ABSTRACT
An important component of the information security policy is the section that describes the steps that the business will take if a disaster were to strike the company. There are two essential questions that a disaster recovery plan must answer. The first is what are the immediate steps that must be taken during or immediately after the disaster to ensure the safety of our employees and ensure that the company is able to resume critical business functions in the shortest time possible? The second question relates to the longer term. Now that the disaster has struck and we have recovered to a minimally operational state, what steps do we take to bring the business back to the state it was prior to the disaster? The first step is the disaster recovery process and the second step is commonly referred to as business continuity planning.
