Click here to bypass the page header and global navigation
Kansas Department of Administration      
Seal,Ad Astra Image for Banner
Seal and Capitol Image for Banner  

Division of Information Systems and Communications (DISC)

Continuity Planning Outline

This example is meant to convey the typical content of a detailed continuity plan. The format will vary for each organization. (There is no one size fits all plan.) Components may be combined in lists, matrices, or charts. Not all components of this outline will apply to all organizations. The planning process is in the development of the continuity plan not just the documentation of the plan. Continuity planning should be a process and not just a one-time start stop project. To be successful it must be driven and supported from the very top of the origination. Continuity planning is a management process it is not a technical solution. 

I. Initiation

  1. Work group or team membership and objective
  2. Roles and responsibilities for planning, plan approval, and quality assurance
  3. List of services confirmed as vital
  4. Strategy and schedule for planning
  5. Continuity planning processes and protocols
    1. Progress reporting
    2. Plan review
    3. Plan approval
    4. Issue resolution process
    5. Communication and coordination strategy with relevant intra and inter-agency organizations (including local government and community organizations)
  6. Affirmation of executive support
  7. Assessment of current disaster recovery or emergency preparedness plans

II. Business Impact Analysis

  1. Minimum Acceptable Levels of Service
    1. List (or matrix) of service dependencies
    2. List of service interfaces
    3. Commitments to other organizations (specific services and service levels)
    4. Minimum acceptable levels of service and/or output which could be tolerated under extraneous circumstances
    5. List (or matrix) of components critical to support minimum levels of service
    6. Executive approval for minimum acceptable service levels

  2. Failure scenarios (potential risks)
    1. Window of vulnerability (time period during which the service may be at risk)
    2. Assessment of internal remediation effort status and likelihood to be complete on time
    3. Assessment of reliance on, and condition of external services, suppliers and dependencies (confidence in continued availability of resource)
    4. Potential failure scenarios with likelihood of occurrence

  3. Impact of each failure scenario on vital business services with likelihood of occurrence
    1. List or matrix of impact of each scenario on vital business services with likelihood of occurrence

  4. Services for which contingency plans will be developed
    1. List of services and the scope of contingency required (specific components or systems supporting the service that require contingencies)
    2. Executive approval of continuity scope

III. Continuity Planning

  1. Relevant continuity efforts of local and/or regional partners
  2. Continuity strategies
    1. List of services, components (if applicable), considered contingencies which support them and the benefit of the continuity
    2. Considered contingencies and required resources
    3. Assessment of considered contingencies
      1. How well the continuity mitigates risks of disruption to service?
      2. Assessment of time required acquiring, testing and implementing the continuity
      3. Sustainability of continuity within resource constraints
    4. Executive approval for continuity strategies
  3. Detailed continuity plans (for each contingency)
    1. Contingency objective and scope
    2. Contingency triggers
    3. Schedule for preparation and deployment of contingency
    4. Monitoring strategies to ensure identification of triggering events
    5. Roles and responsibilities for contingency preparation and deployment (including updated contacts, contact mechanism and numbers)
    6. Status reporting processes and protocols
    7. Instructions to carry out contingency
    8. Coordination strategy with local and regional organizations (if applicable)
    9. Required resources and estimated costs
    10. Agreements and assumptions with suppliers on whom each contingency is dependent
    11. Communications strategy
    12. Business resumption strategy
      1. Criteria for business resumption
      2. Priorities, processes and resources for business resumption
        1. Roles and responsibilities
        2. When to resume
        3. What to resume
        4. How to resume
    13. Validation/testing strategy for contingencies and business resumption
      1. Which components will be tested?
      2. Members of test team(s)
    14. Validation/testing plans
      1. Objectives
      2. Approach
      3. Required equipment and resources
      4. Necessary personnel
      5. Schedules and locations
      6. Procedures
      7. Expected results
      8. Acceptance criteria
    15. Validation/testing results (Assessment of capability of contingencies and business resumption)
      1. Adequacy to support vital service
      2. Capacity to manage, record and track continuity activities
      3. Adequacy of controls
      4. Adequacy of resource availability to implement and sustain contingencies
      5. Adequacy of business resumption activities

 

 

DA Home | Services | Divisions | Contact Us | Disclaimer | State of Kansas Home Page

Page last modified on: February 23, 2009