RC.RP-02.349

Does your organization have a process to reassess and update recovery plans based on changes in organizational needs and available resources?

Explanation

This question evaluates whether your organization regularly reviews and adjusts its disaster recovery and business continuity plans to reflect current business priorities and resource availability. As organizations evolve, their recovery requirements and capabilities change, requiring updates to recovery time objectives, recovery point objectives, and recovery strategies. Evidence could include documented review cycles of recovery plans, meeting minutes from recovery plan reassessment sessions, change logs showing updates to recovery plans based on resource changes, or formal reports comparing current organizational needs against existing recovery capabilities.

Implementation Example

Change planned recovery actions based on a reassessment of organizational needs and resources

ID: RC.RP-02.349

Context

Function: RC: RECOVER
Category: RC.RP: Incident Recovery Plan Execution
Sub-Category: Recovery actions are selected, scoped, prioritized, and performed

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub