Development Methodology
VTakeshi Ito V Hideaki Orikasa VTetsuya Yoshida
(Manuscript received November 7, 2006)
In today’s high-risk business environments, more and more companies are focusing on the Business Continuity Plan (BCP) as a management methodology for improving their ability to respond to any contingency. However, BCP development methodolo gies suitable for the business environment of Japanese companies have not progressed much beyond the theoretical stage, and the persons in charge of BCP development in companies have been struggling with this issue. Fujitsu has developed a practical methodology and software tool called BCEXPERT to streamline development of its own BCPs for business formations within the Fujitsu Group. This paper describes Fujitsu’s BCP development methodology that has been standardized as the Fujitsu Business Continuity Management Model. This methodology mainly consists of three steps: 1) structuring business processes and resources required for the processes, 2) extracting essential resources for business continuity; and 3) analyzing the business impact of assumed resource damages in various risk scenarios. This methodology can be applied not only to BCP development but also to business resource optimization.
1. Introduction
methodology can be made more practical andThe persons in charge of risk management efficient based on the business conditions of in Japanese companies have been talking more Japanese companies by making use of Fujitsu’s about the concepts of the Business Continuity Plan experience of BCP development. The methodolo (BCP) and Business Continuity Management gy will help reduce the burdens of the persons in (BCM) since the September 11 terrorist attacks charge of risk management in these companies. in 2001. However, while the risk environments
surrounding companies have become increasing-
2. What is a BCP?
ly severe over the past five years, BCP remains a Fujitsu defines a BCP as follows:
key concept that managers often hear about but The purpose of a BCP is to allow critical busi do not fully understand. Moreover, various re- ness activities to continue when an unexpected quests for responses to the internal control situation such as a large-scale disaster occurs. A required by the soon-to-be-enforced Japanese SOX BCP is an action plan for achieving the goals of act, information security, the environment, privacy, business continuity (recovery time objectives for and other management issues have yet to be critical business activities) determined based on addressed, and many persons in charge of risk the analysis of the management environment, management regard the need for BCP develop- business structure, and risk environment.
ment as yet another burden to shoulder. In BCP development, only analyses such as
attention. However, the final purpose is basically to develop an effective action plan that specifies the items to be handled, the people who will handle them, and the deadlines to be met in an emergency. Fujitsu’s BCP consists of an emergency action plan and the analysis of business continuity requirements based on the analysis data that supports the action plan development.
3. Change in business
environment
The risk environment surrounding compa nies is becoming increasingly severe. The risks companies face include an earthquake in the northern part of Tokyo Bay or an inland earth quake in the capital; large-scale earthquakes in the eastern sea, southeastern sea, southern sea, and other areas; flooding (which is becoming an increasingly severe problem); terrorism; and a bird flu pandemic. These risks are constantly present and largely unpredictable. Because these risks are universally recognized, international standardization activities have been started to realize an adequate level of business continuity management by 2008. The Japanese government publicized a series of guidelines for developing a BCP in 2005 that demonstrated a very proactive administrative approach for business continuity enhancement. The guidelines are the “Business Continuity Guidelines 1st ed.”1) by the Cabinet
Office and the “BCP Development Operational Guidelines for Small and Medium Enterprises”2) by the Small and Medium Enterprise Agency. Also, the Business Continuity Advancement Organization (BCAO)3) was established in June 2006 and has been actively promoting business continuity since July. This is the first registered non-profit corporation in Japan aimed at promot ing BCP standardization and fostering BCP specialists. A serious problem that needs to be addressed by companies is that BCP development is becoming mandatory. The growing internation al recognition of the need for business continuity enhancement has emerged as a request to improve the business continuity capabilities of business partners in the business-to-business transactions that secure the global supply chain. More and more companies check for the presence or absence of BCP development by suppliers before starting a transaction. Particularly, most European and American companies strongly recognize the risk of business continuity in Japanese companies due to the threat of large earthquakes. BCP develop ment is needed not only for ensuring business continuity during a disaster but also during everyday operation.
Despite the rapid changes in our environ ment, only 7.9% (23% including the companies who have just started to introduce BCP) of domestic companies have developed a BCP (Figure 1).4) This figure is much lower than the
33% 44% 15% 7.9%
We have developed a disaster prevention plan We have no disaster prevention plan.
including emergency measures and launched BCP. We have a disaster prevention plan focusing on emergency We have developed a disaster prevention plan including BCP. measures, e.g., evacuation, confirmation of safety.
Source: Development Bank of Japan: Special Survey Concerning Companies’ Approaches to Disaster Prevention (Chart 2-1 Development situation of disaster prevention plan and business continuity plan [BCP])4)
Figure 1
47% figure determined by the Business Continuity Institute5) for major overseas compa nies. The Central Disaster Prevention Council wants all of Japan’s major companies and more than 50% of the country’s small and medium companies to develop a BCP within 10 years.6) To attain this goal, further supportive activities based on public-private partnerships will be necessary as well as improved management awareness.
4. Fujitsu’s Business Continuity
Management
Fujitsu is an information system vendor that plays a major role in the social infrastructure and also a manufacturer participating in the global supply chain. In keeping with these roles, since its establishment, Fujitsu has developed disaster prevention and emergency response plans and conducted various training to prepare for emergency situations. Moreover, in 2004, a company-wide BCP development project was set
up, and in 2005, a specialized organization was established to develop BCPs and enhance business continuity throughout the Fujitsu Group. Fujitsu has a variety of business operations with different business environments, structures, bases, and management resources. To develop a BCP for each operation, company-wide business continuity management has been implemented in three layers: management, a specialized organi zation for business continuity, and the business unit (Figure 2).
The specialized organization for BCP development plays a key role in this system. This expert group consists of Fujitsu staff having special skills in, for example, disaster prevention, procurement, information system operation, consulting, system development, and outsourcing. The organization for BCP development has also developed various tools and software products to make BCP development and maintenance efficient.
Management (management conference)
Organization in charge of business continuity
Business unit
Business unit
Business unit
Business unit Developing, operating, and improving BCP Specialized organization
Developing and supporting operation of BCP De
Devveloping andeloping and controlling basic controlling basic policy f
policy for bor businessusiness contin continuityuity Management architecture
• Determines basic principles. • Determines promotion system and
control method. • Approves group BCP.
• Approves amount invested for measures. • Overall control
• Develops development and operation processes and methodology. • BCP template
• Development support (consulting and tool provision) • Adjusts company-wide optimization
(inter-group and company-wide) • Educational development and
implementation support
• Develops, operates, and improves prior measures plan.
• Develops, operates, and improves action plan in an emergency.
• Develops, operates, and improves business recovery plan.
• Develops, operates, and improves information system recovery plan. • Develops, operates, and improves
human resource training plan. Function
• Business continuity basic policy
• BCP development guidelines
• BCP (for each unit) Document
Figure 2
5. Fujitsu’s BCP development
methodology
Fujitsu’s BCP development methodology has been standardized as the Fujitsu Business Continuity Management Model (Figure 3). This model covers the phases from planning to operation. BCP development and operation management performed in accordance with this model enable visualization and standardization of an entire business process regardless of differences in the business environment and structure.
This model consists of the following six phases:
5.1 BCP system development (Phase I)
This phase develops collaborative projects between the specialized organization for BCP development and the target business operation.
5.2 Analysis of business continuity
requirements (Phase II)
This phase structures the current business processes and resources and sets a goal for busi ness continuity. Figure 4 shows the flow of
Phase I Phase II Phase III
business continuity requirement analysis. 1) Collect and analyze information required for
BCP development (research of the business environment and structure) (q).
2) Based on the information collected by inter views and questionnaires, analyze the impact of business interruption (Business Impact Analysis) (w).
3) Based on the analysis results, determine the Recovery Time Objective (RTO) (e).
4) Analyze the business processes, resources that support the processes (people, facilities, information systems, etc.), and physical re source assignment to create a structured influence diagram (Figure 5) (r).
The influence diagram clarifies the condi tions for implementing business using the structured business processes and resources. 5) Analyze the risk environment surrounding
the business to make assumptions about the risk factors and risk occurrence status. Although the possibility of an earthquake is often considered in risk analysis, it is impor tant to study a wide range of situations that
Phase IV Phase V Phase VI
BCM enhancement plan Project implementation plan (WBS)
• Setting up BCM enhancement plan • Approving executives • Developing promotion system BCM system development Business continuity requirements
• Collecting basic information • Business Impact
Analysis • Analyzing resources of critical business process • Risk analysis • Extracting critical resources of critical
process Analysis of business continuity requirements Measures plan Business continuity strategies • Extracting measures options • Considering return
on investment • Developing
measures plan • Determining business
continuity strategies Development of business continuity strategies Business continuity management plan Business continuity plan Awareness and training plan Manual checklist • BCP
• Awareness and training plan • Developing BCM plan • Testing plan items and approval Development of business continuity plan Manual checklist (revision) • Preventive measures • Redundancy measures • Spare measures • Alternative measures • Test and reflection
in BCP Implementation of business continuity measures Related documents (revision) Evaluation improvement report • Education • Training • Evaluating training
results
• Extracting improved items
• Reviewing business continuity environment • Reflection in plan and
measures
Evaluation and improvement
Figure 3
qBusiness environment research wBusiness Impact Analysis at suspension
tRisk analysis
qBusiness structure research
yAssuming resource damage at risk
rModelling process resource relationship (influence diagram)
iGap analysis
eDetermining Recovery Time Objective (RTO) uBusiness damage at risk
(time for recovery to current status) Measures examination Figure 4
Flow of business continuity requirement analysis.
B6 基板製造
M9 ––1 部材供給ルート
B9––4
調達部門経由部材 B9 ––1
サプライヤ部材 直接納品
R39 サプライヤ部材
(関連会社) R27 サプライヤ部材 (その他供給会社)
B13 部材購買 (本社)調達部門)
B9 部材調達 (生産工場)
B21 物流管理 (本社)物流管理部門)
R40 要員(物流管理 (物流管理部門)
R28 要員(部材購買 (調達部門)
R64 指導員 (YY ユニット製造)
R21 ライン要員 (YY ユニット製造)
R63 クリーンルーム (YY ユニット製造)
B12 生産オペレーション (生産工場)
B18 生産オペレーション (本社)生産管理部門) R31 要員(生産オペ (生産工場))
R53 要員(生産オペ
(生産管理部門)) R57 生産管理データ (XXセンター)
R32 生産管理データ (XX センター) R25 納品出荷伝票
R36 (情報システム) 物流オーダー管理システム (XXセンター)
R30(情報システム) 部材管理システム (YYセンター)
R29(情報システム) 購買管理システム (XXセンター)
R35(情報システム) 在庫管理システム (XXセンター
B5––2 生産管理システム
R3 社内ネット(WAN)
B5 ––2 生産管理システム
R3 社内ネット(WAN) R3 社内ネットワーク
(WAN) R06 電力
B5 ー 2 生産管理システム
B3 生産工場での生産台数の確保
B5 製品生産と品質
製造
要員参集モデル
要員参集モデル 要員参集モデル
要員参集モデル
要員参集モデル
等 (YYユニット製造)
B2 供給能力の確保
R41 生産・製品引当 管理システム (XXセンター)
Explanatory note: Explanation of box types
Intermediate goal
Direction of dependence
* Notation in box Description of ID box ID: Identifier B*: Objective
indicator M*: Functional indicator R*: Resource B6 Board production Personnel collection model M6-1 Activation of board production environment R10 Instructor (board production) R08 Line personnel (board production) R06 Electricity R61 Air conditioning B6-2 Drawing control system B6-4 Information system B R12 (Special equipment) Production line R13 (Special equipment) Tuning device R68 Nitrogen
R06 Electricity R07 Pure water R61 Air conditioning B8-1 Information
system E R17
(Special equipment) YY unit production control
R19
YY unit production line. Cleaning equipment, etc. (YY unit production)
B8
YY unit production
Indirect evaluation resource
Final goal Resource Personnel (separate modeling) R22 Stock amount (YY unit production relation) Linkage between pages 凡例:ボックス種別の説明
最終目標 リソース 要員
(別モデル化) 間接評価 リソース
中間目標 ページ間
のリンク 依存関係の方向
*ボックス内、記法 ID ボックス内容 の記述 ID: 識別子 B*: 目標指標 M*: 機能指標 R*:リソース
Figure 5
can occur. For example, a bird flu pandemic would leave buildings and equipment undam aged but would incapacitate an estimated 40% of the population. This situation clearly differs from that of an earthquake and consequently requires different countermea sures. While it is a waste of time to think of unrealistic situations, it is important to look beyond the obvious risks to business continuity (t).
6) Based on the above risk analysis, apply the situation (resource damage) to the influence diagram (y).
7) Based on the resource damage, determine how much damage the current business will suffer (time for recovery to current status). Also, identify the critical resource that will have the largest impact on the stop time (u). 8) Achieve the goal of BCP, which is to bridge the gap between the present recovery time and the RTO that has already been specified (i).
5.3 Development of business continuity
strategies (Phase III)
This phase determines measures and strat egies for attaining the above-mentioned goal of BCP. There is an inverse relationship between the amount invested in the measures for business continuity and the effects they produce. If it were assumed an earthquake would make a critical production base unusable, it would be better to build a plant having the same production capability elsewhere in advance. An information system can be made continuously available simply by building a second or even a third infor mation center. However, for many companies, these measures are prohibitively expensive. This phase determines the optimum balance between the improved responsiveness to an unexpected situation and the investment amount and also determines the measures and business continu ity method to be employed in an emergency. To achieve these goals, the return on investment in
the business continuity enhancement investment must be visualized to support management decision-making. Figure 6 shows a matrix chart of the return on investment. Based on this matrix, priority will be given to measures with lower investment and higher effect. A measure with a higher investment and effect (construction of a second plant, dual information system centers, etc.) will be addressed as a medium-term to long-term management challenge at the management’s discretion.
5.4 Development of business continuity
plan (Phase IV)
This phase creates a practical action plan based on the business continuity strategies. The action plan consists of an implementation plan of various measures, an education and training plan, and an emergency action plan. The most signifi cant of these is the action emergency plan, which must be optimized so that the persons in charge will rapidly and steadily perform their roles. This plan should be in the form of a concise manual or checklist that clarifies the individual roles and contains only the required information.
5.5 Implementation of business continuity
measures (Phase V)
This phase implements the measures speci fied in the action plan. The measures include employee education and the fostering of special ists as well as measures for physical resources (i.e., preventive, redundancy, spare, and alterna tive measures).
5.6 Evaluation and improvement
(Phase VI)
This phase performs yearly training in accordance with the developed BCP and updates the BCP every year after a review of the business continuity requirements based on the changes in the business environment. This phase is the most important phase for keeping the BCP effective at all times. To reduce the load on the continuous
Determining the direction of measure options based on return on investment matrix
Measure eff
ect
Minor
Medium
Major
Outside of
examination
Major Medium Minor
Construction of second plant
Addition of alternative production line Anti-seismic reinforcement
Inventory building Installation of private
electric generator
Decentralization of suppliers
Remote backup of vital records personnel participation Development of plan at disaster Installation of safety confirmation system Development of SLA with
outsourcing supplier Contract of alternative office
Short-term measures Mid- and long-term
measures
Range of costs invested for measures
Figure 6
Concept of measures examination (example for manufacturing industry).
improvement activities, in addition to keeping the BCP up-to-date, it is also important to pursue BCP document composition with easy maintenance and efficient updating.
6. Tool for promoting BCP
development efficiency
Fujitsu uses the BCEXPERT software tool to promote standardization and efficiency of BCP development and updating operations (Figure 7). BCEXPERT provides standard processes from BCP development planning to BCP update operation. It consists of BC-Navi, which supports project management; tools that support simula tions in each process; and document template groups. The goal of BCP development is to create an effective action plan for continuing business in an emergency. This action plan is based on the results of researchers who have analyzed the business environment, business structure, risk environment, and other factors. The environment surrounding business is constantly changing, and to quickly and accurately reflect these changes
in the action plan, a proactive approach to BCEXPERT and other software tools is essential.
7. Future issues
To continuously promote business continuity enhancement activities based on BCP develop ment, the following issues must be addressed: 1) Visualization of activity results
It is easy to understand the costs of BCP development and these activities but difficult to understand their achievements. Therefore, the continuous improvement activities are liable to lose momentum. One effective way to promote these activities is to set activity results bench marks. These benchmarks establish standards (maturity models) for the measurement of a com pany’s business continuity capability and link the standards with the activities’ status. To create a maturity model, benchmarks regarding the approaches of advanced companies and other companies in the same industry are necessary. However, there is no accumulation of effective data in Japan. We expect that the BCAO and industry
START 3000
パイロット 事業 概況調査
3000_2
事業内容 調査結果
3000_1
プロジェクト 計画書
3100
アンケート インタビュー 設計
3100_1
アンケート インタビュー 設計参考 資料
3100_2
アンケート インタビュー シート
3200
アンケート インタビュー 実施
3200_1
アンケート インタビュー 集計表
4000
収集情報 の分析 重要業務 の特定
4000_1
現状調査 分析結果 報告書
4100
重要業務の プロセスと リソース モデル化
4100_1
プロセス リソース モデル
6000
ビジネス 影響度分析
6000_1
施設・人員 分布状況 データ
5000_1
リスク評価 ワークシート
5000
リスク分析 リスク分析 5000_2
結果報告書
6000_3
ビジネス 影響度 分析結果 報告書
6000_2
ダメージ シナリオ 設定表
7000
対策オプション の抽出
7100
事業維持 戦略の決定
7100_1
対策投資対 効果分析 ワークシート
7100_2
対策投資対 効果分析 結果報告書
8000
実施計画の 策定と レビュー
8100_1
パイロット 事業向
BOM推進 計画書
8100_2 BOP策定 ガイドライン
8100
ドキュメント 作成
(BOP-BOM
計画書)
8100_3
対策計画書 災害時行動 8100_4
計画書
8100_5
教育訓練 計画書
END
Figure 7
BCM operation support tool (BCEXPERT).
groups will promptly develop these benchmarks. 2) Linkage with internal control
It is important for each company to implement measures to ensure the level of internal control that will be required by the soon-to-be-enforced Japanese SOX act. Internal control and business continuity have one thing in common in their implementation processes in which process-oriented examinations are made and risks are clarified and controlled. However, they differ fundamentally in their purpose and scope because internal control is intended to guarantee reliability of financial reports, while business continuity is intended to continue critical business activities in an emergency. Essentially, it would be ideal if BCP development and continuous improvement activities were both controlled by internal control activities. However, at the moment they must be developed as sepa rate efforts. In the future, integration between internal control and business continuity activities will be promoted in line with the expansion of the scope of internal control.
3) Business continuity enhancement in the supply chain
Because Fujitsu has been developing various businesses in the global supply chain, a company-specific BCP is unlikely to enhance business continuity. Fujitsu will continuously review the service level agreements (SLAs) with its clients and evaluate how its business partners have de veloped their BCPs.
8. Conclusion
Sometimes, BCP development work is described as a tunnel that has no exit because, despite the extensive research analyses and large volumes of documentation associated with BCP development, the effectiveness of a BCP cannot be demonstrated until an emergency occurs. How ever, from a completely different standpoint, BCP development work provides a big opportunity for management restructuring. As mentioned above, the work includes creating a relationship model between the business processes of critical busi ness activities and required resources to analyze the impact that resource damage will have on a business. In fact, this model can be used as a simulation model to cope with changes in the management environment and optimally and
promptly allocate resources. Basically, BCP development work is nothing less than an activi ty for getting to the core of how to continue important business activities with minimal resources even in an emergency. This activity reveals the essential framework of a business with all redundancies eliminated and allows us to review the business origins of a company. Look ing at BCP development work from the viewpoint of not only the measures against disasters but also for management restructuring can enhance business continuity in an emergency. It also leads to sophistication and streamlining of management activities themselves. Business continuity management in Japan is still in its infancy com pared to that in European countries and the US; however, this can be converted to an advantage by regarding business continuity as a manage ment improvement activity from the beginning. Fujitsu aims to develop a new management mod el to achieve sustainable management that focuses on more than just efficiency.
References
1) Central Disaster Management Council, Special Board of Inquiry on enhancing disaster manage ment by utilizing the private sector and markets, Corporate Evaluation/Business Continuity Working Group, and Cabinet Office, Government of Japan: Business Continuity Guidelines 1st ed.
— Reducing the Impact of Disasters and Improving Responses to Disasters by Japanese Companies. August 1, 2005.
http://www.bousai.go.jp/MinkanToShijyou/ guideline01e.pdf
2) Small and Medium Enterprise Agency: BCP Development Operational Guidelines for the Small and Medium Enterprises. (in Japanese). http://www.chusho.meti.go.jp/bcp/index.html 3) A Specified Non-Profit Japanese Corporation
Business Continuity Advancement Organization (BCAO). (in Japanese).
http://www.bcao.org/
4) Development Bank of Japan: Special Survey Concerning Companies’ Approaches to Disaster Prevention. (in Japanese), January, 2006. http://www.dbj.go.jp/japanese/release/rel2006/ 0105.html
5) InterRisk Research Institute & Consulting, Inc.: Report of Field Survey of Japanese Companies Concerning Business Continuity Management (BCM). (in Japanese), October 2005.
6) Central Disaster Prevention Council: Counter measure Strategies against Disaster by Inland Earthquake in the Capital City (plan). (in Japanese), April 21, 2006.
h t t p : / / w w w. b o u s a i . g o . j p / c h u b o u / 1 7 / shiryou3-1.pdf
Takeshi Ito, Fujitsu Research Institute. Mr. Ito received the B.A. degree in Law from Ritsumeikan University, Kyoto, Japan in 1982. He joined Fujitsu Ltd., Tokyo, Japan in 1982, where he was engaged in the sales and marketing of systems integration solutions and solution services for financial institu tions. In addition, he was engaged in the sales and marketing of an Applica tion Service Provider (ASP) service business. He is currently engaged in Business Continuity Plan (BCP) development and consultation on Business Continuity Management (BCM). In 2007, he moved to Fujitsu Research Institute. He is an executive board member of the Business Continuity Advancement Organization (BCAO) of Japan. E-mail: [email protected]
Hideaki Orikasa, Fujitsu Research Institute.
Mr. Orikasa received the B.S. degree in Mechanical Engineering from the University of Tokyo, Tokyo, Japan in 1976. He joined Fujitsu Ltd., Tokyo, Japan in 1976, where he was engaged in the development of operating systems, work on systems integration, and development of IT service manage ment methods. He is currently engaged in Business Continuity Plan (BCP) development and consulta tion on Business Continuity Management (BCM). In 2007, he moved to Fujitsu Research Institute. He is a member of the Information Processing Society of Japan.
E-mail: [email protected]
Tetsuya Yoshida, Fujitsu Research Institute.
Mr. Yoshida received the B.A. degree in Economics from Kwansei Gakuin University, Hyogo, Japan in 1992. He joined Fujitsu Ltd., Tokyo, Japan in 1992, where he was engaged in purchasing software licenses from software vendors for more than 10 years. He is currently engaged in in-company Business Continuity Plan (BCP) development. In 2007, he moved to Fujitsu Research Institute.
