No organisation wants to see unhappy customers, damage to their reputation, loss in revenue, and many days spent recovering. The unexpected IT fallout impacted banks, airlines, TV broadcasters, supermarkets, and many more businesses worldwide.
What can you do better within your organisation to be ready when another major crisis will inevitably happen?
ITSM defending from the next global crisis
A good ITSM practice is the best defence against the next software release disaster. What are the recommended practices that will make your organisation immune to harm?
First and utmost – your CMDB. No organisation can effectively manage its IT and address associated challenges without documenting IT assets, their interdependencies, and the technologies it uses, giving a clear understanding of what it has in its IT estate.
CMDB and Asset Management are crucial tools for comprehending the business context. They help in defining the criticality of IT components or their functional blocks from a Business Service perspective. This understanding enables the categorization of IT infrastructure components based on their criticality. With lessons learnt from that fateful Friday, organisations must define policies stating that less critical components can undergo automatic updates, while more critical components require rigorous testing.
This ties into another ITSM practice – Change and Release Management. First, it must be clear what is in the scope of Change Management and what conditions apply, coming from criticality specified based on the business context. The Change Management process will then ensure that no update will be applied to the critical system unless it is thoroughly evaluated, tested, and approved before deployment.
But what should you do if, despite all the efforts and the deployment policies, a critical flaw is introduced into critical infrastructure? Your first step is to stay calm, with a clear head and your CMDB in hand. This will allow you to assess the situation and its impact on company operations. This forms the foundation for your clear communication with the IT stakeholders and customers.
Concise presentation of the problem builds their trust in the IT’s ability to manage the problem. You can pass information promptly with targeted communication using Major Incident Management. It is important to keep stakeholders in the loop and being transparent even if the progress is not good.
Incident Management is your instrument to fix the issue, prioritising based on their criticality, revolving again around the proper service-aware CMDB that is able to give the business context.
BCM process to manage major disruptions to your business
No matter how well you prepare, Major Incident Management may not be the final answer. The problem may go beyond IT, and that is when ServiceNow’s Business Continuity Management (BCM) comes into play.
The Business Impact Analysis (BIA) enables you to identify risks to your organisation and critical business functions, as well as the impact of potential disruptions. Integrating BIA with your CMDB provides a comprehensive view of dependencies between your business functions and the organisation’s (IT) assets.
The outputs of the BIA allow you to prepare effectively for various crisis scenarios by creating a set of Business Continuity and Disaster Recovery plans to capture a step-by-step approach for each adverse scenario. ServiceNow supports a managed process to test your plans on a regular basis, strengthening the organisation’s readiness.
Should you be impacted, you can trigger the respective scenario and your organisation will have a structured, tested and efficient process at your disposal. Through Crisis Management, ServiceNow BCM minimises disruptions, enables swift recovery, and safeguards continuous business operations. Thanks to that it can ensure resilience in the face of unforeseen events.
Conclusion
Do not wait for the next crisis – contact us today! Devoteam, leveraging ServiceNow’s comprehensive suite of products, can help you to implement and automate processes. This will ensure proper controls are in place, improving your digital resilience and limiting the impact of the next crisis.