This sample policy is designed to help companies define procedures for reducing the risks associated with disruptions that may occur to information systems that provide critical business functions. 

According to this policy, global disaster recovery committee(s) consisting of the global CIO, division CIOs and appointed designees must be established; each division CIO must appoint a coordinator responsible for managing the disaster recovery processes for all disaster recovery systems; the global disaster recovery committee must define disaster recovery program strategies and develop the disaster recovery and IT service resumption plan; and the global CIO is responsible for determining if the current system protection level is adequate to protect the organization from a debilitating outcome should a disruptive event occur.