ContinuitySA logo

 

Renewed emphasis on digitalisation as a key strategy for sustainability is placing pressure on CIOs to ensure corporate systems are resilient.

One certainty that has emerged from the COVID-19 crisis is that organisations embarking on digitalisation were better prepared to respond to the crisis.

These companies were able to swiftly enable their employees to work remotely and were better placed to manage the productivity and success of a dispersed workforce. They also proved to be ahead in managing the softer issues like cabin fever and employee well-being during lockdown. A handful of companies have even been able to leverage Fourth Industrial Revolution technologies to achieve more advanced benefits, such as operating plants effectively whilst restricting the number of humans on site.

There is a flipside to the opportunities presented: digitalisation comes with its own set of risks, some of them existential. As a result, the sustainability of IT systems has become a growing focus of governance codes like the King Report.

“Covid-19 has acted as a catalyst for digital transformation, causing many organisations to progress more rapidly than they might have liked to (or ever envisaged they would),“ says Padma Naidoo, GM: Advisory Services at ContinuitySA. “Almost every business, irrespective of size or industry, has an integral reliance on IT systems and data. CIOs are at the frontline of any digital activity and should not forget to build resilience into their decisions and plans.”

Four weeks into lockdown, most organisations able to continue working have taken the necessary steps to equip staff, enable remote connectivity and address how remote desktop support will work. However, it is globally acknowledged that there will be some permanent changes to life as we knew it in the aftermath of Covid. And President Ramaphosa’s announcement earlier this week confirmed that there remains a long journey ahead of us before we can reach any state of normality. It’s therefore imperative for businesses to start unpacking in greater detail what the implications of this are.

Miss Naidoo shared some points for consideration:

How confident are you regarding cyber-security?

Reports indicate an increase in cyber-attacks during the Covid crisis. With many organisations planning for remote work to extend for months to come, this surge of attacks cannot be taken lightly. Organisations’ cyber-security capabilities and controls have been built on pre-Covid circumstances. As the circumstances have changed, organisations should be re-assessing their risks and the required controls to mitigate them. Inarguably, this should be couple with increased staff awareness campaigns.

Do the IT policies cater for this “business as unusual” time?

With a number of normal business and IT practices requiring adjustment during this time, it is worthwhile to revisit the policies that govern operations, such as the acceptable use policy, information security policy, BYOD policy, etc. In some instances, our clients have been creating interim policies to supplement (or supersede) existing policies.

Do you have a fit-for-purpose Disaster Recovery capability?

The economic pressure that organisations are being placed under, elevates the need to have continued availability of systems, applications and data. IT downtime is typically associated with revenue losses, operational issues and reputational harm. Now, it could come down to a question of survival. It is therefore imperative for CIOs to confirm that their DR capabilities and plans are up to scratch, as the risk of disruptions may be higher. But my systems are in the cloud… Having your IT environment hosted in the cloud may give a false sense of security that your DR is automatically catered for…it’s not! Unless explicitly subscribed for, disaster recovery is not part of a standard cloud solution. And generally, there isn’t a need to have a replica of your production environment in DR. Aligning to business needs can considerably reduce the cost of DR.

Do you have a Business Continuity Plan?

Often IT departments’ business continuity planning is limited disaster recovery and systems. However, contingencies for key IT staff members and critical suppliers can prove equally important. Hence the need to have a BCP for IT.

What else can IT do?

With organisations seeking to protect staff well-being, generate adequate revenue and retain customer-base, remote work may be one of many changes being applied. This time calls for innovation. It also requires ways of monitoring and measuring the success of the unusual practices being applied. IT can assist with the dashboards, tools and systems to increase efficiency.

With the challenging business landscape, CIOs, CISOs and their teams have a vital role to play in making organisations more resilient in the near and extended future.