【正文】 vice requirements. The process then examines the risks and threats to these requirements and develops an IT risk reduction or mitigation program. This program implements mechanisms delivering the continuity requirements necessary to provide the required optimum level of business operation. Key Definitions Business impact analysis. A business impact analysis (BIA) focuses on the business needs of IT services. Being without any IT service will have a detrimental effect on the business, but the severity of the impact will vary with time and also be affected by its point in the processing cycle. The impact in the loss of a realtime service, such as trading in a money market, will be felt immediately while the business may cope for some time without other services. When establishing the urgency of each service, the BIA identifies the minimum requirements of each service to meet the critical business needs. Cold site, fixed center. This can include the provision of empty acmodations that are fully equipped with power, environmental controls, local work cabling infrastructure, and telemunications connections and available in a disaster situation for an anization to install its own puter equipment. Cold site, mobile center. This option is the same as a cold site, fixed center, except that the site is mobile or portable. This site may be erected on a predesignated location or near the actual facilities. Service Management Function 7 Contingency plan. A tested plan, documenting the actions to be taken and implemented in the event of a disaster. Hot site, fixed center. Dedicated puter equipment mirroring critical business systems ready to take over immediately with no loss of data. Warm site, fixed center. A location with suitable puter equipment ready to recover service. Warm site, mobile center. Commercial recovery services can be provided in portable form where a preconfigured puter is delivered to a customer’s site within a certain time, typically 24 hours. The puter equipment is contained in a trailer and transported to the site by truck. The trailer is outfitted as a puter environment with the necessary services and only needs power and telemunications links from the site to the trailer for the service to be established. 4 Processes and Activities This chapter provides a detailed discussion of the processes and activities that occur in the IT Service Continuity Management SMF. Process Flow Summary IT service continuity management consists of four main processes and a number of subprocesses as follows: ? Acquire service level requirements ? Identify information technology service layers ? Identify risks to each information technology service layer ? Propose contingent solution ? Design for failover ? Design for recovery ? Formalize operating level agreements ? Formalize the contingency plan ? Definition of contingency levels ? Escalation and notification procedures ? Startup and shutdown procedures ? Communications methods ? Status reporting requirements 10 IT Service Continuity Management Figure 1 illustrates the process of IT service continuity management. Figure 1. IT service continuity management process flow Process Flow Steps The Availability Management SMF defines availability requirements for business services. The IT Service Continuity Management SMF typically continues where the availability management process left off to address those availability risks that the Availability Management SMF cannot or chooses not to address. The process flow steps followed by the IT service continuity management process are described in the sections that follow. Start Requirements Acquire Service Level Solution Propose Contingent Level Agreements Formalize Operating Contingency Plan Formalize the End Service Management Function 11 Acquire Service Level Requirements Once risks are known, the users, with the help of IT, must decide which risks are to be mitigated and which are to be assumed. Mitigating a risk requires people, time, and money. IT management might determine that a risk is so small that they do not want to incur the cost of mitigating it. For example, meteor damage to the data center often falls under this category. The likelihood of a meteor shower damaging the data center is so small and the cost of installing antimeteor shielding to the building is so large that most anizations choose to assume the risk rather than assuming the cost of mitigating the risk. The risk of a meteor shower destroying a data center is a possibility. Just as the risk of tornadoes, floods, and any number of unknown events are also possibilities. It is probably not cost effective to create custom solutions for every eventuality. It is much easier to create a single plan that can be implemented in any of these events. This plan is called the contingency plan. IT service continuity management starts by carefully agreeing to availability targets with the customer and determining the cost of downtime or unavailability of the IT service in question so that a realistic IT budget can be established. It is also important that the negotiation include realistic expectations of reduced system availability while the contingency plan is in place. This process involves an element of education and negotiation on both sides (the customer and the IT anization). Customers need to understand how to define and articulate their availability requirements. The IT anization needs to understand the functions that make up the overall IT service and which of them are the most critical. Identify Information Technology Service Layers To understand where risk may be introduced, the IT environment must be broken down into logical, manageable ponents. One way to do this is to divide the services provided by the IT department into layers.