IT Service Management (ITSM) is as much a concept as it is a practice. With many more organisations moving IT support functions onto an ITIL framework, there are clear processes and procedures in place to support user requests and to better manage issues.
In the event of a true disaster and the total loss of IT services, the concept of ITSM will often be considered as low priority, but it is at this time that a well crafted ITSM strategy comes into its own, and helps bridge the gap between the loss of service and the eventual full recovery of business as usual.
The three major tenets of ITSM are to reduce risk, improve service and manage economics (often thought of as value for money), and all three of these have an important role to play when it comes to sustaining a business through the process of DR.
It can appear obvious that DR is there to reduce risk, but there are a significant number of risks that have to be balanced in DR and therefore clearly defining and managing the DR service is a core role for ITSM. Switching a service over in the event of a disaster is a risk in itself, a risk that can be mitigated by performing regular DR tests. It is also rare that all services can be switched back on at the same time, and some users could have to endure a considerable delay until services become available. This requires a clear understanding of the business-critical IT services to ensure that they are brought back in a timely and managed fashion, reducing the business risk of any outage.
Clearly defining particular DR services is only a small part of the overall service. In the event of a disaster, IT customer service becomes paramount.
In many organisations the most important service to recover is telephony to enable communications. At the same time, IT must have service help desks up and running ready to deal with the significant number of call that will ensue. Business users will usually recognise the difficulties in the initial thrall of a disaster, as IT does its best to restore critical services. However some business users will be far less sympathetic when they understand that their “less critical” system could take days or even weeks to recover. In these situations excellent customer interaction and regular communication become a vital part of the DR service.
Finally we come to economics, which is usually the most difficult of the three tenets of ITSM to justify, but not so in the case of DR. A DR provision is an expensive overhead for any IT organization to maintain, especially for a service that would be rarely, if ever, used. With ITSM it is possible to build an understanding of the IT services and the business operations they support, and therefore define the commercial risk of not having those services available in the event of a disaster. This can eventually lead to a tiered DR strategy that provides a much more cost efficient DR service, ensuring that the cost for DR is directly aligned to the value of the service it is supporting.
The three pillars of ITSM (reduced risk, improved service and managed cost) can guide IT departments to ensure disasters are managed as efficiently as possible. So in conclusion, ITSM should never be thought of as “low priority” in a DR situation but as central to any DR strategy.