A contingency plan, also known colloquially as Plan B, is a plan devised for an outcome other than in the usual (expected) plan. It is often used for risk management for an exceptional risk that, though unlikely, would have catastrophic consequences.
Use
Contingency plans are often devised by businesses or governments. There are five steps of implementing contingency plan, which are organize a planning team, assess the scope of the problem, develop a plan, test the plan, and keep the plan up-to-date. For example, if many employees of a company are traveling together on an aircraft which crashes, killing all aboard, the company could be severely strained or ruined by such a loss. Therefore, many companies have procedures to follow in the event of such a disaster. The plan may also include standing policies to mitigate a disaster's potential impact, such as requiring employees to travel separately or limiting the number of employees on any one aircraft.
During times of crisis, contingency plans are often developed to explore and prepare for any eventuality. During the Cold War, many governments made contingency plans to protect themselves and their citizens from nuclear attack. Examples of contingency plans designed to inform citizens of how to survive a nuclear attack include the booklets Survival Under Atomic Attack, Protect and Survive, and Fallout Protection, which were issued by the British and American governments. Today there are still contingency plans in place to deal with terrorist attacks or other catastrophes.
The National Institute of Standards and Technology has published a contingency planning guide for information technology systems.
In the United States, all HAZMAT operations require contingency plans. The United States Environmental Protection Agency, through RCRA and EPCRA, has defined specific formats for Local Emergency Planning and the National Contingency Plan.
See also
- CERT
- Computer security – Protection of computer systems from information disclosure, theft or damage
- Information assurance – practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data, including protection of the integrity, availability, authenticity, non-repudiation and confidentiality of user data
- Information security – Protecting information by mitigating risk
- National Institute of Standards and Technology (NIST) – Measurement standards laboratory in the United States
- Risk – Probability of loss of something of value
- Risk management – Identification, evaluation and control of risks
