18. Business Continuity
Your risk assessment and mitigation measures should enable you to cope with a security breach or incident and return to normality quickly. This is particularly important for smaller businesses that may not have the resources to withstand even a few days without trading.
The business continuity pages outline a number of issues to consider and steps that can be taken to enable your organisation to return to ‘business as usual’ in the quickest possible time after an incident.
Questions you need to address:
- Does your organisation have an existing Business Continuity Plan? Who owns it, how often is it reviewed and updated?
- How are business continuity issues communicated to security managers?
- Is there a full and accurate picture of the impact on the business if it is disrupted for a short or sustained period?
- Is there an accurate picture of which staff, IT and equipment are vital to business continuity?
- Do you know what alternative resources are required in the event of an incident?