Service Continuity vs. Incident Management
According to ITIL 4 best practice, Service Continuity focuses on events that would impede business operations so drastically that it would be considered a disaster. Other events that have a less significant impact to the business might be considered as an incident to be managed through the Incident Management Practice or the Major Incident Management Practice.
This means that there are different levels of importance and that the distinction between what is a normal incident, major incident or one that might require disaster recovery must be predefined and agreed upon. Documentation then must include clear thresholds and triggers to provoke the appropriate response and recovery into action without delay and additional risk.
There is no question that your organization is increasingly dependent on services that are tech-enabled. The need for resilient solutions are critical to success. A combination of business planning as well as being proactive with security, incident and problem management will be required. High availability solutions require upfront proactive design!
ITIL 4 takes a holistic approach to service management (Read What Is ITIL 4) with the constructs of an overall Service Value System. Included in that Value System is a Value Chain. The power of the Value Chain is that it contains elements that can be applied to all of service management.
Service Continuity is applied to all elements of the Value Chain including and not exclusive to:
Plan – The organization's leadership and governing body establish an initial risk appetite with defined scope, policy, supplier strategy, and investment in recovery options.
Improve – Service Continuity Management ensures that continuity plans, measures, and monitors to ensure ongoing improvement to align with the business strategy.
Engage – Engagement of all stakeholders necessary to ensure readiness for major incidents and disasters!
In order to truly “manage” Service Continuity, Disaster Recovery, and Major Incidents; We must consider Security, Compliance, and High Availability as REQUIREMENTS at the front of the pipeline. Requirements infer that these are considered before the development of software and before the architected solution. We should then be better enabled to design in such a way that would reduce if not eliminate the need for reactive firefighting that frequently spins the support organization out of control!