The avalanche of information before the millenium date showed how much companies rely on computers and communications networks.

Do you know how many hours of continual data processing your business does every day, how many hours your Uninterruptable Power Supply has had to back up your system this year, how much downtime your business can afford? Do you need to worry? You may consider that you do not if you have a large in-house risk department, business continuity and disaster recovery plans and long-term outsourcing contracts for your IT or FM departments. But, in these respects, you are not unlike many of the companies last year that suffered serious downtime and revenue loss

The UK Department of Trade and Industry’s current estimates suggest that 70% of organisations that experience serious data loss go out of business within 18 months. And, according to a recent survey from Previo Europe*, the main cause of loss of data (42% of incidents) is hardware failure, including hard drive failure and power surges.

If you are going to depend on technology, you also need to understand how technology itself depends on the facility infrastructure - facilities, systems and support equipment. And, because a disaster would affect your whole business, senior managers need to understand enough about the risks and relationships to take the right decisions.

You cannot leave managing critical dependencies to the technicians. Dependencies often arise out of the interplay between business plans, process design and systems architecture, so senior managers need to be involved.

One approach to identifying technology risks is to look for critical dependencies in people, processes, systems and external structures. Once identified, you can engineer away these dependencies by adding failsafes and system redundancies.

It might seem impossible for senior and managers to understand and control systems risk at this level of detail. But dependency modelling (and the simple reporting and audit process which support it) can allow even the most complex systems and processes to be detailed and linked to what the business needs to function at the required level. The models make clear, even to non-technical managers, what must be in place and working.

How it works
Conveying the impact of individual component failures or entire systems to those making decisions can be difficult. One way is to model what the business’s operations depend upon. This starts with the critical systems that must be in place for each of the business’s operations. The dependencies are then partitioned further down to component or equipment level, where it can be seen that the failure of a single item of equipment can cause a system to fail.

Within a single model, the business can identify which systems and items of equipment are essential to its operations. It is then a matter of including the supporting soft systems in the model.

Traffic light nomenclature is easy to understand and provides an effective audit trail. Problem areas are red, identified risks under effective control amber, and situations where there is no or very low business risk green. Summarising these factors into one visual database provides management with indicators to assist in business decision-making.

A sample dependency model for a business operating within the insurance sector is illustrated.

Recent incidents within high risk trading operations show how difficult it is to separate the problem of system risk management from the problem of managing human processes and of communicating risk. And current risks are diverse and set to multiply even further with e-commerce.

Dependency modelling is based on a model of those things that must go right in order to protect the business. It can contend with the complexity and interconnectivity of the modern office by effectively demonstrating the things that could go wrong, either singly or in various combinations - a useful tool for senior managers.

*The Cost of Lost Data by David Smith, commissioned By Previo Europe, November 1999.

David Clark is managing director of corporate risk consultants BSC Consulting, Tel: 020 7253 0621, E-mail:

Previo provides automated software in connection with end-user computing problems, Tel: 01344 397012, E-mail:

CASE STUDY 1:A failure to identify and manage technical & operating risks
In developing models for a bank, BSC found that a critical part of its IT facility had moved to what appeared to be an ideal location in part of a large, newly acquired, multi-tenanted building. However, modelling showed that this critical IT function was in a building controlled by a landlord with little understanding of the importance of maintaining back-up systems. On further investigation, the building’s systems were impaired, there was no back-up generator, the power distribution systems were already approaching red through lack of capacity, and the air conditioning plant had been so badly maintained that it needed urgent replacement. To top it all, the landlord’s security systems were so lax that they seriously compromised the bank’s security cover on the floors it occupied. Within days of the model revealing these unsafe dependencies, the bank routed the critical IT service through a known “green” installation.

CASE STUDY 2: A design compromise in a new build project increased operating risk on handover
A risk survey for a financial institution in a prestigious new development showed that the project team had decided to omit a UPS module to keep within the budget. Instead, it had designed a control system limiting the electrical load to essential services. BSC showed that failure here would put the power to hundreds of dealing desks at risk.

CASE STUDY 3: A failure to identify and manage technical risks
A fault in a drink vending machine in an office block in the City of London leaked liquid onto the switch gear located in the main switch room below. This caused the main circuit breaker to blow up and resulted in a total loss of power to the building for 12 hours.

CASE STUDY 4: A failure to follow procedures
Contractors working for an IT department set off fire alarms in a large office block. Correct procedures were not followed. Dust movement and hot-working (welding equipment) triggered smoke detectors. The building was evacuated, with at least half an hour of downtime.

CASE STUDY 5A failure to identify and manage technical risks and single points of failure
A single temperature sensor in a research laboratory failed. It was the only means of measuring environmental conditions and was not connected to a warning system. As a result, the experiment was invalidated. The total cost was estimated at £4m.