For example, a Business Continuity Plan  for a small business may be as simple as a printed manual stored safely offsite, containing the names, addresses, and telephone phone numbers of critical management staff,  clients, and vendors. Also included would be the location of the offsite hardware, software, and data backs ups along with any encryption keys required for retrieval. A list of key functions that need to be performed, who is responsible for each function, and in what order these functions need to be performed.

Also important are copies of insurance policies, tax ID numbers, bank account information, vendor account numbers, and other critical information required to carry on day-to-day business.

A more complex plan may provide for an alternate work site or a VPN site so employees can work from home. Backup warehouse facilities, alternate suppliers, transportation vehicles, and redirection of inbound telephone services may also be part of a plan.

The are generally 5 main steps in creating and maintaining a BCP:

1. Analysis

2. Specification and Design of the Plan

3. Build or Implement the Plan

4. Test the plan and modify if necessary

5. Review and modify the plan as needed on a periodic basis.

But most importantly is the definition of scope. What level of disaster will be planned for? What is the budget to develop and, most of all, implement the plan? What level of planning is required by your investors, your insurers, or industry or government regulators?