ABSTRACT
After many information security and recovery/contingency
practitioners have enjoyed the success of getting their
programs off the planning board and into reality, they
are then faced with another, possibly more difficult chal-
lenge . . . keeping their organization’s program “alive
and kicking.” More accurately, they seem to be struggling
to keep either or both of these programs (business con-
tinuity and information security) active and effective.