DRJ's Spring 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 32, Issue 1

Full Contents Now Available!

An important aspect of business continuity planning is organizing and structuring the Plan. The most common approach is to develop and structure the Plan using various recovery teams. This article describes the roles and responsibilities related to several of the recovery teams.
Contingency Organization Structure

The structure of the organization during a disaster event may not have the same form as the existing organization chart. The contingency organization is often structured with multiple recovery teams with a relative flat structure. The goal of the contingency organization is to accomplish a rapid and smooth recovery process.

Recovery teams are operational groups responsible for restoring specific functions. The teams have specific responsibilities that allow for a quick and successful recovery process. Each team should have the authority to implement and accomplish the procedures contained in their section of the plan.

Within each team, a leader/manager and alternate should be designated. These persons provide the necessary leadership and direction to implement the plan and carry out the assigned duties and responsibilities at the time of a disaster.

Potential Recovery Teams

The number and types of teams should be based on the unique needs of an organization such as industry, size, complexity, number of locations, number of platforms, technology complexity, and other factors. Larger organizations may need more teams and smaller organizations usually require fewer teams.

Potential teams include:

- Management Team
- Emergency Response Team
- Damage Assessment Team
- Security Team
- Notification Team
- Facilities Support Team
- Administrative Support Team
- Logistics Support Team
- User Support Team
- Departmental Recovery Team
- Computer Backup Team
- Offsite Storage Team
- Systems Software Team
- Communications Recovery Team
- Applications Support Team
- Database Recovery Team
- Production Team
- Computer Restoration Team
- Internet Restoration Team
- Human Relations Team
- Public Relations Team
- Purchasing and Transportation Team
- Legal Recovery Team
- Risk Management Team
- Accounting Recovery Team
- Financial Support Team
- Travel Support Team
- Other Recovery Teams

Various combinations of the above teams are possible, depending on the size, complexity and requirements of the organization. Many organizations use variations of the following four basic teams: the Management, Administrative, User, and Technical Recovery Teams as described below.

Management Recovery Team

The Management Recovery Team may have the following general responsibilities:

  •  Receiving the Initial Disaster Alert
  •  Verifying and Assessing the Disaster
  •  Activating the Business Continuity Plan
  •  Performing Notification Procedures
  •  Coordinating Recovery Action Planning Activities
  •  Establishing the Emergency Operations Center

- Facilities

  •  Equipment and Supplies
  •  Personnel
  •  Documenting Recovery Operations
  •  Recovery Status Reporting
  •  Emergency Accounting Procedures

- Monitoring Recovery Operations

The Management Recovery Team often includes two important positions, the Business Continuity Administrator and the Business Continuity Coordinator.

Business Continuity Administrator

The Business Continuity Administrator is often responsible for supervising and controlling recovery activities on an overall basis, and providing managerial direction to the leaders of all Teams. This position may have final decision-making authority with respect to recovery operations.

Business Continuity Coordinator

The Business Continuity Coordinator is responsible for coordinating recovery activities between the Management Recovery Team and the other recovery teams. The Business Continuity Coordinator also may be responsible for maintaining documentation relative to the recovery process. In addition, this position is often responsible for:

Developing/maintaining the Business Continuity Plan
- Distributing the Plan and subsequent updates
- Business Continuity Plan training
- Testing the Plan

The Administrative Recovery Team

The Administrative Recovery Team may have the following responsibilities:

- Facilities
- Insurance
- Administrative Support
- Payroll
- Personnel/Employee Benefits
- Public Relations
- Press Releases
- Transportation/Travel
- Personnel
- Security
- Records
- Notification of Families
- Police/Fire Liaison
- Temporary Personnel Selection
- Facility Security

It may be helpful for the Administrative Recovery Team to prepare a sample news release in preparation for a potential disaster event. It could include:

- Amount and type of damage
- Approximate status of the organization
- Approximate time the organization will be operating and open for business
- Instruction to employees
- Instructions to the public
- Assurances that the crisis is under control

It may be advisable not to say 'No comment' to news media questions, because the media may assume the worst.

User Recovery Team

The User Recovery Team may have the following responsibilities:

- Notifying key personnel, critical vendors, and other important parties to communicate the immediate tasks that need to be quickly accomplished

- Determining the user department immediate status and needs
- Verifying personnel status
- Determining how high priority tasks may be accomplished
- Notifying necessary departmental staff
- Arranging for basic support services required for operations
- Monitoring the user department recovery process

To facilitate the recovery process, it is extremely important to have the following information documented within the Plan for all critical business processes:

- Description of the process: The description of the high priority user process or business function.
- Execution cycle: The execution cycle identifies how frequently the process is performed (e.g., hourly, daily, weekly, etc.).
- Priority: The priority can be defined as High, Medium or Low. The priority is based on the affect of a systems outage on essential services, financial, legal and regulatory, and operational processes.
- Volume level: The volume level identifies the number of transactions completed in a defined cycle of the critical business process. This may include the amount of phone calls in a day, week or month, or other information such as the amount of correspondence completed within an identified time frame.
- Maximum acceptable outage: The maximum acceptable outage is the longest period of time a process can be deferred before resorting to the interruption procedures (i.e. temporary operating procedures).
- Sustainable interruption procedures: This information identifies how long the interruption procedures can be effective before the critical business process experiences a significant reduction in business or effectiveness.
- Automated systems used to support critical business process: Computer systems and technology used by the department that is vital in performing the critical business processes.

Failure of these systems and technology would cause the department to perform some or all of the interruption procedures.

- External parties used to perform critical business process: Third party vendors, trading partners or service relationships that provide data or other information that is required to perform the critical business process.
- Interim operating procedures: This information identifies the detailed temporary operating procedures that must be performed until the systems affected by the disaster event have been restored. These procedures are often manual in nature.
- System restoration procedures: The procedures required to take the information processed as a result of the Interim Operating Procedures and restore them into the affected computer systems, once they have been made operational.
- Facility and Staffing Requirements: This section outlines any facility or staffing additions or changes required to perform the critical business processes.
- Other resources required to support Interim Operating Procedures: This section outlines any other resources (special equipment, forms and supplies; hard copy reports; documentation; office space, etc.) that need to be available to the department to perform the interruption procedures.

Technical Recovery Team

The Technical Recovery Team is responsible for restoring systems that have failed including both operational and technical considerations. This Team is also responsible for managing the technical resolution of computer related disruptions.

The Technical Recovery Team may have the following responsibilities:

- Help desk
- Communications network restoration
- PC equipment restoration
- Restoration of application systems to operational status
- Restoration of system databases and files from backup copies of electronic media
- Staffing to supervise operations
- Hardware
- Systems software
- Application software
- Databases
- Programming
- User equipment
- Internet/Intranet/Extranet
- Travel arrangements to the alternate processing location
- File backup
- Offsite storage retrieval
- Activation of the alternate processing location
- Deactivation of the alternate processing location and transition to normal operations

Team Members

The recovery teams typically include many of the individuals that were involved in developing the business continuity plan such as senior management and the functional line managers within the organization. Team members may also include external resources such as critical vendors and consultants. Several recovery teams may have responsibilities related to both the primary location and the alternate site. Accordingly, a single individual should not be assigned to serve both functions.

The number of members assigned to a specific team can vary depending on need. It is important that the same person not be assigned to more than a single team. If a person is assigned to more than one team, it may indicate a need to cross train additional personnel to reduce the reliance on a single individual. The attached Team Assignment Form can be used to document the members assigned to each team.


A well-structured business continuity plan can directly affect the recovery capabilities of an organization. The contents of the plan should follow a logical sequence and be written in a standard and understandable format. The recovery team approach facilitates organizing, structuring and implementing the business continuity plan.


Tina L. Vick, CBCP, CFSA, is a Director at LBL Technology Partners. She has national responsibility for their business continuity planning products and services.
Geoffrey H. Wold, CPA, CMA, CMC, CDP, CSP, CISA, CFSA, CIRM, is a Partner and the Managing Director for LBL Technology Partners. He specializes in providing a wide range of technology planning services for a variety of industries and has written 20 books on several technology topics including eight books on business continuity planning.