If you’re a business owner you understand that a critical part of leadership is preparing for the unexpected. And if you’ve researched strategies and plans that can help you achieve that, you probably are familiar with the terms Business Continuity (BC) and Disaster Recovery (DR). At face value these terms seem almost interchangeable since both aim to minimize the impact disruptions might have on your daily business functions. But in reality these disciplines have distinct roles, which is why it’s absolutely paramount for businesses to understand and utilize both.  


Business Continuity (BC): BC outlines the policies and procedures that help ensure essential business functions and processes can continue to operate during and after a disaster event or other disruption. BC also includes setting up preventative measures and managing employee response and customer expectations.

Disaster Recovery (DR): DR is a subset of BC that focuses primarily on the IT side of recovery. DR outlines the ways in which you will address and restore disruptions to IT operations in order to minimize downtime after a disaster. DR covers data access, hardware, software, power outages, connectivity, etc.


  1. Business Continuity focuses on keeping operations up and running during extreme duress while disaster recovery is concerned with returning them to normal as quickly as possible.
  2. Business Continuity Plans look to minimize operational downtime while disaster recovery plans attempt to limit system malfunction.
  3. Business Continuity Plans are all-encompassing strategies that cover every facet of business operations whereas disaster recovery plans are just one facet of the threat mitigation process.


A strong Businesses Continuity Plan (BCP) should address the following:

  • Risks: Assess what possible disruptions you are at risk for based on your location, structure, vertical, etc.
  • Impact: Outline the effect possible disaster scenarios could have on your business.
  • Prevention: Identify systems and methods that can lower your risk for potential disaster.
  • Objectives: Identify goals in the event of an emergency. At what point have you succeeded?
  • Key Personnel: Establish roles and responsibilities in the case of an emergency. Be sure to also clarify who is responsible should any team member be unable to perform their task and distribute contact details for all key recovery personnel.
  • Response: Detail exactly what should happen in response to each possible scenario.
  • Backup Plans:  Create a list of backup assets (offices, equipment, etc.) that can be used if needed.
  • Distribution: Deliver and discuss your plan with key employees who will be responsible in the event of an emergency.


A strong Disaster Recovery Plan (DRP) should address the following:

  • Technology: Identify and catalog all systems, software, hardware, and processes that are crucial to your operation.
  • Recovery Time Objective (RTO): Set a desired timeframe for completing data restoration before the situation becomes critical.
  • Recovery Point Objective (RPO): Pinpoint a maximum interval of time your organization expects to be down before recovering from data loss.
  • Recovery Protocols: Establish protocols that identify clearly defined responsibilities and methods of communication in the face of a disaster.
  • Testing: Mock disaster scenarios to ensure your processes work as they are intended to.
  • Distribution: Deliver and discuss your plan with key employees who will be responsible in the event of an emergency.

Both BCPs and DRPs should also be kept current through regular review and testing.

If you need help identifying potential vulnerabilities and creating strategies that help mitigate these risks our specialized technology professionals are well equipped to help. Contact us today to find out how.