Skip to main content
Mobile
  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations
HS Talks HS Talks
Subjects  
Search
  • Notifications
    Notifications

    No current notifications.

  • User
    Welcome Guest
    You have Limited Access The Business & Management Collection
    Login
    Get Assistance
    Login
    Forgot your password?
    Login via your organisation
    Login via Organisation
    Get Assistance
Finance, Accounting & Economics
Global Business Management
Management, Leadership & Organisation
Marketing & Sales
Strategy
Technology & Operations
You currently don't have access to this journal. Request access now.
Practice paper

Assessing the resilience of an IT portfolio

Matthew Ricks and Lucrecia Boswell
Journal of Business Continuity & Emergency Planning, 13 (1), 22-31 (2019)
https://doi.org/10.69554/BDKY5442

Abstract

One of the goals of the business impact analysis (BIA) process is to establish recovery objectives. Having established recovery objectives, the next step is to assess whether one’s IT portfolio can actually meet those objectives. Unfortunately, there is no well-defined and prescriptive process for this. This article describes a model that can be customised and applied in any organisation to take an IT-centric view to assessing resilience capabilities. The first stage of this process is to gather IT-specific data, either through a questionnaire or by querying the configuration management database directly. The next step is to leverage a set of scoring rubrics in order to assess the capabilities of each application with respect to meeting recovery point objectives, recovery time objectives and service-level targets, as well as the strength of staffing, documentation and disaster recovery plans. The output of the model is a composite score for each application (based upon an aggregate capability score and a weighting factor) that identifies those services in the IT portfolio with the greatest gaps in their capabilities (ie those services in greatest need of remediation). The logic of the model can either be built with spreadsheets or automated through business continuity management planning platforms.

Keywords: business continuity; disaster recovery; BIA; assessment; resilience

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

Matthew Ricks is the Senior Director of IT Facilities Management and Business Continuity Management at Stanford University. In addition to oversight of Stanford’s data centres and IT technical facilities, he has a focus on disaster recovery, business continuity planning and emergency management efforts. Matthew leads annual disaster recovery and life safety exercises, as well as designing and leading quarterly information security incident response exercises; he also serves as incident commander for major IT incidents. Matthew has an MBA from University of Maryland University College and a bachelor of science degree in information systems management from University of Maryland Baltimore County. He is currently pursuing a master’s degree in homeland security from Penn State University.

Lucrecia Boswell is the Manager of Hosting Services and Asset Management at Stanford University. She is responsible for the provisioning of servers and network systems in Stanford’s data centres and with Stanford’s cloud providers, and she manages the life cycle of IT assets. Lucrecia has also managed Stanford IT’s disaster recovery exercises. Lucrecia has a bachelor of arts degree in liberal studies from California State University, Fullerton.

Citation

Ricks, Matthew and Boswell, Lucrecia (2019, September 1). Assessing the resilience of an IT portfolio. In the Journal of Business Continuity & Emergency Planning, Volume 13, Issue 1. https://doi.org/10.69554/BDKY5442.

Options

  • Download PDF
  • Share this page
    Share This Article
    Messaging
    • Outlook
    • Gmail
    • Yahoo!
    • WhatsApp
    Social
    • Facebook
    • X
    • LinkedIn
    • VKontakte
    Permalink
cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 13 / Issue 1
© Henry Stewart
Publications LLP

The Business & Management Collection

  • ISSN: 2059-7177
  • Contact Us
  • Request Free Trial
  • Recommend to Your Librarian
  • Subscription Information
  • Match Content
  • Share This Collection
  • Embed Options
  • View Quick Start Guide
  • Accessibility

Categories

  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations

Librarian Information

  • General Information
  • MARC Records
  • Discovery Services
  • Onsite & Offsite Access
  • Federated (Shibboleth) Access
  • Usage Statistics
  • Promotional Materials
  • Testimonials

About Us

  • About HSTalks
  • Editors
  • Contact Information
  • About the Journals

HSTalks Home

Follow Us On:

HS Talks
  • Site Requirements
  • Copyright & Permissions
  • Terms
  • Privacy
  • Sitemap
© Copyright Henry Stewart Talks Ltd

Personal Account Required

To use this function, you need to be signed in with a personal account.

If you already have a personal account, please login here.

Otherwise you may sign up now for a personal account.

HS Talks

Cookies and Privacy

We use cookies, and similar tools, to improve the way this site functions, to track browsing patterns and enable marketing. For more information read our cookie policy and privacy policy.

Cookie Settings

How Cookies Are Used

Cookies are of the following types:

  • Essential to make the site function.
  • Used to analyse and improve visitor experience.

For more information see our Cookie Policy.

Some types of cookies can be disabled by you but doing so may adversely affect functionality. Please see below:

(always on)

If you block these cookies or set alerts in your browser parts of the website will not work.

Cookies that provide enhanced functionality and personalisation. If not allowed functionality may be impaired.

Cookies that count and track visits and on website activity enabling us to organise the website to optimise the experience of users. They may be blocked without immediate adverse effect.