Business Continuity Planning 101

Starting your BCP process? Here’s what you need to build into your plan

Supplies - A description of any special supply items that would be necessary to achieve your RTO -- for example, signature plates, etc.

Vendors & Customers - A description vendors and customers, including their contact information and agreements.

Vital Records - An inventory and description of the vital records you will need for recovery. The best recovery plan will not work without your vital records.

Glossary of Terms - Any terms deemed relevant to the plan, its execution or its maintenance should be defined in an appendix or a similarly appropriate section of the plan.

The third element, Deployment, brings us to perhaps the most commonly neglected aspect of a BCP. No matter how well thought out and meticulously documented a BCP may be, its efficacy will ultimately be judged by how well its people embrace and execute the plan during a disaster.

It is therefore advisable to take special care in making sure that the plan is formally endorsed by the company's senior management. In addition, deliberate steps need to be taken to ensure that all persons expected to act on or maintain the plan are fully trained on the plan. To this end, training programs, exercises and various other methods of disseminating the plan and its requirements should be thoughtfully developed. Such steps should be utilized in the initial deployment as well as whenever updates are made.


Business continuity planning is hardly a task to be taken lightly. While forethought and attention to detail are necessary requirements of the business continuity planner, deployment and acceptance by the organization are of critical importance to the overall success of the plan.

When viewed in the light of "benefit to the business", business continuity plans provide the opportunity to reduce risk to the business - risks that may not only damage profits or break budgets, but also lower the company's chances of survival. Not having a sound BCP and an organization that is ready to execute and maintain it will only allow an otherwise controllable element of risk to go uncontrolled.

About the Authors:

Tom Abruzzo is president of TAMP Systems (, maker of the Disaster Recovery System (DRS), a web-based software solution for building and maintaining disaster recovery and business continuity plans. Additionally, TAMP offers consultative services for disaster recovery and business continuity planning. Tom may be reached by email at

William Comtois is managing director of Varicom, Inc. (, a provider of leading solutions for crisis management and exercise management. He may be reached by email at