The results of continuity plan testing or activation are compared to recovery objectives, and plans are improved accordingly
Context and Guidance: Both continuity plan testing and activation of plans in actual incidents can provide insight about whether plans work as intended. After either a test or an activation of a plan, results should be compared with the plan’s recovery objectives, including any defined RTOs and RPOs. Areas where objectives could not be met should be recorded and strategies developed to review and revise the plan. Improvements to the testing process and plans should also be identified, documented, and incorporated into future tests. Continuity plan testing and activation may also reveal needed improvements due to • lack of sufficient resources • lack of appropriate resources • training gaps for plan staff and stakeholders • plan conflicts (if multiple plans are tested simultaneously) • infrastructure shortcomings
Related Practices • Input From: Implementing RESPONSE-4g provides input that may be useful for implementing this practice.