Part of the Business terms glossary:

A contingency plan is a process that prepares an organization to respond coherently to an unplanned event. 

 A contingency plan is sometimes referred to as "Plan B," because it can be also used as an alternative for action if expected results fail to materialize. Contingency planning is a component of business continuity, disaster recovery and risk management.

The seven-steps outlined for an IT contingency plan in the NIST 800-34 Rev. 1 publication are:

1. Develop the contingency planning policy statement. A formal policy provides the authority and guidance necessary to develop an effective contingency plan.

2. Conduct the business impact analysis (BIA). The BIA helps identify and prioritize information systems and components critical to supporting the organization’s mission/business functions.

3. Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.

4. Create contingency strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.

5. Develop an information system contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system unique to the system’s security impact level and recovery requirements.

6. Ensure plan testing, training, and exercises. Testing validates recovery capabilities, whereas training prepares recovery personnel for plan activation and exercising the plan identifies planning gaps; combined, the activities improve plan effectiveness and overall organization preparedness.

7. Ensure plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements and organizational changes.

 

This was last updated in July 2014
Posted by: Margaret Rouse

Related Terms

Definitions

  • third party

    - A third party is an entity that is involved in some way in an interaction that is primarily between two other entities. The third party may or may not be officially a part of the transaction betwee... (WhatIs.com)

  • dynamic pricing

    - The goal of dynamic pricing is to allow a company that sells goods or services over the Internet to adjust prices on the fly in response to market demands.  (WhatIs.com)

  • work-life balance

    - Work-life balance is the optimal arrangement of an individual’s on-the-job and private time to facilitate health and personal satisfaction without hindering productivity or professional success. (WhatIs.com)

Glossaries

  • Business terms

    - Terms related to business, including definitions about project management and words and phrases about human resources, finance and vertical industries.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question
  • Lotus Notes Formula Errror Invalid formula format

    I don't know if it is a space issue or coding error but to save some characters and reduce your server load change all of your Lookup's to one time events sorted to a variable and then do a @If(@Is...

  • Business Continuity Planning (BCP) Prioritization

    I recommend you to ask them to formulate a separate prioritization of critical systems for BCP. BCP is a plan designed to ensure the business is able to continue operations after a significant disr...

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.