Business Continuity and Disaster Recovery Plan

If you are new to glossary items, the following may be useful:

  • Read me first. A general document that defines the headings and layouts for these glossary documents.
  • Discovery List. A list of every glossary item on the Strytex portal. A useful discovery list.

Please note that you agree that this information is not presented as regulatory advice. You agree to seek assistance from a qualified subject matter expert.


Many organisations maintain a Business Continuity and Disaster Recovery Plan (BCDRP). Many large corporates have a corporate level BCDRP with site-specific BCDRPs to account for local actions.  

From Wiki

Often used together, the terms Business Continuity and Disaster Recovery are very different. Business Continuity refers to the ability of a business to continue critical functions and business processes after the occurrence of a disaster, whereas Disaster Recovery refers specifically to the Information Technology (IT) and data-centric functions of the business, and is a subset of Business Continuity.

Similar to a Business Continuity Plan (BCP) but different. 

Geographic relevance

Pretty much globally

ORC Matrix Classification

Obligation Hierarchy
Hierarchy Comments
The Strytex definition of Critical includes Business Continuity
Risk Topic

This compliance document can be part of multiple risk topics, e.g. 

  • Reputational risk
  • Financial risk
  • Business continuity
  • Data Protection
  • Supply chain risk and compliance
  • etc

Each organisation must create its own lexicon of risk topics and assign each compliance document to one or more risk topics. 

Compliance Class
Class Comments
Generally a company wide document

How used

Internal Assurance

Depending on your business, it may simply make good business sense to develop a Business Continuity and Disaster Recovery plan.

For solo entrepreneurs who save everything in the cloud, it may simply state “Buy a laptop and find and cafe”

External Assurance

Some organisations require that key suppliers have Business Continuity and Disaster Recovery Plans in place so supplier disruption will not affect their operations. Not only does this cover the supply chain but also key technology or technology services as well.

Buyers need to ask themselves “If this supplier suffers a continuity event, will it impact my business?”. If the answer is yes, they may ask the supplier to provide proof of a BCDRP and examine it to see how it might affect the buyer’s ability to operate. 


Also known as

We haven’t heard of them being referred to as anything else yet but I’m sure we will soon hear them called something else.


If your organisation is a large corporate with multiple properties, it makes sense to have a single corporate policy with site-specific variants, e.g contact details, where people should go in the case of a disaster, etc.

  • Corporate
  • Site specific
Renewal Frequency

We recommend that any corporate policy, procedures and template forms be reviewed at least every 5 years.

2nd level attributes

None that we are aware of yet.

Relevant Acts, Regulations and Standards

No regulations that we are aware of. 

Useful Links

Simply google Business Continuity and Disaster Recovery Plan

Table of Contents

Nigel Dalton-Brown GAICD, AMIIA, MBA

Managing Director

Nigel is the Founder of Strytex and has been presenting and writing on Goverence, Obligational Awarenss, Risk Management and Compliance administration (GORC) since 2010.

Leave a Comment