T 1.2 Failure of the IT system

The failure of one component in an IT system can lead to the failure of the entire IT operation, and therefore to the failure of important business processes. Such failures are especially likely to occur when components that are central to the IT system fail, e.g. LAN servers or network switching elements. Even the failure of individual technical infrastructure components, for example air conditioning or power supply equipment, can contribute to the failure of an entire IT system.

The cause of a failure of an IT system is not always due to technical failure (e.g. T 4.1 Disruption of power supply). Failures are also often the result of human error (e.g. T 3.2 Negligent destruction of equipment or data) or deliberate action (e.g. T 5.4 Theft, T 5.102 Sabotage). Even insufficient maintenance, for example due to the absence of maintenance personnel, can lead to technical failures. Damage can also occur as a result of force majeure (e.g. fire, lightning, chemical accidents), although the scale of the damage is likely to be considerably higher in such cases.

When time-critical applications are run on an IT system, the secondary damage resulting from a system failure will be correspondingly high if there are no alternative systems available.

Examples:

• Due to voltage spikes in the power supply, the power supply unit of an important IT system is destroyed. Since the IT system concerned is an older model, there is no immediate replacement available. The repairs will take a whole day to finish, and during this time, the entire IT operation is unavailable.
• Firmware is loaded onto an IT system, but the firmware is not intended for use with this type of system. The IT system will no longer start without errors and has to be returned to an operable state by the manufacturer.
• A power failure in the storage system of an Internet Service Provider (ISP) resulted in the shutdown of the storage system. Although it was possible to fix the actual error quickly, the IT systems affected would not boot up correctly as there were inconsistencies in the file system. Several of the web servers operated by the ISP remained unreachable for days until all the subsequent problems were finally fixed.

• In electronic archives, it is possible for the date of first archiving to be misinterpreted as the document creation date if no other authentication procedures, such as time stamping services, are used for verification purposes. This applies in particular to business processes where the electronic archiving of large quantities of document data is integrated transparently into the business process. In one case, failure of an archive component meant that archiving of some of the document data was delayed by a day. Because WORM media were used, the order in which the business documents were physically archived was documented and could therefore be verified.
  
  However, the length of the delay resulting from the failed archived component was not documented. As a result, it appeared during a subsequent audit as if the documents had been tampered with after archiving.