IT Operations
Strong IT operations helps to maintain the operational stability of your organisation. Recent events mean many organisations are reviewing their IT operations to assess IT resilience, business continuity, IT disaster recovery, IT costs and IT service maturity.
Our IT team can assist with:
|
|
|
|
IT resilience assessments
It has never been more important to have an ‘appropriate’ IT resilience in place to help prevent the loss of IT services to users and customers, as well as delay or prevent the need to invoke your IT Disaster Recovery Plan.
Forvis Mazars’ IT resilience assessment focuses on three areas:
- Technology resilience including component/device resilience, removing unacceptable single points of failure and scalability.
- IT People resilience including key person risk, staff and third-party capability.
- IT Processes resilience including alignment to IT standards, incident response and capacity/availability management.
We will gain an understanding of your IT function (including IT architecture) and business plans to help judge what an ‘appropriate’ resilience strategy is for your organisation. We then create a report that’s easy to understand which details findings, recommendations and a high-level IT architecture diagram. This will also identify areas for improvement with justification and a priority status.
Business Continuity Planning (BCP) and IT Disaster Recovery (ITDR)
Recession planning, increased exposure to cyber threats and managing workforces remotely are key risks that organisations are now looking to mitigate. With experience across a range of sectors, Mazars BCP team develops best practice solutions that evolve and develop as your business grows.
Our approach is aligned with key regulations, including: ISO22301, the FCA, and ICO.
Business Impact Analysis (BIA)
Through a combination of workshops and questionnaires, our specialists develop a detailed understanding of your critical activities by conducting a BIA. We do this by learning about the criticality of processes, their dependencies and your organisation’s capacity to absorb service loss. We work to understand your business continuity risks and the most likely scenarios that threaten your services.
IT Disaster Recovery (ITDR) plan development
We use our sector, industry and professional services experience to better understand your IT function, current ITDR capability and maturity, and how well this is aligned to your Business Continuity Planning (BCP).
We seek to gain a strong understand of your BCP and IT function, as well as your people, processes and culture. We work with your teams to create a pragmatic/appropriate ITDR Plan that meets your current and future needs.
We can assist with a range of IT set ups, including:
- In-house (on-premise);
- Fully in the cloud with limited or no in-house IT department;
- A ‘hybrid’ combination of both (e.g. some business applications on-premise and some in the cloud; or
- A hybrid combination as above including ITDR as a Service (termed IT DRaaS).
BCP / ITDR exercise facilitation
Having an IT Disaster Recovery (ITDR) Plan and a Business Continuity Plan (BCP) is of limited value if it does not adequately support the business in its time of need. Regular testing of the ITDR and BCP arrangements is essential to ensure that the plans work as intended, are up-to-date and can be effectively implemented. It is also important that your crisis management team is trained to cope with the potentially unpredictable nature of an event.
To test the effectiveness of your BCP or ITDR plans, we lead a simulation workshop to explore your crisis management team’s response to a fictional (but realistic) incident. This provides assurance that your plans will be effective when required, will identify areas for improvement and will help train the team in the continuity process.
We start by assessing the keys risks that might trigger invocation of your continuity or ITDR arrangements. These often vary by sector and we use our experience to guide our assessment of where these risks lie.
Having consulted with you on the continuity risks to be tested, we develop a scenario that is designed to disclose news from the scene of the incident in stages so that your team can consider their response to changing events. We conclude the workshop with a ‘lessons learned’ exercise to identify ways to optimise your preparedness for serious incidents. Our test scenarios are bespoke to each client, and can include the use of table top exercises, custom videos, professional actors and reporters as part of the simulation.
Following the test exercise, we prepare a report to assess your team’s response to the incident, to identify any improvements and to provide assurance to your executive team / board on the outcome.
IT cost benchmarking
Concerned you spend too much or too little on IT? Too much on software licences or salaries but not enough on Cyber Security?
Forvis Mazars’ IT Cost benchmarking Assessment uses industry leading market data to compare a range of costs against your industry peers, including:
- salaries;
- software;
- hardware;
- cyber;
- staff numbers; and
- outsourcing vs in-house spend.
We will work with a senior member of the IT function to gain an understanding of your organisation’s IT structure and services. Next, we meet with Finance to gain a full understanding of your IT costs (Operating and Capital expenditure). Again, this is usually in the presence of a senior member of the IT function.
We then prepare an executive report with clear graphical comparisons between your organisation and the industry peer data.
ITIL service management maturity assessment
IT Service Management (ITSM) refers to the entirety of IT activities, directed by policies, processes and supporting procedures, that are performed by an organisation.
IT Infrastructure Library (ITIL) is a framework detailing a set of practices for ITSM that focusses aligning IT services with the needs of a business.
The ITIL lifecycle has five stages:
(1) Strategy;
(2) Design;
(3) Transition;
(4) Operation; and
(5) Continual Service Improvement.
Forvis Mazars works with your organisation to assess the maturity across of ITIL processes, such as change management or incident management. Each chosen process is graded by maturity level from 1-5. We produce a report detailing each process maturity score and target score. We also set out a roadmap to give pragmatic and affordable recommendations to achieve the target maturity.
Get in touch
To discuss your requirements, please contact us using the form below: