Set out below is a series of links to national and international standards for preparedness, business continuity, crisis management, as well as relevant organizations and associations. We welcome your suggestions for additions to this list.

We try to ensure all links remain current but if you find yourself at a dead end please let us know so we can update our site. Either email or submit the form on our Contact page.

To expand the titles, click on each arrow below.


Standards & Guidelines

Standards & Guidelines – Reference Lists from DRJ and BCI

Two organizations in the private sector maintain comprehensive lists of the laws, standards and guidelines related to disaster recovery planning and business continuity management. One is an organization based in the US. The other is an organization based in the UK. Both are excellent resources for professional reference.

The Disaster Recovery Journal’s list can be downloaded (in Excel format) from the Rules and Regulations Page.

The Business Continuity Institute’s list can be downloaded (in PDF format) from the BCM Legislations, Regulations, Standards and Good Practice Page – Regulations, Standards & Guidelines Page.

Background on Private Sector Preparedness

DHS/FEMA Private Sector Preparedness Program (PS-Prep)

The Voluntary Private Sector Preparedness Program (PS-Prep) is mandated by Title IX of the Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110-53).

The purpose of the PS-Prep Program is to enhance nationwide resilience by encouraging private sector preparedness in an all-hazards environment.

Prior to the PS-Prep program, there was no comprehensive set of standards that the spectrum of American businesses and private sector entities could use to assess their preparedness for all hazards.

Congress directed the Department of Homeland Security (DHS) to develop and implement a voluntary program of accreditation and certification of private entities using standards adopted by DHS that promote private sector preparedness, including disaster management, emergency management and business continuity programs.

For more information on the PS-Prep Program, visit:


Information about PS-Prep

Standards for Private Sector Preparedness

The following three standards have been approved by the U.S. Department of Homeland Security development for voluntary certification of Business Continuity and Emergency Preparedness Programs in the private sector, under Title IX of Public Law 110-53.

• NFPA 1600:2013 – Standard on Disaster/Emergency Management and Business Continuity Programs

About the Standard: Developed by the National Fire Protection Association (NFPA), this standard provides a management system framework and the criteria for development of programs to support an organization’s preparedness for emergency, disaster and business disruption.

NFPA 1600 is recognized by the American National Standards Institute (ANSI) as an American National Standard.

NFPA 1600:2013 includes a new chapter on Training and Education as well as annexes to address issues within the field of emergency management and business continuity and to address the use of NFPA 1600 as a Management System Standard..

The 2013 Edition of NFPA 1600 may be downloaded at no cost from NFPA Org.

There is a cost for the 2016 Edition NFPA Org.

• ASIS SPC.1-2009 – Organizational Resilience: Security, Preparedness, and Continuity Management Systems – Requirements with Guidance for Use

About the Standard: Developed by the American Society for Industrial Security (ASIS), this standard provides the framework for a management system that integrates security, preparedness, response, mitigation, business/operational continuity and recovery from an emergency, crisis, or disaster.

ASIS SPC.1 is recognized by the American National Standards Institute (ANSI) as an American National Standard.

At present, ASIS has not announced any updates to this standard.

Obtaining a Copy: This standard may be downloaded at no cost from the PS-Prep™ Standards Page.

• ISO 22301:2019 – Societal Security – Business Continuity Management Systems – Requirements

The ISO Standard is available under the title “ISO 22313:2019, Societal security – Business continuity management systems – Guidance

The family of ISO business continuity-related standards and technical specifications is as follows. They may be downloaded directly from the ISO website for a fee:

ISO 22300:0218 – Security and resilience – Vocabulary

ISO 22313:2020 – Security and resilience – Business continuity management systems – Guidance on the use of ISO 22301 –

ISO 22317:2015 – Societal security – Business continuity management systems – Guidelines for Business Impact Analysis (BIA)

ISO/TS 22318:2015 – Societal security – Business continuity management systems – Guidelines for supply chain continuity

• AS/NZS 5050:2010 -Business Continuity – Managing Disruption-Related Risk

About the Standard: Developed by Standards Australia, AS/NZS 5050 is a joint national standard for Business Continuity Management in New Zealand and Australia.

This standard has not yet been adopted or endorsed by the U.S. Department of Homeland Security under the category of “Standards for Business Continuity and Emergency Preparedness”. It is, however, an internationally recognized standard and is in close alignment with ISO 31000 (Risk Management – Principles and Guidelines).

AS/NZS 5050 describes the application of the principles, framework and process to manage business disruption related risk and establish business continuity management programs in a manner consistent with the international standard for risk management, ISO 31000:2009.

The Standard includes, in Section 5, a schedule of requirements for organizations seeking to demonstrate their processes for managing disruption-related risk meet the characteristics of management systems as described in ISO Guide 72.

Standards Australia has not announced a schedule for update of AS/NZS 5050.

Obtaining a Copy: This standard may be downloaded for a fee from SAI Global.

Resources for Private Sector Preparedness

Business Continuity Institute (BCI)

About the BCI Good Practice Guidelines (GPG 2018): Details may be found on BCI.

Obtaining a Copy: The Good Practice Guidelines 2018 may be downloaded for a fee from BCI.

FEMA Ready.Gov

Ready.Gov is a national public service advertising (PSA) campaign designed to educate and empower Americans to prepare for and respond to emergencies including natural and man-made disasters. The goal of the campaign is to get the public involved and ultimately to increase the level of basic preparedness across the nation.

Red Cross

The Red Cross Ready Rating program provides a framework designed to: 1) Help businesses, organizations, and schools become prepared for emergencies; 2) Help increase the level of preparedness among individuals and families; and 3) Encourage businesses, schools and organizations to help their local communities prepare for emergencies.

• Red Cross Ready Rating Program

• Frequently Asked Questions about the Red Cross Ready Rating Program

Organizations & Associations

The following local and national organizations have additional resources, which can assist in the development of plans, practices and communities for emergency preparedness, business continuity, and crisis management.

• Business Continuity Institute (BCI)

• Business Recovery Managers Association (BRMA)

• Disaster Recovery Institute (DRII)

Neighborhood Emergency Response Team (NERT)


• NERT SF Bay Area

Disaster Preparedness Supplies and Kits

The following are locally owned Bay Area businesses offering a full line of earthquake survival kits and emergency supplies for disaster preparedness to individuals, schools, small, medium and large organizations.

• Earth Shakes

• Nexis Response

• Simpler Life Emergency Provisions