for Crisis Management support the above studies. Therefore, although some companies did invest in BCP after 9/11, it can be derived from the studies mentioned above that business continuity has been forgotten by CIOs.
Virus attacks on servers and networks are becoming more commonplace, but even more catastrophic disruptions to business -- ranging from blackouts like the one that hit the U.S. in August 2003 to terrorist attacks like 9/11 -- occur with alarming frequency. Disasters can result in large monetary losses, legal ramifications, loss of customer confidence and, in some extreme cases, the company's existence. Organizations therefore need to have plans to recover their assets, which include people, facilities, business applications, processes and IT systems, so they'll be able to return to normal business operations as soon as possible. This requires BCP.
Business continuity (sometimes referred to as business continuance) describes an organization's procedures to ensure that essential functions can continue during and after a disaster. BCP seeks to prevent interruption of mission-critical services and to re-establish fully functioning plans as swiftly and smoothly as possible. Disasters can be caused by any of the following:
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
