~5-page information security policy template on business continuity.
This policy concerns the arrangements necessary to ensure the survival of the organization despite serious incidents affecting critical business processes or activities plus the supporting IT systems, networks, people, business relationships etc. The approach revolves around resilience engineering to reduce the probability and impact of serious incidents, supplemented by recovery/resumption and general-purpose contingency arrangements in case the preventive controls fail or prove inadequate in practice.
The policy draws on good practices from ISO/IEC 27002, ISO 22301 and other standards and advisories, plus decades of practical experience in the field.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.