Plan Validation Checklist
Plan validation completes the policy integration, risk assessment, impact analysis, recovery strategy selection and Continuity Plan program awareness and training steps. BCP highly recommends that you don't come up short on this checklist.
- Plan validation objectives are comprehensive, approved and measurable.
- Plan validation is scheduled on a regular basis and included in the Policy Compliance Certification.
- Plan validations are as broad and complete as possible.
- Plan validation exercise objectives support your Recovery Time Objective (RTO) and Recovery Point Objective (RPO) and challenge the Plan.
- Each validation exercise (tabletop, walk-through or full) has appropriate metrics to meet or exceed Policy Compliance Certification and references its policy compliance component(s).
- Auditors are included in the validation process.
- Executive, “upper-management”, crisis management and customers (and vendors as applicable) are included in the validation objectives approval process, validation's results report distribution list and are invited to the Plan validation command center as appropriate.
- Plan validation results and the Plan changes resulting are integrated into documentation.
- Required Plan revalidation items are captured and are included in the "next scheduled validation" as appropriate.
- The validation “results” report includes those activities, successes, shortcomings, individuals and teams involved (internal and external) and how each addressed, point-by-point, the objectives of the validation plan objectives.
Plan validation is a key measure of the success of your Business Continuity Planning program. Let us know any comments you may have on this checklist and what you are doing for Plan validation. We intend to put some of the comments received on our website, so let us know if we can list yours and check back to see what others have said.