Last Reviewed: 9 April 2025
Next Review Due: 9 October 2025
1. Purpose
To outline how business-critical operations will be maintained or recovered in the event of a cyber incident, system outage, or data breach.
2. Critical Systems
- Google Workspace – Email, Docs, and Drive for all core operations
- n8n – Client automation workflows
- Typeform – Lead capture and client onboarding
- Zoho Books – Invoicing and financial records
- Notion – SOPs, client notes, project tracking
3. Backup & Redundancy
- Google Drive auto-backup with version history
- Monthly exports of Notion SOPs and key workflows
- Passwords stored in secure, encrypted manager (e.g. 1Password)
- Multi-factor authentication enabled on all critical platforms
4. Incident Response Plan
- Notify affected clients within 2 hours
- Switch to offline/manual systems where needed
- Restore workflows from backups (Notion + Drive)
- Document the incident and steps taken
- Resume normal operations within 6 hours
5. Recovery Timeline
System | Recovery Target |
Email & Docs | Immediate (Google Workspace) |
Automation (n8n) | 3 hours (via workflow blueprints) |
CRM & Notes (Notion) | Immediate (or offline copy) |
Invoicing (Zoho) | Immediate |
Lead Capture (Typeform) | 1 hour fallback using alt form or Google Forms |
6. Review & Testing
- This plan is reviewed every 6 months or following any significant disruption.
- Last tested: 9 April 2025 via scenario walkthrough.
- Stored securely in Notion and backed up as PDF.
Prepared by:
Andy Fullard
andy@andyfullardmarketing.com
Andy Fullard Marketing - Fractional Marketing for D2C Brands