Active Audit Agency

т: +38(044) 228-15-88


Business continuity Plan development and implementation (BCP/DRP)

What is it?

Information systems are vital elements of the almost all business processes and they're required for successful work of the company. Any system failure is a strategic risk with a serious consequences. Planning of business continuity is targeted to reduce risks exposure during crisis situations and disasters.

It may be reached creating appropriate plans and procedures and implementing technical controls, which allow quickly and effectively recover systems in critical situations.

Business Continuity Planning (BCP) helps our customers to keep business operations, save time, reduce errors and potential losses, define volume of the costs required to recover or continue operations in crisis situation.

Why do you need this? What is the difference between BCP and DRP?

Business Continuity Plan - BCP) is focused on business process maintenance during and after crisis situation. Business process examples are customers' currency payments support, payroll process etc. BCP can be prepared for specific business processes or to all core business processes. IT systems from BCP point are reviewed in order to support business processes. In some cases BCP may not rely to long term process recovery and normal functioning restore. It may only focus on a time requirements from business continuity perspective.

Disaster Recovery Plan - DRP is related to catasprophic events when information systems may become unavailable for the long term. DRP often focuses only on IT systems and is targeted to recover normal functioning of separate system on the backup site after disaster happens.

Both Business Continuity and Disaster Recovery Plans are the part of crisis management activities.


Active audit agency while developing and implement business continuity plans is guided by the followinf international standards:

  • ISO/IEC 27001:2005 (ISO/IEC 17799:2005),
  • BCI (The Business Continuity Institute),
  • CobiT (Control Objectives for Information and related Technology),
  • NIST (National Institute of Standards and Technology), Contingency Planning Guide for Federal Information Technology (IT) Systems.

BCP/DRP development and implementation stages

When planning busness continuity Active audit agency experts perform:

As a result you will get:

  1. Working and tested internal documents (policies, procedures) which describe the nesessary actions before, during and after crisis situations.
  2. Trained personnel able to act calmly in the crisis.


You will get the following benefits on BCP implementation:

  • quick and effective business process recovery after failure;
  • reduction of financial losses during disaster situation;
  • satisfaction of customers', regulators', shareholders', management and other interested parties requirements;
  • improvement of company image and reputation.