3.8 Chapter Summary 131
Chapter 3
3.7 Premises Issues
This section of the BCP should include contingency plans for designating
who is given responsibility and authority for building repair decisions, what
backup power arrangements have been made, and so forth. In a situation
where building repairs need to be made, there should be a list of contractors
for each type of building process that may be necessary. For example, for
damage to walls and roof, you may need to contact masonry and roofing
contractors. Appendix C of this book is a physical facility questionnaire
that is useful in developing mitigation strategies for this section of the plan.
In the event that the emergency situation affects the organization’s pre-
mises, it is necessary to have information at hand regarding the authority
levels (and responsibility) of individuals involved in the emergency recovery
procedures, which would enable them to effect repairs immediately. If the
premises are leasehold, the information on the responsibilities of the organi-
zation to make emergency repairs will normally be contained in the lease
documentation. If the premises are freehold, then the organization will not
normally have to seek approval from outside parties before making emer-
gency repairs. The team charged with restoring the premises to normal
working conditions will need to understand their levels of authority for
commissioning works from outside contractors. Very often, in an actual
emergency situation, it is difficult to obtain approvals urgently. For this rea-
son, the BCP should contain information on the authority levels available
and how further approvals may be obtained in the event of such emergen-
cies occurring.
3.8 Chapter Summary
In this chapter, we took a look at various mitigation strategies that you can
employ in your organization. We started by discussing preventative mea-
sures that information security managers can take to protect the assets they
Figure 3.1
Emergency 911
contact list.
Get Business Continuity and Disaster Recovery for InfoSec Managers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
