Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization’s preparation for unforeseen risks to continued operations.

The trend of combining business continuity and disaster recovery into a single term has resulted from a growing recognition that business and technology executives need to collaborate closely instead of developing plans in isolation.

Standards continue to be an emerging trend, with many developed in recent years from such organizations as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC):

  • ISO 22301:2012: Business Continuity Management Systems — Requirements
  • ISO 22313:2012: Business Continuity Management Systems — Guidance
  • ISO 22320:2011: Emergency management — Requirements for incident response
  • ISO/IEC 27031:2011: Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity
  • ISO/IEC 24762:2008: Information technology — Security techniques — Guidelines for information and communications technology disaster recovery services
  • ISO 31000: Risk management
  • Financial Industry Regulatory Authority 4370: Business continuity for banking and finance
  • National Fire Protection Association 1600: Emergency management and business continuity
  • National Institute of Standards and Technology Special Publication 800-34: IT contingency planning
  • American Society for Industrial Security (ASIS) SPC.1-2009: Organizational resilience guidance
  • ASIS SPC.4-2012: Organizational resilience management systems
Business Continuity and Disaster Recovery (BCDR)