Testing and updating the plan
Dell has identified five "common mistakes" organizations often make related to BCP/DR planning: The auditor determines the adequacy of the company's insurance coverage (particularly property and casualty insurance) through a review of the company's insurance policies and other research.
Among the items that the auditor needs to verify are: the scope of the policy (including any stated exclusions), that the amount of coverage is sufficient to cover the organization’s needs, and that the policy is current and in force.
Copies of it are stored on and off site and are made available or accessible to those who require them.Types of tests include: checklist tests, simulation tests, parallel tests, and full interruption tests.Due to high cost, various plans are not without critics.Business Continuity refers to the ability of a business to continue critical functions and business processes after the occurrence of a disaster, whereas Disaster Recovery refers specifically to the Information Technology (IT) and data-centric functions of the business, and is a subset of Business Continuity.Adequate records need to be retained by the organization.
Search for testing and updating the plan:
Although there is no one-size-fits-all plan, The first three (Business Resumption, Occupant Emergency, and Continuity of Operations Plans) do not deal with the IT infrastructure.