What is Contingency Catastrophe Plan (CCP)

This chapter examines the impact of catastrophes on information security and suggests who might have responsibility for maintaining an appropriate level of data protection when a catastrophe occurs. The author asserts that catastrophe contingency planning is very different from regular forms of business continuity and disaster recovery planning in terms of size, focus, scope, and content. Catastrophe contingency plans (CCPs) must comprehend a broad range of potential events affecting large numbers of humans and other living creatures, information processing capabilities, information and media, buildings, and infrastructure, and the like, each with its security considerations, and each characterized by its own roles, responsibilities and liabilities. The intent of the chapter is encourage the development of more comprehensive and realistic CCPs, that is, plans that delineate roles and responsibilities clearly and liabilities should CCPs go awry.