Considering the impact to your business

Major impacts to IT systems can cause significant business disruption in activities related to customers, partners or employees. Disruptions can happen from a catastrophic systems failure, an accident, a disaster or a simple mis-configuration. Once a disruption occurs, the results can lead to loss of market share, reputation loss and compliance or regulatory fines, all of which may represent a significant financial loss.

By identifying the most crucial business processes and supporting applications that exist in your environment—whether it's sales, marketing, manufacturing, operations, HR or supply chain—the processes in each of these areas are assigned a risk profile. This is called a business impact analysis (BIA).

What is BIA?

The BIA predicts the consequences of disruption of a business function and associated processes, while gathering information needed to develop recovery strategies. Potential loss scenarios are identified during an assessment. 

Operations may also be interrupted by the failure of a supplier of goods/services or delayed deliveries. Identifying and evaluating the impact of disasters on business provides the basis for investment in recovery strategies, as well as investment in prevention and mitigation strategies.

Once costs are assigned, we determine the restoration priority and time required to recover the processes and applications—minimizing the risk of business disruption. The BIA then calculates the cost of downtime, utilizing inputs from your financial teams as a critical part of justifying the ultimate solution.

Traditional process involving BIA
Traditional process involving BIA

The BIA can be paired with application dependency mapping, business process improvement and operational readiness assessments to help provide a comprehensive view and determine the most impactful items to focus on: technology, process and/or people.

What we have heard from our customers

We regularly hear customers talking about a desire to become more efficient when backing up their environment; considering using a multicloud environment to solve their disaster recovery and backup needs; and fearing that they may not be able to meet regulatory compliance goals in the financial services, healthcare, life sciences or manufacturing industries.

These are the keys to those conversations:

  • We are considering moving to a multicloud solution for our IT environment.
  • We are considering new storage vendors to help support our IT environment.
  • We need to define a new backup strategy to ensure compliance.
  • We are not able to meet our recovery point objectives (RPO) or recovery time objectives (RTO).
  • We need to certify our environment based on compliance requirements.

All of these questions point to the need for a comprehensive strategy to ensure long-term success in the business. At the high level, you want to achieve—business continuity/disaster recovery (BC/DR) capability, active / active hybrid cloud, or a software-defined data center (SDDC) solution—but may lack the knowledge and skill required to develop a business case, understand the recovery classifications, understand the dependencies to develop a proper architecture and understand the financial implications of downtime. Below are the steps that should be taken to ensure success:

  • Business impact analysis and disaster recovery planning
  • Enterprise architecture vision and strategy
  • IT transformation and cloud readiness assessment
  • Value stream mapping
  • Automation and orchestration planning
  • IT asset and change management

An example

A valued customer needed help building a business case to develop a highly available second "hot" site with a tertiary DR site. The need was exposed when they caused extended outages during maintenance periods. Their desire was to be able to move workloads, at will, with little to no downtime in order to provide nonstop services to their customers. 

They tried to get approval to make everything highly available, but did not have the business justification to spend the money, and the board of directors turned down the expenditure. To provide a proper business case and develop a highly available strategy with a DR capability, the following BIA actions were performed:

  • Discovery of what applications were mission critical
  • Discovery of downtime and data loss requirements
  • Review of financial implications for downtime
  • Discovery of recovery sequencing
  • Discovery of application dependencies to create a proper high availability solution
  • Discovery of partners ability to enable "hot" secondary site
  • Discovery of network resources
  • Recommendations to achieve highly available and DR capabilities

We also surveyed the physical inventory of two geographically separated sites and identified the following:

  • Inventory to be used by customer to update ServiceNow CMDB (IT asset management)
  • Application dependency mapping to capture all associated applications required to support mission critical and all other applications
  • Strategy development of architecture to support highly available capability and next generation DR capability
  • Second "hot" site to be used for fail over with little to no downtime
  • DR site to be used to recover from corruption of primary site and secondary site
  • Bill of material to realize new architecture
  • Financial and technical data for business case to present to board of directors

Get started with BIA

With a WWT BIA assessment, we are able to identify and analyze your business functions in order to align IT appropriately with the business. Request an assessment to start the conversation with our experts.