Like all technical subjects Resilience has its own terminology. To help better understand there usages we include a very simplified Glossary of commonly used terminology

Business Continuity Plan (BCP)

The recorded outputs (planning documents) generated by Business continuity planning. The plan ensures that personnel and assets are protected and can function quickly in the event of a Crisis.

Business Continuity Planning                

Business continuity planning (BCP) is the process involved in creating a system of prevention and recovery from potential threats to a company, its employees and its customers.

Business Continuity Lead                                                                     

A Leader (or Administrator) who has a responsibility to the site / organization to ensure Business Continuity Response practices and processes are developed, administered, tested and reviewed.   

Business Impact Analysis (BIA)   

A Business Impact Analysis is a process that identifies and evaluates the potential risks & impacts of natural and man made events on business operations. The Business Impact Analysis will identify those risks and help define response.                                                                                                                                                  


An inherently abnormal, unstable, and complex situation that represents a threat to the strategic objectives, reputation, or existence of an organization.                                     

Crisis Management

Crisis Management is the process by which a business or other organization deals with a crisis event                                                                                   

Crisis Command Team

A team of people (usually managers) who can come together quickly and enact the initial response plans for a crisis event and develop a longer-term response to protect the Business.

Crisis Simulation (Exercise)

 A unique and particular type of simulated training event or exercise  with an aim or objectives of exposing  Emergency Responders and Crisis Command Team to a simulated crisis event         


A style of Leadership and Management that is structures, authoritative, directive and driven by time.

Data Risk / Cyber Exposure  

 Data risk is the exposure to loss of value or reputation caused by issues or limitations to an organization’s ability to acquire, recover, store, transform, move, and use its data assets. This may also include protection of customers data.         


A serious, unexpected, and often dangerous situation requiring immediate action to protect people, property, and the environment. 

Emergency Action Plan (EAP) / Emergency Response Plan (ERP)  

An agreed, rehearsed set of responses for all managers, responders, staff and visitors to be enacted should a specific emergency event take place (i.e. Fire, Hurricane warning)          

Emergency Kit

A container for pre-agreed resources that will assist the Crisis Management team. It may contain building plans, telephone lists, torches, first aid equipment and stationery or anything else that is specific to the site /risk in mitigating a crisis. A first aid kit on its own is not a battle box.

Emergency Management:   

Emergency management is the organization and management of the resources and responsibilities for dealing with all human, property and environmental aspects of emergencies (preparedness, response, safety, mitigation and recovery). The aim is to reduce the harmful effects of all hazards, including disasters.

Emergency Responders / Teams (ERT)                                                                                            

Trained individuals or team members who are located at the site and have specific duties during an emergency response to keep the site, equipment, stock or others safe.                                                           

Emergency Response Lead                

A Leader (or Administrator) who has a responsibility to the site / organization to ensure Emergency Response practices and processes are developed, administered, tested and reviewed.           

Emergency Services

The official Emergency services that will attend an emergency incident (typically Polices, Fire, EMS/Ambulance)

Enterprise Risk Management (ERM)                                                                                                               

A function within the organization that assesses and reviews strategic (and macro) risks to the business. ERM do not usually address operational risk.

First Responders

Those with specialized training who are among the first to arrive and provide assistance at the scene of an emergency. There are also specialised Medical First responders, who may provide pre-hospital care.

Incident Commander (Gold Commander)

The person with overall responsibility to lead the response to and emergency or Crisis


The formal declaration of starting of a process of planned response(s) to an emergency or crisis event.                                                                                                                                              


Business resilience is the ability an organization has to quickly adapt to disruptions while maintaining continuous business operations and safeguarding people, assets and overall brand equity.                                                                                                                            Resilience Exercise              

An exercise or simulation that tests the efficacy and ability of the organization to respond to an unplanned business interruption/crisis/emergency using existing resilience plans (EAP/BCP’s)       

Recovery Time Objective (RTO)                    

The Recovery Time Objective (RTO) is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.                             


Risk is the probability of something bad happening.