Fujitsu’s Business Continuity Plan Development Methodology (Manuscript received November 7, 2006)

Fujitsu’s Business Continuity Plan
Development Methodology
V Takeshi Ito
V Hideaki Orikasa
V Tetsuya Yoshida
(Manuscript received November 7, 2006)
In today’s high-risk business environments, more and more companies are focusing
on the Business Continuity Plan (BCP) as a management methodology for improving
their ability to respond to any contingency. However, BCP development methodolo­
gies suitable for the business environment of Japanese companies have not progressed
much beyond the theoretical stage, and the persons in charge of BCP development in
companies have been struggling with this issue. Fujitsu has developed a practical
methodology and software tool called BCEXPERT to streamline development of its
own BCPs for business formations within the Fujitsu Group. This paper describes
Fujitsu’s BCP development methodology that has been standardized as the Fujitsu
Business Continuity Management Model. This methodology mainly consists of three
steps: 1) structuring business processes and resources required for the processes,
2) extracting essential resources for business continuity; and 3) analyzing the
business impact of assumed resource damages in various risk scenarios. This
methodology can be applied not only to BCP development but also to business
resource optimization.
1. Introduction
The persons in charge of risk management
in Japanese companies have been talking more
about the concepts of the Business Continuity Plan
(BCP) and Business Continuity Management
(BCM) since the September 11 terrorist attacks
in 2001. However, while the risk environments
surrounding companies have become increasingly severe over the past five years, BCP remains a
key concept that managers often hear about but
do not fully understand. Moreover, various requests for responses to the internal control
required by the soon-to-be-enforced Japanese SOX
act, information security, the environment, privacy,
and other management issues have yet to be
addressed, and many persons in charge of risk
management regard the need for BCP development as yet another burden to shoulder.
This paper describes how BCP development
168
methodology can be made more practical and
efficient based on the business conditions of
Japanese companies by making use of Fujitsu’s
experience of BCP development. The methodolo­
gy will help reduce the burdens of the persons in
charge of risk management in these companies.
2. What is a BCP?
Fujitsu defines a BCP as follows:
The purpose of a BCP is to allow critical busi­
ness activities to continue when an unexpected
situation such as a large-scale disaster occurs. A
BCP is an action plan for achieving the goals of
business continuity (recovery time objectives for
critical business activities) determined based on
the analysis of the management environment,
business structure, and risk environment.
In BCP development, only analyses such as
the analysis of the business impact tend to draw
FUJITSU Sci. Tech. J., 43,2,p.168-177(April 2007)
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
attention. However, the final purpose is basically
to develop an effective action plan that specifies
the items to be handled, the people who will
handle them, and the deadlines to be met in an
emergency.
Fujitsu’s BCP consists of an
emergency action plan and the analysis of
business continuity requirements based on the
analysis data that supports the action plan
development.
3. Change in business
environment
The risk environment surrounding compa­
nies is becoming increasingly severe. The risks
companies face include an earthquake in the
northern part of Tokyo Bay or an inland earth­
quake in the capital; large-scale earthquakes in
the eastern sea, southeastern sea, southern sea,
and other areas; flooding (which is becoming an
increasingly severe problem); terrorism; and a bird
flu pandemic. These risks are constantly present
and largely unpredictable. Because these risks
are universally recognized, international
standardization activities have been started to
realize an adequate level of business continuity
management by 2008. The Japanese government
publicized a series of guidelines for developing a
BCP in 2005 that demonstrated a very proactive
administrative approach for business continuity
enhancement. The guidelines are the “Business
Continuity Guidelines 1st ed.”1) by the Cabinet
33%
Office and the “BCP Development Operational
Guidelines for Small and Medium Enterprises”2)
by the Small and Medium Enterprise Agency.
Also, the Business Continuity Advancement
Organization (BCAO)3) was established in June
2006 and has been actively promoting business
continuity since July. This is the first registered
non-profit corporation in Japan aimed at promot­
ing BCP standardization and fostering BCP
specialists. A serious problem that needs to be
addressed by companies is that BCP development
is becoming mandatory. The growing internation­
al recognition of the need for business continuity
enhancement has emerged as a request to improve
the business continuity capabilities of business
partners in the business-to-business transactions
that secure the global supply chain. More and
more companies check for the presence or absence
of BCP development by suppliers before starting
a transaction. Particularly, most European and
American companies strongly recognize the risk
of business continuity in Japanese companies due
to the threat of large earthquakes. BCP develop­
ment is needed not only for ensuring business
continuity during a disaster but also during
everyday operation.
Despite the rapid changes in our environ­
ment, only 7.9% (23% including the companies
who have just started to introduce BCP) of
domestic companies have developed a BCP
(Figure 1).4) This figure is much lower than the
44%
15%
7.9%
We have no disaster prevention plan.
We have developed a disaster prevention plan
including emergency measures and launched BCP.
We have a disaster prevention plan focusing on emergency
measures, e.g., evacuation, confirmation of safety.
We have developed a disaster prevention plan including BCP.
Source: Development Bank of Japan: Special Survey Concerning Companies’ Approaches to Disaster
Prevention (Chart 2-1 Development situation of disaster prevention plan and business continuity plan [BCP])4)
Figure 1
BCP development situation in domestic industries (November 2005).
FUJITSU Sci. Tech. J., 43,2,(April 2007)
169
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
47% figure determined by the Business
Continuity Institute5) for major overseas compa­
nies. The Central Disaster Prevention Council
wants all of Japan’s major companies and more
than 50% of the country’s small and medium
companies to develop a BCP within 10 years.6) To
attain this goal, further supportive activities based
on public-private partnerships will be necessary
as well as improved management awareness.
4. Fujitsu’s Business Continuity
Management
Fujitsu is an information system vendor that
plays a major role in the social infrastructure and
also a manufacturer participating in the global
supply chain. In keeping with these roles, since
its establishment, Fujitsu has developed disaster
prevention and emergency response plans and
conducted various training to prepare for
emergency situations. Moreover, in 2004, a
company-wide BCP development project was set
Management architecture
Management
(management
conference)
De
Devveloping and
controlling basic
policy ffor
or b
business
usiness
contin
continuity
uity
Organization
in
charge of
business
continuity
Developing and
supporting
operation of BCP
Specialized organization
Developing,
operating, and
improving BCP
Business unit
Business
unit
Business
unit
Business
unit
up, and in 2005, a specialized organization was
established to develop BCPs and enhance
business continuity throughout the Fujitsu Group.
Fujitsu has a variety of business operations with
different business environments, structures,
bases, and management resources. To develop a
BCP for each operation, company-wide business
continuity management has been implemented in
three layers: management, a specialized organi­
zation for business continuity, and the business
unit (Figure 2).
The specialized organization for BCP
development plays a key role in this system. This
expert group consists of Fujitsu staff having
special skills in, for example, disaster prevention,
procurement, information system operation,
consulting, system development, and outsourcing.
The organization for BCP development has also
developed various tools and software products to
make BCP development and maintenance
efficient.
Function
Document
• Determines basic principles.
• Determines promotion system and
control method.
• Approves group BCP.
• Approves amount invested for measures.
• Overall control
• Develops development and operation
processes and methodology.
• BCP template
• Development support
(consulting and tool provision)
• Adjusts company-wide optimization
(inter-group and company-wide)
• Educational development and
implementation support
• Develops, operates, and improves prior
measures plan.
• Develops, operates, and improves action
plan in an emergency.
• Develops, operates, and improves business
recovery plan.
• Develops, operates, and improves
information system recovery plan.
• Develops, operates, and improves
human resource training plan.
• Business continuity
basic policy
• BCP development
guidelines
• BCP (for each unit)
Figure 2
Business continuity management in Fujitsu.
170
FUJITSU Sci. Tech. J., 43,2,(April 2007)
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
5. Fujitsu’s BCP development
methodology
Fujitsu’s BCP development methodology has
been standardized as the Fujitsu Business
Continuity Management Model (Figure 3). This
model covers the phases from planning to
operation. BCP development and operation
management performed in accordance with this
model enable visualization and standardization
of an entire business process regardless of
differences in the business environment and
structure.
This model consists of the following six phases:
5.1 BCP system development (Phase I)
This phase develops collaborative projects
between the specialized organization for BCP
development and the target business operation.
5.2 Analysis of business continuity
requirements (Phase II)
This phase structures the current business
processes and resources and sets a goal for busi­
ness continuity. Figure 4 shows the flow of
Phase I
BCM
system
development
• Setting up BCM
enhancement plan
• Approving
executives
• Developing
promotion system
Phase II
Analysis of
business
continuity
requirements
• Collecting basic
information
• Business Impact
Analysis
• Analyzing
resources of critical
business process
• Risk analysis
• Extracting critical
resources of critical
process
Development
of business
continuity
strategies
• Extracting
measures options
• Considering return
on investment
• Developing
measures plan
• Determining business
continuity strategies
Business
continuity
strategies
BCM
enhancement
plan
Project
implementation
plan
(WBS)
Phase III
Business
continuity
requirements
Measures
plan
business continuity requirement analysis.
1) Collect and analyze information required for
BCP development (research of the business
environment and structure) (q).
2) Based on the information collected by inter­
views and questionnaires, analyze the impact
of business interruption (Business Impact
Analysis) (w).
3) Based on the analysis results, determine the
Recovery Time Objective (RTO) (e).
4) Analyze the business processes, resources
that support the processes (people, facilities,
information systems, etc.), and physical re­
source assignment to create a structured
influence diagram (Figure 5) (r).
The influence diagram clarifies the condi­
tions for implementing business using the
structured business processes and resources.
5) Analyze the risk environment surrounding
the business to make assumptions about the
risk factors and risk occurrence status.
Although the possibility of an earthquake is
often considered in risk analysis, it is impor­
tant to study a wide range of situations that
Phase IV
Development
of business
continuity
plan
• BCP
• Awareness and training plan
• Developing BCM plan
• Testing plan items and
approval
Business
continuity
plan
Phase V
Phase VI
Implementation
of business
continuity
measures
Evaluation and
improvement
• Preventive
measures
• Redundancy
measures
• Spare measures
• Alternative measures
• Test and reflection
in BCP
Evaluation
improvement
report
Manual
checklist
Awareness
Business
and
continuity
management
training
plan
plan
• Education
• Training
• Evaluating training
results
• Extracting improved
items
• Reviewing business
continuity environment
• Reflection in plan and
measures
Manual
checklist
(revision)
Related
documents
(revision)
Figure 3
Fujitsu’s Business Continuity Management Model.
FUJITSU Sci. Tech. J., 43,2,(April 2007)
171
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
qBusiness
environment
research
wBusiness
Impact Analysis
at suspension
eDetermining
Recovery
Time
Objective
(RTO)
tRisk analysis
yAssuming
resource
damage at risk
iGap analysis
qBusiness
structure
research
rModelling
process
resource
relationship
(influence diagram)
uBusiness
damage at risk
(time for
recovery to
current status)
Measures
examination
Figure 4
Flow of business continuity requirement analysis.
B6
Board production
B2
供給能力の確保
最終目標
中間目標
B3
生産工場での生産台数の確保
*ボックス内、記法
凡例:ボックス種別の説明
リソース
要員
(別モデル化)
間接評価
リソース
ページ間
のリンク
ID
ボックス内容
の記述
B5
製品生産と品質
ID: 識別子
B*: 目標指標
M*: 機能指標
R*:リソース
依存関係の方向
M6-1
Activation of board
production environment
R22
Stock amount
(YY unit
production
relation)
B6
基板製造
Personnel collection
model
Explanatory note: Explanation of box types
Final goal
Resource
Indirect
evaluation
resource
Intermediate
goal
* Notation in box
Personnel
(separate
modeling)
Description
of ID box
製造
要員参集モデル
R64
指導員
(YY ユニッ
ト製造)
ID: Identifier
B*: Objective
indicator
M*: Functional
indicator
等
(YYユニット製造)
R*: Resource
Linkage
between
pages
B9
部材調達
(生産工場)
R21
ライン要員
(YY ユニッ
ト製造)
Direction of dependence
R63
クリーンルーム
(YY ユニッ
ト製造)
M9 ––1
部材供給ルート
R10
Instructor
(board
production)
R08
Line personnel
(board production)
R06 Electricity
R61 Air conditioning
B6-2 Drawing
control system
B6-4 Information
system B
R06 Electricity
R07 Pure water
R61 Air conditioning
B8-1 Information
system E
R12
(Special equipment)
Production line
R17
(Special equipment)
YY unit production
control
B9 ––1
サプライヤ部材
直接納品
B12 生産オペレーション
(生産工場)
R32
生産管理データ
(XX センター)
要員参集モデル
R31 要員(生産オペ
(生産工場))
R13
(Special equipment)
Tuning device
R06 電力
B5 ー 2 生産管理システム
R25
納品出荷伝票
B21
物流管理
(本社)物流管理部門)
要員参集モデル
B5––2 生産管理システム
R3 社内ネット(WAN)
R53 要員(生産オペ
(生産管理部門))
R57 生産管理データ
(XXセンター)
R40 要員(物流管理
(物流管理部門)
R41 生産・製品引当
管理システム
(XXセンター)
B5 ––2 生産管理システム
R3 社内ネット(WAN)
R36 (情報システム)
物流オーダー管理システム
(XXセンター)
R68
Nitrogen
B13
部材購買
(本社)調達部門)
B18 生産オペレーション
(本社)生産管理部門)
要員参集モデル
要員参集モデル
R28 要員(部材購買
(調達部門)
R29(情報システム) R35(情報システム) R3 社内ネットワーク
購買管理システム
在庫管理システム
(WAN)
(XXセンター)
(XXセンター
R30(情報システム)
部材管理システム
(YYセンター)
B8
YY unit production
R19
YY unit production line.
Cleaning equipment, etc.
(YY unit production)
B9––4
調達部門経由部材
R39 サプライヤ部材
(関連会社)
R27 サプライヤ部材
(その他供給会社)
Figure 5
Influence diagram.
172
FUJITSU Sci. Tech. J., 43,2,(April 2007)
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
6)
7)
8)
can occur. For example, a bird flu pandemic
would leave buildings and equipment undam­
aged but would incapacitate an estimated
40% of the population. This situation
clearly differs from that of an earthquake and
consequently requires different countermea­
sures. While it is a waste of time to think of
unrealistic situations, it is important to look
beyond the obvious risks to business
continuity (t).
Based on the above risk analysis, apply the
situation (resource damage) to the influence
diagram (y).
Based on the resource damage, determine
how much damage the current business will
suffer (time for recovery to current status).
Also, identify the critical resource that will
have the largest impact on the stop time (u).
Achieve the goal of BCP, which is to bridge
the gap between the present recovery time
and the RTO that has already been specified
(i).
5.3 Development of business continuity
strategies (Phase III)
This phase determines measures and strat­
egies for attaining the above-mentioned goal of
BCP. There is an inverse relationship between
the amount invested in the measures for business
continuity and the effects they produce. If it were
assumed an earthquake would make a critical
production base unusable, it would be better to
build a plant having the same production
capability elsewhere in advance. An information
system can be made continuously available
simply by building a second or even a third infor­
mation center. However, for many companies,
these measures are prohibitively expensive. This
phase determines the optimum balance between
the improved responsiveness to an unexpected
situation and the investment amount and also
determines the measures and business continu­
ity method to be employed in an emergency. To
achieve these goals, the return on investment in
FUJITSU Sci. Tech. J., 43,2,(April 2007)
the business continuity enhancement investment
must be visualized to support management
decision-making. Figure 6 shows a matrix chart
of the return on investment. Based on this
matrix, priority will be given to measures with
lower investment and higher effect. A measure
with a higher investment and effect (construction
of a second plant, dual information system
centers, etc.) will be addressed as a medium-term
to long-term management challenge at the
management’s discretion.
5.4 Development of business continuity
plan (Phase IV)
This phase creates a practical action plan
based on the business continuity strategies. The
action plan consists of an implementation plan of
various measures, an education and training plan,
and an emergency action plan. The most signifi­
cant of these is the action emergency plan, which
must be optimized so that the persons in charge
will rapidly and steadily perform their roles. This
plan should be in the form of a concise manual or
checklist that clarifies the individual roles and
contains only the required information.
5.5 Implementation of business continuity
measures (Phase V)
This phase implements the measures speci­
fied in the action plan. The measures include
employee education and the fostering of special­
ists as well as measures for physical resources
(i.e., preventive, redundancy, spare, and alterna­
tive measures).
5.6 Evaluation and improvement
(Phase VI)
This phase performs yearly training in
accordance with the developed BCP and updates
the BCP every year after a review of the business
continuity requirements based on the changes in
the business environment. This phase is the most
important phase for keeping the BCP effective at
all times. To reduce the load on the continuous
173
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
Determining the direction of measure options based on return on investment matrix
Major
Construction of second plant
Remote backup of vital records
Addition of alternative
production line
Installation of safety
confirmation system
Inventory building
Medium
Measure effect
Anti-seismic reinforcement
Minor
Development of
personnel participation
plan at disaster
Development of SLA with
outsourcing supplier
Installation of private
electric generator
Contract of alternative office
Decentralization of suppliers
Mid- and long-term
measures
Outside of
examination
Major
Short-term
measures
Medium
Minor
Range of costs invested for measures
Figure 6
Concept of measures examination (example for manufacturing industry).
improvement activities, in addition to keeping the
BCP up-to-date, it is also important to pursue BCP
document composition with easy maintenance and
efficient updating.
6. Tool for promoting BCP
development efficiency
Fujitsu uses the BCEXPERT software tool
to promote standardization and efficiency of BCP
development and updating operations (Figure 7).
BCEXPERT provides standard processes
from BCP development planning to BCP update
operation. It consists of BC-Navi, which supports
project management; tools that support simula­
tions in each process; and document template
groups. The goal of BCP development is to create
an effective action plan for continuing business
in an emergency. This action plan is based on the
results of researchers who have analyzed the
business environment, business structure, risk
environment, and other factors. The environment
surrounding business is constantly changing, and
to quickly and accurately reflect these changes
174
in the action plan, a proactive approach to
BCEXPERT and other software tools is essential.
7. Future issues
To continuously promote business continuity
enhancement activities based on BCP develop­
ment, the following issues must be addressed:
1) Visualization of activity results
It is easy to understand the costs of BCP
development and these activities but difficult to
understand their achievements. Therefore, the
continuous improvement activities are liable to
lose momentum. One effective way to promote
these activities is to set activity results bench­
marks. These benchmarks establish standards
(maturity models) for the measurement of a com­
pany’s business continuity capability and link the
standards with the activities’ status. To create a
maturity model, benchmarks regarding the
approaches of advanced companies and other
companies in the same industry are necessary.
However, there is no accumulation of effective data
in Japan. We expect that the BCAO and industry
FUJITSU Sci. Tech. J., 43,2,(April 2007)
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
5000_1
リスク評価
ワークシート
5000
リスク分析
START
3000_1
プロジェクト
計画書
3100_1
アンケート
インタビュー
設計参考
資料
3000
パイロット
事業
概況調査
3100
アンケート
インタビュー
設計
3200
アンケート
インタビュー
実施
4000
収集情報
の分析
重要業務
の特定
4100
重要業務の
プロセスと
リソース
モデル化
3000_2
事業内容
調査結果
3100_2
アンケート
インタビュー
シート
3200_1
アンケート
インタビュー
集計表
4000_1
現状調査
分析結果
報告書
4100_1
プロセス
リソース
モデル
5000_2
リスク分析
結果報告書
7100_1
対策投資対
効果分析
ワークシート
6000_1
施設・人員
分布状況
データ
6000
ビジネス
影響度分析
6000_2
ダメージ
シナリオ
設定表
6000_3
ビジネス
影響度
分析結果
報告書
7000
対策オプション
の抽出
7100
事業維持
戦略の決定
7100_2
対策投資対
効果分析
結果報告書
8100
ドキュメント
作成
(BOP-BOM
計画書)
8000
実施計画の
策定と
レビュー
8100_1
パイロット
事業向
BOM推進
計画書
8100_2
BOP策定
ガイドライン
8100_3
対策計画書
END
8100_4
災害時行動
計画書
8100_5
教育訓練
計画書
Figure 7
BCM operation support tool (BCEXPERT).
groups will promptly develop these benchmarks.
2) Linkage with internal control
It is important for each company to
implement measures to ensure the level of
internal control that will be required by the
soon-to-be-enforced Japanese SOX act. Internal
control and business continuity have one thing in
common in their implementation processes in
which process-oriented examinations are made
and risks are clarified and controlled. However,
they differ fundamentally in their purpose and
scope because internal control is intended to
guarantee reliability of financial reports, while
business continuity is intended to continue
critical business activities in an emergency.
Essentially, it would be ideal if BCP development
and continuous improvement activities were both
controlled by internal control activities. However,
at the moment they must be developed as sepa­
rate efforts. In the future, integration between
internal control and business continuity activities
will be promoted in line with the expansion of the
scope of internal control.
3) Business continuity enhancement in the
supply chain
FUJITSU Sci. Tech. J., 43,2,(April 2007)
Because Fujitsu has been developing various
businesses in the global supply chain, a companyspecific BCP is unlikely to enhance business
continuity. Fujitsu will continuously review the
service level agreements (SLAs) with its clients
and evaluate how its business partners have de­
veloped their BCPs.
8. Conclusion
Sometimes, BCP development work is
described as a tunnel that has no exit because,
despite the extensive research analyses and large
volumes of documentation associated with BCP
development, the effectiveness of a BCP cannot
be demonstrated until an emergency occurs. How­
ever, from a completely different standpoint, BCP
development work provides a big opportunity for
management restructuring. As mentioned above,
the work includes creating a relationship model
between the business processes of critical busi­
ness activities and required resources to analyze
the impact that resource damage will have on a
business. In fact, this model can be used as a
simulation model to cope with changes in the
management environment and optimally and
175
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
promptly allocate resources. Basically, BCP
development work is nothing less than an activi­
ty for getting to the core of how to continue
important business activities with minimal
resources even in an emergency. This activity
reveals the essential framework of a business with
all redundancies eliminated and allows us to
review the business origins of a company. Look­
ing at BCP development work from the viewpoint
of not only the measures against disasters but also
for management restructuring can enhance
business continuity in an emergency. It also leads
to sophistication and streamlining of management
activities themselves.
Business continuity
management in Japan is still in its infancy com­
pared to that in European countries and the US;
however, this can be converted to an advantage
by regarding business continuity as a manage­
ment improvement activity from the beginning.
Fujitsu aims to develop a new management mod­
el to achieve sustainable management that focuses
on more than just efficiency.
176
References
1)
2)
3)
4)
5)
6)
Central Disaster Management Council, Special
Board of Inquiry on enhancing disaster manage­
ment by utilizing the private sector and markets,
Corporate Evaluation/Business Continuity
Working Group, and Cabinet Office, Government
of Japan: Business Continuity Guidelines 1st ed.
— Reducing the Impact of Disasters and
Improving Responses to Disasters by Japanese
Companies. August 1, 2005.
http://www.bousai.go.jp/MinkanToShijyou/
guideline01e.pdf
Small and Medium Enterprise Agency: BCP
Development Operational Guidelines for the
Small and Medium Enterprises. (in Japanese).
http://www.chusho.meti.go.jp/bcp/index.html
A Specified Non-Profit Japanese Corporation
Business Continuity Advancement Organization
(BCAO). (in Japanese).
http://www.bcao.org/
Development Bank of Japan: Special Survey
Concerning Companies’ Approaches to Disaster
Prevention. (in Japanese), January, 2006.
http://www.dbj.go.jp/japanese/release/rel2006/
0105.html
InterRisk Research Institute & Consulting, Inc.:
Report of Field Survey of Japanese Companies
Concerning Business Continuity Management
(BCM). (in Japanese), October 2005.
Central Disaster Prevention Council: Counter­
measure Strategies against Disaster by Inland
Earthquake in the Capital City (plan). (in Japanese),
April 21, 2006.
h t t p : / / w w w. b o u s a i . g o . j p / c h u b o u / 1 7 /
shiryou3-1.pdf
FUJITSU Sci. Tech. J., 43,2,(April 2007)
T. Ito et al.: Fujitsu’s Business Continuity Plan Development Methodology
Takeshi Ito, Fujitsu Research Institute.
Mr. Ito received the B.A. degree in Law
from Ritsumeikan University, Kyoto,
Japan in 1982. He joined Fujitsu Ltd.,
Tokyo, Japan in 1982, where he was
engaged in the sales and marketing of
systems integration solutions and
solution services for financial institu­
tions. In addition, he was engaged in
the sales and marketing of an Applica­
tion Service Provider (ASP) service
business. He is currently engaged in Business Continuity Plan
(BCP) development and consultation on Business Continuity
Management (BCM). In 2007, he moved to Fujitsu Research
Institute. He is an executive board member of the Business
Continuity Advancement Organization (BCAO) of Japan.
Tetsuya Yoshida, Fujitsu Research
Institute.
Mr. Yoshida received the B.A. degree in
Economics from Kwansei Gakuin
University, Hyogo, Japan in 1992. He
joined Fujitsu Ltd., Tokyo, Japan in
1992, where he was engaged in
purchasing software licenses from
software vendors for more than 10
years. He is currently engaged in
in-company Business Continuity Plan
(BCP) development. In 2007, he moved to Fujitsu Research
Institute.
E-mail: [email protected]
E-mail: [email protected]
Hideaki Orikasa, Fujitsu Research
Institute.
Mr. Orikasa received the B.S. degree in
Mechanical Engineering from the
University of Tokyo, Tokyo, Japan in
1976. He joined Fujitsu Ltd., Tokyo,
Japan in 1976, where he was engaged
in the development of operating
systems, work on systems integration,
and development of IT service manage­
ment methods. He is currently engaged
in Business Continuity Plan (BCP) development and consulta­
tion on Business Continuity Management (BCM). In 2007, he
moved to Fujitsu Research Institute. He is a member of the
Information Processing Society of Japan.
E-mail: [email protected]
FUJITSU Sci. Tech. J., 43,2,(April 2007)
177