A Business Continuity Strategy is your CIO secret weapon in an increasingly dangerous world.

Threats and disruptions lose revenue, increase cost, and tank profitability. It’s not enough to rely on insurance—it doesn’t cover all the costs or take customers who flock to the competition into consideration. CIOs and other leaders can avoid disaster and save the day with a well-thought-out business continuity strategy.

Outbreaks, disasters, and crises abound: unforeseen events can slow or even shut down businesses caught without a plan.

Corporations spend millions of dollars securing their infrastructure and guarding against cyber-attacks—but what about a potential pandemic?

Viral epidemics, weather emergencies, and civil unrest are all factors that erode commerce and operations. As the Coronavirus spreads, the business implications of disrupted global commerce are significant. Without a plan in place, businesses could take longer to recover, or shut down completely.

Threats and disruptions lose revenue, increase cost, and tank profitability. It’s not enough to rely on insurance—it doesn’t cover all the costs or take customers who flock to the competition into consideration. CIOs and other leaders can avoid disaster and save the day with a well-thought-out business continuity strategy.

What’s the secret weapon to staying afloat during a crisis? A solid Business Continuity Plan (BCP).

According to Investopedia, BCP/ Business Continuity Management is “the process involved in creating a system of prevention and recovery from potential threats to a company.” The plan protects personnel and assets to resume operations after a disaster. Key stakeholders and personnel give their input to create and test the BCP in advance.

How to create a Business Continuity Plan

There are many components of a solid BCP. Disaster Recovery and Business Impact Analysis are both important pieces of the puzzle. DRPs focus on restoring infrastructure and operations. BIA looks at the processes of your organization and prioritizes them in regards to cost.

After assessing the BIA, it’s time to complete the plan. Identify the scope of the plan and the key business areas: Sales? Supply? HR? Pinpoint your company’s most important processes and note how they connect with the business areas.

Honestly assess how much downtime is acceptable for each of these functions. After gathering this information, your team can now create a plan and procedure to resume and maintain operations.

Test early, test often

Even the most thoughtful BCP can get shoved in a drawer years after its creation. To stay prepared, your team should review, test, and update the company’s BCM strategy at least once a year. Leaders and managers review the plan and discuss potential changes with their teams. This ensures all employees are aware of the process and can share feedback or concerns.

Testing your BCP and DR in a controlled environment is the best way to make sure it works. It’s better to make changes ahead of time as opposed to improvising during an incident. Be sure to push the limits of your tests, and try to break the plan. Planning for the worst ensures the most effective results.

When disaster seems like a remote possibility, it’s tempting to be laissez-faire about the BCP’s importance. “Every organization should be monitoring changes and threats on a global basis,” says Quentin Cantlo, COO of Advancement Strategy. “Having a proper BCM leadership structure in place is a great start to developing the continuity management strategy for your enterprise.”

Plenty of companies and consultants provide disaster recovery solutions for corporate infrastructure. You can rely on the IT team to get the technology up and running, but profits and success rely on holistic processes. But how will you handle the rest of your business functions?

These days, the dark web isn’t the only way to spread a virus.

If your business requires the development, audit, or testing of a BCM or Disaster Recovery strategy, contact us. We have years of planning and executing BCMs with global corporations, and will steer your team to safety.

Top 5 misconceptions CEOs have of CIOs

Cooperation and alignment at the executive level are paramount today—especially when it relates to the intersection of business objectives and technology. The Chief Information Officer position is often underestimated, thus confusion and sometimes tension exist due to a misunderstanding of what this executive leader role entails.

CIOs must juggle building a long-term IT strategy for the business while ensuring new IT development projects are delivered on time and under budget, managing the disparate needs for new tech solutions from different departments, and review cutting edge technology and trends. Needless to say, it’s a delicate balance, and dropping one of the balls can quickly signal an exit, warranted or not.

Our experts identified patterns that keep appearing when ASC works to mediate and create alignment between the Chief Executive Officer and their CIO.  We’ve listed both the problems and their solutions: read on and see if you agree.

  • 1. The top IT leader does not need to report to the CEO:

    As technology becomes more accessible and outsourcing becomes mainstream, both business leaders and shareholders are taking IT leaders for granted. The CIO’s reporting relationship greatly affects an organizations’ IT strategy and allocation of resources. CEOs focus on how much value IT delivers to the business as a whole. However, if a CIO reports to the CFO, they may be directed or encouraged to emphasize cost and efficiency over effectiveness in driving objectives.

    The fix:

    Leave the “cut cost no matter what” mindset behind. Costs will always be a factor, but forcing budget to be the only focus doesn’t necessarily translate to more effective results with new technology. In 2020, successful corporations invested on average 2.8% more in their IT budgets, compared to more fragile enterprises that only grew by .9% (1)

  • 2. CIOs are expendable and easily replaced every few years:

    The average tenure for CIOs is lower than that of their executive counterparts – anywhere from 18 months to 3 years. IT leaders typically need to job hop in order to advance their careers, as few companies promote from within. But the largest reason CIOs are let go is due to the failure of a major IT project – whether or not the CIO had the resources to succeed or was brought in as an attempt to fix a previous leader’s fiasco.

    The fix:

    Invest in homegrown talent and look inside your organization to find your next promotion. This includes allowing the current CIO to advance in their career. Additionally, providing co-ownership and buy-in from the business units affected by large-scale programs. Without it, projects are more likely to fail.

  • 3. CIO is a cost more than an asset:

    The CIO and their respective assets are often viewed as a cost to the business. Sometimes this is based on the perception that IT would be cheaper if it is all outsourced, and contributes to a misunderstanding of the role. See number 5 – an effective CIO is much more than an employee who manages the basic workings of corporate infrastructure. Not only do CIOs require technical expertise and business acumen, but they often manage very large teams, and thus need to be developed fully as a leader and personnel manager.

    The fix:

    Take the time to understand the full scope of your CIO’s abilities, and ensure the rest of the executive team is aligned. Instead of asking “Do we really need a CIO?”, consider “What kind of CIO do we need, and how can they support the CEO and company in ensuring the business succeeds?”

  • 4. The company does not need a CIO to successfully define and implement a cloud or cloud migration strategy:

    This is a common oversimplification and short-sighted view, which results in failed projects that cost too much money and don’t deliver on their listed requirements.

    The fix: Empower and support your CIO’s leadership as they develop corporate IT standards, enterprisewide systems, and centralized IT policymaking. Their expertise and direction are essential to successfully executing significant infrastructure projects like cloud migration.

  • 5. The IT function is tactical rather than strategic:

    The most successful leading companies use technology strategically and effectively use This executive position is so much more than making sure the server works or the website doesn’t blink out!

    One of the most important roles a CIO plays is seamlessly blending tech strategy and application to business operations. It’s not enough to just have technology know-how. This executive position requires a strategic mindset, strong communicators and relationship builders, AND the ability to spot innovation opportunities on both the business and tech fronts in order to effectively drive change.

    The fix:

    Do as much as possible to ensure your organization—including leadership— embraces technology. All employees need to understand how and why corporate technology functions. Make sure the CIO has a seat at the table when developing corporate-wide strategy and is empowered to drive innovation and change for the business.

According to a 2020 IBM report on the state of CIOs, companies that rely on their CIOs to utilize data to make business decisions, build more efficient operations, and forge closer links to their customers are more flexible, innovative, and profitable than their peers. The organizations that invest in technology and innovation are more agile and able to pivot quickly to manage changing business conditions and unforeseen crises.

Did we miss any other misconceptions? Let us know in the comments.

Are you still doing IT Strategy the old way?

Technology leaders *say* they want to innovate. However, when our consultants examine their company’s IT strategies, there are usually two obstacles blocking the way toward moving their organization into the future.

Technology leaders say they want to innovate. However, when our consultants examine their company’s IT strategies, two major obstacles block the path toward moving their organization into the future.

  1. First – Where’s the innovation?
    There are a few red flags that show new plans don’t contain the ground-breaking strategy clients claim to want.

What’s missing?

  • Technology: There aren’t any new technology solutions identified.
  • Resources: Conceiving, identifying, and implementing inventive strategy requires investment and buy-in from the company.
  • Inspiration sources: Developing innovative solutions is impossible if the leaders are not drawing from external confluences.
  • Budget: Researching and testing new solutions requires its own line item.
  1. Second – “We’ve always done it this way.”
    True innovation requires deviating from what “used to work” as well as developing a holistic, data-rich strategy.What went wrong?
  • Nostalgia: Basing strategic plans on current and past plans and information instead of looking to the future.
  • Silos: Making decisions without pre-vetting with other organization departments. Big decisions affect the entire organization: it’s easy to miss a crucial detail that may not be in your vertical.
  • No Data: Lacking tools, processes, and personnel to capture, track and facilitate the strategy’s effectiveness through data.
  • A budget is not a plan: Without true innovation, strategy becomes nothing more than an IT spend plan.

Balance the innovative elements of your 2020/2021 IT strategy (and beyond!) with tried and true best practices you’ve learned in the past. These standards include:

  • Researching the technology market for industry-specific trends and advances.
  • Getting buy-in and clearly defined business requirements from other business units ahead of time. It’s essential to collaborate with coworkers and departments who will be impacted by the IT strategy in order to ensure alignment with the business’ future plans.
  • Evaluating how effective previous strategies were compared to spend plan. Collect, analyze, and use your data to guide decisions for the next phase of strategy.


CIOs: don’t get trapped in the Matrix

It’s imperative for technology leaders to stay one step ahead of any potential trouble. A great way to ensure you’re receiving up to date, strategic advice is to enlist a trusted consultant to assist in developing plans and procedures that will mitigate or eliminate risks.

CIOs juggle day-to-day responsibilities and developing strategy while staying alert for IT weaknesses that threaten to negatively affect their company. Nothing spells a CIO’s demise like being unprepared to mitigate unexpected tech failures.  Corporate tech stumbles, be it a security breach, application outage, or a failed disaster recovery, can easily end up as an article in The Wall Street Journal.

It’s imperative for technology leaders to stay one step ahead of any potential trouble. A great way to ensure you’re receiving up to date, strategic advice is to enlist a trusted consultant to assist in developing plans and procedures that will mitigate or eliminate risks.

A large gap exists between identifying the need for a professional consultant and receiving the funds to hire assistance due to multiple factors.  You might run into negative responses for a number of reasons:

  • Budget problems: no funds are budgeted for security proofing.
  • Business-oriented decision-makers fail to thoroughly analyze the risks involved when operating under lax security protocols.
  • Decision-makers are unwilling to invest in security measures.
  • Political tension and competition exists between departments—every vertical has funding needs and struggles to maintain budgeting priority.

Avoiding the urge to concede to other business priorities or downplay the importance of IT investments is a challenging task that every IT leader must undertake.

Quality data will guide strategic decision making and make your case for an increased budget. Evaluate the results of previous priorities in relation to the spending plan and use this information to defend and build on your organization’s IT strategic priorities.