Yesterday I queried if the 7 July bombings could really be considered a “black swan” event. In fact, much of the impressive IT resilience that firms demonstrated in the aftermath of the bombings was a direct result of steps taken in response to the Provisional IRA bombings of the Baltic Exchange (1992) and Bishopsgate (1993). Planning and investments made over those ten or twelve years meant that IT systems were able to failover to dedicated DR facilities outside London with minimal disruption.
However, the ease with which IT service continuity was maintained only served to emphasise the difficulties that these same companies experienced in moving staff to their recovery locations: a point highlighted in a number of reports into the incident. Barriers to the relocation of people included both the physical, disruption to transport infrastructure, and the psychological: having experienced such an event people simply wanted to go home to their families. Many people within the business continuity community had been arguing for years that people should be at the very centre of business continuity planning; but this message had clearly not gained traction with some senior managers. Perhaps this is the lasting legacy of 7/7 for our industry; as codified in BS 25999, ISO 22301 and BS 11200, people issues are now rightly at the heart of business continuity and crisis management.
This concludes our short series of reflections on the business continuity implications of the tragic events of 7 July 2005. Let us finish as we began though, by once again remembering the victims and their families.