- Company, Global Glossary
Business Continuity and Disaster Recovery Plan
- Published November 21, 2021
- Updated March 5, 2022
If you are new to glossary items, the following may be useful:
- Read me first. A general document that defines the headings and layouts for these glossary documents.
- Discovery List. A list of every glossary item on the Strytex portal. A useful discovery list.
Please note that you agree that this information is not presented as regulatory advice. You agree to seek assistance from a qualified subject matter expert.
Description
Many organisations maintain a Business Continuity and Disaster Recovery Plan (BCDRP). Many large corporates have a corporate level BCDRP with site-specific BCDRPs to account for local actions.
From Wiki
Often used together, the terms Business Continuity and Disaster Recovery are very different. Business Continuity refers to the ability of a business to continue critical functions and business processes after the occurrence of a disaster, whereas Disaster Recovery refers specifically to the Information Technology (IT) and data-centric functions of the business, and is a subset of Business Continuity.
Similar to a Business Continuity Plan (BCP) but different.
Geographic relevance
Pretty much globally
ORC Matrix Classification
Obligation Hierarchy
| Hierarchy | Comments | |
|---|---|---|
|
Governmental |
No |
|
|
Critical |
Yes |
The Strytex definition of Critical includes Business Continuity |
|
Essential |
No |
|
|
Ethical |
No |
|
|
Discretionary |
No |
|
|
Legacy |
No |
|
Risk Topic
This compliance document can be part of multiple risk topics, e.g.
- Reputational risk
- Financial risk
- Business continuity
- Data Protection
- Supply chain risk and compliance
- etc
Each organisation must create its own lexicon of risk topics and assign each compliance document to one or more risk topics.
Compliance Class
| Class | Comments | |
|---|---|---|
|
Staff |
No |
|
|
Property |
No |
|
|
Asset |
No |
|
|
Product |
No |
|
|
Contract |
No |
|
|
Company |
Yes |
Generally a company wide document |
How used
Internal Assurance
Depending on your business, it may simply make good business sense to develop a Business Continuity and Disaster Recovery plan.
For solo entrepreneurs who save everything in the cloud, it may simply state “Buy a laptop and find and cafe”
External Assurance
Some organisations require that key suppliers have Business Continuity and Disaster Recovery Plans in place so supplier disruption will not affect their operations. Not only does this cover the supply chain but also key technology or technology services as well.
Buyers need to ask themselves “If this supplier suffers a continuity event, will it impact my business?”. If the answer is yes, they may ask the supplier to provide proof of a BCDRP and examine it to see how it might affect the buyer’s ability to operate.
Details
Also known as
We haven’t heard of them being referred to as anything else yet but I’m sure we will soon hear them called something else.
Variants
If your organisation is a large corporate with multiple properties, it makes sense to have a single corporate policy with site-specific variants, e.g contact details, where people should go in the case of a disaster, etc.
- Corporate
- Site specific
Renewal Frequency
We recommend that any corporate policy, procedures and template forms be reviewed at least every 5 years.
2nd level attributes
None that we are aware of yet.
Relevant Acts, Regulations and Standards
No regulations that we are aware of.
Useful Links
Simply google Business Continuity and Disaster Recovery Plan
- Copyright © Strytex Pty Ltd 2023
Table of Contents
Nigel Dalton-Brown GAICD, AMIIA, MBA
Managing Director
Nigel is the Founder of Strytex and has been presenting and writing on Goverence, Obligational Awarenss, Risk Management and Compliance administration (GORC) since 2010.
