The purpose of Service Continuity (SCON) is to establish and maintain plans to ensure continuity of services during and following any significant disruption of normal operations.
Introductory NotesService continuity is the process of preparing mitigation for significant disruptions to service delivery so that delivery can continue or resume, although perhaps in a degraded fashion. These practices describe how to prepare service systems and the resources they depend on to help ensure that a minimum critical level of service can continue if a significant risk is realized. Part of service continuity is identifying which services cannot be disrupted and which can be disrupted and for what amount of time. The Service Continuity process area builds on the practices in the Risk Management process area. The Risk Management process area describes a general systematic approach to identifying and mitigating all risks to proactively minimize their impact on the work. Service continuity practices are a specialization of risk management that focuses on dealing with significant disruptions of normal operations. If risk management has been implemented, some of the resulting capability can be used to provide for more effective service continuity. However, generic risk management does not guarantee that service continuity is accomplished. Therefore, the specific practices of the Service Continuity process area are required in addition to the practices of the Risk Management process area. Service Continuity can be applied at both the organization level and the work group level. Therefore, the use of the term “organization” in this process area can apply to a work group or the organization as appropriate. Typically, service disruption is a situation that involves an event (or sequence of events) that make it virtually impossible for a service provider to conduct business as usual.
Examples of such events include the following:A service provider may only have a short period of time in which to recover and resume providing services. The Service Continuity process area covers developing, testing, and maintaining a service continuity plan. First, the following should be identified:
- Disruptions to infrastructure such as significant equipment malfunctions and building collapse
- Natural disasters such as hurricanes, tornados, and earthquakes
- Human events such as civil unrest and acts of terrorism
- The essential functions that support the services the organization has agreed to deliver
- The resources that are required to deliver services
- The potential hazards or threats to these resources
- The susceptibility of the service provider to the effects of each hazard or threat
- The potential impact of each threat on service continuity
- Documenting the service continuity plan based on the information previously collected
- Documenting the tests to validate the service continuity plan
- Documenting the training materials and training delivery methods for carrying out the service continuity plan
Refer to the Service Delivery (SD) (CMMI-SVC) process area for more information about delivering services in accordance with service agreements.
Refer to the Decision Analysis and Resolution (DAR) (CMMI-SVC) process area for more information about evaluating alternatives.
Refer to the Organizational Training (OT) (CMMI-SVC) process area for more information about delivering training.
Refer to the Risk Management (RSKM) (CMMI-SVC) process area for more information about identifying and analyzing risks.
Refer to the Work Planning (WP) (CMMI-SVC) process area for more information about developing a work plan.
- SCON.SG 1 Identify Essential Service Dependencies
- The essential functions and resources on which services depend are identified and documented.
- SCON.SG 2 Prepare for Service Continuity
- Preparations are made for service continuity.
- SCON.SG 3 Verify and Validate the Service Continuity Plan
- The service continuity plan is verified and validated.