ABSTRACT
After many information security and recovery/contingency practitioners have enjoyed the success of
getting their programs off the planning board and into reality, they are then faced with another, possibly
more difficult challenge . keeping their organization’s program “alive and kicking.” More accurately,
they seem to be struggling to keep either or both of these programs (business continuity and information
security) active and effective.