Business Continuity & Disaster Recovery — Ben Sady
Portfolio Project

Business Continuity & Disaster Recovery

Sanitized example of a BCP/DR engagement for a mid-market financial services organization. The work included a full Business Impact Analysis, RTO/RPO documentation, recovery playbook development, and a 90-day program build roadmap.

View Sample Artifacts Discuss a Similar Project
8
Critical processes in BIA scope
3
Tier 1 processes — RTO <4hrs
6
Crisis playbook scenarios documented
90
Day program build roadmap

Project Overview

This example demonstrates the type of BCP/DR program work a client, employer, or referral partner can expect. It mirrors a real engagement pattern: assess what matters most, establish realistic recovery objectives, document actionable playbooks, and validate through testing.

  • Conducted Business Impact Analysis across 8 critical business processes.
  • Documented RTOs, RPOs, and recovery tiers aligned to business and regulatory requirements.
  • Developed crisis response playbooks for 6 high-priority scenarios.
  • Built a 90-day program roadmap from documentation through tabletop validation.

What this demonstrates

Program design: Structuring a BCP/DR program from BIA through testing with practical, ownership-ready outputs.

Risk prioritization: Tiering recovery objectives by business impact and regulatory exposure, not just technology criticality.

Stakeholder alignment: Translating technical recovery requirements into business-language playbooks executives can use.

Testing discipline: Building a testing cadence that moves beyond documentation into validated recovery capability.

Sample Artifacts

Interactive, sanitized deliverable previews — tailored to this engagement type.

Processes assessed
8
Critical business functions
Avg. readiness
2.4
of 5.0 target
Tier 1 processes
3
RTO < 4 hours
Gaps identified
11
Across all tiers
Leadership message: Payment processing and IT infrastructure represent the highest recovery exposure. Immediate focus should be on validated RTOs and tested failover procedures before the next audit cycle.
Recovery tier reference
Tier 1 · Mission critical
RTO <4hrs. Failure causes immediate revenue loss or regulatory breach.
Tier 2 · Business critical
RTO 4–24hrs. Failure significantly disrupts operations within one business day.
Tier 3 · Important
RTO 24–72hrs. Manageable disruption with manual workarounds available.
Tier 4 · Deferrable
RTO >72hrs. Operations can continue without this function for several days.
Days 1–30 · Document
Finalize BIA sign-off with process owners
Document RTOs / RPOs for all Tier 1 processes
Map upstream and downstream dependencies
Days 31–60 · Build
Develop / refresh DR runbooks for Tier 1
Draft crisis communications templates
Establish recovery team roles and escalation paths
Days 61–90 · Test
Execute tabletop exercise — Tier 1 scenarios
Validate IT failover for payment processing
Publish board-ready program status report
Scenarios documented
6
Across 3 threat categories
Playbooks drafted
4
of 6 scenarios
Last tabletop
18mo
Overdue — annual required
Scenario categories
Technology failure
System outages, data center loss, cloud service disruption, ransomware.
Physical / environmental
Facility loss, natural disaster, extended power outage, access denial.
People / third party
Key person unavailability, vendor failure, supply chain disruption.
Sanitized portfolio example · bensady.com Download engagement summary (PDF)