WO2001026007A1 - Method and estimator for providing business recovery planning - Google Patents
Method and estimator for providing business recovery planning Download PDFInfo
- Publication number
- WO2001026007A1 WO2001026007A1 PCT/US2000/027592 US0027592W WO0126007A1 WO 2001026007 A1 WO2001026007 A1 WO 2001026007A1 US 0027592 W US0027592 W US 0027592W WO 0126007 A1 WO0126007 A1 WO 0126007A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- business
- recovery
- developing
- business recovery
- plan
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/80—Management or planning
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Human Resources & Organizations (AREA)
- Strategic Management (AREA)
- Economics (AREA)
- Operations Research (AREA)
- Marketing (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Development Economics (AREA)
- Educational Administration (AREA)
- Game Theory and Decision Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A method for providing a business recovery planning function in an information technology organization delivering the tasks involved in building the business recovery planning function. The tasks include the planning (110), analyzing (3510), designing (2410), building (5550), testing (5590), and deploying (7170) of the business recovery planning system.
Description
METHOD AND ESTIMATOR FOR PROVIDING BUSINESS RECOVERY PLANNING
RELATED APPLICATIONS
This application claims the benefit of U.S. Provisional Application 60/158,259, filed October 6, 1999. This application is related to Application
Serial No. entitled Organization Of Information Technology
Functions", by Dove et al. (Attorney docket No. 10022/45), filed herewith. These applications are incorporated herein by reference in their entirety.
BACKGROUND OF THE INVENTION The biggest challenges in Information Technology ("IT") development today are actually not in the technologies, but in the management of those technologies in a complex business environment. From idea conception to capability delivery and to operation, all IT activities, including strategy development, planning, administration, coordination of project requests, change administration, and managing demand for discretionary and non- discretionary activities and operations, preferably are collectively managed. A shared understanding and representation of IT management is needed because today's technological and business environment demands it. The new technological management orientation should include ways for planning, assessing, and deploying technology within and across enterprises.
Businesses need to balance technological capability with enterprise capability in order to become, or stay, a modern organization that has a chance of survival.
There is a need, therefore, to construct a complete yet simple IT framework that would quickly convey the entire scope of IT capability in a functional composition. Such IT framework has to be a single framework for describing such IT management. The IT framework should be a framework of all functions; a representation of a complete checklist of all relevant activities performed in an IT organization. A single IT Framework should represent all functions operative in an IT organization.
Within that IT Framework, there is also a need for Risk Management that manages all functions aimed at identifying and securing enterprise assets against various forms of business interruption or loss. By marketing current IT service offerings, increasing customer satisfaction, and building stronger customer relationships, the IT enterprise can better service their business customer. A risk management capability becomes critical to the IT enterprise as competition to provide IT services begins to increase from outsourcers. Business recovery planning is a key function of risk management. Therefore, to meet this competition, there are needs for improved methods for providing business recovery planning and an estimator for doing so.
BRIEF SUMMARY OF THE INVENTION
The present invention is defined by the following claims, and nothing in this section should be taken as a limitation on those claims. By way of introduction, one embodiment of the invention is a method for providing a business recovery planning function that includes planning, designing, building, testing, and deploying a business recovery planning function for an
IT organization.
In one aspect of the preferred embodiment, the planning step includes developing a business recovery model for the business recovery planning. Preferably, the step of developing a business recovery model may further include defining project vision; assessing risks; and analyzing business impact.
In another aspect of the preferred embodiment, the designing step includes developing business recovery strategies for the business recovery planning function. Preferably, the step of developing business recovery strategies method may further include validating interruption and service levels; developing strategies for critical functions; developing strategies for critical resources; performing cost-benefit analysis; and identifying spin-off projects. In another aspect of the preferred embodiment, the building step includes developing policies and procedures for the business recovery
planning function. Preferably, the step of developing policies and procedures may further include developing plan components; developing component procedures; developing task responsibility matrix; defining maintenance approach; developing update procedures; and developing testing strategy. In another aspect of the preferred embodiment, the building step includes developing learning products for the business recovery planning function. Preferably, the step of developing learning products may further include developing learning materials; conducting training; and evaluating the training. In another aspect of the preferred embodiment, the building step includes acquiring recovery technology infrastructure for the business recovery planning function. Preferably, the step of acquiring recovery technology infrastructure may further include developing alternate site requirements; developing alternate site RFP; selecting alternate site vendor; and negotiating contracts.
In another aspect of the preferred embodiment, the testing step includes preparing and executing a business recovery product test for the business recovery planning function. Preferably, the step of preparing and executing a business recovery product test may further include preparing the recovery plan test; conducting the recovery plan test; and evaluating the recovery plan test.
In another aspect of the preferred embodiment, the deploying step includes deploying business recovery infrastructure for the business recovery planning function. Preferably, the step of deploying a business recovery infrastructure may further include publishing recovery plan; developing summary presentation; and providing continuing support.
Another aspect of the present invention is a method for providing an estimate for building a business recovery planning function in an information technology enterprise. This aspect of the present invention allows an IT consultant to give on-site estimations to a client within minutes. The estimator produces a detailed break down of cost and time to complete a project by displaying the costs and time corresponding to each stage of a project along
with each task. Another aspect of the present invention is a computer system for allocating time and computing cost for building a business recovery planning system in an information technology system.
These and other features and advantages of the invention will become apparent upon review of the following detailed description of the presently preferred embodiments of the invention, taken in conjunction with the appended drawings.
BRIEF DESCRIPTION OF SEVERAL VIEWS OF THE DRAWINGS
The present invention is illustrated by way of example and not limitation in the accompanying figures. In the figures, like reference numbers indicate identical or functionally similar elements.
Figure 1 shows a representation of the steps in a method for providing a business recovery planning function according to the presently preferred embodiment of the invention. Figure 2 shows a representation of the tasks for refining a business recovery model for the method represented in Figure 1.
Figure 3 shows a representation of the tasks for developing business recovery strategies for the method represented in Figure 1.
Figure 4 shows a representation of the tasks for developing policies and procedures for the method represented in Figure 1.
Figure 5 shows a representation of the tasks for developing learning products for the method represented in Figure 1.
Figure 6 shows a representation of the tasks for acquiring recovery technology infrastructure for the method represented Figure 1. Figure 7 shows a representation of the tasks for preparing and executing a business recovery product test for the method represented in Figure 1.
Figure 8 shows a representation of the tasks for deploying a business recovery infrastructure for the method represented in Figure 1. Figure 9 shows a flow chart for obtaining an estimate of cost and time allocation for a project.
Figures 10a though 10e show one embodiment of an estimating worksheet for an OM business recovery planning estimating guide.
DETAILED DESCRIPTION OF THE INVENTION
For the purposes of this invention, an information technology ("IT") enterprise may be considered to be a business organization, charitable organization, government organization, etc. that uses an information technology system with or to support its activities. An IT organization is the group and associated systems and processes within the enterprise that are responsible for the management and delivery of information technology services to users in the enterprise. In a modern IT enterprise, multiple functions may be organized and categorized to provide comprehensive service to the user. Thereby, an information technology framework for understanding the interrelationships of the various functionalities, and for managing the complex IT organization is provided. The various operations management functionalities within the IT framework include a customer service management function; a service integration function; a service delivery function; a capability development function; a change administration function; a strategy, architecture, and planning function; a management and administration function; a human performance management function; and a governance and strategic relationships function. Risk management plays an important role within the strategy, architecture, and planning function. Business Recovery Planning is a key component of risk management. The present invention includes a method for providing a business recovery planning function and an estimator useful for determining the times and cost to provide such a function.
Before describing the method and system for business recovery planning, some related terms are first described as follows:
Strategy, Architecture & Planning:
Strategy, Architecture & Planning is an important function within IT frameworks. This function creates a strategy and plan that outlines the overal
IT capability direction and initiatives as well as the common IT processes, organizations, applications, and technology architecture required to support desired business capabilities with optimal efficiency. This is accomplished by working with the enterprise and business unit strategy teams as well as analyzing technology industry trends. The Strategy, Architecture, & Planning function category provides technology guidance to the broader enterprise through the definition of common application and technology architecture blueprints.
The Strategy, Architecture, & Planning function category seeks to ensure that the information technology framework is aligned with the business and that there is maximum value, interoperability, and re-use of information technology initiatives. This function additionally evaluates, prioritizes, and plans for the recovery of critical business systems through the Risk Management function set. Important functions within Strategy, Architecture & Planning include strategic planning, capability planning, and risk management.
Risk Management:
Risk Management is an important function within Strategy, Architecture & Planning. Risk management encompasses all functions aimed at identifying and securing enterprise assets against various forms of business interruption or loss. Risk management links with other function categories, such as strategic planning and capability planning, to provide a Strategy, Architecture, & Planning function to an IT system. Following the industry's best practices, IT organizations focus on identifying and meeting the needs of the users to provide better quality customer service.
Risk management should include a risk mitigation strategy to develop people, processes, and technology directions to reduce security risks to an acceptable level. This strategy may include identification of asset and loss impact, identification and characterization of threat(s), identification and analysis of vulnerabilities, determination of risks and priorities, and selection of countermeasure security options. Risk management should include a
security planning function to develop tactical plans to secure environments in order of business priority, based on the risk assessment and risk mitigation strategy. This function may contain a quick wins identification function to identify the most egregious security holes that also have the minimum cost impact to the client. This function may contain a solution product analysis function to assess security components primarily for longer term solutions. Risk management should include a high availability planning function to develop and maintain contingency plans in support of the risk mitigation strategy. Risk management should include a business recovery function to develop a business recovery plan in the event of a significant or prolonged system failure.
Business Recovery Planning:
Business Recovery Planning is a key component of Risk Management. A business recovery planning function develops a business recovery plan in the event of a significant or prolonged system failure. This function is concerned with how to rebuild required services quickly in the event of a long- term outage that renders sites (remote or central) unusable. Some key responsibilities include plan development and maintenance; training and testing; deployment; disaster recovery; maintain disaster recovery strategy and plan; manage hot/cold site coordination; manage hot/cold site testing; and implement disaster recovery procedures. This framework uses Business Recovery to refer to the development of the strategy for recovering functional capabilities in the case of a major disruption or emergency. Disaster Recovery develops the strategy for recovering a system or a portion of the system in the event of a significant system failure caused by a major disruption or emergency. The following ten functions may be considered part of business recovery planning:
1. Risk Mitigation Strategy Confirmation:
This function identifies outage scenarios to be addressed by the recovery plan. The function develops preliminary recovery strategies across time, quantifies critical resources by function, and develops a recovery
timeline. The function also quantifies and qualifies appropriate recovery options and presents all findings to stakeholders.
2. Business Contingency And Resumption Plan Development:
This function identifies and selects alternative recovery sites. It also develops and documents an untested recovery plan and develops and documents appropriate recovery team procedures.
3. Technical Disaster Recovery Design:
This function designs the physical implementation of the hardware and processes recommended in the Risk Mitigation Strategy.
4. Business Recovery Maintenance Procedure Development:
This function develops business recovery plan update procedures, training materials, and task responsibility matrix.
5. Disaster Recovery Maintenance Procedure Development:
This function develops disaster recovery plan update procedures, testing strategy, training materials, and task responsibility matrix.
6. Disaster Recovery Plan Validation:
This function plans and conducts tests to evaluate the validity of the initial disaster recovery plan. It evaluates the test results and revises the disaster recovery plan if necessary. The disaster recovery plan is preferably regularly tested to ensure that the plan remains current.
7. Business Recovery Plan Training:
This function conducts training sessions with the business recovery team and awareness training with employees. The function evaluates the training based on feedback from these sessions.
8. Disaster Recovery Plan Training:
This function conducts training sessions with the disaster recovery team and awareness training with employees. This function evaluates the training based on feedback from these sessions.
9. Business Recovery Plan Approval:
This function creates a presentation to present to management to gain approval of the business recovery plan. Once approval is obtained, this function publishes the business recovery plan.
10. Disaster Recovery Plan Approval:
This function creates a presentation to present to management to gain approval of the disaster recovery plan. Once approval is obtained, this function publishes the disaster recovery plan.
Network Centric Environment: For the purpose of the present invention, the term "network centric" (or, netcentric) should be construed to cover various means of reaching out to customers and partners with computing systems and knowledge over a communications backbone, such as an intranet, extranet, or internet connection. It is valuable to have an understanding of a netcentric environment since carrying out the method of providing business recovery planning within this environment may take special considerations. To define netcentric properly, it is helpful to have a general understanding of a framework that describes the types of applications required in a netcentric computing system. Application logic is preferably packaged into components and distributed from a server to a client over a network connection between the client and server. The client has standardized interfaces so that an application can execute with a client that can run on multiple operating systems and hardware platforms. Further, the application components of the preferred netcentric computing system enable the netcentric computing systems to be adaptable to a variety of distribution styles, from a "thin client" to a "fat client."
Netcentric frameworks preferably support a style of computing where processes on different machines communicate using messages. In this style of computing, "client" processes delegate business functions or other tasks (such as data manipulation logic) to one or more server processes. Server processes respond to messages from clients. Business logic can reside on
both the client and server. Clients are typically personal computers (PC's) or workstations with a graphical user interface running a web browser. Servers are preferentially implemented on UNIX, NT, or mainframe machines. In netcentric computing systems, there is a preferred tendency to move more business logic to the servers, although "fatter" clients result from new technologies such as Java and ActiveX. In a netcentric environment, technology, people, and processes may be distributed across global boundaries and business functions/systems may involve multiple organizations. This will generally add complexity to the required systems.
The present invention is directed to providing or building an Operations Management ("OM") business recovery planning function. These specific tasks are described in reference to the Operations Management Planning Chart ("OMPC") that is shown on Figure 1. This chart provides the business integration methodology for capability delivery, which includes tasks such as planning analysis, design, build & test, and deployment. Each OM function includes process, organization, and technology elements that are addressed throughout the following description of the corresponding OM function. The method for providing a Business Recovery Planning function comprises four stages, as described below in connection with Figure 1. The first stage, "capability analysis stage" 102, includes the step of Refining Business Recovery Model 21 10. The second stage, "capability release design stage" 104, includes the step of Developing Business Recovery Strategies 2410. The third stage, "capability release build and test stage" 106, includes the steps of Acquiring Recovery Technology Infrastructure
5510, Developing Policies & Procedures 6220, Developing Learning Products 6260, and Preparing & Executing Business Recovery Product Test 5590. The fourth stage, "deployment" 108, includes the step of Deploying Business Recovery Infrastructure 7170. In the following description, the details of the tasks within each step are discussed.
Step 2110 - Refining Business Recovery Model
In step 21 10, the business model requirements for business recovery planning are defined. Current capabilities are defined, the scope of the delivery and deployment effort needed to upgrade the capability is determined, and risk assessment is developed. Figure 2 shows a representation of the tasks for carrying out these functions according to the presently preferred embodiment of the invention. These tasks include Defining Project Vision 21 12, Assessing Risks 21 14, and Analyzing Business Impact 2116. This task package is essentially a planning/high-level analysis step, and may actually occur as part of the planning phase of a larger business capability or operations architecture development project. The products of this step include project vision, capabilities analysis, impact analysis, and business risk assessment.
Task 2112: Defining Project Vision Task 2112 includes defining stakeholder values, defining core competencies, and developing shared project vision. For the project analysis to represent the business situation correctly, the organization's stakeholders preferably define the values of the enterprise and the reasons the project is important to the realization or continuation of those values. In addition, the future strategic direction of the organization will be affected by the performance of this project. The events and rationale leading to the project engagement are delineated so that the objectives of the project can be set and realized.
The identification of what the stakeholders believe to be their key competencies and capabilities will influence the stakeholders' perceptions of the organization's competitive advantages. However, there may be a disconnect between what the stakeholders believe are the critical entities and what the project analysis provides. Therefore, the tactical or operational activities and visions are highlighted so that they may be addressed further into the project. For the project to be a success, all parties to the engagement
preferably share a common vision as to the justification, objectives, and findings of the project.
Task 2114: Assessing Risks
Task 2114 includes documenting resource inventories, documenting existing controls, evaluating potential interruption, reviewing insurance coverage, documenting third party capabilities, and documenting avoidance and mitigation steps. This task involves the raw data gathering of the client environment included in the scope of the project. This includes documenting facilities and locations, specialty equipment, telecommunications equipment, system applications, data, and support personnel. This information will be utilized during Business Impact Analysis 2116 and Recovery Strategy Development 2410.
The way in which an organization has documented its business process (manual or automated) could place it at risk. If the documentation describing the business processes is old or nonexistent, restoring the process after a disaster may be extremely difficult or entirely impossible. Therefore, a thorough review of the organization's policy statements, business process controls, technology/information backup procedures, off-site storage procedures, change control procedures, and security controls will provide valuable insight into the amount of risk precipitated through a weak control structure.
An organization also faces risk due to its geographical location and the type of building it occupies. This task allows the project team to determine what environmental factors or threats could affect the normal operations of the organization if they were to occur, through an act of nature or an accidental or intentional act of a human. An observation will be made as to how the threat could occur, how much damage could be caused because of the occurrence, what controls are in place to avoid or mitigate the threat and its consequences, and the overall likelihood that the threat could, indeed, occur. Having adequate business interruption or liability insurance is also part of the arsenal required to deal with a business outage. Therefore, the project
team will preferably review the levels of insurance to determine what is and is not covered during the recovery and restoration process. Also, any gaps in the insurance coverage may serve as an additional risk or threat to the organization until the gap can be rectified or nullified. Integral to any assessment of organizational risk is an analysis of the support received from external third-parties during an emergency. If the support provided is inadequate, then the organization may be taking on an additional risk factor due to slow or poor response. Therefore, this step will allow the project team to assess the gap between what is currently being provided by external third-parties and what would be required in an emergency situation.
After all of the risk gaps have been identified, the project team will preferably prioritize the activities needed to avoid or mitigate the consequences of the potential risks or threats. Each recommended activity is quantified in terms of dollars and time so that management and stakeholders can select those which they determine will provide them with the most cost- effective return for avoiding or mitigating a potential risk.
Task 21 16: Analyzing Business Impact
Task 21 16 includes documenting the business environment, analyzing business functions, determining potential work-arounds, evaluating business resources, performing impact analysis, and obtaining management approval. To understand fully the extent of the business operations under study, the business process drivers preferably are reviewed and incorporated into the other steps of the project. The more information the project team can assimilate, the better the opportunity to develop and implement a recovery plan that is in tune with the organization's business processes, aspirations, and culture.
When the business environment has been documented, completed surveys are returned for review and analysis. All of the data is compiled according to the way it was recorded on the survey. Initial analysis will typically show that some subjectivity and bias have filtered through.
Therefore, interviews should be scheduled with the appropriate personnel to validate, reinforce, or expand upon the answers provided. At the completion of this step, the project team receives its first glimpse of the truly critical business functions required to continue business operations during an emergency situation.
Critical business functions may have contingency or work-around procedures that are activated when the usual system resources are not available for use. Work-arounds can extend the time before technical recovery steps are needed. These work-arounds can take the form of hard copy forms, rerouting work to another location, etc. This task documents the work-arounds, how soon they are activated, and how long they can be effectively utilized.
Information gained from the survey will also show what the respondents believe to be the critical resource set. The quantity and type of critical resources should then be compared and contrasted with the total number on hand. These critical resources represent what management believes to be the bare minimums needed to continue business operations in an emergency situation.
Once this information has been analyzed, the tangible and intangible impacts are quantified and qualified to determine the increasing level of harm to the organization as an emergency extends through time without being eliminated or held in check through avoidance, mitigation, or recovery steps. A resulting graphical display highlights the organization's financial position over time if nothing is done to counteract the consequences. This then allows the project team, in conjunction with management and stakeholders, to determine whether a recovery strategy should be invoked due to time of outage or amount of dollars lost.
In a netcentric environment, additional complexity may contribute to the business recovery process in several ways:
Ownership- When information is shared between multiple organizations, the questions of information ownership can introduce
challenges into business recovery planning. Agreements with extranet partners that define ownership in business recovery scenarios become desirable.
Communication- The communication plan for business recovery should consider global users and extranet partners.
Loss of Data/Business Transactions- Recovery of netcentric-based transaction information for internet/extranet users should be considered.
Legal Impacts- organizations should consider international legal requirements regarding access to, reporting on, and loss of business information due to a business interruption.
Internet Service Providers (ISPs)- ISPs should build adequate recovery mechanisms. As ISPs offer desirable connections to the Internet, it is important that business recovery plans are incorporated into their own network infrastructure to protect ISP customers from service outages. Business recovery capabilities should be assessed during all ISP selection efforts.
To conclude this task 2116 and the "capability analysis stage" 102, the project team presents the total findings of risk to management and stakeholders for their concurrence 110. The approval of the risks and their anticipated impacts will formulate the basis for the development of recovery strategies in the next step of the project. In the "capability release design stage" 104, business recovery strategies are developed by function 2410.
Step 2410 - Developing Business Recovery Strategies
In step 2410, the strategies for critical functions and resources included in the scope of the project are designed, and any related projects that may be required to effectively implement the overall strategy are identified. Figure 3 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. These tasks include Validating Interruption and Service Levels 2411 , Developing Strategies for Critical Functions 2412, Developing Strategies to Recover Critical Resources
2413, Performing Cost/Benefit Analysis 2414, and Identifying Spin-Off
Projects 2415. The products of this step include business recovery strategies and spin-off projects.
Task 241 1 : Validating Interruption and Service Levels Task 2411 includes the revalidation of the outage scenarios to be addressed, confirmation of the outage windows which the critical functions can tolerate over time, and identification and documentation of the levels of service that need to be provided for each function during an emergency. These three items will drive the strategies, developed in tasks 2412 and 2413, to recover the critical functions and resources within the organization.
Task 2412: Developing Strategies for Critical Functions
Task 2412 includes identification of the recovery priorities and time frames of the critical functions as they correlate to the outage scenarios. Depending on the outage scenario in question, functional criticality may vary. The recovery strategies will typically center around the timing and makeup of functional activities in relation to their distance in time from the point of the disruption. Finally, a disaster declaration table will be produced which will approximate the factors leading to a recovery decision as time advances, before a point is reached where recovery is no longer viable or effective.
Task 2413: Developing Strategies for Critical Resources Task 2413 includes determining resource recovery strategies. As a critical business function is being restored, its corresponding resource set preferably is restored at the same time so as to ensure recoverability of the previously agreed-to functional service level. To guarantee timeliness and cost-effectiveness, the resource recovery strategies will be determined by selecting the method of recovery (pre-determination, pre-arrangement, or redundancy) which best fits the functional requirements in the given outage scenarios. Additionally, a resource recovery timeline will be developed.
Task 2414: Performing Cost/Benefit Analysis
Task 2414 includes selection of the most opportune recovery strategies and time frames based on the corresponding benefits. All of the previously identified recovery strategies, tables, and timelines are quantified in terms of dollars and time. The resulting matrix highlights the most cost-effective and appropriate recovery options (tactics) available to management. These options will then be selected and finalized for management approval.
Task 2415: Identifying Spin-Off Projects
Task 2415 includes identifying ancillary projects which would aid the organization's recovery effort in some fashion. This may occur throughout the risk assessment (21 14) and recovery strategy development phases (2412, 2413) of the project. At this point, the projects are quantified and prioritized for management approval.
To conclude the "capability release design stage" 104 and the recovery strategy development step 2410 of the project, the project team presents the recommended recovery strategies for management and stakeholder approval 112. This action will, in turn, determine the recovery tactics utilized in the development and implementation of the actual recovery plan. In the third stage, the "capability release build and test stage" 106, the recovery plan is developed by functions 6220, 6260, and 5510 and then tested by function
5590.
Step 6220 - Developing Polices & Procedures
In step 6220, policies and procedures are developed. The method of the present invention includes producing a finalized, detailed set of new policies, procedures, and reference materials; documenting user procedures in enough detail to enable smooth execution of new business recovery planning tasks; and developing the process for plan maintenance and support. Figure 4 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. The tasks include Developing Plan Components 6221 , Developing
Component Procedures 6222, Developing Task Responsibility Matrix 6223, Defining Maintenance Approach 6224, Developing Update Procedures 6225, and Developing Testing Strategy 6226. The products of this step include recovery policies and procedures, recovery plan components, and maintenance policies and procedures.
Task 6221 : Developing Plan Components
Task 6221 includes developing a Response Plan. The Response Plan is the first document that should be referred to during an emergency. This document is divided into smaller plans or sections that address emergency response procedures, escalation plans, notification plans, disaster declaration plans, and the Crisis Management Center plan. Each of these plans has a particular purpose and set of procedures that are to be followed. The purpose of this task is to identify and document those plans. The necessary procedures are developed by the tasks 6222-6225 and are then tested by task 6226.
Task 6222: Developing Component Procedures
Task 6222 includes developing assessment procedures, mitigation procedures, operational procedures, restoration procedures, and recovery team procedures. Assessment determines the extent of damage caused by the disaster.
This information is used by management to determine which, if any, recovery options are necessary. Once these options have been initiated, further assessment is required which will allow management to determine the requirements for restoring the damaged site and whether it is restorable. This task focuses on developing the procedures that are required to perform an accurate damage assessment to provide information for management decisions.
Also in this task, procedures for mitigating critical resources and establishing their operation at an alternate site will be developed. These procedures will aid in the effective recovery of the critical resources and may provide for a minimum of losses to the critical business functions.
Once all of the resources have been recovered at the alternate site, the organization will preferably have a schedule for operating the critical functions. This schedule will document how available resources should be used to support these critical functions. The documentation produced will include staffing and operating schedules.
While the critical functions are being performed at the alternate site, steps can be undertaken to restore the permanent site. Procedures will be developed to begin restoration of the damaged site or selection of a new site based on the assessment of the damage. Recovery team members preferably know what their responsibilities are, who they are to contact, and where they should report to perform their tasks. All of the procedures that were identified in the previous development steps will be grouped and organized for the particular team that will perform them.
Task 6223: Developing Task Responsibility Matrix
Task 6223 includes documenting the maintenance responsibility for each developed procedure. The matrix identifies who is responsible for the procedure, how often the procedure should be reviewed, and the last date the procedure was updated.
Task 6224: Defining Maintenance Approach
Task 6224 includes identifying and documenting the organizational triggers which could require changes to the recovery plan. These triggers could include functional reorganizations, new product development, hardware and software upgrades and conversions, telecommunication expansion, outsourcing, corporate mergers or downsizing, etc..
Task 6225: Developing Update Procedures
Task 6225 includes developing materials to provide the organization with the procedures to update the business recovery plan. Based on the triggers identified in task 6224, procedures are defined to guide the submission of changes and the application of those changes to the plan. The
procedures developed are then incorporated into formal change control procedures in existence at the organization.
Task 6226: Developing Testing Strategy Task 6226 includes developing specific strategies to guide the organization in testing the plan as constructed by tasks 6221-6225. The strategies outline what components of the plan to test, which components should be tested together, what levels of testing should occur, and how often the components should be tested. The product of this task will be used in the Recovery Plan Testing phase 5590 for guidance each time a test is conducted. Criteria are developed for use in evaluating the results of the test and assessing its validity. This is also a checkpoint to review the untested business recovery plan and associated maintenance procedures with the stakeholders.
Step 6260 - Developing Learning Products In step 6260, learning objectives and learning activities are defined, the learning approach and requirements are translated into finalized learning products, and training is conducted for all target audiences. This task package should be completed prior to the Product Test 5590, so that personnel with ongoing business recovery responsibilities may participate in the testing process. Figure 5 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. The tasks include Developing Learning Materials 6261 , Conducting Training 6265, and Evaluating Training 6269. The products of this step include learning products and learning test model.
Task 6261 : Developing Learning Materials
Task 6261 includes developing training material for three purposes. The first is to provide background information on business recovery planning for the various audiences. The second is to educate the team members on the structure of the Response Plan document and their role in the Plan. The
third is to provide scenario-based exercises that familiarize the team members with the recovery procedures while also teaching the team to work together.
Task 6265: Conducting Training
Task 6265 includes conducting recovery team training, conducting staff awareness training, and conducting management training.
Recovery team training is done to prepare the key business recovery planning team members to execute the business recovery plan. A combination of awareness training and hands-on exercises prepare the team members for their roles in executing the Response Plan. Staff awareness training is conducted to give staff at the organization knowledge of the business recovery plan. The training should teach staff how to recognize and report potential threats, as well as how to respond to these threats, and what their responsibilities will be during recovery. Finally, this training should teach participants to identify updates which may be required to the plan and the procedures for initiating those updates.
Management has a key role in ensuring that the business recovery plan is workable and is kept up to date. This includes staff compliance with change control processes and participation in plan exercises. Management training will highlight these points and also the importance of their decision making role during a crisis.
Task 6269: Evaluating Training
Task 6269 includes evaluating the training after each session. Any changes identified should be approved and then applied to the training program. Since the recovery plan is constantly being updated to reflect current conditions, it is important to be sure that the training materials are also up to date, and that the staff and team members are benefiting from their training.
The following netcentric considerations may influence processes and procedures in a business recovery planning function. With additional global partners involved to support the business function, the processes to
update/maintain business recovery documentation may become more complex, and procedures of a business recovery plan may have to be documented in multiple languages. Processes to communicate to a global organization and global anonymous users in the event of a disaster may become more complex. Processes to identify, test, and reestablish interfaces and jobs between dispersed systems may become more complex. Research may be needed to ensure all international netcentric legal requirements are met by the business recovery plan.
Step 5510 - Acquiring Recovery Technology Infrastructure In this step, the arrangements for any alternate site processing facilities which may be needed in the event of a business interruption are planned and executed. If choices are available, it will be decided who will supply the facilities and services and how they will be supplied. Figure 6 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. These tasks include
Developing Alternate Site Requirements 5511 , Developing Alternate Site RFP 5513, Selecting Alternate Site Vendor 5515, and Negotiating Contracts 5517. The products of this step include hot-site vendor selection and contract.
Task 5511 : Developing Alternate Site Requirements Task 5511 includes documenting and prioritizing the organization's requirements for alternate sites. This should be done before submitting a Request For Proposal (RFP) to third-party vendors. The documentation would include minimum requirements for hardware, software, telecommunications, workstations, and specialized services. These requirements would include additional capacity for the above as required at critical time periods (1 hour, 4 hours, 24 hours, etc.). The requirements should be reviewed with management.
Task 5513: Developing Alternate Site RFP
Task 5513 includes preparing a form letter to the selected vendors that documents the required resources and services, and the time periods within
which they are preferably provided as determined by 551 1. The form letter, the RFP, also requires vendor pricing for services. The RFP should state the deadline for vendor response. A list of reputable vendors should be compiled based on prior experience with the vendors or trade journal surveys.
Task 5515: Selecting Alternate Site Vendor
Task 5515 includes mapping the vendor responses to the requirements as given in the RFP and selecting the most cost-effective solution. This is preferably done with a grid showing the prioritized requirements on one axis and each vendor on the other axis. It should be expected that follow-up calls will be necessary to clarify responses that are not clear or do not address the stated requirements. The findings and recommendations should be reviewed with the sponsoring organization.
Task 5517: Negotiating Contracts
Task 5517 includes assisting in vendor negotiations. While the organization may have its own staff that specializes in vendor negotiations, assistance may be appropriate in some cases. In other cases, the project's scope may include negotiation and contract review.
Step 5590 - Prepare & Execute Business Recovery Product Test
In this step, all the elements of the business recovery plan (as developed in 6220, 6226, and 5510) are ensured to be accurate and to function as designed. Figure 7 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. These tasks include Preparing the Recovery Plan Test 5591 , Conducting the Test 5593, and Evaluating the Test 5595. The products of this step include recovery plan test method.
Task 5591 : Preparing the Recovery Plan Test Task 5591 includes planning carefully for the test. This includes evaluation of what should be tested, how it should be tested, who the test should involve, and what the expected results would be. If the recovery plan is properly tested, the risk of failure after an actual disaster is significantly
reduced. Deficiencies encountered in previous tests are prime candidates for follow-up testing. This task covers all of the preparatory tasks for a test. A Test Coordinator is responsible for the planning, monitoring, and post-test evaluation.
Task 5593: Conducting the Test
Task 5593 includes briefing the test team about the test (unless it is an unannounced test) and then executing the test. As the test is conducted, documentation should be produced for evaluation following the test. A key rule in any test is to stick to the script and utilize only the documentation and resources that are available from expected sources and locations.
Task 5595: Evaluating the Test
Task 5595 includes conducting a post-test evaluation. This evaluation should reveal any oversights that may exist in the plan and verify that the recovery plan can be executed effectively. This is accomplished by a review of the test logs, expected outputs, and deviations from plan procedures. A final evaluation is written by the Test Coordinator and includes action plans that address deficiencies in the plan procedures. The recovery plan should be updated to correct the deficiencies. Deficiencies encountered during the test may reflect a lack of understanding of roles in the recovery process or unfamiliahty with plan procedures. These can be addressed by changes to the recovery plan training program.
Some areas of consideration for a business recovery product test 5590 within a netcentric environment include ensuring any extranet scenarios are tested in a business recovery environment. There may be multiple systems shared by various partners dispersed throughout the globe supporting multiple business functions, and testing the point in time interfaces between these systems can be challenging.
To conclude the "capability release build and test stage" 106 of the project, the test findings and recommendations are presented to the stakeholders for their approval 1 14. This task is very desirable for maintaining
management awareness of and commitment to business recovery planning efforts. In the fourth stage, the "deployment stage" 108, the business recovery infrastructure is deployed by function 7170.
Step 7170 - Deploying Business Recovery Infrastructure In this step, the plan is finalized and distributed, and arrangements are made for ongoing support. Figure 8 shows a representation of the tasks for carrying out these functions, according to the presently preferred embodiment of the invention. These tasks include Publishing the Recovery Plan 7171 , Developing Summary Presentation 7173, and Providing Continuing Support 7175. The products of this step include the recovery plan.
Task 7171 : Publishing the Recovery Plan
Task 7171 includes developing the final version of the recovery plan following the product test. If the plan is fairly short, complete copies may be distributed to all appropriate personnel. Large plans can be broken down to a level where team members receive only the introductory material and procedures relevant to their tasks. This is especially true of emergency response plans. Distribution of plans should be controlled by a coordinator to ensure that copies go to the right people and locations.
Task 7173: Developing Summary Presentation Task 7173 includes preparing a formal presentation which should be given to senior management of the organization. The presentation should explain the work which was done as well as the content of the recovery plan. Visual aids and handout documentation should be used to support the presentation. Following the formal recovery plan presentation, senior management will be asked to approve the recovery plan. This sign-off should be documented in a cover letter inserted at the front of the master copy of the recovery plan.
Task 7175: Providing Continuing Support
Task 7175 includes the finalization of a schedule for future testing of plan components. This would include test time frames and objectives.
Following initial testing and deployment, a second test should typically be scheduled within twelve months. The schedule should be cleared with alternate site vendors to ensure they can accommodate the test requirements. The plan coordinator should ensure that the procedures for maintaining the recovery plan, which were developed in step 6220 (specifically tasks 6224 and 6225), are followed on a regular basis. Also, if components of the plan become obsolete due to environmental or other changes, the plan coordinator should recommend to management that a project be set up to formally revise the plan using the processes outlined in these task packages.
In addition to the method for providing the business recovery planning function the present invention also includes a method and apparatus for providing an estimate for building a business recovery planning function in an information technology enterprise. The method and apparatus generate a preliminary work estimate (time by task) and financial estimate (dollars by classification) based on input of a set of estimating factors that identify the scope and difficulty of key aspects to the function.
Previous estimators only gave bottom line cost figures and were directed to business rather than OM functions. It could take days or weeks before an IT consultant produced these figures for the client. If the project resulted in a total cost either above or below the projected estimate, there was no way of telling who or what was responsible for the discrepancy. Therefore, a need exists for an improved estimator.
Figure 9 is a flow chart of one embodiment of a method for providing an estimate of the time and cost to build a business recovery planning function in an information technology organization. In Figure 9, a provider of a business recovery planning function such as an IT consultant, for example Andersen Consulting, obtains estimating factors from the client 202. This is a combined effort, with the provider adding expertise and knowledge to help in determining the quantity and difficulty of each factor. Estimating factors represent key business drivers for a given OM function. Table 1 lists and
defines the factors to be considered along with examples of a quantity and difficulty rating for each factor.
As an illustration of a preferred embodiment of the invention, the provider determines an estimating factor for the number of business functions 202 with the help of the client. Next, the difficulty rating 204 is determined. Each of these determinations depends on the previous experience of the consultant. The provider or consultant with a high level of experience will have a greater likelihood of determining the correct number and difficulty ratings. The number and difficulty ratings are input into a computer program. In the preferred embodiment, the computer program is a spreadsheet, such as EXCEL, by Microsoft Corp. of Redmond, Washington, USA. The consultant and the client will continue to determine the number and difficulty ratings for each of the remaining estimating factors 206.
After the difficulty rating has been determined for all of the estimating factors, this information is transferred to an assumption sheet 208, and the assumptions for each factor are defined. The assumption sheet 208 allows the consultant to enter comments relating to each estimating factor and to document the underlying reasoning for a specific estimating factor.
Table 1
Next, the provider and the client review and adjust, if necessary, the personnel time staffing factors for allocations 216 for the seniority levels of personnel needed for the project. Referring to Figures 10a-e, these columns are designated as Partner - "Ptnr", Manager - "Mgr", Consultant - "Cnslt", and Analyst - "Anlst", respectively. These allocations are adjusted to meet project requirements and are typically based on experience with delivering various stages of a project. It should be noted that the staffing factors should add up to 1.
The consultant or provider and the client then review the workplan 218, and may optionally include labor to be provided by the client. In one embodiment, the workplan contains the total time required in days per stage and in days per task required to complete the project. Tasks may be aggregated into a "task package" of subtasks or activities for convenience. A worksheet, as shown in Figures 10a-e, may also be used for convenience.
This worksheet may be used to adjust tasks or times as desired, from the experience of the provider, the customer, or both.
Finally, a financial estimate is generated in which the provider and client enter the agreed upon billing rates for Ptnr, Mgr, Cnslt, and Anlst 220. The total estimated payroll cost for the project will then be computed and displayed, generating final estimates. A determination of out-of-pocket expenses 222 may then be applied to the final estimates to determine a final project cost 224. Preferably, the provider will review the final estimates with an internal functional expert 226. Other costs may also be added to the project, such as hardware and software purchase costs, project management costs, and the like. Typically, project management costs for managing the provider's work are included in the estimator. These are task dependant and usually run between 10 and 15% of the tasks being managed, depending on the level of difficulty. These management allocations may appear on the worksheet and work plan. The time allocations for planning and managing a project are typically broken down for each of a plurality of task packages where the task packages are planning project execution 920, organizing project resources 940, controlling project work 960, and completing project 990, as shown in Figure 10a.
It will be appreciated that a wide range of changes and modifications to the methods as described are contemplated. Accordingly, while preferred embodiments have been shown and described in detail by way of examples, further modifications and embodiments are possible without departing from the scope of the invention as defined by the examples set forth. It is therefore intended that the invention be defined by the appended claims and all legal equivalents.
Claims
1. A method for providing a business recovery planning function, the method comprising:
(a) planning for said business recovery planning function; (b) designing said business recovery planning function;
(c) building said business recovery planning function;
(d) testing said business recovery planning function; and
(e) deploying said business recovery planning function.
2. The method of claim 1 wherein said planning includes: (f) developing a business recovery model for said business recovery planning function.
3. The method of claim 2 wherein said developing includes at least one of the following:
(g) defining project vision; (h) assessing risks; and
(i) analyzing business impact.
4. The method of claim 1 wherein said designing includes:
(f) developing business recovery strategies for said business recovery planning function.
5. The method of claim 4 wherein said developing includes at least one of the following:
(g) validating interruption and service levels; (h) developing strategies for critical functions; (i) developing strategies for critical resources; (j) performing cost-benefit analysis; and
(k) identifying spin-off projects.
6. The method of claim 1 wherein said building includes:
(f) developing policies and procedures for said business recovery planning function.
7. The method of claim 6 wherein said developing includes at least one of the following:
(g) developing plan components;
(h) developing component procedures;
(i) developing task responsibility matrix;
(j) defining maintenance approach; (k) developing update procedures; and
(I) developing testing strategy.
8. The method of claim 1 wherein said building includes:
(f) developing learning products for said business recovery planning function.
9. The method of claim 8 wherein said developing includes at least one of the following:
(g) developing learning materials; (h) conducting training; and
(i) evaluating said training.
10. The method of claim 1 wherein said building includes:
(f) acquiring recovery technology infrastructure for said business recovery planning function.
1 1. The method of claim 10 wherein said acquiring includes at least one of the following: (g) developing alternate site requirements;
(h) developing alternate site RFP; (i) selecting alternate site vendor; and (j) negotiating contracts.
12. The method of claim 1 wherein said testing includes:
(f) preparing and executing a business recovery product test for said business recovery planning function.
13. The method of claim 12 wherein said preparing and executing includes at least one of the following:
(g) preparing said recovery plan test;
(h) conducting said recovery plan test; and (i) evaluating said recovery plan test.
14. The method of claim 1 wherein said deploying includes: (f) deploying business recovery infrastructure for said business recovery planning function.
15. The method of claim 14 wherein said deploying business recovery infrastructure includes at least one of the following:
(g) publishing recovery plan; (h) developing summary presentation; and
(i) providing continuing support.
16. A method for providing an estimate for building a business recovery planning function in an information technology organization, the method comprising: (a) obtaining a plurality of estimating factors;
(b) determining a difficulty rating for each of said estimating factors;
(c) generating a time allocation for building said business recovery planning based on said estimating factor and said difficulty rating; and
(d) generating a cost for building said business recovery planning based on said time allocation.
17. The method as recited in claim 16, wherein obtaining said estimating factor further includes receiving said estimating factors from a client.
18. The method as recited in claim 17, wherein said estimating factors include the number of at least one of business functions, existing plans, survey questions, surveys, business units, policy statements, backup procedures, off-site storage procedures, change procedures, interviews, critical functions, insurance policies, third-party vendors, outage scenarios, strategic options, recovery options, hot-site vendors, RFP responses, selected bidders, recovery teams, updating tools, measurement criteria, monitoring criteria, team sessions, staff participants, staff sessions, management participants, and management sessions.
19. The method as recited in claim 16, wherein said difficulty rating is selected from the group of simple, moderate, or complex.
20. The method as recited in claim 16, wherein said time allocation includes time allocated for a plurality of individual team members where said individual team members include at least one of partner, manager, consultant, and analyst.
21. The method as recited in claim 16, wherein said cost depends on said time allocation and a pay rate for said individual team member.
22. The method as recited in claim 16, wherein said cost is broken down for each of a plurality of stages for building said business recovery planning where said stages include at least one of plan and manage, capability analysis, capability release design, capability release build and test, and deployment stages.
23. The method as recited in claim 16, wherein said time allocation is used to generate a project work plan.
24. The method as recited in claim 16, wherein said pay rate is used to generate a financial summary of said cost.
25. The method as recited in claim 23, wherein said work plan is broken down for each of a plurality of stages for building said business recovery planning where said stages are plan and manage, capability analysis, capability release design, capability release build and test, and deployment.
26. The method as recited in claim 25, wherein said plan and manage stage is broken down for each of a plurality of task packages where said task packages are plan project execution, organize project resources, control project work, and project complete.
27. A computer system for allocating time and computing cost for building a business recovery planning function in an information technology organization, comprising: (a) a processor;
(b) a software program for receiving a plurality of estimating factors and difficulty rating for each of said estimating factors and generating a time allocation and cost for building said business recovery planning; and
(c) a memory that stores said time allocation and cost under control of said processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU79960/00A AU7996000A (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing business recovery planning |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US15825999P | 1999-10-06 | 1999-10-06 | |
| US60/158,259 | 1999-10-06 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2001026007A1 true WO2001026007A1 (en) | 2001-04-12 |
Family
ID=22567316
Family Applications (12)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2000/027593 WO2001026028A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing change control |
| PCT/US2000/027795 WO2001025876A2 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing capacity modeling and planning |
| PCT/US2000/027803 WO2001026013A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing service level management |
| PCT/US2000/027796 WO2001026010A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for production scheduling |
| PCT/US2000/027629 WO2001026008A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for event/fault monitoring |
| PCT/US2000/027801 WO2001026011A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing operation management strategic planning |
| PCT/US2000/027802 WO2001026012A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing storage management |
| PCT/US2000/027592 WO2001026007A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing business recovery planning |
| PCT/US2000/027518 WO2001026005A1 (en) | 1999-10-06 | 2000-10-06 | Method for determining total cost of ownership |
| PCT/US2000/027856 WO2001025970A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing operations maturity model assessment |
| PCT/US2000/027804 WO2001026014A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing service control |
| PCT/US2000/027857 WO2001025877A2 (en) | 1999-10-06 | 2000-10-06 | Organization of information technology functions |
Family Applications Before (7)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2000/027593 WO2001026028A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing change control |
| PCT/US2000/027795 WO2001025876A2 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing capacity modeling and planning |
| PCT/US2000/027803 WO2001026013A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing service level management |
| PCT/US2000/027796 WO2001026010A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for production scheduling |
| PCT/US2000/027629 WO2001026008A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for event/fault monitoring |
| PCT/US2000/027801 WO2001026011A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing operation management strategic planning |
| PCT/US2000/027802 WO2001026012A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing storage management |
Family Applications After (4)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2000/027518 WO2001026005A1 (en) | 1999-10-06 | 2000-10-06 | Method for determining total cost of ownership |
| PCT/US2000/027856 WO2001025970A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing operations maturity model assessment |
| PCT/US2000/027804 WO2001026014A1 (en) | 1999-10-06 | 2000-10-06 | Method and estimator for providing service control |
| PCT/US2000/027857 WO2001025877A2 (en) | 1999-10-06 | 2000-10-06 | Organization of information technology functions |
Country Status (4)
| Country | Link |
|---|---|
| EP (2) | EP1226523A4 (en) |
| AU (12) | AU1431701A (en) |
| CA (1) | CA2386788A1 (en) |
| WO (12) | WO2001026028A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11329896B1 (en) | 2021-02-11 | 2022-05-10 | Kyndryl, Inc. | Cognitive data protection and disaster recovery policy management |
Families Citing this family (38)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002048935A1 (en) * | 2000-12-11 | 2002-06-20 | Skill Development Associates Ltd | Integrated business management system |
| US7035809B2 (en) * | 2001-12-07 | 2006-04-25 | Accenture Global Services Gmbh | Accelerated process improvement framework |
| US7937281B2 (en) | 2001-12-07 | 2011-05-03 | Accenture Global Services Limited | Accelerated process improvement framework |
| US7761316B2 (en) | 2002-10-25 | 2010-07-20 | Science Applications International Corporation | System and method for determining performance level capabilities in view of predetermined model criteria |
| DE10331207A1 (en) | 2003-07-10 | 2005-01-27 | Daimlerchrysler Ag | Method and apparatus for predicting failure frequency |
| US8572003B2 (en) * | 2003-07-18 | 2013-10-29 | Sap Ag | Standardized computer system total cost of ownership assessments and benchmarking |
| US8566147B2 (en) * | 2005-10-25 | 2013-10-22 | International Business Machines Corporation | Determining the progress of adoption and alignment of information technology capabilities and on-demand capabilities by an organization |
| EP1808803A1 (en) * | 2005-12-15 | 2007-07-18 | International Business Machines Corporation | System and method for automatically selecting one or more metrics for performing a CMMI evaluation |
| US8457297B2 (en) | 2005-12-30 | 2013-06-04 | Aspect Software, Inc. | Distributing transactions among transaction processing systems |
| US8355938B2 (en) | 2006-01-05 | 2013-01-15 | Wells Fargo Bank, N.A. | Capacity management index system and method |
| US7523082B2 (en) * | 2006-05-08 | 2009-04-21 | Aspect Software Inc | Escalating online expert help |
| US20080208667A1 (en) * | 2007-02-26 | 2008-08-28 | Gregg Lymbery | Method for multi-sourcing technology based services |
| US20100312612A1 (en) * | 2007-10-25 | 2010-12-09 | Hugh Carr | Modification of service delivery infrastructure in communication networks |
| US8326660B2 (en) | 2008-01-07 | 2012-12-04 | International Business Machines Corporation | Automated derivation of response time service level objectives |
| US8320246B2 (en) | 2009-02-19 | 2012-11-27 | Bridgewater Systems Corp. | Adaptive window size for network fair usage controls |
| US8200188B2 (en) | 2009-02-20 | 2012-06-12 | Bridgewater Systems Corp. | System and method for adaptive fair usage controls in wireless networks |
| US9203629B2 (en) | 2009-05-04 | 2015-12-01 | Bridgewater Systems Corp. | System and methods for user-centric mobile device-based data communications cost monitoring and control |
| US8577329B2 (en) | 2009-05-04 | 2013-11-05 | Bridgewater Systems Corp. | System and methods for carrier-centric mobile device data communications cost monitoring and control |
| US20110066476A1 (en) * | 2009-09-15 | 2011-03-17 | Joseph Fernard Lewis | Business management assessment and consulting assistance system and associated method |
| US20110231229A1 (en) * | 2010-03-22 | 2011-09-22 | Computer Associates Think, Inc. | Hybrid Software Component and Service Catalog |
| WO2012057747A1 (en) | 2010-10-27 | 2012-05-03 | Hewlett-Packard Development Company, L.P. | Systems and methods for scheduling changes |
| WO2015126411A1 (en) | 2014-02-21 | 2015-08-27 | Hewlett-Packard Development Company, L.P. | Migrating cloud resources |
| WO2015126409A1 (en) | 2014-02-21 | 2015-08-27 | Hewlett-Packard Development Company, L.P. | Migrating cloud resources |
| US20170032297A1 (en) * | 2014-04-03 | 2017-02-02 | Dale Chalfant | Systems and Methods for Increasing Capability of Systems of Business Through Maturity Evolution |
| US9984044B2 (en) | 2014-11-16 | 2018-05-29 | International Business Machines Corporation | Predicting performance regression of a computer system with a complex queuing network model |
| US10044786B2 (en) | 2014-11-16 | 2018-08-07 | International Business Machines Corporation | Predicting performance by analytically solving a queueing network model |
| US10460272B2 (en) * | 2016-02-25 | 2019-10-29 | Accenture Global Solutions Limited | Client services reporting |
| CN106682385B (en) * | 2016-09-30 | 2020-02-11 | 广州英康唯尔互联网服务有限公司 | Health information interaction system |
| MX2020010922A (en) * | 2018-04-16 | 2021-01-08 | Cloudblue Llc | System and method for matching revenue streams in a cloud service broker platform. |
| CA3101836A1 (en) | 2018-06-01 | 2019-12-05 | Walmart Apollo, Llc | Automated slot adjustment tool |
| WO2019232434A1 (en) * | 2018-06-01 | 2019-12-05 | Walmart Apollo, Llc | System and method for modifying capacity for new facilities |
| US11483350B2 (en) * | 2019-03-29 | 2022-10-25 | Amazon Technologies, Inc. | Intent-based governance service |
| CN110096423A (en) * | 2019-05-14 | 2019-08-06 | 深圳供电局有限公司 | A kind of server memory capacity analyzing and predicting method based on big data analysis |
| US11119877B2 (en) | 2019-09-16 | 2021-09-14 | Dell Products L.P. | Component life cycle test categorization and optimization |
| MX2022005750A (en) * | 2019-11-11 | 2022-08-17 | Snapit Solutions Llc | System for producing and delivering information technology products and services. |
| US11288150B2 (en) | 2019-11-18 | 2022-03-29 | Sungard Availability Services, Lp | Recovery maturity index (RMI)-based control of disaster recovery |
| US20210160143A1 (en) | 2019-11-27 | 2021-05-27 | Vmware, Inc. | Information technology (it) toplogy solutions according to operational goals |
| US11501237B2 (en) | 2020-08-04 | 2022-11-15 | International Business Machines Corporation | Optimized estimates for support characteristics for operational systems |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5875431A (en) * | 1996-03-15 | 1999-02-23 | Heckman; Frank | Legal strategic analysis planning and evaluation control system and method |
| US6044354A (en) * | 1996-12-19 | 2000-03-28 | Sprint Communications Company, L.P. | Computer-based product planning system |
| US6131099A (en) * | 1997-11-03 | 2000-10-10 | Moore U.S.A. Inc. | Print and mail business recovery configuration method and system |
Family Cites Families (32)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4827423A (en) * | 1987-01-20 | 1989-05-02 | R. J. Reynolds Tobacco Company | Computer integrated manufacturing system |
| JPH03111969A (en) * | 1989-09-27 | 1991-05-13 | Hitachi Ltd | Method for supporting plan formation |
| US5233513A (en) * | 1989-12-28 | 1993-08-03 | Doyle William P | Business modeling, software engineering and prototyping method and apparatus |
| WO1993012488A1 (en) * | 1991-12-13 | 1993-06-24 | White Leonard R | Measurement analysis software system and method |
| US5701419A (en) * | 1992-03-06 | 1997-12-23 | Bell Atlantic Network Services, Inc. | Telecommunications service creation apparatus and method |
| US5586021A (en) * | 1992-03-24 | 1996-12-17 | Texas Instruments Incorporated | Method and system for production planning |
| US5646049A (en) * | 1992-03-27 | 1997-07-08 | Abbott Laboratories | Scheduling operation of an automated analytical system |
| US5978811A (en) * | 1992-07-29 | 1999-11-02 | Texas Instruments Incorporated | Information repository system and method for modeling data |
| US5630069A (en) * | 1993-01-15 | 1997-05-13 | Action Technologies, Inc. | Method and apparatus for creating workflow maps of business processes |
| US5819270A (en) * | 1993-02-25 | 1998-10-06 | Massachusetts Institute Of Technology | Computer system for displaying representations of processes |
| CA2118885C (en) * | 1993-04-29 | 2005-05-24 | Conrad K. Teran | Process control system |
| AU7207194A (en) * | 1993-06-16 | 1995-01-03 | Electronic Data Systems Corporation | Process management system |
| US5485574A (en) * | 1993-11-04 | 1996-01-16 | Microsoft Corporation | Operating system based performance monitoring of programs |
| US5724262A (en) * | 1994-05-31 | 1998-03-03 | Paradyne Corporation | Method for measuring the usability of a system and for task analysis and re-engineering |
| US5563951A (en) * | 1994-07-25 | 1996-10-08 | Interval Research Corporation | Audio interface garment and communication system for use therewith |
| US5745880A (en) * | 1994-10-03 | 1998-04-28 | The Sabre Group, Inc. | System to predict optimum computer platform |
| JP3315844B2 (en) * | 1994-12-09 | 2002-08-19 | 株式会社東芝 | Scheduling device and scheduling method |
| JPH08320855A (en) * | 1995-05-24 | 1996-12-03 | Hitachi Ltd | Method and system for evaluating system introduction effect |
| EP0770967A3 (en) * | 1995-10-26 | 1998-12-30 | Koninklijke Philips Electronics N.V. | Decision support system for the management of an agile supply chain |
| US5960417A (en) * | 1996-03-19 | 1999-09-28 | Vanguard International Semiconductor Corporation | IC manufacturing costing control system and process |
| US5793632A (en) * | 1996-03-26 | 1998-08-11 | Lockheed Martin Corporation | Cost estimating system using parametric estimating and providing a split of labor and material costs |
| US5960200A (en) * | 1996-05-03 | 1999-09-28 | I-Cube | System to transition an enterprise to a distributed infrastructure |
| US5673382A (en) * | 1996-05-30 | 1997-09-30 | International Business Machines Corporation | Automated management of off-site storage volumes for disaster recovery |
| US5864483A (en) * | 1996-08-01 | 1999-01-26 | Electronic Data Systems Corporation | Monitoring of service delivery or product manufacturing |
| US5974395A (en) * | 1996-08-21 | 1999-10-26 | I2 Technologies, Inc. | System and method for extended enterprise planning across a supply chain |
| US5930762A (en) * | 1996-09-24 | 1999-07-27 | Rco Software Limited | Computer aided risk management in multiple-parameter physical systems |
| US5903478A (en) * | 1997-03-10 | 1999-05-11 | Ncr Corporation | Method for displaying an IT (Information Technology) architecture visual model in a symbol-based decision rational table |
| US6028602A (en) * | 1997-05-30 | 2000-02-22 | Telefonaktiebolaget Lm Ericsson | Method for managing contents of a hierarchical data model |
| US6106569A (en) * | 1997-08-14 | 2000-08-22 | International Business Machines Corporation | Method of developing a software system using object oriented technology |
| US6092047A (en) * | 1997-10-07 | 2000-07-18 | Benefits Technologies, Inc. | Apparatus and method of composing a plan of flexible benefits |
| US6119097A (en) * | 1997-11-26 | 2000-09-12 | Executing The Numbers, Inc. | System and method for quantification of human performance factors |
| US6157916A (en) * | 1998-06-17 | 2000-12-05 | The Hoffman Group | Method and apparatus to control the operating speed of a papermaking facility |
-
2000
- 2000-10-06 WO PCT/US2000/027593 patent/WO2001026028A1/en active Application Filing
- 2000-10-06 AU AU14317/01A patent/AU1431701A/en not_active Abandoned
- 2000-10-06 AU AU14318/01A patent/AU1431801A/en not_active Abandoned
- 2000-10-06 WO PCT/US2000/027795 patent/WO2001025876A2/en active Application Filing
- 2000-10-06 AU AU11936/01A patent/AU1193601A/en not_active Abandoned
- 2000-10-06 AU AU79960/00A patent/AU7996000A/en not_active Abandoned
- 2000-10-06 WO PCT/US2000/027803 patent/WO2001026013A1/en active Application Filing
- 2000-10-06 AU AU78666/00A patent/AU7866600A/en not_active Abandoned
- 2000-10-06 EP EP00973433A patent/EP1226523A4/en not_active Withdrawn
- 2000-10-06 WO PCT/US2000/027796 patent/WO2001026010A1/en active Application Filing
- 2000-10-06 EP EP00979124A patent/EP1222510A4/en not_active Withdrawn
- 2000-10-06 AU AU11938/01A patent/AU1193801A/en not_active Abandoned
- 2000-10-06 CA CA002386788A patent/CA2386788A1/en not_active Abandoned
- 2000-10-06 AU AU77566/00A patent/AU7756600A/en not_active Abandoned
- 2000-10-06 WO PCT/US2000/027629 patent/WO2001026008A1/en active Application Filing
- 2000-10-06 WO PCT/US2000/027801 patent/WO2001026011A1/en active Application Filing
- 2000-10-06 WO PCT/US2000/027802 patent/WO2001026012A1/en active Application Filing
- 2000-10-06 AU AU79961/00A patent/AU7996100A/en not_active Abandoned
- 2000-10-06 WO PCT/US2000/027592 patent/WO2001026007A1/en active Application Filing
- 2000-10-06 WO PCT/US2000/027518 patent/WO2001026005A1/en active Application Filing
- 2000-10-06 WO PCT/US2000/027856 patent/WO2001025970A1/en active Search and Examination
- 2000-10-06 AU AU80018/00A patent/AU8001800A/en not_active Abandoned
- 2000-10-06 AU AU80017/00A patent/AU8001700A/en not_active Abandoned
- 2000-10-06 WO PCT/US2000/027804 patent/WO2001026014A1/en active Application Filing
- 2000-10-06 WO PCT/US2000/027857 patent/WO2001025877A2/en not_active Application Discontinuation
- 2000-10-06 AU AU78618/00A patent/AU7861800A/en not_active Abandoned
- 2000-10-06 AU AU16539/01A patent/AU1653901A/en not_active Abandoned
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5875431A (en) * | 1996-03-15 | 1999-02-23 | Heckman; Frank | Legal strategic analysis planning and evaluation control system and method |
| US6044354A (en) * | 1996-12-19 | 2000-03-28 | Sprint Communications Company, L.P. | Computer-based product planning system |
| US6131099A (en) * | 1997-11-03 | 2000-10-10 | Moore U.S.A. Inc. | Print and mail business recovery configuration method and system |
Non-Patent Citations (12)
| Title |
|---|
| BUSINESS HORIZONS, vol. 40, no. 6, November 1997 (1997-11-01) - December 1997 (1997-12-01), GREENWICH, pages 19 - 25 * |
| DATABASE WILSON BUS. ABS. FULL TEX [online] HERBANE BRAHIM: "Contingency and continua: Achieving excellence through business continuity planning", XP002937664, Database accession no. 03756491 * |
| DURHAM DANNY: "Disaster and recovery planning: A guide for facility managers", SECURITY MANAGEMENT, vol. 41, no. 8, August 1997 (1997-08-01), ARLINGTON, pages 120, XP002937662 * |
| KERZNER HAROLD: "Project management: A systems approach to planning, scheduling and controlling", 1995, VAN NOSTRAND REINHOLD, NEW YORK, XP002937656 * |
| KERZNER HAROLD: "Project management: A systems approach to planning, scheduling and controlling", 1995, VAN NOSTRAND REINHOLD, NEW YORK, XP002937657 * |
| KLEINFELD DENIS A.: "Emergency disaster planning for international business entities", JOURNAL OF ASSET PROTECTION, vol. 2, no. 6, July 1997 (1997-07-01) - August 1997 (1997-08-01), BOSTON, pages 58, 9 PGS, XP002937663 * |
| MILLER HUGH JAMES: "A guide to planning for the business recovery of an administrative business unit", EDPACS, April 1997 (1997-04-01), RESTON, pages 9 - 16, XP002937693 * |
| O'CALLAGHAN DES: "Disaster planning: Covering all the bases", BANKERS MONTHLY, vol. 108, no. 11, November 1991 (1991-11-01), NEW YORK, pages 18 - 21, XP002937660 * |
| RADDING ALAN: "Harnessing the PC for business recovery planning", BANKING MANAGEMENT, vol. 67, no. 5, May 1991 (1991-05-01), CHICAGO, pages 58 + 60, XP002937658 * |
| ROSS JULIE RITZER: "Recovery firms ride to the rescue when disasters strike the computer", STORES, December 1997 (1997-12-01), pages 35 - 36, XP002937655 * |
| SCHWARTZ SUSANA: "Are you prepared for disaster?", INSURANCE & TECHNOLOGY, vol. 22, no. 4, April 1997 (1997-04-01), NEW YORK, pages 34 - 36, XP002937661 * |
| UNDERWOOD MIKE: "Preparing for the worst", AS/400 SYSTEMS MANAGEMENT, vol. 25, no. 12, December 1997 (1997-12-01), ARLINGTON HEIGHTS, pages 52, 3 PGS, XP002937659 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11329896B1 (en) | 2021-02-11 | 2022-05-10 | Kyndryl, Inc. | Cognitive data protection and disaster recovery policy management |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2001026010A1 (en) | 2001-04-12 |
| AU1653901A (en) | 2001-05-10 |
| AU1193601A (en) | 2001-05-10 |
| AU1431801A (en) | 2001-05-10 |
| EP1226523A4 (en) | 2003-02-19 |
| CA2386788A1 (en) | 2001-04-12 |
| AU1431701A (en) | 2001-05-10 |
| EP1222510A2 (en) | 2002-07-17 |
| AU8001700A (en) | 2001-05-10 |
| WO2001025970A1 (en) | 2001-04-12 |
| WO2001025970A8 (en) | 2001-09-27 |
| WO2001026014A1 (en) | 2001-04-12 |
| EP1226523A1 (en) | 2002-07-31 |
| WO2001026005A1 (en) | 2001-04-12 |
| WO2001025877A3 (en) | 2001-09-07 |
| WO2001026012A1 (en) | 2001-04-12 |
| WO2001026028A1 (en) | 2001-04-12 |
| WO2001026013A1 (en) | 2001-04-12 |
| WO2001026028A8 (en) | 2001-07-26 |
| WO2001025876A2 (en) | 2001-04-12 |
| WO2001025876A3 (en) | 2001-08-30 |
| WO2001026008A1 (en) | 2001-04-12 |
| AU7996000A (en) | 2001-05-10 |
| AU7996100A (en) | 2001-05-10 |
| WO2001025877A2 (en) | 2001-04-12 |
| AU7861800A (en) | 2001-05-10 |
| AU7866600A (en) | 2001-05-10 |
| AU8001800A (en) | 2001-05-10 |
| WO2001026011A1 (en) | 2001-04-12 |
| AU7756600A (en) | 2001-05-10 |
| EP1222510A4 (en) | 2007-10-31 |
| AU1193801A (en) | 2001-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2001026007A1 (en) | Method and estimator for providing business recovery planning | |
| US8200527B1 (en) | Method for prioritizing and presenting recommendations regarding organizaion's customer care capabilities | |
| US20050114829A1 (en) | Facilitating the process of designing and developing a project | |
| Caudle | Strategic information resources management: Fundamental practices | |
| Snyder et al. | Introduction to IT project management | |
| WO2007030633A2 (en) | Method and system for remotely monitoring and managing computer networks | |
| Chen et al. | IT outsourcing: A primer for public managers | |
| Information Systems Audit et al. | Cobit 5: implementation | |
| Erdogmus et al. | How to support clients and vendors in IT outsourcing engagements: the different roles of third-party advisory services | |
| Kwak | A systematic approach to evaluate quantitative impacts of project management (PM) | |
| Agrawal et al. | A general framework to measure organizational risk during information systems evolution and its customization | |
| Hartzel et al. | A High-Reliability Approach to Risk Management in an IT Project | |
| Muzikante et al. | Robotic process automation risk analysis in circle K business centre | |
| Van Bon | ITIL® 2011 Edition-A Pocket Guide | |
| Tegström et al. | Evaluation of Business Continuity Management-A case study of disaster recovery during the Covid-19 pandemic | |
| Hasibović et al. | The importance of ITIL4 adoption for IT service management in insurance companies | |
| Modern | SOFTWARE DEVELOPMENT | |
| Al Nauimi | The Influence of Risks on the Cost Overrun of ICT Network Projects | |
| Chen et al. | IT Outsourcing | |
| Kooijmans et al. | Value Realization from Efficient Software Deployment | |
| Rössing | BCM Audit | |
| Coleman et al. | The dilemma of Department of Defense business system modernization efforts: why intended outcomes have not been fully met and what needs to change | |
| Kasulke et al. | Operational Quality: Zero Outage Ensures Reliability and Sustainability | |
| Lowder | Implementing the Information Technology Information Library (ITIL) Framework | |
| Council et al. | Examinations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| 122 | Ep: pct application non-entry in european phase | ||
| NENP | Non-entry into the national phase |
Ref country code: JP |