Business Con nuity Tes ng 101
Tes ng BC plans is essen al to remaining prepared and protected. Your team can
test BC plans to iden fy gaps or changes that need to be made in one of three ways:
"Table top" exercises
Gather all relevant stakeholders to sit down in person or via video conference to
go through the plan line by line. Include personnel such as the chief informa on
security officer (CISO), data center opera ons managers, your VP of IT, chief
informa on officer, and departmental or line of business owners who are directly
impacted by the plan.
The discussions should aim to find weaknesses in the plan or other considera ons
rather than simply reviewing and approving it.
Conversa ons with outside experts
Enlist the help of outside consultants or other third-party experts with no vested
interest or bias toward your company. Having an independent set of eyes review
your plan increases the likelihood of uncovering poten ally damaging omissions or
gaps in the plan that can be rec fied before it's too late.
Run through each scenario with them verbally against a prescribed checklist and
incorporate any feedback received into the next itera on or version of the BC plan.
Live ac on mock drills and simula ons
See your plans in ac on and put them to the test with live mock drills or simula ons.
Star ng with the highest priority business func on, stage an "emergency" exercise
and have each stakeholder execute his or her par cular responsibili es. Document
each step of the process and make note of any parts of the plan that don't appear to
work as intended or otherwise leave the business more exposed than expected.
8
oneneck.com
04
