Advertisment

'It must be a practice rather than a mechanism'

author-image
CIOL Bureau
Updated On
New Update

Even as integration of various business processes benefit the organization, it throws a great challenge for business continuity as the outage of one part can cause disruption in the whole business chain. Visweswaran. M, CIO, Macmillan India Ltd, is of the opinion that an organization should consider Disaster recovery planning as a practice rather than a mere protection mechanism. Organizations need to have business continuity governance, he said, in an interaction with CIOL's B.V.Shiva Shankar. Excerpts from an interview:

Advertisment

CIOL: What are the likely hazards that lead to disruption or potential disaster?

VM: Hacking/virus intrusion, electrical short circuits in any data center, floods, earthquakes, etc., in any part of the globe may lead to business process disruption, which will impact various other business processes leading to business discontinuity.

Advertisment

CIOL: What are the main challenges for business continuity?

VM:
Mainly, defining the foolproof business continuity policy itself is a great challenge. ROI justification on the business continuity practice is also a great challenge. Whether we need to insource or outsource the business continuity infrastructure is again a very difficult decision.

CIOL: How well the industry is prepared to manage an impending disaster?

VM:
Preparedness depends on the policy to take care of the disruption. As all disastrous events cannot be anticipated fully, it is difficult to reach a judgment on the preparedness of the industry. However, in my opinion and to the extent of my experience, in India, the preparedness is not very strong. It is more of gamble game, which means lot of assumption contents, goes into decision-making process.

CIOL: What type of disaster recovery planning have you adopted in your company?

VM:
In our organization, we have also adopted very simple disaster recovery methods. By this, I mean we are only prepared for simple disasters. Of course, we are continuously studying the need and improving our infrastructure, as and when we are clear.

Advertisment

CIOL: Is a one-stop solution possible to ensure business continuity?

VM:
This again depends on the policy. A one-stop solution is possible for simple policies. However, a one-stop solution or a single vendor offering the complete service is very rare. Also, I have not come across any vendor, who is only in the space of business continuity practice.

CIOL: What must be the steps taken by an organization, in terms of best practice, to prevent a possible potential disaster?

VM:
The organization should consider this as a practice rather than a protection mechanism only. It should be introduced in the same way like Six Sigma, ISO, TPM, TQM, etc. The organizations need to have business continuity governance. There should be a full-time management representative to continuously monitor and improve the practice. A periodical audit is required to ensure its sanctity.

CIOL: What should be the basis for selecting DRP?, Should recovery time objective ( RTO) and recovery point objective (RPO) be the barometer or should it be dependent on the situation?

VM:
It definitely depends on the scenario. Verticals like retail, healthcare, banking, insurance, etc., may choose recovery time objective. Maybe, verticals like manufacturing may choose recovery point objective.

CIOL: What is the importance of business continuity in the current scenario?

Visweswaran.M:
Today, the organizations, whether small or big, spend a lot on automating the business processes in order to stay under competitive environment. Automation in turn benefit only if it integrates with other business processes. This means information exchange across the organizations without any manual involvement. This poses a great need to protect the integrity of database across the organization. In view of this, if any part of the business process is affected due to some calamity or any other disaster, the complete business chain come to a standstill and business continuity gets affected. Therefore, the business continuity practice assumes significant importance along with other infrastructure.