New SAI360 for Business Continuity Management software. See it in action!


Audit Protection

100% assurance that your Business Continuity and Disaster Recovery program will pass audit with external regulators
If an impending external business continuity audit is keeping you up at night, we can help. Strategic BCP’s Audit Protection delivers a resilient, realistic, and fully compliant business continuity plan with regulations specific to your industry – and we back it 100%. Audit Protection provides a contractual assurance that you will pass external audits or we will remediate any deficiencies in our work at our cost. Schedule an appointment with a professional services team member today.

Compliance Validation

Make certain that your business continuity planning program is fully compliant with all relevant mandates, regulatory requirements, and We perform full compliance validation testing to make sure business continuity plans meet your needs. Our analysis will:

  • Identify relevant regulations and mandates, including those specific to your industry.
  • Determine stakeholder expectations, industry standards, and emerging or pending practices.
  • Include a business continuity maturity assessment.
  • Validate your planning efforts against both industry requirements and real-world scenarios.

We can review, refine, and mature business continuity programs to suit your needs.


ASIS SPC 1-2009: American Society for Industrial Security

Basel II

Basel III

BS 25999-2:2007

BCI—Business Continuity Institute: The Good Practice Guidelines, International

CCPA of 1992

CFTC Rule 23.603 Commodity Futures Trading Commission

CGMP—Current Good Manufacturing Practice Regulations COBIT (Control
Objectives for Information and Related Technology)

COBIT: Control Objectives
for Information and Related
Technologies (COSO)

DOE 0 150.1:2008

DRII—Disaster Recovery Institute International: Generally Accepted
Practices for BC Practitioners




FCD 1:2008


FEMA—Federal Emergency
Management Agency



FERC COOP:2007—Federal Energy Regulatory Commission

FERC RM01-12-00

FDA 21 CFR Part 11—Federal Drug
Administration—Pharmaceutical Companies BC

FDCA—Food, Drug, and Cosmetics Act

FDICIA—Federal Deposit Insurance Corporation Improvement Act

FFIEC—Federal Financial Institutions Examination Council: BC Planning IT Examination Handbook, U.S.

FIL 67-97/82-96.

IT Examination Handbook.

Interagency Statement on


FINRA Rule 4370—Financial
Industry Regulations on Emergency

Preparedness & Business Continuity

FHLB Bulletin R-67—Federal Home Loan Bank

FIRREA—Financial Institutions Reform, Recovery and Enforcement Act

FISMA—Federal Information Security Management Act

FRB SR 96-22

HIPAA:1996—Health Insurance Portability And Accountability Act

HIPPA Security Rule 164.308(a)(7)(i)


Homeland Defense’s Pandemic Preparedness Handbook:2007


IERP—Independent Experts Review Panel

Interagency Paper on Sound
Practices to Strengthen the
Resilience of the U.S. Financial System, 2003


ISO22301—International Organization for Standardization Business

ISO22313—International Organization for Standardization Business

Organization for Standardization BIA

ISO27001—International Organization
for Standardization

ISO31000—International Organization
for Standardization

ITIL, v2, v3

ITSCM—IT Service Continuity Management ITIL v3, International

Joint Commission-Environmental Care Standards: 2005

Joint Commission 2.30:2008


NASD 3510 and 3520: National Association of Securities Dealer


NERC CIP 002-009 Cyber Security Requirement

NFA Compliance Rule 2-38:2008

NFPA 1600:2013

NFPA 1600: 2016 Standard on Disaster/Emergency Management and BC Programs, U.S.

NIST 800-34 National Institute of Standards and Technology

NYSE Rule 446: Business Continuity and Contingency Plans OCC 2001-47

OSHA 3327-05R:2009


PPACA—Patient Protection and Affordability Care Act

Sarbanes-Oxley: Section 404 (SOX).

Sarbanes-Oxley: Japan

Securities and Exchange Act 17 CFR240:2005