Jatkuvuussuunnitelmat

Sometimes an unexpected event, such as a fire, flood, or equipment failure, can cause downtime. In order to be able to continue operations as quickly and smoothly as possible, continuity planning is carried out, i.e. planning the operations in advance for these exceptional situations.

Each continuity plan shall contain at least the following information:

• Event for which the plan has been made
• Goal for recovery time
• Responsible persons and related stakeholders and contact information
• Planned immediate actions
• Planned recovery steps

The organization must maintain a top-level strategy for continuity planning. The strategy should include at least:

• Guidelines for defining continuity planning recovery time objectives and the adverse events requiring continuity plans
• Management commitment to continuity planning and improvement
• Description of the organization's risk appetite

In order to develop a strategy, it may be necessary to make use of general good practices, such as ISO 22300.

The organization shall have procedures in place to communicate effectively with stakeholders and other participants during continuity plans and survival procedures.

Communication plans related to continuity plans shall include:

• Responsible persons, related stakeholders and other necessary contact information
• Clear criteria for the situation where continuity communication will be implemented
• A clear description of the staff implementing the continuity communication in each situation and the recipients to whom the communication will be sent
• References to the templates and tools to be used