Business Continuity Management

  • Published on Mar 26, 2026
  • 2 minute(s) read
Prev Next

WHAT IS BUSINESS CONTINUITY MANAGEMENT AND WHY IS IT IMPORTANT?

About This Control

Summary: Business Continuity Management plans enable the organization to recover from unexpected outages, such as IT infrastructure failures due to cyber attacks as well as natural causes.

For business continuity the dashboard reports on two things: recovery exercises and workaround procedures:

  • Recovery exercises test the ability of the organization to bring impacted systems back up to a recovered state so they are able to support critical business processes.

  • Workaround procedures support critical business function during the time that the systems are being recovered. For example, a manual process that would provide support for the business function but does not require the IT systems that typically support it.

This dashboard also reports on containment and remediation times for security incidents. That is, the time needed to contain the incident and keep it from spreading, and the time needed to recover from the incident and restore normal operations.

Why It Matters

  • Business Continuity supports operation of critical applications and infrastructure following disruptions due to natural or man-made causes. It allows the company to continue to function and provide its goods and services through alternate resources when normal operations are impacted.

  • Incident Response enables the organization to contain the impact and spread of a cybersecurity event, and then to recover systems back to normal status.

Risks Addressed

  • Without a documented and tested business continuity management plan, an unexpected outage can prevent the organization from conducting business, leading to financial losses and multiplying the impact in other ways, such as increasing reputational damage.

  • Without viable incident response, a cybersecurity incident can lead to an extended business outage, increased data loss, and other negative impacts that accumulate the longer the incident goes uncontained and unresolved. Tracking contain and remediation times shows if these times are, on average, within the expected targets.

CONTROLS THIS DASHBOARD REPORTS ON

  • NIST CSF v2.0: ID.IM-04 Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved

  • PCI-DSS v4.0.1: 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident. The plan includes, but is not limited to... Business recovery and continuity procedures.

  • CIS CSC v8.1: Safeguard 11.1 Establish and Maintain a Data Recovery Process and Control 17 Incident Response Management

  • DORA: Regulatory Technical Standard (RTS) Simplified ICT Risk Management Framework, Article 40 Testing of business continuity plans

PRIMARY KEY PERFORMANCE INDICATOR (KPI)

The dashboard reports on this Primary KPI:

  • Numerator: Number of systems that had a recovery exercise in the past 12 months.

  • Denominator: Number of systems in scope for a recovery exercise.

COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

  • Leading - BCM: Compliance Status, Application Name, Application Owner, Business Unit, Continuity Plan Recorded, Criticality

  • Leading - Security Incident: Incident Description, Incident Discovered Time

  • BCM Details: Business Owner, Department, System Id, System Type

  • BCM Exercise Information: Exercise Compliance, Exercise Type, Is Critical

  • BCM Plan Information: Plan Expires, Plan Name, Plan Owner, Plan Type

  • Ransomware Exercise: Last Ransomware Exercise Date

  • Security Incident Details: Ticket Closed Time, Ticket Created Time, Ticket Criticality, Ticket Number, Ticket Status, Business Impact Duration, Time To Containment Minutes, Time To Identify Minutes, Time To Remediation Hours

  • Device Information: Inventory Device Type, Inventory Ip Address, Inventory OS Name, Inventory Owner

  • Data Source: Source System

  • Org Hierarchy: Owner Databee Id, Owner Email Address, Owner Employee UID, Owner Full Name, Owner Job Title, Owner Name, Manager Databee Id, Manager Email Address, Manager Full Name, Level 2, Level 3, Level 4, Level 5, Level 6

OCSF TABLES USED BY THE DASHBOARD

Bussiness Continuity Management

  • ocsf.entity_management

  • ocsf.assessment_finding

  • cdp.user

Security Incident Reporting

  • ocsf.incident_finding

  • cdp.user

  • cdp.device

Copyright © 2026 DataBee®, A Comcast Company.
DataBee® is a registered trademark of Comcast.