It is important that the business continuity and disaster recovery initiatives are integral to the culture of the organization. Ensuring the long term future of the organization should be part and parcel of the operational framework. Ensuring continuity should be everyones responsibility.
For this reason, it is important that business continuity is included within the organization's information security policies. The requirements within should be explicit.
Fortunately, you do have to re-invent the wheel in this respect.... we have identified a set of policies which are fully inclusive of business continuity and disaster recovery issues. Furthermore, they embrace the requirements for continuity which are specified within the ISO17799 security standard.
The policies themselves are described on the following two web sites:
The policy set can be purchased online from here
OTHER POLICY RESOURCES:
* Network and IT Security Policies
* Computer Security Policies