Which plan will your audience adopt? Which was more important to them: recoverability or performance?
One can imagine similar anecdotes relating to other combinations of the laws. Do you consider performance more important than data security? Picture a similar situation to the preceding anecdote where the stakeholders are asked to choose between Plan A, in which some transactions will run slowly, and Plan B, where some production data on an employee’s laptop may fall into the hands of criminals. Which plan will your company adopt? What was more important: security or performance?
The Significance of Importance
You may be dealing with concerns that are urgent and require immediate attention. Some of these might include an outage of a production system; slow response time for a critical application; distributed application failures due to unavailable data; or the possibility of inappropriate or illegal access to corporate data.
However, this doesn’t change the relative importance of recoverability or the order of the laws. When we set priorities or adhere to best practices, we do so in accordance with the laws.
The Context of Best Practices
Best practices can be summarized as implementing shared processes, documentation, and standards in an environment of continuous improvement (see additional article references at the end of this article). The laws fit nicely into the context of best practices, guiding you to which practices to develop first and which should receive higher priority.
Best practice implementation begins with requirements for processes, documentation, and process disciplines or standards. Sometimes IT derives requirements by reacting to symptoms. Regrettably, this reactive behavior makes it extremely difficult to concentrate on the real issues (i.e., the important ones).
Certainly, one must deal with some urgent issues. These would include production system outages, for example. They might not include some phone calls, some emails, and some office visitors. True best practice implementation requires moving forward through symptoms to real problems, sometimes called root-cause analysis. One can then perform problem resolution, requirements definition, and cost/benefit analyses of alternatives.
Next, use the laws as a priority scheme. IT will now determine how to codify the alternatives as processes, documentation, or process disciplines and define their quality measures as well as how they’ll be shared and continuously improved. In this way, the laws serve as a gauge of importance and priority for continuous improvements.