The 2022 IT budget planning season is well underway and with the rising frequency and impact of cybercrime growing each year, having a comprehensive budget for disaster recovery is critical.
Oftentimes, senior leadership may believe they already have a complete DR plan in place already, when in fact, their program may need adjusting. After all, if the business is one of the fortunate few that has not encountered data loss, there may be a false sense that the strategy can remain unchanged, when the reality is it should be audited and adjusted regularly. At the same time, as operating environments become more fragmented and complex with the adoption of SaaS and cloud applications, the need to continually evaluate these plans is also greater. Being on the frontlines of DR initiatives, IT leaders know this conundrum all too well.
When making the case for DR budget increases to senior leadership, here are three key questions to address in these discussions.
- What risks do we face? Organizations that fail to identify, address, and plan for data loss and downtime are at greatest risk of sustaining a negative impact to their business. Senior executives problem solve in terms of risk mitigation and revenue. When discussing IT recovery plans and the necessary budget, discuss the risks of the loss of reputation due to bad press about an outage or losing millions in revenue due to the interruption of a mission critical application. Recent headlines of companies experiencing this are unfortunately very common, so real-world examples won’t be hard to find. Approach this conversation by identifying all of the IT risks for the company and prioritizing them by probability and impact. Ask the executives to identify the risks they are willing to take versus the risks they are willing to accept, and work collaboratively to outline an evolving strategy that starts by addressing the highest probability and highest impact risks.
- What is the likelihood we’ll encounter such an event? To address this question, start by striking the term “disaster” from the conversation. The word “disaster” is associated with low probability events such as a widespread outage due to a flood or earthquake. Yet, the reality is that most downtime is caused by mundane, everyday events including human error, hardware failure or power outages. It’s important to note that as employees work remotely in greater frequency, employee-based incidents are on the rise and wreaking havoc on IT environments too. By removing the word “disaster” from conversations with senior management and discussing business resiliency in terms of high probability events, they are far more likely to pay attention.
- What are the benefits of an increased investment? While outlining risks is important, so too are underscoring the benefits of IT recovery. Meeting supply chain demands, gaining a competitive advantage, adhering to SLAs, and successfully complying with regulatory requirements are just a few to start the conversation. Perhaps most importantly, an increased budget that will enable faster recovery means the business’s mission-critical, revenue-supporting applications stay up, and customer satisfaction remains high.
Lastly, address the inevitable question of “where do we go from here?” by recommending which specific applications require an active recovery plan rather than simply focus on the fact that management needs to spend more on IT recovery. Pointing to a specific, proven, and comprehensive solution that will meet the business’s IT recovery needs will help justify the investment.
IT leaders know the dire consequences of data loss can be detrimental to the business: downtime, lost productivity, and long-term reputational damage. By ensuring senior leadership understands these risks and is on-board with the proposed budget and strategy, IT leaders can help improve resilience to high probability threats and be prepared to quickly address data loss or data theft in the event it happens.