Information Age: News, analysis & insight for IT & business leaders

The business case for continuous system and application availability is clear and is changing as rapidly as the dynamic business environment. To be a credible player in the market place, a commitment to business continuity is a base-level, non-discretionary cost, primary business function, survival mechanism and non-negotiable expectation.

In 2002, the Disaster Recovery Journal reported that 43% of firms that suffer a massive data loss will never re-open, and 51% will re-open just to shut down permanently within two years. With data this compelling circulating in the marketplace, CIOs and IT stakeholders must ask themselves: How will an unrecoverable IT-related disaster or data loss affect investors' equity?

Corporate decision-making processes are being held to higher standards, with a greater focus on return on investment (ROI). Simultaneously, IT stakeholders are demanding ever-increasing, seamless, and robust system availability, and the highest level of protection possible. CIOs must be prepared to balance such issues, ultimately providing end-to-end application availability, especially for mission-critical systems.

Although a seemingly daunting task, CIOs can rely on best practices and effective portfolio management to secure a positive outcome. Initially, the organisation must be made to realise the importance of ensuring continuous availability of mission-critical applications. Enterprise-wide understanding, acceptance and consensus will make it easier to adopt a common approach.

Even with the most ideal real-time (and costly) business continuity solution, IT organisations (ITOs) must understand the business impact of applications. An application outage can occur for various reasons, but, the user does not care about any of these. Users care about application availability and have high expectations. When users pick up the phone, they expect a dial tone. Application availability is an expected commodity that is best met with an agile, mission-critical-centric approach.

A survey of Global 2000 company CIOs further portrays the criticality in the marketplace. Although 78% of the CIOs indicated that all their mission-critical applications were covered by a high-availability and disaster recovery strategy, some conceded that the current approach is a work in progress.

From a business perspective, the CIO's greatest challenge to a comprehensive high-availability and disaster recovery implementation is getting board-level approval and managing the cost of providing continuous operations. All executives must be taught to view business continuity from a fiduciary point of view. However, even with executive- level commitment, planning and implementation challenges are great because system and application availability touches so many areas of the overall organisation. In reality, business owners do not want to deal with the technical issues or the embedded costs of recovery or continuous operations.

CIOs and business leaders are faced with the difficult decision of determining what will receive the highest availability and what will receive minimal coverage with less than optimal recovery periods. CIOs are forced to make this decision based on the mission-critical applications of the enterprise, business priorities and subsequent impact, and overall cost effectiveness. >ITOs' lines of business must map the applications they use in terms of business criticality and must adopt a standard process by which to prioritise applications and link their use to tangible business impacts.

Any application that plays a role in developing, creating, manufacturing, supporting, or distributing a product or service to buyers will significantly impact the organisation during an outage event. For some firms, the ERP system is at the core of what they do and takes the highest priority; for others, ecommerce or the customer relationship management (CRM) system might be the most important applications. For yet other organisations, email could be deemed just as mission-critical as online order entry, tracking, fulfilment, support and billing systems.

In realising the impact of applications on core business functions, CIOs must focus on what each system touches directly or peripherally, and what the repercussions of an outage will entail. For instance, ERP systems are generally considered mission-critical for any organisation that produces a physical product by linking and by automating manufacturing components and processes with suppliers and customers. Furthermore, most ERP applications include - or link to - core enterprise financial systems. The availability and the accuracy of data are key to survival.

Many CRM systems provide organisations with commerce functionality. An outage of CRM applications directly affects top-line issues because of the lost ability to conduct transactions with customers. Because CRM applications are customer facing, they represent and communicate the organisation brand to the consumer. If those applications are even partially unavailable, customers remember a poor sales or service experience, which can damage or destroy a corporate brand via poor public perception.

In addition, email and messaging applications provide mission-critical functionality in many business processes such as outbound sales and marketing efforts, inbound requests for information, customer service, ecommerce, and often transactional support and partner or supplier communications. In one recent case, a US manufacturer was in the midst of M&A negotiations when its email system went down, significantly delaying the transfer of legal documents via email attachments between the US office and its European suitor. Thus, outages of email and messaging applications result in diminished customer satisfaction, ineffective communications with critical business units, and increased time to market.

Although the rationale of designating email systems as mission-critical could be debated ad infinitum, enterprise wide perceptions maintain that, if the ITO fails to keep email up and running, the credibility of the organisation to maintain availability to other applications is substantially diminished. CIOs consider this when designating mission-critical systems and implementing availability solutions.