Which plan ensures business operations can continue during and after a disruption?

The business continuity plan (BCP) is the correct choice because it is specifically designed to ensure that essential business operations can continue during and after a disruption. A BCP outlines strategies and procedures to maintain critical functions and minimize the impact of various interruptions, such as natural disasters, cyberattacks, or other emergencies.

The plan includes guidelines for personnel, resources, and communication strategies to ensure that operations can restore quickly and effectively. This holistic approach focuses on the overall resilience of the organization, ensuring key services remain available even when significant disruptions occur.

In contrast, the recovery time objective (RTO) is a metric that defines the target timeframe for restoring services and operations after a disruption but doesn’t provide a plan itself. The disaster recovery plan (DRP) is focused on restoring IT systems after a disruption, concentrating mainly on technology rather than the broader business context. The incident response plan (IRP) deals with the immediate response to specific incidents, such as cybersecurity breaches, rather than the ongoing operational continuity demonstrated in a BCP.