Business Continuity Plans
In the following is explained the importance of a business continuity plan, along with the most essential items that should be part of this plan for any business or company. A useful business continuity plan is very crucial if a business is to withstand any and all threats and dangers to its existence. The threats could range from anything like natural disasters such as a tsunami, to man-made disasters like electromagnetic pulse (EMP) attacks, or mishaps such as power outages. Fulfilling their part in developing any business continuity plan is a major responsibility of not just the higher management of an organization, but also every individual and department in the company.
More details about the business continuity plans
Also, it must not be focused on conditions that are specific to one geographic location alone, as in this day and age we have a global economy and it would not be wise to reduce any steps taken to certain geographical locations. The business continuity plan may have as part of provisions for operating from offsite locations, as well as plans on continuation of operations without the info systems infrastructure being available. Also, if there is a 24-hour uptime policy as there is in hospitals, there should be plans to continue operations manually if possible, in case of power outages and the like. There are also systems for equipment protection from things like EMP attacks, although they are quite expensive. This is another essential part of a business continuity plan in which the management determines if the costs are worth it or not.
Disaster Preparedness Plans
Business Continuity Plans differ from Disaster Preparedness Plans and Incident Response Plans in that the disaster preparedness plans are contingency plans that are used to outline the plans for dealing with disasters and critical system recovery while the business continuity plan is there to bring business operations back in place. The business continuity plan is used to underscore the processes that are to be employed until the systems are back online. On the other hand, the incidence response plans are more tactical in nature and are used to define the constituents of security incidents and discuss the damage limitation and response strategy.