The Business Continuity Plan (BCP) is a key part of any organisations response planning. It defines how the business will operate following an incident, and how it expects to return to ‘business as usual’ in the quickest way.
A BCP need not be specific to cyber-terrorism incidents and apply to any major disruption such as a natural disaster, power faults, human error, or hardware failure.
The plan itself sets out the agreed process for bringing events under control, the necessary resources for maintaining critical business functions and the staff required for coordinating actions.
It also needs to be clearly presented, avoiding unclear internal references and abbreviations, and structured in such a way that staff can quickly find and understand what actions are expected from them.