ISO 28000:2007

7/14/2021 Tutor notes

GVS RAO
06-01-2021

Gobburu Venkata
G2 BUSINESS EXCELLENCE
1. What is Contingency Planning and where does it fit?
Here is a practical definition for Contingency Planning from an excellent book: “The process
of planning for response to an event or emergency, managing the escalation of an
emergency into a crisis condition, recovery and resumption of activities from an emergency
or crisis for the infrastructure, critical processes, and other elements of a business or
organization. The process of building all the elements of a plan focused on mitigating any
interruption to business operations.”1

As figure 1 implies, thorough contingency planning requires:

 The identification of every aspect and requirement of the organization – all

missions and under both normal and emergency operations;
 Continuous feedback between the planning and execution of those normal
and emergency operations;
 The establishment of goals, objectives, metrics, and measures of
effectiveness (MOE) with which to assess the feedback, and identify/analyze
gaps between the actual and the required;
 Systems of controls for processing the results of the gap identification and
analyses; and
 A Continuous Improvement imperative and mindset to motivate and optimize
the entire process.

1
Halibozek, E. et al, The Corporate Security Professional’s Handbook on Terrorism, Butterworth-Heinemann,
Burlington, MA, 2008

1|Page