Business Continuity Planning
Business Continuity Planning
is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. These activities include many daily chores such as project management, system backups, change control, and help desk. Business continuity is not something implemented at the time of a disaster
Business Continuity refers to those activities performed daily to maintain service, consistency, and recover-ability.
Disaster Recovery Planning (DRP)
is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after natural or human-induced disaster. Disaster recovery is a subset of business continuity.
Business Continuity Plan (BCP)
is a comprehensive organizational plan that includes the disaster recovery plan. A Business Continuity Plan (BCP) consists of the five component plans:
- Business Resumption Plan
- Occupant Emergency Plan
- Continuity of Operations Plan
- Incident Management Plan
- Disaster Recovery Plan
The first three plans (Business Resumption, Occupant Emergency, and Continuity of Operations Plans) do not deal with the IT infrastructure. They further state that the Incident Management Plan (IMP) does deal with the IT infrastructure, but since it establishes structure and procedures to address cyber attacks against an organization’s IT systems, it generally does not represent an agent for activating the Disaster Recovery Plan, leaving The Disaster Recovery Plan as the only BCP component of interest to IT.