5.29 Create a Business Continuity and Disaster Recovery Plan
Resilience of the product or service in case of a disaster or emergency should be ensured to restore and maintain operations in case of disruptions.
Criteria
- Plan of Action: The organization has created a plan of action that is regularly reviewed and occasionally tested to determine readiness in case of an incident and has procedures to quickly recover from such issues.
- Audience Awareness: The organization regularly maintains transparent communication with its audience regarding issues that may affect service delivery or user data.
Impact
Low
Effort
Medium
Benefits
- Operations:
Transparency around digital resilience procedures will encourage trust that a product or service can be depended upon for critical use. - Economic:
This will ensure limiting the extent of the disruption to the website or application. - Social:
Users will have access to potentially vital online services in case of a disaster or emergency.
GRI
- materials: Low
- energy: Low
- water: Low
- emissions: Low
Example
- IBM provides some great examples of disaster recovery planning for a range of different situations.
Resources
- Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation
- Disaster risk reduction
- [GR491] 2-6010 – SLA and QoS
- How to Improve Your Digital Resilience
- ISO 22301:2019 – Security and resilience
- Make cities and human settlements inclusive, safe, resilient and sustainable
- Resilience for sustainable, inclusive growth
- Sustainability and business continuity share a common goal
- The Digital Resilience Guide