Selling Disaster Recovery Planning and Information Security to Managers

One of the most difficult aspects for IT professionals is gaining support for IT spending. Executives are skeptical about IT solutions and are very reluctant to release any funds.

This article will focus on the difficulty encountered when trying to sell information security projects and Disaster Recovery Plan projects to business managers or financial officers.

Why is it that so many managers view IT as an additional component of their business operations?

I can suggest a few possible reasons:

  • Bad experiences in the past
  • IT is viewed as a liability instead of an asset
  • Lack of knowledge, complexity, technical language, all intimidate people from becoming IT fluent and aware
  • Inability to perceive the Return On InvestmentĀ  of any IT-related project
  • Misconceptions about the reality of their current IT situation and state of the organisation
  • Lack of planning. No IT strategy, No roadmap
  • Business plan does not factor in any IT elements or spending

The reality is this. There are two ways to spend money on IT.

  1. You can undertake planned spending OR
  2. You can undertake un-planned spending.

Do you want to allocate $0 to an IT budget forecast and pay as you go along?

Sure, make inaccurate predictions for the next fiscal year that look impressive and then bleed funds from the company’s bank account during the year as incident behind incident occurs.

At the start of the year, your predictions look healthy. The balance sheet is in your favour and you have the extra money to buy more assets. During the year, IT costs go from $0 to $10 000 – sometimes overnight – to cater for your unprecedented incidents or minor disruptions. At the end of the year, 5 disruptions later and $20 000 afterward…you’ve moved from point A to? Continue reading