5.29 Create a Business Continuity and Disaster Recovery Plan
Resilience of the product or service in case of a disaster or emergency should be ensured to restore and maintain operations in case of disruptions.
Criteria
- Plan of Action: The organization has created a plan of action that is regularly reviewed and occasionally tested to determine readiness in case of an incident and has procedures to quickly recover from such issues.
- Audience Awareness: The organization regularly maintains transparent communication with its audience regarding issues that may affect service delivery or user data.
Impact
Low
Effort
Medium
Benefits
- Operations:
Transparency around digital resilience procedures will encourage trust that a product or service can be depended upon for critical use. - Economic:
This will ensure limiting the extent of the disruption to the website or application. - Social:
Users will have access to potentially vital online services in case of a disaster or emergency.
GRI
- materials: Low
- energy: Low
- water: Low
- emissions: Low
Example
- IBM provides some great examples of disaster recovery planning for a range of different situations.
Resources
- [GPFEDS] 2.7 – Specifications (Maintainence & Decomissioning) (PDF)
- [GPFEDS] 3.4 – Architecture (Supplied Updates) (PDF)
- [GR491] 2-6010 – SLA and QoS
- How to Improve Your Digital Resilience
- ISO 22301:2019 – Security and resilience
- Resilience for sustainable, inclusive growth
- Sustainability and business continuity share a common goal
- The Digital Resilience Guide
- United Nations [SDGS] Goal 1 (Poverty)
- United Nations [SDGS] Goal 3 (Health & Well-being)
- United Nations [SDGS] Goal 16 (Sustainable Society)