Directions and Table of Contents

Instructions:

A Go through each tab and enter applicable information. Be as complete as possible. The more info
your plan will be.

B You may use the table of contents below to hyperlink directly to a tab or you may select a tab as n

C In some cases, the first line of the form contains sample data. You should delete these entries and

D This workbook is completely unprotected, so you may add or change the contents. We suggest th
this workbook when completing your disaster plan.

Table of Contents (TOC):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Threat Matrix
Critical Processes
Who Can Declare A Company Emergency or Disaster
Evacuation of Facility
Communication Plan
Backup Facilities
Emergency and Vendor Numbers
Employee Contact Information
Vendor List
Client Contacts
Notification Matrix
Insurance, Financial, and Legal Contacts
Licenses & Permits
Disaster Recovery Systems
Hardware Inventory
Software Inventory

Phone: 845-362-9675
Email: contactus@xsolutions.com
Web: www.xsolutions.com
possible. The more information you have the better

you may select a tab as normal to work on

delete these entries and enter your own information.

contents. We suggest that you work with a copy of

XSolutions provides convenient, fast,

and expert computer support to
businesses.
Services:
Computer Support
Cloud & Hosted Services
IT Backup/Disaster Recovery and
Business Continuity
Microsoft SharePoint
Custom Software Development
Business Intellegence
General Technology Consulting
Managed Web Hosting

lutions.com
com

convenient, fast,
r support to

ices
ecovery and

velopment
e
Consulting
ng

Threat Matrix

Identify all disasters that may affect facility and give each threat a probability of occurance score of Lo
tab into template and write how to respond. There should be a procedure covering each identified thr
personnel, reviewed and adjusted as necessary.

Identified Treat
Fire
Flood and water damage
Earthquake
Hurricane
Bomb Threat
Terrorist Attack
Malicious Intruder
Social Engineering Attack
Denial of Service Attack
Pervasive Malware Attack
Stolen Confidential Information (digital and documents)
Loss of Key Digital Files and/or Databases
Server Failure

hreat a probability of occurance score of Low (L), Medium (M), High (H); revise list as necessary. Then reference
e a procedure covering each identified threat regardless of score, with those rated High completed first. Proced

Score (L/M/H)

e score of Low (L), Medium (M), High (H); revise list as necessary. Then reference the appropriate procedure. If n
entified threat regardless of score, with those rated High completed first. Procedures should be distributed to ap

Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference
Reference

Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure
Procedure

Response
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a
location or add a

sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet
sheet

with
with
with
with
with
with
with
with
with
with
with
with
with

details
details
details
details
details
details
details
details
details
details
details
details
details

Assess the common threats in y

those that may not be so comm
and score their probability.

Make sure each identified threat

procedure on how to respond.
Make any appropriate changes.
your plan.

Back to TOC

appropriate procedure. If none, insert a

should be distributed to appropriate

s the common threats in your area as well as

that may not be so common (i.e. Terror, etc.)
core their probability.

sure each identified threat has a detailed

dure on how to respond.

any appropriate changes. Remember, this is

plan.

Critical Processes

Identify the critical processes needed to continue operations after a disaster and until you again have
These are the pocesses along with their corresponding applications and systems that must be restore

Process
Accounts Receivable

Dept/Area Responsible
Finance

a disaster and until you again have full use of your facilities and systems.
and systems that must be restored immediately to continue operations

Supervisor or Manager
Mary Jones

Employees Involved
Frank Smith

Back to TOC

Who Else Can Do This Job?

Howard Jones

Physical Space Requirements

Separate cubicles

Equipment Requirements
PC, Internet Connection, phone,
printer and copy machine.

Software Requirements
Quickbooks, MS Office

Records Required
Quickbook files, billing records

Assigned Backup Facility (See Tab)

Emergency IT Backup Ctr.

Who Can Declare A Company Emergency or Disast

It is important to decide before hand, who in the company can declare a disaster and invoke the comp
This is purly for the authorization of company funds to provide backup facilities, expenditures, proper
that Emergency responders (i.e. Fire Department, Police, etc.) are called immediately when disaster s

Nbr.
1
2
3

Name
Anthony Smith

Title
President

If all of the above authority figures cannot be reached, when can employees assume that e

mergency or Disaster

Back to TOC

eclare a disaster and invoke the company's emergency procedures.

ackup facilities, expenditures, proper response, etc. It is important
re called immediately when disaster strikes. PEOPLE SAFETY IS PARAMOUNT!

Authorization
Complete authorization
If #1 is not available
If #1 and #2 are not available

hen can employees assume that emergency conditions warrant the invoking of the Disaster Plan?

ack to TOC

he Disaster Plan?

Evacuation of Facility
Orderly evacuation procedures should be clearly defined and employees trained and drilled.
Conditions That Warrant Immediate Evacuation Of Premises (No Authorization Needed):
Nbr.
1
2
3
4
5
In All Other Cases, Evacuation Requires Authorization From One Of The Following :
Nbr.
1
2
3
4
5

Evacuation Routes and live drills should be implemented periodically so all employees kno

Employees Responsible For Directing The Evacuation And Checking Premesis That All Area
NBR.
1
2
3
4
5

Evacuation of Facility
Orderly evacuation procedures should be clearly defined and employees trained and drilled.
Conditions That Warrant Immediate Evacuation Of Premises (No Authorization Needed):
Condition
Fire

In All Other Cases, Evacuation Requires Authorization From One Of The Following :
Authorized person
Robert Hall, Operations VP

Evacuation Routes and live drills should be implemented periodically so all employees know how t

Employees Responsible For Directing The Evacuation And Checking Premesis That All Areas Are Cl
Authorized person
Jack Smith, 2nd floor warden

Back to TOC

NOTE: Instructions/orders from

Government, Civil, and Law
Enforcement authorities supersede
company procedures and
management instructions.
PROTECTION OF LIFE SHOULD BE
THE PRIMARY CONCERN IN ANY
EMERGENCY.

to exit the premesis safely under various conditions.

Communication Plan

It is critical that employees and clients know how to get information and contact necessary parties du
Make the appropriate changes to create a viable plan to use for communications.

Internal Communications

The following individuals are responsible for contacting the employees within the designated Departm
Dept./Area
Finance

The following designated employees are the only ones that can post to the company's web and social
Name
Mary Roberts

Employees can monitor company information and give feedback concerning the disaster:
Company's Website Emergency Page URL:
Company's Private Employee LinkedIn Group:
Company's Twitter ID:
Client Communications

Only the following personnel may directly contact clients to update them on the company's Disaster R
Employee Name
Josh Smith

Clients can monitor company information and give feedback concerning the disaster:
Company's Website Emergency Page URL:
Company's Private Client LinkedIn Group:
Company's Twitter ID:

how to get information and contact necessary parties during and after a disaster.
ble plan to use for communications.

contacting the employees within the designated Departments/Areas with further instructions:
Designated Contact
Designated Contact's Cell
Howard Frank
555-555-5555

only ones that can post to the company's web and social media pages regarding the disaster:
Title
Note: be careful of the information posted and
VP of Human Resources
iformation that can and should be shared with t

n and give feedback concerning the disaster:

www.yourcompany.com

ntact clients to update them on the company's Disaster Recovery progress:

Limits Of Information Shared With Clients
Only comment on progress of setting up new
facility

d give feedback concerning the disaster:

Note: Communication Plans need to be set up w

disaster strikes and web pages, social media con
up exclusively for clients.

Back to TOC

Designated Contact's Email

hfrank@yourcompany.com

mation posted and make sure it is

uld be shared with the target audience.

Your Designated Contact will contact you using

the employee contact information on file. He or
she will use company owned assets (i.e. company
cell phone, official company email, etc.) first.
If company owned communication vehicles are
not operational, your Designated Contact will then
use your private contact information to get in
touch with you.

need to be set up with clients well before a

es, social media contact points, etc. must be set

act you using

on file. He or
ts (i.e. company
, etc.) first.

vehicles are
Contact will then
on to get in

Backup Facilities
Tell employees where they should go should your office become inoperable after a disaster
Backup Facility Name
Emergency IT Backup Ctr.

Scope of Services
Full IT Services

operable after a disaster

Type (Hot/Cold)?
Hot

Average Time To Become Operational

3 Hours

Back to TOC

Limitations of Site
None

Address
123 Elm Street, Anywhere USA

Contact's Name
John Jones

Contact's Tel. Nbr.

(123) 555-5555

Contact's Email
jjones@company.com

Who Should Report

All IT personnel

When To Report
When emergency is declared by management

Emergency and Vendor Numbers

Instructions: List contact information for agencies, companies, etc. that may be needed in an emer
Agency
Fire Dept.
Police
Hospital
Paramedics
Dept. of Homeland Security
FBI
National Security Agency (NSA)
Manged IT Provider (MSP)
Facility Manager
IT Backup Facility Provider
Insurance Company
Electrician
Plumber
HVAC Vendor
Security Guard Agency
Temporary Personnel Agency
Office Equipment Vendor

Tel. Nbr.
555-555-5555

ies, etc. that may be needed in an emergency

Address
123 Elm Street, New York, NY 10562

Contact's Name
Theodore Ruskin

Back to TOC

Contact's Tel Nbr.

555-555-5555

Make appropriate changes to the list. Make sure all

Government and legal authorities appropriate for
your industry are included.

ist. Make sure all

appropriate for

Employee Contact Information

Enter complete contact information
First Name
Jack

Last Name
Smith

Back to TOC

Dept.
Finance

Title
A/P Clerk

Responsibilities
Accounts Payable

Office Phone Nbr.

555-555-5555

Company Cell Phone Nbr.

555-555-5555

Home Phone Nbr.

555-555-5555

Personal Cell Phone Nbr.

555-555-5555

Company Email Address

jsmith@yourcompany.com

Personal Email Address

123 Birch Ave, New York, NY 10561

Alternate Contact Name

Mary Smith

Alternate Contact Address

123 Birch Ave, New York, NY 10561

Alternate Contact Home Phone

555-555-5555

Alternate Contact Cell Phone

555-555-5555

Alternate Contact Email Address

msmith@gmail.com

Vendor List
List all vendor contact information
Vendor Name
ABC Corporation

Address
One ABC Way, Redmond, WA 98502

Service or Product
Main Accounting SW

Main Tel. Nbr.

555-555-5555

Back to TOC

Contract Number
MS12345

SLA
1 hour

Rep's Name
Kyle Redman

Rep's Tel. Nbr.

555-555-5555

Rep's Email
kredman@abccompany.com

Location of Documents
Offsite Storage Location #1

Client Contacts

List the main contacts for each client in the event you need to contact them from an alternate locatio
Client Company
XYZ Accounting

Address
789 Elm Street, New York, NY
11143

ed to contact them from an alternate location and you do not have access to your office systems
Main Tel. Nbr.
555-555-5555

Client Website
www.xyz.com

Main Contact's Name

Frank Herbert

Back to TOC

systems
Contact's Office Tel.
555-555-5555

Contact's Cell Phone

555-555-5555

Contact's Email Address

fherbert@xyz.com

Notification Matrix

Make sure all contacts below are listed in Emergency Numbers and/or Employee Contact tabs If issues

If There Is A Problem With:

General Office Issues (water leak, power, etc.)
Computer Equipment
Server Room Air Conditioner
Critical Software Issues
Office break-in, intrusions, etc.
Fire

gency Numbers and/or Employee Contact tabs If issues are detected concerning the following areas, contact the
Then Call:
1st
Operations Manager / Office Mgr.

CEO / Owner

IT Manager; Managed IT Provider

Operations Manager / Office Mgr.

IT Manager; Managed IT Provider

Operations Manager / Office Mgr.

IT Manager; Managed IT Provider

Operations Manager / Office Mgr.

Police

Operations Manager / Office Mgr.

Fire Dept.

Operations Manager / Office Mgr.

2nd

Back to TOC

ng the following areas, contact these agencies and/or individuals:

3rd

CEO / Owner
CEO / Owner
CEO / Owner
CEO / Owner
CEO / Owner

Employees need to know who to contact when

something happens. larger companies may use titles
to designate who to call. Smaller companies can use
names.

ontact when
nies may use titles
ompanies can use

Insurance, Financial, and Legal Contacts

List this information for easy reference

Insurance
Company/Broker
DEF Insurance

Company/Broker Tel. Nbr.

555-555-5555

Financial
Institutions
Name

Type

Accountants
Company Name

Area of Expertice

Legal Team
Company Name

Area of Expertice

d Legal Contacts

Company/Broker Address
12 Policy Ave, NY, NY 10345

Policy Number
Ins123456

Address

Account Number

Address

Customer Number

Address

Customer Number

Back to TOC

Type of Policy
Fire

What's Covered?
all locations

Contact's Name

Contact's Tel. Number

Contact's Name

Contact's Tel. Nbr.

Contact's Name

Contact's Tel. Nbr.

Location of Documents
Offsite Storage Location #1

Location of Documents

Do you have access to immediate

funds for continued operations until
your insurance kicks in?
If not, then the time to address
this issue is now, not when a
disaster strikes!

Location of Documents

Location of Documents

Licenses & Permits

List the licenses and permits your company is required to have by law to operate along with their phy
License/Permit Number
Building/123456

Issued By
City of New York

ave by law to operate along with their physical location and backup copies.
Agency Name and Contact Info
Dept. of Housing

Purpose
Occupancy Permit

Back to TOC

Date Issued
1/1/2013

Next Renewal Date

1/1/2015

Location of Hard Copy

office Safe

Location of Backup Copy

Offsite Storage Location #1

Disaster Recovery Systems

Describe the IT Disaster Recovery systems your company is using. How will your company survive if y

Vendor
ABC IT Company

Address
1212 Forest Dr., NY, NY 10097

Support Tel. Nbr.

555-555-5555

Back to TOC

r company survive if your facilities and all computer equipment were destroyed?

Serial Nbr.
DR67890

Customer Nbr.
Average Size of Backup File
126409 1 TB

Max. Size of Backup System Allows

3 TB

What Systems Are Protected (i.e. Servers, Workstations, etc.)?

Servers, Workstations

Is There An Onsite Backup Device (Yes/No)?

Yes

Is There Failover To Cloud Capability (Yes/No)?

Yes

Is There Bare Metal Restore (BMR) Capability (Yes/No)?

Yes

Hardware Inventory

Enter as much information as possible about all hardware. This will help to service equipment, purcha

Type
Server 1

Is Machine Critical To Operations (Yes/No)?

Yes

lp to service equipment, purchase suitable replacements if needed, and report losses for insurance purposes

User's Name
N/A

Manufacturer
HP

Back to TOC

ded, and report losses for insurance purposes

Manufactures Contact Info

555-555-5555

Serial Number
MXL123987

Internal Reference
Accounting Server 1

Date Purchased
1/1/2012

Purchase Price
Managed Services Provider (MSP)
5,000.00 ABC IT Company

Operating System
Win Server 2012

Domain Name
yourcompany

Contract/Lease Number (if applicable)

N/A
64 MB

RAM

Hard Drive Size

1 TB

Processor
Intel 3705

Software Inventory

List all software used in company operations. This will help when service is needs, to replace as neces

Software Name
Quickbooks

Product Number
QB2014

License Number
QB12345

needs, to replace as necessary, and for insurance purposes.

Special System Requirements

Minimum Windows 7 OS
Intuit

Vendor

Back to TOC

Vendor's Contact Info

555-555-5555

Is Software Critical To Operations (Yes/No)?

Yes

Function
Accounting

Used In Dept/Area
Finance

User Names
user123

Location of Installation Media (CD's, File, etc.)

Location Of Backup Media
Office safe
Offsite Storage Location #1