The IT Service Management Forum UK (itSMF) - Best Practice - Results By Country
 






Results By Country

Return to the
Self Assessment

 

Click here to go back to the
itSMF Website
 		  

Results for Service Continuity Management

1 Pre-requisites

Question 1. Are at least some IT service continuity activities established within the organisation, for example business impact assessment, development of recovery plans?





Answered Yes: 537 (71%), Answered No: 218 (28%)

Question 2. Have the minimum operational requirements been determined by the business?





Answered Yes: 476 (63%), Answered No: 279 (36%)

Question 3. Has the organisation developed a business continuity strategy?





Answered Yes: 437 (57%), Answered No: 318 (42%)

1.5 Management Intent

Question 4. Has the purpose and benefits of IT service continuity planning been disseminated within the organisation?





Answered Yes: 413 (57%), Answered No: 305 (42%)

Question 5. Is there senior management commitment for the implementation of IT service continuity measures?





Answered Yes: 461 (64%), Answered No: 257 (35%)

Question 6. Has the scope of IT service continuity activity been determined – i.e. identifying, prioritising and documenting all business critical processes?





Answered Yes: 391 (54%), Answered No: 327 (45%)

Question 7. Has a business impact analysis been carried out?





Answered Yes: 347 (48%), Answered No: 371 (51%)

Question 8. Is there regular testing of the IT Service Continuity Management procedures?





Answered Yes: 350 (48%), Answered No: 368 (51%)

Question 9. Are the necessary resources being made available for the complete business continuity life-cycle stages through a strategic directive?





Answered Yes: 336 (46%), Answered No: 382 (53%)

2 Process Capability

Question 10. Have responsibilities for IT service continuity activities been assigned?





Answered Yes: 423 (61%), Answered No: 263 (38%)

Question 11. Have the minimum business critical requirements been determined through business impact analysis?





Answered Yes: 360 (52%), Answered No: 326 (47%)

Question 12. Has a risk assessment been conducted?





Answered Yes: 360 (52%), Answered No: 326 (47%)

Question 13. Is there an overall co-ordination plan for implementation, including emergency response, damage assessment, salvage, identification of vital records etc?





Answered Yes: 349 (50%), Answered No: 337 (49%)

Question 14. Have the ITSCM components for business continuity been identified?





Answered Yes: 344 (50%), Answered No: 342 (49%)

Question 15. Is there a check-list covering the specific actions required during all stages of recovery of the system?





Answered Yes: 347 (50%), Answered No: 339 (49%)

Question 16. Is there a formal procedure for testing and reviewing contingency plans?





Answered Yes: 334 (48%), Answered No: 352 (51%)

Question 17. Is there an IT risk reduction or mitigation programme to implement mechanisms in order to deliver the continuity requirements?





Answered Yes: 333 (48%), Answered No: 353 (51%)

Question 18. Is there a formal procedure for invoking recovery?





Answered Yes: 404 (58%), Answered No: 282 (41%)

Question 19. Is guidance on the invocation process readily available, including details of associated action and decision points?





Answered Yes: 346 (50%), Answered No: 340 (49%)

Question 20. Has a crisis management team been established?





Answered Yes: 374 (54%), Answered No: 312 (45%)

2.5 Internal Integration

Question 21. Is ITSC management responsible for the completeness of the IT contingency plans?





Answered Yes: 378 (55%), Answered No: 299 (44%)

Question 22. Do business continuity planners inform ITSC management of the required service criticality / priority?





Answered Yes: 333 (49%), Answered No: 344 (50%)

Question 23. Are ITSCM plans regularly reviewed, and the procedures and processes tested and updated where necessary?





Answered Yes: 331 (48%), Answered No: 346 (51%)

Question 24. Is there an established planning structure clearly identifying responsibility for overall co-ordination of the recovery?





Answered Yes: 355 (52%), Answered No: 322 (47%)

Question 25. Are the technical activities necessary in order to invoke the contingency measures fully documented, so that IT personnel can undertake recovery actions?





Answered Yes: 337 (49%), Answered No: 340 (50%)

3 Products

Question 26. Are reports concerning risk assessments and risk mitigation measures produced regularly?





Answered Yes: 282 (41%), Answered No: 391 (58%)

Question 27. Does ITSC management produce reports on alternative IT contingency planning options that would provide potentially acceptable service levels for cost consideration?





Answered Yes: 270 (40%), Answered No: 403 (59%)

Question 28. Are formal Requests for Change issued in order to amend ITSCM arrangements?





Answered Yes: 293 (43%), Answered No: 380 (56%)

3.5 Quality Control

Question 29. Are the standards and other quality criteria for ITSCM made explicit and applied?





Answered Yes: 292 (43%), Answered No: 378 (56%)

Question 30. Are the personnel responsible for ITSCM activities suitably trained?





Answered Yes: 356 (53%), Answered No: 314 (46%)

Question 31. Does the organisation set and review either targets or objectives for ITSCM?





Answered Yes: 331 (49%), Answered No: 339 (50%)

Question 32. Does the organisation use any tools or proprietary methods for conducting risk assessments and/or keeping the IT contingency plans up-to-date?





Answered Yes: 300 (44%), Answered No: 370 (55%)

4 Management Information

Question 33. Does ITSC management provide information concerning areas and nature of vulnerability to the continuation of business operations?





Answered Yes: 335 (50%), Answered No: 325 (49%)

Question 34. Does ITSC management provide information concerning IT contingency planning options?





Answered Yes: 340 (51%), Answered No: 320 (48%)

Question 35. Does ITSC management provide information concerning the IT contingency plans?





Answered Yes: 341 (51%), Answered No: 319 (48%)

Question 36. Does ITSC management provide information concerning changes to the IT contingency plans?





Answered Yes: 318 (48%), Answered No: 342 (51%)

Question 37. Does ITSC management provide information concerning verification tests of recovery plans?





Answered Yes: 336 (50%), Answered No: 324 (49%)

Question 38. Does ITSC management provide information concerning risk mitigation (source and nature of risk, proportion avoided / reduced)?





Answered Yes: 307 (46%), Answered No: 353 (53%)

Question 39. Does ITSC management provide information concerning effectiveness of business continuity strategy?





Answered Yes: 304 (46%), Answered No: 356 (53%)

4.5 External Integration

Question 40. Are regular meetings held with business continuity planners (BCM)?





Answered Yes: 292 (45%), Answered No: 350 (54%)

Question 41. Does ITSC management exchange information with Availability Management for risk mitigation?





Answered Yes: 292 (45%), Answered No: 350 (54%)

Question 42. Does ITSC management exchange information with Availability Management for testing availability management components of the plan, including operating level agreements / support contracts?





Answered Yes: 276 (42%), Answered No: 366 (57%)

Question 43. Does ITSC management exchange information with Change Management for consideration of changes which may affect the currency and accuracy of IT Continuity Plans?





Answered Yes: 302 (47%), Answered No: 340 (52%)

Question 44. Does ITSC management exchange information with Change Management for assessment of proposed changes and actions necessary to avoid / reduce risks?





Answered Yes: 308 (47%), Answered No: 334 (52%)

Question 45. Does ITSC management exchange information with Capacity Management for consideration of capacity / storage risks and implications?





Answered Yes: 297 (46%), Answered No: 345 (53%)

Question 46. Does ITSC management exchange information with Capacity Management for specific capacity / storage requirements for recovery plan tests?





Answered Yes: 299 (46%), Answered No: 343 (53%)

Question 47. Does ITSC exchange information with Service Level Management for cross-references between SLAs and IT contingency plans, and specific service levels during contingency or recovery situations?





Answered Yes: 265 (41%), Answered No: 377 (58%)

Question 48. Does ITSC management exchange information with Configuration Management for contingency requirements and final configuration details, ensuring currency of configuration details used?





Answered Yes: 290 (45%), Answered No: 352 (54%)

Question 49. Does ITSC management exchange information with Configuration Management for full relationship between components and services?





Answered Yes: 275 (42%), Answered No: 367 (57%)

Question 50. Does ITSC management exchange information with Problem Management and Incident Management for reviewing major incidents?





Answered Yes: 306 (47%), Answered No: 336 (52%)

Question 51. Does ITSC management exchange information with Problem Management and Incident Management for discussion of problems where cause / resolution is possibly within the domain of ITSC management?





Answered Yes: 304 (47%), Answered No: 338 (52%)

5 Customer Interface

Question 52. Do you check with the customer if the activities performed by ITSC management adequately support their business needs?





Answered Yes: 261 (49%), Answered No: 264 (50%)

Question 53. Do you check with the customer if they are happy with the services provided?





Answered Yes: 286 (54%), Answered No: 239 (45%)

Question 54. Are you actively monitoring trends in customer satisfaction?





Answered Yes: 248 (47%), Answered No: 277 (52%)

Question 55. Are you feeding customer survey information into the service improvement agenda?





Answered Yes: 237 (45%), Answered No: 288 (54%)

Question 56. Are you monitoring the customers value perception of the services provided to them?





Answered Yes: 250 (47%), Answered No: 275 (52%)