(515) 865-4591
Bob@training-hipaa.net

The Contingency Planning Policy

The Contingency Planning Policy document establishes the activities that need to be carried out by each Business Unit, Technology Unit, and Corporate Units (departments) within the organization.

All departments must utilize this methodology to identify current risks and threats to the business and implement measures to eliminate or reduce those potential risks.

Business Resumption and Disaster Recovery (Technical Recovery) Plans are a necessity to the company. By documenting recovery plans, critical business processes and the resources required to continue and/or resume those process are identified.

Planning assures the contingency of the business or technology unit, operations, and overall company operations and assures the timely and orderly restoration of business processes in the event the existing business environment is unavailable.  Regardless of the Recovery Time Objective of the business or technology component, all plans must be documented.  

Table of Contents

TERMINOLOGY
ACCOUNTABILITY
COMPLIANCE
REVISION HISTORY
ENDORSEMENT

I.  POLICY OVERVIEW

A. Purpose
B. Scope
C. Ownership Roles & Responsibilities

II. PLANNING REQUIREMENTS

A.  Plan Documentation
B.  Plan Strategy
C.  Alternate Recovery Locations
D. Plan Testing (Exercises)
E. Plan Revision (Maintenance)
F.  Plan Auditing (Reviews)
G.  Plan Distribution
H.  Plan Certification

APPENDIX

Appendix A – Business Resumption Planning Standard
Appendix B – Disaster Recovery Planning Standard (All Technology Plans)