As much as we’d all like to think, “It won’t happen to me,” disaster can and does strike when least expected. In fact, just looking at recent news coverage in the technology sector, anyone could conclude that ERP failures are distressingly common. Yet, despite the obvious need for business contingency planning, many organizations do not have contingency plans in place for responding to IT crises or ERP failures.
There are many reasons that organizations do not bother with business continuity management (BCM). This kind of planning can be costly and time-consuming – an obvious discouragement during an ERP implementation – and upper management may lack the bandwidth, knowledge or initiative necessary to assess or comprehend the risks associated with implementing a new ERP system. While BCM may seem like an unnecessary and pessimistic insurance policy, all organizations need to consider the variety of threats facing businesses (both IT-related and non-IT-related) and weigh the likelihood that a crisis will happen to them.
Today, the most common threats to businesses are power outages, extreme weather and IT failures – all of which happen with regular occurrence. Such crises account for millions of dollars of lost revenue among businesses globally, (due primarily to significant downtime and lost productivity), and can strike even the most venerable and stable corporations in the world. The risk profile of organizations that implement ERP systems without a sound selection strategy, third-party implementation expertise or independent verification and validation (IV&V) assessments is even higher.
To increase your organization’s chances of recovery from a crisis, it’s important to ensure that BCM accounts for a significant portion of the business process management efforts undertaken during ERP implementation.
Following are several characteristics of a solid business contingency plan:
- Comprehensive – Your contingency plan should address any and all possible disruptions to your business, no matter the scale or source. These include disruptions during and following ERP implementation as well as ongoing threats such as natural disasters, malware and hackers. Your contingency plan should also address every aspect of your business that could be affected by such disruptions.
- Organized – Possible disruptions should be prioritized by level of impact so your organization can put the majority of its energy into preparing for the most significant crises. Similarly, business processes should be prioritized by level of importance so your organization can determine measures to keep these most vital functions running with or without technology.
- Accessible – Hard copies of your contingency plan should be available to everyone in the organization who may need access. It should be written in a way that communicates exactly what role each employee will be expected to perform in the event of a crisis. All staff members should have at least a basic understanding of your organization’s vulnerabilities and dependencies as well as your organization’s recovery plan.
Once your organization begins to realize the pervasiveness of ERP failures and operational disruptions, it will not want to take the risk of leaving the integrity of its business processes up to chance. To learn more about how Panorama helps organizations assess risk, visit our ERP Project Recovery page.