...
When an incident turns into an event like a disaster, breach, or something which classifies it as a Severity 1
When the estimated time of resolution for a potential breach is greater than the normal estimated time for regular security incidents
When the recovery of an incident is uncertain, a decision must be made to invoke the business continuity plan if the disruption cannot be resolved within the specified incident recovery timelines
When the resolution of an incident with critical customers, depending on their service-level agreements is delayed, then the BC plan must be triggered
...
We have a decentralized leadership with 9 directors managing separate areas of the business. We have 2 CXOs who operate from different parts of the world and have equal business know-how and legal rights to act on each others' behalf.
Business Continuity Test
After formalizing the business continuity plan, or BCP, the next important step is to test the plan. Testing verifies the effectiveness of the plan, trains plan participants on what to do in a real scenario and identifies areas where the plan needs to be strengthened.
This policy will be reviewed at least annually or when significant business changes occur by the Axelerant Leadership team.
References
...