An overview of IT Service Continuity Management

An overview of IT Service Continuity Management

Service continuity management is a reactive and proactive process which involves contingency planning for recovery in case the Information and communication technology service is damaged or put out of action by a sudden disaster.

Puropose of IT Service Continuity Management

The main purpose of the IT service continuity management is to support the overall business continuity management process by making sure that the IT service provider is always capable of providing minimum levels of business continuity related service.

Objective of IT Service Continuity Management

The objectives of IT service continuity management (ITSCM) are:

  • To provide advice and assistance on issues which are related to continuity and recovery

  • To maintain a set of plans on IT service continuity and IT recovery which are in support of the overall business continuity plans. They should also perform business impact analysis, risk analysis, and management activities on a regular basis.

  • To minimize the costs which cannot be eliminated

  • To make sure that suitable continuity mechanisms are installed which can meet or exceed the agreed upon targets of business continuity.

  • Analyze the impact which the changes have had on the IT service continuity plans.

  • Make sure that proactive measures are implemented wherever it is economical, which will increase the availability of services.

  • Perform negotiations and agree on contracts with the suppliers to provide the required recovery capability.

Scope of IT Service Continuity Management

IT service continuity management supports the activities of the business continuity management process and focuses only on those events which are considered by the business to be a ‘disaster.’

Minor technical issues are not covered under this as they are addressed through the incident management process. Availability management also addresses these minor issues in the design of services for availability and recovery.

IT service continuity management usually does not address long-term risks such as changes in business direction, diversification, restructuring, directly. Instead, when there is time to evaluate the risk, it addresses them using an IT change management program.

Value of IT Service Continuity Management

The following benefits are provided by implementing Service Continuity Management:

  • In case of an accident or a disaster, the Information and communication technology (ICT) services can be restored in the appropriate order of importance to ensure that the most vital services are up and running soon.

  • The ready nature of the contingency plan allows us to save time and react quickly or recover quickly from an accident or a disaster.

  • The organization can be mentally prepared for a disaster as service continuity management allows us to project disaster scenarios beforehand.

  • There is a clear understanding of the importance of Information and communication technology (ICT) services and their rank

Principles and Basic Concepts of IT Service Continuity Management

Business continuity plan (BCP)

  • A business continuity plan outlines and defines the steps which are needed to restore the business processes after they have been disrupted.

  • It also identifies the triggers for invocation, the people who need to be involved, communications, etc.

  • A significant part of Business Continuity Plans consists of IT service continuity plans.

Business continuity management (BCM)

  • The role of business continuity management is to manage risks which can have a serious impact on the business, bring them down to an acceptable level and plan for the recovery of business processes if a business disruption occurs.

Business impact analysis (BIA)

The main purpose of business impact analysis is to quantify the impact that loss of service would have on a business. It identifies the following:

  • The form which will be taken by the damage or loss

  • The way in which the degree of loss or damage is likely to increase following a service disruption.

  • The staff, skills, facilities, and services which are needed to make sure that the viral business processes continue to operate at minimum acceptable levels.

  • The time period within which the minimum levels of staff, facilities and services should be recovered.

  • The priority assigned to each business during recovery.

Implementation Procedure of IT Service Continuity Management

Service Continuity Management is a process which can evolve over time and not necessarily an end-to-end task which has to be finished in order to possess some value. Service continuity management has to be developed over time. The steps taken to implement service continuity management in an organization are:

The steps taken to implement service continuity management Step 1: Identify services and assets

    • Firstly, all the services and assets in our possession need to be identified. Assets are the main component of services.

    • Services and assets can be any of the following:

Service Assets
Printing Printer
Word Processing Computer, software
Internet Computer, LAN, WAN, ISP
Data storage Server, Hard disk
Technical Support Procedures. Staff
  • This information is gathered in the Framework for ICT Technical Support (FITS) processes.

  • FITS Service Level Management should be implemented in order to understand the criticality of the services in possession.

  • FITS Configuration Management should be implemented in order to get an idea about the main assets.

Step 2: Identify risks and threats

  • Once the services and assets have been identified, the risks and threats should be identified.

  • What can happen to the services and assets are categorized as risks and the causes which make it happen are categorized as threats.

Risks Threats
Loss of internal ICT services/assets Fire, power failure, power surge, virus, accidental damage
Loss of external ICT services Overload of external communication links, bankruptcy.
Loss of data Technical failure, virus, human error, accidental damage
Unavailability of key technical and support staff Sickness, transportation problems, resignation
Failure of service providers Bankruptcy, loss of service provider’s own data

Step 3: Make contingency plans

  • Contingency plans are similar to insurance policies.

  • They can be simple & cost effective and can cover minor risks, or they can be complicated & expensive and cover major risks.

  • The type of contingency plan which should be implemented depends on the level of risk which the company is taking.

  • These plans involve prioritizing the services to be restored first, creating backups and storing them on-site and off-site.

Step 4: Document the recovery plan

  • The recovery plan should be documented properly to ensure that all the essential information is present in it.

  • This plan should be circulated among the key staff, who should be kept up to date regarding any changes in the plan.

  • A copy of the plan should be given to the recovery team as well.

  • Another copy of the recovery plan should be stored off-site to make it accessible in an emergency situation.

Process Activities of IT Service Continuity Management

To set up and operate IT service continuity management, a lifecycle approach should be adopted. The stages of the lifecycle approach from the foundation for the IT service continuity management are:

The stages of IT service continuity management

  1. Initiation

    The key activities in the initiation stage are:

    • Policy setting

    • Scope definition

    • Initiate a project

  2. Requirements & strategy

    The key activities in the requirements & strategy stage are:

    • Business impact analysis

    • Risk assessment

    • IT service continuity strategy

  3. Implementation

    The key activities in the implementation stage are:

    • Develop IT service continuity plans

    • Develop IT plans, recovery plans, and procedures

    • Organizational planning

    • Risk reduction and recovery

    • Implementation

    • Initial testing

  4. Ongoing operation

    The key activities in the ongoing operation stage are:

    • Education, awareness, and training

    • Review & audit

    • Testing

    • Change management

Roles and Functions of IT Service Continuity Management

  1. Service continuity manager

    • Handles the responsibility of service continuity

    • Owns the service continuity management process

    • Leads the service continuity recovery plan’s development

    • Invokes the service continuity recovery plan personally

    • Is a senior member of the ICT or technical support staff

    • Has no need to be technical

    • Should have an understanding of the ICT priorities of the users.

    • Should appoint someone else to cover during absence

    • Should not delegate responsibility

  2. Service continuity recovery team

    • Is led by the service continuity manager

    • Participates in the testing and invocation of the service continuity recovery plan.

    • Includes the technical staff for technical procedures

    • Includes users for testing and during the actual invocation

    • Includes representatives from the departments for communication and coordination.

Challenges of IT Service Continuity Management

The challenges involved in IT service continuity management are:

  • Creating appropriate IT service continuity management plans when there is no overall business continuity management processes or plans.

  • The IT department has to educate the business to adopt the appropriate best practices the area.

  • If IT plans are developed without taking business plans into account, they may be inappropriate. In the event of a disaster, the blame for failure will be placed on the IT department.

Risk of IT Service Continuity Management

The risks faced by IT service continuity management are:

  • Lack of a business continuity management process

  • Lack of commitment from the business to the IT service continuity management process.

  • Lack of appropriate information on the future plans and strategies of the business.

  • The plans of IT service continuity management can become outdated and misaligned with the information and plans of the business and business continuity management.

IT Service Continuity Management thus performs its role of providing advice and assistance on various continuity and recovery issues along with maintaining a set of plans on IT service continuity and IT recovery which support the overall business continuity plans. It helps to minimize the costs which cannot be eliminated and while ensuring that proactive measures are implemented wherever it is economical.

Subscribe to receive awesome resources, offers, and updates straight to your inbox

Success! Thank You for Your Subscription.


Stay Connected

Subscribe to Our Newsletter

Success! Thank You for Your Subscription.

Related webinars

7 Steps to ITIL Continual Service Improvement

IT Service Management