Event Contingency Plan
1. Develop the contingency planning policy statement.
Formal policy statement that provides authority and guidance to develop an effective plan.
2. Conduct a business impact analysis
Identify information systems and components critical to the organization’s mission/business functions.
3. Identify preventive controls
When you reduce the effects of system disruptions, it can increase system availability and reduce contingency plan costs.
4. Create contingency strategies
Recovery strategies ensure that the system will be recovered quickly and effectively after an issue.
5. Develop an information system contingency plan
Procedures restoring a damaged system unique to the system’s security impact level and recovery requirements.
6. Ensure plan testing, training, and exercises
Testing, training, and exercises are needed to improve plan effectiveness and overall organization success.
7. Ensure plan maintenance
Keep a plan documented and updated to keep a current update of fixes and changes.