Service Continuity Management works by identifying assets risks and threats;
implementing countermeasures and making contingency plans.
|
Identify services
|
Services are the ICT facilities available for users, as
opposed to the technical equipment that make up the
services (assets). Examples of services are printing,
internet access, email and so on.
|
|
Identify assets
|
Assets in this context are IT service components - for
example, hardware, software, communication links,
buildings, people, procedures, data, contracted
suppliers and so on.
|
|
Identify risks
|
Consider what might happen - for example, accidental
damage, virus attack, bankruptcy, sickness, sabotage,
resignation, power failure and so on.
|
|
Identify threats
|
Consider how likely it is to happen - for example, if
access to equipment is uncontrolled, system passwords
are common knowledge, building requires maintenance,
there are single points of failure and so on.
|
|
Implement
countermeasures
|
Reduce the threat as far as possible - for example,
tighten security, carry out maintenance, eliminate single
points of failure, back up your data and so on.
|
|
Plan contingency
|
Be ready for it to happen anyway: plan and test recovery
of service(s).
|
Service Continuity Management also interfaces closely with Change Management.
As ICT changes, the service-continuity requirements also change. It is therefore
important that changes are fed into the service- continuity plan.
|
|
|
|
|
|
|
|
