Safeguarding business continuity has become significantly more complex and difficult now that supply chains stretch around the globe, and the digital revolution requires companies to commit to consistent and ongoing preparation for both physical and technology disruptions.
Today, the ability to identify and respond to unexpected events and disruptions has become increasingly critical across so many dimensions — reputational, financial, regulatory, legal, health and safety — that it has risen at many organizations to the top of the corporate agenda.
While there are implications for every part of the enterprise, chief information officers have a foundational responsibility to build a resilient technology stack and IT operating model that can help their organization weather unexpected challenges to business continuity.
Easier said than done, of course, but following are seven concrete steps CIOs can take to make sure their tech stack and IT operating model have the resilience needed to perform under duress:
As we work with clients across industries, we see a number of areas where organizations often stumble in their efforts to build a resilient technology stack and IT operating model.
One common mistake is to treat the challenge solely as a technology problem. By bringing their peers in the business into the planning process, CIOs can develop a resilience strategy that protects what is most important to the enterprise — without veering down digital alleys and byways that can sap resources and momentum. This at times may include the use of new systems or applications on an interim basis that require additional IT considerations.
In the same vein, organizations sometimes look to a specific tool as the solution to resilience. But individual tools — especially off-the-shelf varieties that can’t be highly tailored to your organization — may struggle to deliver what your business needs. Indeed, retrofitting existing platforms with bolt-on tools often fails to yield optimal results. CIOs can sidestep this problem by performing requirements gathering for a tool, ranking features from “must have” to “good to have” to “expendable” and then performing a market scan to identify the tools that can best meet those requirements.
Finally, too many organizations are not testing their recovery processes with enough rigor to prove that value chains can be quickly restarted following a disruption. A robust testing routine is the only way to make sure resilience measures that make sense on paper can truly be relied upon in the field.
If you’re concerned that your organization’s tech stack and IT operating model aren’t sufficiently resilient, take some time over the next few months to get answers. Define the risks to your business and the gaps in your current capabilities. Then, start building and executing against a delivery strategy to reduce resilience risk to an acceptable level.
At KPMG, we apply our extensive experience and deep domain knowledge every day to helping CIOs build modern IT organizations fit for tomorrow. To learn more about how we could help your business create a more resilient technology stack and IT operating model, contact us.