Part of the Business terms glossary:

A contingency plan is a process that prepares an organization to respond coherently to an unplanned event. 

 A contingency plan is sometimes referred to as "Plan B," because it can be also used as an alternative for action if expected results fail to materialize. Contingency planning is a component of business continuity, disaster recovery and risk management.

The seven-steps outlined for an IT contingency plan in the NIST 800-34 Rev. 1 publication are:

1. Develop the contingency planning policy statement. A formal policy provides the authority and guidance necessary to develop an effective contingency plan.

2. Conduct the business impact analysis (BIA). The BIA helps identify and prioritize information systems and components critical to supporting the organization’s mission/business functions.

3. Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.

4. Create contingency strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.

5. Develop an information system contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system unique to the system’s security impact level and recovery requirements.

6. Ensure plan testing, training, and exercises. Testing validates recovery capabilities, whereas training prepares recovery personnel for plan activation and exercising the plan identifies planning gaps; combined, the activities improve plan effectiveness and overall organization preparedness.

7. Ensure plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements and organizational changes.

 

This was last updated in July 2014
Posted by: Margaret Rouse

Related Terms

Definitions

Glossaries

  • Business terms

    - Terms related to business, including definitions about project management and words and phrases about human resources, finance and vertical industries.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question
  • Lotus Notes Formula Errror Invalid formula format

    I don't know if it is a space issue or coding error but to save some characters and reduce your server load change all of your Lookup's to one time events sorted to a variable and then do a @If(@Is...

  • Business Continuity Planning (BCP) Prioritization

    I recommend you to ask them to formulate a separate prioritization of critical systems for BCP. BCP is a plan designed to ensure the business is able to continue operations after a significant disr...

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.