Service Continuity Management is a continuous process, not a one-off exercise.
You must review your service-continuity recovery plan on a regular basis and do the
following:
|
|
Keep your service-continuity recovery plan in line with changes to services and
assets. This is managed via other FITS processes:
|
Configuration
Management
|
The configuration-management database should
always hold the latest asset information. In
service continuity management you would need
to know if asset details changed.
For example, if you have asked a supplier to
reserve a standby server off site for you to use in
an emergency, that server would need to keep
pace with the on-site equipment's technical
specification.
|
|
Service Level
Management
|
Service catalogues and service-level
agreements should have up-to- date details of
services in use and service levels required. In
service continuity management you would need
to know if services or service levels changed.
For example, if a new service has been
introduced that is more critical to day-to-day
school operation than any previous service, this
might change the priorities of service recovery.
|
|
Change Management
|
Change Management is the process that
ensures that other data sources are up to date.
For example, the implementation of a file server
upgrade would be carried out via the request-for-
change process, which would result in the
configuration-management database being
updated.
|
The success of your recovery plan will depend on how relevant it is when it is
invoked. This success will increase if you implement the above FITS processes to
help you keep the plan up to date.
You must also consider changes in personnel and any new appointments to the
recovery team and the subsequent training and rehearsal that these may generate.
|
|
In the Implementation guide we have made only a very basic start on a recovery
plan. We recommend doing something rather than nothing, but try to develop your
plan as much as possible. Keep reviewing what you have done so far and consider
what improvements you can make.
- Have you identified all your services, assets, risks and threats?
- Are your contingency plans adequate?
- Can you improve the plans you have put in place?
- Can you add to your plans?
- Do you need to rehearse your plans, for the first time or again?
|
|
Review your risks and threats and take action to reduce the possibility that they will
occur. A good way to do this as a matter of course is to implement the FITS
processes, as these are designed to improve the overall stability and quality of your
ICT provision.
|
Process
|
Some of the benefits to service continuity
|
|
Service Desk
|
A service desk is a good central point of contact and co-
ordination. This centralisation may help you to spot a potential
threat and eliminate it before it occurs.
|
|
Incident Management
|
Incident Management provides the data that Problem
Management uses to identify trends and underlying problems.
Without it, Problem Management would not be able to improve
resilience and quality of services.
|
|
Problem
Management
|
Problem Management is concerned with eliminating underlying
problems and identifying trends. This may act as an early-
warning system and enable you to improve resilience.
|
|
Change
Management
|
As well as being the process that helps to keep the recovery
plan up to date, Change Management helps to improve the
quality of technical solutions and therefore the resilience.
|
|
Configuration
Management
|
Configuration Management is the central point for all data
concerning assets (configuration items) and the relationships
between them. This helps when planning changes to ensure
that you maintain resilience. It also exposes single points of
failure that you can eliminate.
|
|
Release
Management
|
Release Management is concerned with the planning and
implementation of new services. This is where the design of a
service is considered and single points of failure removed at
source - the ultimate in proactive support.
|
|
Availability
Management
|
Availability and Capacity Management is closely tied to
Service Continuity Management, as their concepts are similar -
keeping services available continuously or as required and
ensuring that there is sufficient processing and storage
capability. Preventative Maintenance is a key element of risk
management and includes equipment health checks and the
creation and testing of back-ups, as well as the building in of
contingency such as disk mirroring or RAID and eliminating
single points of failure. Network Monitoring also provides
valuable advance notice of potential availability and capacity
problems and helps you to avoid them.
|
|
Service Level
Management
|
Service Level Management provides input to Service
Continuity Management in the form of details and relative
importance of services. The better this process, the better you
understand what is required of Service Continuity
Management. If you have got as far as drawing up service-
level agreements with ICT users, you will already have had to
consider how you are going to meet the terms of those
agreements and provide a consistent service so you have a
head start on Service Continuity Management.
|
|
Financial
Management
|
Good financial management means that you are spending only
what is required on ICT and technical support. Any spare cash
could go into service continuity management to improve that
further.
|
|
|
|
|
|
