SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

Approved by the Board of Directors [Insert Date]

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

HOW TO USE THIS TEMPLATE

This document explains the points your organization needs to think about in order to prepare its own
Business Continuity and Recovery Plan so that, should an interruption occur, you are able to resume
operations. The goal of this plan is to get your organization back up and running in the event of an
interruption. It may help preserve your organization so that it can continue to offer its services.

Each organization’s circumstances and structures are unique, so this plan will have to be tailored to
suit your needs. Take this template and use it as you wish: cut and paste those sections that are
applicable, expand where needed.

If possible, assign a team to work on this plan. A continuity and recovery plan should include
employee training so that, in the event of an emergency, staff know what their roles are and what to
do.

This plan should be reviewed at least as once per year and as often as the organization changes –
people come, people go, programs change.

TABLE OF CONTENTS
OVERVIEW ....................................................................................................................................... 3
FIRE SAFETY AND EMERGENCY ACTION PLAN (EAP)................................................................ 5
RISK PRIORITIZATION ..................................................................................................................... 6
High Risk Priority Hazards (with critical or catastrophic impact) .................................................................. 6
Moderate Risk Priority Hazards (with marginal or critical impact) ................................................................ 6
Low Risk Priority Hazards (with negligible impact) ...................................................................................... 6
ABOUT THE ORGANIZATION .......................................................................................................... 8
BUSINESS CONTINUITY AND RECOVERY PLANNING TEAM ...................................................... 9
CRITICAL ASSETS ......................................................................................................................... 10
CRITICAL OPERATIONS ................................................................................................................ 11
KEY ORGANIZATIONS AND BUSINESSES .................................................................................. 13
TECHNOLOGY HARDWARE INVENTORY FORM ......................................................................... 16
INFORMATION TECHNOLOGY SECURITY ................................................................................... 17
ALTERNATE/TEMPORARY LOCATION ........................................................................................ 18
STAFF NOTIFICATION ................................................................................................................... 18
KEY PROGRAMMATIC CONTACT NOTIFICATION ...................................................................... 18
INSURANCE COVERAGE .............................................................................................................. 18
APPENDIX 1: ORGANIZATION’S BY-LAWS ................................................................................. 19
APPENDIX 2: BOARD OF DIRECTORS COMMITTEE CHARTERS .............................................. 20
APPENDIX 3: BOARD OF DIRECTORS CONTACT LIST .............................................................. 21
APPENDIX 4: STAFF PHONE TREE .............................................................................................. 22
APPENDIX 5: STAFF EMERGENCY CONTACT LIST ................................................................... 23
APPENDIX 6: EMPLOYEE BENEFITS OVERVIEW ....................................................................... 24
APPENDIX 7: STRATEGIC PLAN .................................................................................................. 25

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

OVERVIEW
[Use this section to explain why a plan like this is important to the Organization.]

Defining Conditions for the Business Continuity and Recovery Plan of the Organization
Business Continuity and Recovery Plans vary greatly with the purpose and size of the organization,
the nature of its activities, the scope of its obligations and liabilities and the sources of its revenue.
Planning is also affected by the perceived nature of the threat to the organization and the possible
extent of damage or business interruption.

[List critical obligations and liabilities specific to the Organization]

The Organization’s assets are: [List main assets such as: financial assets; human resources—staff,
management, Board of Directors; intellectual property; office space and office systems; etc.]

For business continuity planning purposes, the Organization could confront a variety of
circumstances, ranging from negligible impact (limited to no business disruption or property damage)
to marginal impact, including a hindrance that may affect business operations without shutting the
Organization down (such as a snowstorm causing temporary closure of our offices or an internal
system failure such as the disabling of our IT systems) to critical impact, resulting in temporary
disruptions of business or major damage to the facility rendering the Organization’s offices unusable
permanently or for an extended period of time, but not affecting New York City generally; to a
catastrophic event rendering New York City itself severely impaired, the Organization’s offices
permanently unusable, and involving significant loss of staff, including management. This is an event
of large proportions which means limited or no outside resources available for prolonged periods of
time. Describing this range of emergencies as negligible, marginal, critical, and catastrophic is
useful for planning purposes. The Risk Assessment Matrix assesses where the Organization is
vulnerable to disruption.

The documents that follow this overview are valuable points of reference under any set of
circumstances:
• The Organization’s Business Continuity and Recovery Plan
This Plan includes the contact information of key stakeholders.

In the event of a disastrous emergency, much of the information on current policies and
procedures would be obsolete, but could also be a useful guide for those responsible for
restoring the organization.

• The Organization’s By-Laws

• [Insert any additional relevant information to the Business Continuity and Recovery Plan]

This Business Continuity Plan is for use once life and safety are secure in response to a disaster. It
identifies key resources and needs to ensure that business may continue, perhaps in a limited
capacity or how the Organization will fully recover should the disaster be catastrophic. A Fire Safety
and Emergency Action Plan identifies and prioritizes the key hazards that may affect the
Organization’s operations, and outlines preparedness and mitigation activities. It includes operation
procedures to respond effectively and efficiently to an incident with the goal of ensuring life and
safety are secure. A Fire Safety and Emergency Action Plan is included in the following section.
3

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

Planning for Marginal and Critical Emergencies

The Organization believes that these documents and the emergency arrangements described put
the organization in a strong position for recovery from emergencies with marginal and even critical
impact. _____________ [insert the appropriate title or contact person] is responsible for managing
emergencies of this nature, and has been given clear authority to do so, and is looked to by staff for
leadership in such situations. Staff has also been briefed on their responsibilities and procedures to
follow in the event of an emergency (per the Fire Safety and Emergency Action Plan), and have
been provided with contact information for the Board of Directors who can assist the Organization in
restoring operations, should the office space become unusable for any reason.

Planning for a Catastrophic Emergency

A catastrophic emergency affecting all of New York City could lead to the loss of much of the
Organization’s staff and management. It is therefore advisable to lay out procedures that should be
followed to completely reconstitute the Organization at a future time, whether virtually or in some
other physical location. It is impossible to map a complete recovery plan in advance under
unknowable circumstances, but the following issues and advised steps are critical ones.

• Governance
o [Insert brief steps for how Board should respond to catastrophic emergency in order
to keep the Organization operating]
• Management and Human Resources
o [Insert brief steps for how management will engage with survivors of staff and
if/degree to which compensation and benefits have been impacted]
• Alternative Office Location
o [Insert brief steps for how to address office closer]
• Financial Assets
o [Insert brief steps for key financial staff and Board Audit Committee to assess
condition of financial assets and any investment management issues]
• Banking
o [Insert brief steps for key financial staff and stakeholders to reestablish banking
arrangements]
• External Auditors
o [Insert brief steps for reaching out to auditor for necessary guidance in reestablishing
the Organization]
• Insurers
o [Insert brief steps for reaching out to insurers to address claims]
• Programs
o [Insert brief steps for addressing the direction of the Organization’s strategic goals
and key programs]

In addition to those provided to the Board of Directors, copies of this Plan will be held in the
Organization’s office and at the residences of _____________ [insert the appropriate titles or
contact persons].

This Business Continuity and Recovery Plan will be updated annually, and replacement copies
distributed.

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

FIRE SAFETY AND EMERGENCY ACTION PLAN (EAP)

Purpose
These procedures are intended to ensure that staff are familiar with established protocols under the
Emergency Action Plan designated for [insert address of the Organization] in the event of a fire,
chemical attack, bomb threat, natural disaster, or violent confrontation.

Scope
Procedures shall apply to all personnel, who are tenants of [insert address of the Organization].

Building Management
[Insert contact information of building management]

EAP Staff
[Insert contact information of staff with specific roles in executing the fire safety and emergency
action plan]

Procedures
Fire
If you notice a fire
[Insert steps for all staff to follow in the case they notice a fire, including who is responsible
for activating the building evacuation process.]

Pull Station
[If your office has a pull station, insert explanation of how to use and where to find them]

Responsibilities
[Insert roles and responsibilities of all staff and building personnel involved in responding to fire
emergencies. Sample roles are listed below.]

The Fire Warden should activate the alarm if the presence of fire and/or smoke has been reported or
observed. This person will designate a safe area on the floor in order to communicate with everyone
regarding the emergency or fire that is in progress. Under circumstances requiring that staff
evacuate the building completely, we will assemble in [insert external meet-up location].

The Deputy Warden will survey the floor to gather staff and ensure that they assemble in a safe
space that has been designated away from the fire.

The Searchers will check assigned areas (conference rooms, kitchen, offices, bathrooms) for any
personnel that the Deputy Warden is unable to locate.

Fire Safety and Emergency Action Plan Director/Building Manager will activate the Fire Safety and
Emergency Action Plan, which is only activated by the building upon report of a fire, chemical attack,
bomb threat, natural disaster, or violent confrontation. The EAP Director will also utilize the Fire
Paging System to communicate the presence of smoke or fire. The Director will also instruct tenants
as to whether a full or partial evacuation is required.

Bomb Threat

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

[Insert all steps staff should follow if they receive a bomb threat, including who is responsible for
activating the building evacuation process.]

Suspicious Envelopes, Containers, or Boxes

[Insert all steps staff should follow if they receive a suspicious package, including who is responsible
for activating the building evacuation process.]
Exposure to a Suspicious Substance, Powder, or Liquid
[Insert all steps staff should follow if they are exposed to a suspicious substance.]
Earthquake or Severe/Inclement Weather
[Insert all steps staff should follow in case of an earthquake or severe weather.]
Active Shooter
[Insert all steps staff should follow if they are confronted by an active shooter.]

RISK PRIORITIZATION
[The risk assessment matrix below will help the organization identify high risks, moderate risks, and
low risk for the Organization. Consider: what are the potential identifiable internal and external
disasters? How would each affect the organization’s systems and programs?]

High Risk Priority Hazards (with critical or catastrophic impact)

Moderate Risk Priority Hazards (with marginal or critical impact)

Low Risk Priority Hazards (with negligible impact)

[When analyzing risks, factors to consider include:

• Historical: What types of emergencies have occurred in the community, at your facility, or
nearby? (for example, fire, natural disasters, accidents, utility, etc.)
• Geographic: What can happen as a result of your location? (for example, proximity to flood-
prone areas, hazardous material production, major transportation routes, power plants, etc.)
• Human Error: What emergencies might be caused by employees? Are employees trained to
work safely? Do they know what to do in case of an emergency?
• Physical: What types of emergencies could result from the design or construction of the
facility?]

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as,
legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 SAMPLE BUSINESS CONTINUITY AND RECOVERY PLAN

RISK ASSESSMENT MATRIX

Impact to Critical Business Assets
People Building Equipment Data Inventory/Product Operations
1=Negligible 1=Negligible 1=Negligible 1=Negligible 1=Negligible 1=Negligible
2=Marginal 2=Marginal 2=Marginal 2=Marginal 2=Marginal 2=Marginal
Type of Event / 3=Critical 3=Critical 3=Critical 3=Critical 3=Critical 3=Critical
Hazard 4=Catastrophic 4=Catastrophic 4=Catastrophic 4=Catastrophic 4=Catastrophic 4=Catastrophic
EXTERNAL HAZARDS
Terrorism 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(not in midtown)
Terrorism 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(in midtown)
Severe Weather: 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Hurricane / Flooding
Earthquake
1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(in midtown)
Data Breach/
1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Compromise
Fire 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Civil Unrest 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Economic Disruption 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Transportation
Incidents 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(e.g. train derailment)
INTERNAL HAZARDS
Fire 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Theft 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Data Management 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(loss of knowledge)
Power Outage 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Utility Loss
1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
(gas, water)

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as, legal advice. For further information,
please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, August 2018.

 ABOUT THE ORGANIZATION

PRIMARY LOCATION
ORGANIZATION NAME

STREET ADDRESS
MISSION
CITY, STATE, ZIP CODE

TELEPHONE NUMBER

PRIMARY CONTACT ALTERNATE CONTACT

PRIMARY EMERGENCY CONTACT ALTERNATE EMERGENCY CONTACT

TELEPHONE NUMBER TELEPHONE NUMBER

ALTERNATE TELEPHONE NUMBER ALTERNATE TELEPHONE NUMBER

E-MAIL ADDRESS E-MAIL ADDRESS

EMERGENCY CONTACT INFORMATION - DIAL 911 IN AN EMERGENCY

NON-EMERGENCY POLICE ELECTRICITY PROVIDER

NON-EMERGENCY FIRE INSURANCE PROVIDER

OTHER (E.G., PROPERTY MANAGEMENT) WASTE REMOVAL

POISON INFORMATION CENTER OTHER (E.G., IT SUPPORT CONTRACTOR)

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 BUSINESS CONTINUITY AND RECOVERY PLANNING TEAM

The following people will participate in business continuity and recovery planning.[Insert
additional rows as needed.]
NAME POSITION EMAIL

Coordination with Others

The following people from our building management will participate on our emergency planning
team.
NAME ORGANIZATION/BUSINESS PHONE

Meeting Schedule
The emergency planning team will meet on a regular basis.
DATE LOCATION TOPIC

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 CRITICAL ASSETS

If these items are taken away, it would drastically affect or harm the Organization or cause a
major disruption to operations. [Insert additional rows as needed.]
PEOPLE (employees, consumers, donors, board members, clients/constituents, key volunteers,
etc.)

BUILDING (physical structure, storage unit, satellite office, main office, store front, capital lease,
etc.)

COMPUTER EQUIPMENT (computers, software, servers/network, specialty tools, copiers, etc.)

DATA (documents, payroll, files, records, server back-up tapes, etc.)

INVENTORY/PRODUCT (stock, supplies, new materials, etc.)

OPERATIONS (any disruption to ops, accounts receivable/payable, payroll, mail room, etc.)

VALUABLE CONTENTS (religious artifacts, valuable collectables, etc.)

BOOKS AND RECORDS (vital records, payroll information, etc.)

EQUIPMENT (HVAC, kitchen equipment, audio visual equipment, specialty tools, copiers, etc.)

FURNITURE AND FIXTURES (office furniture, custom built furniture, auxiliary furniture, etc.)

GROUNDS (custom decorations, outdoor equipment, signage, etc.)

OTHER (artwork, antiques, etc.)

10

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 CRITICAL OPERATIONS
OPERATION: ONLINE FILE / SYSTEM RESTORATION
STAFF IN CHARGE (POSITION) STAFF IN CHARGE (NAME)

KEY SUPPLIES/EQUIPMENT KEY SUPPLIERS/CONTRACTORS

PROCEDURES TO RESTART OPERATION AFTER MINIMAL DISASTER IMPACT

PROCEDURES TO COMPLETELY RESTORE OPERATION AFTER SIGNIFICANT DISASTER

IMPACT

OPERATION: HUMAN RESOURCES

STAFF IN CHARGE (POSITION) STAFF IN CHARGE (NAME)

KEY SUPPLIES/EQUIPMENT KEY SUPPLIERS/CONTRACTORS

PROCEDURES TO RESTART OPERATION AFTER MINIMAL DISASTER IMPACT

PROCEDURES TO COMPLETELY RESTORE OPERATION AFTER SIGNIFICANT DISASTER

IMPACT

OPERATION: PHYSICAL SPACE RESTORATION

STAFF IN CHARGE (POSITION) STAFF IN CHARGE (NAME)

KEY SUPPLIES/EQUIPMENT KEY SUPPLIERS/CONTRACTORS

11

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

PROCEDURES TO RESTART OPERATION AFTER MINIMAL DISASTER IMPACT

PROCEDURES TO COMPLETELY RESTORE OPERATION AFTER SIGNIFICANT DISASTER

IMPACT

OPERATION: KEY PROGRAMMING AND COMMUNICATIONS

STAFF IN CHARGE (POSITION) STAFF IN CHARGE (NAME)

KEY SUPPLIES/EQUIPMENT KEY SUPPLIERS/CONTRACTORS

PROCEDURES TO RESTART OPERATION AFTER MINIMAL DISASTER IMPACT

PROCEDURES TO COMPLETELY RESTORE OPERATION AFTER SIGNIFICANT DISASTER

IMPACT

12

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 KEY ORGANIZATIONS AND BUSINESSES

The following is a list of organizations and businesses that are critical to maintaining operation
(i.e. vendors, suppliers, funders, etc.).
ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
13

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

14

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

ORGANIZATION NAME:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE NUMBER CONTACT EMAIL

WEBSITE DOES THIS ORGANIZATION HAVE A

CONTINUITY PLAN?
MATERIAL/SERVICE PROVIDED

IF THIS ORGANIZATION EXPERIENCES A DISASTER, WE WILL OBTAIN

MATERIALS/SERVICES FROM THE FOLLOWING:

15

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 TECHNOLOGY HARDWARE INVENTORY FORM

HARDWARE INVENTORY
Purchase Expiry
Name Manufacturer Serial Number Model Number OS Expiry Date
Date Status

16

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as, legal advice. For further information,
please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 INFORMATION TECHNOLOGY SECURITY

DATA SECURITY AND BACK-UP

LEAD STAFF OR CONTRACTOR EMERGENCY CONTACT TELEPHONE

EMAIL ALTERNATE CONTACT TELEPHONE

BACK-UP RECORDS ARE STORED ONSITE BACK-UP RECORDS ARE STORED

HERE OFFSITE HERE

VIRTUAL RECORDS ARE STORED HERE

IF OUR VIRTUAL RECORDS ARE DESTROYED, WE WILL PROVIDE FOR CONTINUITY IN

THE FOLLOWING WAYS:

IT ASSET SECURITY
LEAD STAFF OR CONTRACTOR EMERGENCY CONTACT TELEPHONE

EMAIL ALTERNATE CONTACT TELEPHONE

KEY COMPUTER HARDWARE TO PROTECT OUR COMPUTER HARDWARE,

WE WILL:

KEY COMPUTER SOFTWARE TO PROTECT OUR COMPUTER SOFTWARE,

WE WILL:

IF OUR COMPUTERS ARE DESTROYED, WE WILL USE BACK-UP COMPUTERS AT THE

FOLLOWING LOCATIONS:

17

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 ALTERNATE/TEMPORARY LOCATION

In the case where the Organization’s offices are unavailable, staff will work from
__________[insert location], when possible.

STAFF NOTIFICATION

The staff are regularly updated on business operational status including whether they should
report to work, what work conditions are like, alternate work sites and plans, plan triggers, etc.
NOTIFICATION
STAFF WILL BE NOTIFIED BY: STAFF MEMBER RESPONSIBLE FOR
□ PHONE TREE NOTIFICATION
□ AUTOMATIC NOTIFICATION
SYSTEM TELEPHONE EMAIL
□ EMAIL BLAST NUMBER
□ OTHER:
STAFF WILL RESPOND BY:
RESPOND IN NUMER
□ CALLING IN TO LIVE PERSON
□ CALLING AUTOMATIC RESPONSE
SYSTEM
PLAN TRIGGER
□ EMAIL
□ OTHER:

KEY PROGRAMMATIC CONTACT NOTIFICATION

Key contacts include: [insert key programmatic audiences].

[Insert plan and steps for communicating with key programmatic audiences].

INSURANCE COVERAGE

INSURANCE AGENT:
STREET ADDRESS CONTACT NAME

CITY, STATE, ZIP CODE CONTACT TELEPHONE NUMBER

TELEPHONE WEBSITE CONTACT EMAIL

NUMBER

18

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 1: ORGANIZATION’S BY-LAWS

19

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 2: BOARD OF DIRECTORS COMMITTEE CHARTERS

20

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 3: BOARD OF DIRECTORS CONTACT LIST

21

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 4: STAFF PHONE TREE

22

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied upon as, legal advice. For further information,
please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 5: STAFF EMERGENCY CONTACT LIST

STAFF MEMBER EMERGENCY CONTACT(S)

23

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 6: EMPLOYEE BENEFITS OVERVIEW

24

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.

 APPENDIX 7: STRATEGIC PLAN

25

This sample is being circulated for general guidance only and is not intended to provide, and should not be relied
upon as, legal advice. For further information, please contact NPCC at (212) 502-4191.

Nonprofit Coordinating Committee of New York, July 2018.