Skip to main content
Français
Become a Member
Canadian Bar Association Logo
search
menu

6. Response

Detail exactly what you will do for each of the service impacts you identified in section 3.1. Refer to the mitigations you planned in section 4, and ensure that you have (or will have) what you need in place to do those things.

Examples follow (replace/edit as required).

6.1 Office Fire or Flood

  • Immediately ensure the safety of all personnel; follow building evacuation protocols and contact emergency services.
  • Notify the BC & DR Coordinator and declare a disaster as per established procedures.
  • Activate remote work protocols, ensuring staff have access to necessary tools and data from alternate locations.
  • Initiate communication with staff and clients using pre-established emergency channels (e.g., mobile phones, cloud-based messaging).
  • Relocate critical business operations to an alternate site or enable remote work as outlined in the BC & DR plan.
  • Access cloud-based backups of essential data and resources to resume operations.
  • Maintain ongoing client communication regarding service status and anticipated recovery timelines.
  • Coordinate with property management and insurance providers to begin repairs and restoration.
  • Document the incident and begin assessment for restoration and insurance claims.

6.2 Office Inaccessible but Undamaged

  • Confirm the reason for inaccessibility (e.g., local authority restriction, infrastructure issue) and expected duration.
  • Notify staff and clients of temporary relocation or remote work arrangements.
  • Activate remote access protocols for employees to continue business operations securely.
  • Utilize cloud-based systems for data access and collaboration.
  • Regularly update all stakeholders on progress and changes to the situation.
  • Monitor the status of office accessibility and prepare for a smooth transition back once permitted.

6.3 IT Infrastructure Failure

  • Identify the scope and impact of the failure (e.g., internet, internal networking, servers).
  • Alert the IT response team and escalate to the BC & DR Coordinator to declare a disaster if necessary.
  • Switch to backup systems or cloud-based alternatives as outlined in the recovery plan.
  • Communicate with staff and clients regarding temporary disruptions and expected recovery times.
  • Engage third-party support if required for expedited recovery.
  • Document the incident and remedial actions taken for future improvements.

6.4 Cloud Service Failure

  • Determine the extent and expected duration of the cloud service outage.
  • Notify all users (and clients if necessary) about the outage and provide alternative access methods if available.
  • Switch to backup systems or alternatives as outlined in the recovery plan.
  • Coordinate with the cloud service provider for status updates and resolution timelines.
  • Preserve historical content using local or offline backups until services are restored.
  • Maintain regular communication with stakeholders throughout the outage.

6.5 Cyber Attack

  • Immediately isolate affected systems to contain the breach.
  • Notify the BC & DR Coordinator, IT security team, and relevant authorities.
  • Activate incident response protocols, including forensic investigation and assessment of compromised data.
  • Switch to unaffected backup systems or cloud services to maintain critical operations.
  • Communicate transparently with clients, staff and the law society about the nature of the attack, impact, and steps being taken.
  • Review and update cybersecurity measures post-incident.
  • Document the event and response actions for compliance and future prevention.