As a software company and IT provider for major customers in the financial sector, we would like to use this blog post to explain some essential aspects of a BCM policy that is implemented early on.
With their financial services (e.g. payment transactions, provision of cash, etc.), DPS’ clients are systemically relevant institutions for the economy and society, thus making them institutions of key importance.
At first glance, this might seem surprising: A consistently-developed BCM policy, which was implemented prior to the onset of a crisis with regard to the infrastructure, organisation and processes, robustly handles the requirements it is faced with, even now, during the corona crisis.
All companies that commit to 24/7/365 service level agreements owe more than just the maintenance of service availability for the control process. Especially in situations of serious critical failures, BCM must be clearly recognisable in a company’s DNA.
An epidemic that, over time, develops into a pandemic is (even though this may sound cynical) probably easier to handle than a natural disaster or other spontaneous events that lead to destructive effects. As an IT provider, which must be able to maintain its service readiness under pressure and at all times, we have implemented a governance system and derived rules from it early on already, which are verified by regular audits.
This applies, in particular, to:
- a scalable network infrastructure,
- the backup capability of all necessary data, libraries and documentation,
- switching of office workstations to home office activity at any time,
- provision of a secure, internal communication and a co-working platform,
- implementation of necessary cyber securities, also when working from home.
In addition to maintaining SLA-based service availability, the deployment of resources via an extensive home office structure requires professional project management that has to be organised as efficiently as possible for both agile and conventional waterfall projects.
While the waterfall model requires less communication between the participants in the individual project stages, it is especially the agile model that relies on continuous and spontaneous communication between the project participants. In particular, and depending on the circumstances, the stakeholders of an agile project model should also be sought outside the company itself, at the customer or other project participants. This means extending communication routes beyond the internal structures, when necessary.
Therefore, a timely organisation of remote accesses to the secured infrastructures of the cooperating instances is essential.
Taking the employees’ respective private and familial circumstances into account is of particular importance – this requires solidarity and flexibility from all those involved.
The current corona crisis can be mastered much better by those IT providers who aligned their work to the principles as outlined above in a timely manner.