MUMBAI may slowly be returning to normalcy after the terror attack, but most Indian organisations could lack the same resilience. A terror attack on any of India's IT or financial service processing firms could paralyse them for days and possibly cause irreparable damage, fear experts.
A yet-to-be-released survey by PriceWaterhouseCoopers (PwC) has found that only a small percentage of Indian organisations — around 12% — carries out a detailed risk assessment and chalks out threat scenario-based plans. The survey — carried out among 140 firms — however, notes that there is progressively higher awareness compared to previous annual surveys. "It is evident from the industry responses that while we have done a lot in the past couple of years compared to the preceding decade, we still have a long way to go in our disaster readiness," said Nikhil Donde, managing consultant, PwC.
"We've come a long way compared to a few years ago. There is an appreciation that 'it can happen to me'. After 9/11, most firms have a basic plan of redundancy — back-up is done largely by all organisations. They also use multiple service providers for connectivity," agreed KPMG executive director (IT advisory) Akhilesh Tuteja.
Most two-year contracts today also have a business continuity clause, according to Mr Tuteja. But process capability and people availability are overlooked, he said. For instance, if one facility is destroyed in a terror attack, how soon will it take for the process to be serviced from the second location — 2 hours, 5 hours or 2 days? Most organisations also assume people availability. If people working in one location are lost, then does the second location have people with those skills? "That is one of the big threats, but which is rarely taken into account," he said.
"Disaster recovery plans are like an insurance you may never use," said Mr Donde. "In today's environment, every bit of money saved matters to your margins. This is a paradox as they don't help you grow your business. If you replicate your entire infrastructure in a different location, it may be like over-kill." Of all the organisations PwC polled in India, around 17% had no formal business continuity or disaster recovery plans, but were aware of the need for it. Around 48% of the responding firms identified that preparing business continuity and disaster recovery plans was the prime objective in the current year.
FIGURING IT OUT
Around 12% of firms in India carry out detailed risk assessment and chalk out threat scenario-based plans
17% had no formal business continuity or disaster recovery plans
48% of firms identified that preparing business continuity and disaster recovery plans was the prime objective this year
A yet-to-be-released survey by PriceWaterhouseCoopers (PwC) has found that only a small percentage of Indian organisations — around 12% — carries out a detailed risk assessment and chalks out threat scenario-based plans. The survey — carried out among 140 firms — however, notes that there is progressively higher awareness compared to previous annual surveys. "It is evident from the industry responses that while we have done a lot in the past couple of years compared to the preceding decade, we still have a long way to go in our disaster readiness," said Nikhil Donde, managing consultant, PwC.
"We've come a long way compared to a few years ago. There is an appreciation that 'it can happen to me'. After 9/11, most firms have a basic plan of redundancy — back-up is done largely by all organisations. They also use multiple service providers for connectivity," agreed KPMG executive director (IT advisory) Akhilesh Tuteja.
Most two-year contracts today also have a business continuity clause, according to Mr Tuteja. But process capability and people availability are overlooked, he said. For instance, if one facility is destroyed in a terror attack, how soon will it take for the process to be serviced from the second location — 2 hours, 5 hours or 2 days? Most organisations also assume people availability. If people working in one location are lost, then does the second location have people with those skills? "That is one of the big threats, but which is rarely taken into account," he said.
"Disaster recovery plans are like an insurance you may never use," said Mr Donde. "In today's environment, every bit of money saved matters to your margins. This is a paradox as they don't help you grow your business. If you replicate your entire infrastructure in a different location, it may be like over-kill." Of all the organisations PwC polled in India, around 17% had no formal business continuity or disaster recovery plans, but were aware of the need for it. Around 48% of the responding firms identified that preparing business continuity and disaster recovery plans was the prime objective in the current year.
FIGURING IT OUT
Around 12% of firms in India carry out detailed risk assessment and chalk out threat scenario-based plans
17% had no formal business continuity or disaster recovery plans
48% of firms identified that preparing business continuity and disaster recovery plans was the prime objective this year
0 comments:
Post a Comment