Free Newsletters




   
CIO magazine chief information officer ERP IT strategy research analysis business technology e-business CRM customer relationship management e-business enterprise resource management leadership
CIO.com
About
Search
Awards Programs
Subscribe
Magazine
Current
Previous
Print Links
Newsletters
CIO Store
CIO Conferences
CIO Executive Council
Blogs
News Alerts
CEO Reading
IT Strategy
Tech Linkletter
Tech Policy
Viewpoints
Experts
Alarmed
Analyst Corner
Beneath the Buzz
Consultant Briefing
Higher Learning
In the Know
Leading Questions
Weigh-In
Discussion Forums
Career
CIO Wanted
Counselor
IT Events Calendar
Movers & Shakers
Research & Polls
CIO Research Rpts
Quick Poll
Tech Poll
Reports & Guides
CIO Bookmark
Reading Room
Special Reports
Compliance
RITLAB
State of the CIO
Webcasts
White Papers
About Us
Advertise at CIO
Conference Info
Editorial Calendar
Editorial Staff
List Services
News Bureau
Reprints
Sales
Related Sites
CSO
CMO
Darwin
IDG Network
Feedback to CIO
© CXO Media Inc.
subscribe to CIO Magazine



Home > CIO Metrics
Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Regulatory Resource / Sectors

Operational Resiliency: Getting to Recovery Faster

By Thomas Schmidt

Interest in operational resiliency, a key element of business continuity planning, is intensifying. In business terms, operational resiliency represents an organization’s ability to protect its critical assets and keep its critical business processes and services up and running, even in the face of a disruption or security event.

Operational resiliency has been a particular focus of the Financial Services Technology Consortium (FSTC). As part of its ongoing efforts to help organizations deal with business continuity issues, the FSTC has been working with Carnegie Mellon’s Software Engineering Institute to develop a resiliency model.

“Operational resiliency and effective risk management are board-level issues affecting shareholder value,” the FSTC has observed. “Management disciplines such as business continuity, information security and operations have become a strategic focus and management priority. Organizations have elevated these disciplines and are increasingly active in pursuing new innovations to manage operational risks.”

This article looks at how operational resiliency is helping financial institutions adapt to changing risk environments while at the same time encouraging them to take a more holistic approach to their operations.

Learning from recent events
The emergence of operational resiliency as a vital concern of the financial services industry can be attributed to a number of factors. To begin with, the risks the industry faces today are often more daunting than the natural disaster scenarios that formed the basis for most continuity planning in the past. Carefully targeted physical and cyber attacks are becoming an increasingly prevalent source of risk (and are far more difficult to manage).

At the same time, recent catastrophic events, such as terrorist attacks, hurricanes, power outages and tsunamis have disrupted the flow of business on a global scale. In addition, increasing regulatory requirements have created a new environment in which security must be effective and efficient.

Simply put, how do we protect the functions of the business with a minimum of pain?

To answer those questions, as the FSTC has observed, financial institutions can’t rely on the ad hoc approaches of the past.

“Simply put, new tools and methodologies are needed to consistently manage risk, improve our processes and keep costs under control,” the FSTC has stated.

A model approach
The resiliency model being developed by the FSTC and Carnegie Mellon is specifically designed to:

  • Identify and prioritize risk exposures
  • Define a process-improvement road map
  • Measure and facilitate strategic planning
  • Address interdependencies
  • Promote proactive regulatory compliance

Charles Wallen, managing executive of the FSTC’s Business Continuity Standing Committee, told Bank Systems & Technology when the Resiliency Model Project was launched: Banks have been impeded from achieving uniform resiliency because of their “siloed” operating environments.

“We want to look at resiliency and operational risk areas holistically so that we see information security, business continuity and IT management together,” Wallen said.

Recently, the FSTC and Carnegie Mellon announced the availability of the Resiliency Engineering Framework, which provides a road map enabling organizations to establish, manage and evaluate operational resiliency.

The framework consists of more than 20 capability modules, and organizations can implement as few or as many as their needs require. According to the FSTC and Carnegie Mellon, “benchmarking against the framework will help organizations optimize their operational resiliency investments, make objective peer-to-peer comparisons in their industry sector and select capable third-party suppliers.”

Simplify, simplify
Operational resiliency is making inroads in the financial services industry for another reason as well: Its potential to help reduce complexity and costs in the data center.

As every data center manager knows, the amount of data generated by data center applications is exploding and much of it must be protected, as a result of new privacy and government regulations, and retained for longer periods of time. These constant pressures are, in turn, the main reasons for many institutions to implement so-called “green” strategies. For them, it’s beyond environmental concerns -- it’s about meeting business goals and reducing costs. And that’s where operational resiliency can play a part.

Part of the appeal of operational resiliency is the potential to simplify operations, to decrease complexity, experts say. Increased complexity can also result when financial institutions merge and wholly unrelated systems are forced to work together. That was the case with Clearstream International/Deutsche Börse Group, which offers settlement and custody services to more than 2,500 financial institutions worldwide.

Numerous acquisitions over the years had resulted in a heterogeneous and complex IT environment at the company. Because of the lack of server cluster and storage integration, it was estimated that it would take up to two hours to recover from a cluster failure. This was unacceptable in Clearstream’s critical real-time business. Instead, Clearstream turned to a high-availability clustered solution, based on Veritas Cluster Server and integrated with Veritas Storage Foundation for Oracle and Veritas Storage Foundation for Oracle RAC.

“In one of our most complex applications, we recently experienced a node failure on one of the clusters and were able to fail-over the system in only a few minutes,” said Yves Baguet, Managing Director of Technology at Clearstream. “This is in comparison with the couple of hours it used to take.”

Conclusion
Operational resiliency refers to an organization’s ability to adapt to changing risk environments and to manage the risk that is inherent in day-to-day operations. Interest in operational resiliency is on the rise because escalating physical and cyber threats, complex technologies, interdependent supply chains and the global marketplace are making the job of managing disruptions increasingly difficult.

 

Thomas Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.

CIO Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Sectors
Law
Tactics
Related Content

Features

View More


Metrics

View More

Fast Fact

“Operational resiliency and effective risk management are board-level issues affecting shareholder value. Management disciplines such as business continuity, information security and operations have become a strategic focus and management priority. Organizations have elevated these disciplines and are increasingly active in pursuing new innovations to manage operational risks.”
--The Financial Services Technology Consortium
Sponsor Tools

Resources

White Papers

View More


Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Preparing for a Disaster
Playtime: 8 min 07 sec



Download | Subscribe

Copyright © 2009 Studio One Networks. All rights reserved.





Advertisers



Free Newsletters
Sponsor Content
 Domains
Compliance CIO Partner Domain for I.T. Productivity
The domain for everything you need to assess, measure and improve
IT Productivity within your organization, Whitepapers, Books, Research, Benchmarking tools and lots more.
 Webcasts
Compliance Failure is not an option: Why online compliance and security can’t wait.
Compliance BI Standardization: Attend our virtual conference for real advice.
Compliance Getting Smart about Offshoring: How Visual Simulation Gets It Right the First Time
Compliance Turning Best Practices to Best Projects
Compliance Securing Enterprise Data In An Unsecured World
Compliance A New Game—The Fast Emerging World of IP Convergence
Compliance All CIO Webcasts
 White Papers
Compliance Organizations Shift Focus to Information Management
Compliance Tera-Scale Data Warehouse Appliances Overcome the Technology Bottleneck
Compliance Knowing the Risk
Compliance Why Asset Management and Discovery are Core Contributors to Effective Business Service Management
Compliance Start your ERP upgrade with a distinctive master data advantage
Compliance Putting your Spend Data Warehouse on steroids
Compliance All CIO White Papers

IDG ENTERPRISE NETWORK

NetApp launches expanded NAS line - Infoworld Staff
IBM, BEA lay out new Java specs - Infoworld Staff
  »More  

Phishing scams rocket
Wi-Fi switches: breakthrough year, future fear
  »More  

Users get going on SP2 rollouts
Shark Tank: Just one more thing to remodel
  »More  

SPONSORED LINKS:
Align IT with business goals. Introducing PlanView Enterprise.
A data warehouse 10-50x faster at ½ the cost. Learn more!
How do you compare with 565 IT organizations?
For real advice on BI Standardization attend the Virtual Conference on Feb 22
Manage IT Change. Manage the Business. Free white paper.
Ten Principles for Knowledge Management Success" - Get the free white paper from ServiceWare
Audit the Data or Else: Un-audited data increases business risk Grid
See Qualcomm, EPL, and Deutsche Post on the Oracle Grid
Preventing Client/Vendor Mismatch: click here to learn more

Free Newsletters

Dated: March 01, 2005
http://www.cio.com/blog_view.html?ID=221

About CIO.com | Welcome | Privacy Policy | Terms of Service | Linking to us

CIO.COM complies with the ASME Guidelines with IDG extensions for new media.

CIO magazine chief information officer ERP strategy IT research analysis business technology management e-business knowledge management intranet CRM cio.com CRM customer relationship management e-business ERP enterprise resource management leadership management measuring IT value outsourcing supply chain

© 1994 - 2005 CXO Media Inc.

An International Data Group (IDG) Company



 HOME  CURRENT ISSUE  ARCHIVE   About CIO :: Advertise :: Subscribe :: Conferences 

Reprints, IDG Network, Privacy Policy

THE IDG NETWORK
CSO :: CMO :: Darwin :: Computerworld :: Network World :: Infoworld :: PC World :: Bio-IT World
IT Careers:: JavaWorld :: Macworld :: Mac Central :: Playlist :: GamePro :: GameStar :: Gamerhelp



Problems/complaints/compliments about this site can be sent to deiben@cio.com.