News Stay informed about the latest enterprise technology news and product updates.

Disaster recovery funding often hard sell for CIOs

There's no ROI on disaster recovery. But CIOs can still convince their bosses to invest.

Carlsbad, Calif. -- Selling doom and gloom is a tough job. But somebody has to broach the topic of the business failing -- spectacularly -- and that job typically falls to the CIO. No one likes the bearer of bad news.

Consider as well that disaster recovery planning doesn't make any money, and the pitch seems even more futile.

"It isn't sexy, and nobody cares about it until something bad happens," United States Tennis Association CIO Larry Bonfante said, speaking at last week's CIO Decisions Conference. "People don't want to talk about this stuff."

They don't want to pay for it, either. Bonfante hosted a discussion on how CIOs can lead the creation of a business continuity plan. Nearby, Charles Kramer gave tips on convincing CEOs and CFOs to pay for disaster recovery.

"Typical ROI doesn't work, so you need to come up with other metrics to show why these projects have value," said Kramer, senior vice president and CTO at Social and Scientific Systems Inc. in Silver Spring, Md.

More on DR and continuity
Failover sites key to surviving disaster

Collaboration tools prove worth during California fires
Kramer advised CIOs to cast themselves as salesmen, albeit serious and well-intentioned ones, when pitching disaster recovery and security projects to their bosses. He urged them to prepare a detailed pitch that includes insurance company estimates of business lost in the event of a disaster. He suggested speaking with company attorneys about the cost of data breach litigation and notification. And he suggested building a news article clip file showing just how bad things can get.

"Go to Google, go to 'news' and put in things like TJX," Kramer said, referring to the massive data breach at The TJX Cos Inc. in 2006.

But on top of all the advance planning comes a series of political maneuvers, Kramer said, including bringing business department heads into the fold and resorting to creative tactics. He recounted scheduling one meeting just minutes before a planned fire drill. Once outside the building he invited executives to a diner to finish the meeting. He hypothesized to them that the fire had been real, that they couldn't go back in the building. Then he pitched his disaster recovery plan.

"All that stuff changed very quickly, and I got an almost blank check," he said.

In some cases, straight-on scare tactics might be appropriate. Mention recent area disasters, Kramer said, and ask how the company would continue should it face such a travesty. But Kramer added caution.

"The one thing about fear is it's not something you can use very often," he said. "You can only go to that well so many times."

Bonfante hit a similar note in his talk, advising CIOs to pitch the importance of a business continuity plan by mentioning real disasters -- weather, terrorism, the failure of a power grid, even a bird flu outbreak among employees.

I find the checks fly
very fast when you're reacting to something.

Robert Simpson
IT directorImagePoint Inc.
Robert Simpson, IT director at ImagePoint Inc. in Knoxville, Tenn., has pitched disaster recovery plans for years. Sometimes he gets his way. More often he doesn't, and has to pitch it again. Sometimes external events will cause executives to reassess the situation on their own, he said.

"I got a lot of traction off Katrina," Simpson said. "9/11 rose their eyebrows, but Katrina woke them up."

"I find the checks fly very fast when you're reacting to something," he added.

Simpson said he takes notes on each disaster recovery pitch he makes and reviews them before making the next one. Most often, you'll lose, but the issue is too crucial to give up, he said.

"Don't be afraid for them to tell you 'no,'" he said. "Just bring it in, throw it at them, because eventually it will get approved."

Let us know what you think about the story; email: Zach Church, News Writer

Dig Deeper on Small-business IT strategy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.