BCP and Disaster recovery in IT, Telecom and BFSI sectors

According to a report by Frost and Sullivan the average spending of a company in the banking, financial services and insurance (BFSI) space in India on disaster recovery is $0.44 million.
Another 2009 report states that the data center market in India is growing at a healthy rate of 25% CAGR. The main driver of this growth is outsourcing, which is growing at a rate of 80% annually. According to a Gartner report, as bandwidth prices fall to around Rs 6,000-8,000 per Mbps per month, India will become an attractive destination for hosting.
Estimates put the third party data center market including co-location services, hosting services and managed services in India at $150 million. With a projection of an average CAGR of 36% over the next two years, the verticals that outsource the most are BFSI and manufacturing sector.

We will look at 3 most promising sectors in India and evaluate the importance of Disaster recovery in these sectors:
1) BFSI:
Due to the rules laid down by RBI, NSE, SEBI; the necessity of BCP is very high in this sector. Imagine your nearby ATM is down and you need some cash urgently. This is sure to result in numerous customer complaints. To avoid this situation, business continuity becomes crucial.
Hence, as per RBI, following guidelines must be followed:
• Identification of critical businesses, owned and shared resources with supporting functions (the BCP template shall include IT Continuity Plan template)
• Structured risk assessment based on comprehensive business impact analysis
• Formulating Recovery time objectives (RTO) based on Business Impact Analysis. It may also be periodically fine-tuned by benchmarking against industry best practices.
• Critical and tough assumptions in terms of disaster so that the framework would be exhaustive enough to address the most stressful situations
• Identification of the recovery point objective (RPO) for data loss for each of the critical systems and strategy to deal with such data loss
• Alternate procedures during the time systems are not available
• Clearly documented and tested processes for shifting to secondary/back-up systems and sites
• Risk management by implementing IS design and architecture to attain the bank’s agreed RTOs and RPOs.
• Minimising immediate damage and losses
• Restoring critical business functions, including customer-facing systems and payment & settlement systems like cash disbursements, ATMs, Internet banking, call centres, etc.
• Establishing management succession and emergency powers
• Addressing HR issues and training aspects
• Providing for the safety and wellbeing of people in the branch or at the location at the time of the disaster
• Use of external resources/ support
• Having specific contingency plans for each outsourcing arrangement based on the degree of materiality of the outsourced activity to the bank's business
• Ensuring service providers for critical operations have BCPs in place and also periodically test the same
• Compatibility and co-ordination of contingency plans at both the bank and its service providers
• Action plans, practical manuals and testing procedures
• Independent audit and review of the BCP and test results
• Periodic updating to absorb changes in the institution or its service providers


2) IT/ ITES:
In an IT/ITES company, the disaster recovery plan is more customer-centric. These companies handle critical data of customers. The customers need to be supported 24/7, therefore it both data security and non-disrupted services are a must. Hence the requirement of DRR/BCP {Disaster Recovery and Business Continuity Planning ) by this sector is high.
Some of the reasons why IT-ITES companies need to build robust Information Security Management strategies are:
• To safeguard assets of the company viz information assets, software assets, physical assets and services.
• To ensure the correct and secure operation of computer, network and communication facilities
• To safeguard integrity of data and software from computer viruses, spam, hacking, unauthorized and malicious use
• To build confidence in the minds of existing and potential clients

3) Telecom:
Because businesses today depend so much on communications capabilities, maintaining quality communications is a must for successful telecom environment management. This means, there needs to be a network contingency plan in place that offers the telecom environment quick, alternate connectivity whenever it is needed—ensuring business continuity if any disaster or other connectivity-impairing events should occur
To implement the Business Continuity Plan for a telecom sector it is important for businesses to understand the value in each of their services and what the impact would be if that service were missing.
Also, businesses must determine what the "weakest links" in their services are--which components of service delivery are most likely to fail and if they do, will they cripple connectivity?
Also, it's important for businesses to recognize what system components are critical and focus on the possible inability to access connectivity from the subscriber premises.
Thus, its clear that business continuity and disaster recovery in these sectors is something business’ cant do without.
You can include other sectors and their need for BCP from your experiences too.