Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Contingency Planning Guide for Information Technology Systems



Marianne M. Swanson, A Wohl, L Pope, Timothy Grance, Joan Hash, R Thomas


[Superseded by SP 800-34 Revision 1 (May 2010):] The Contingency Planning Guide for Information Technology (IT) Systems provides instructions, recommendations, and considerations for government IT contingency planning. Contingency planning refers to interim measures to recover IT services after an emergency or system disruption. Interim measures may include the relocation of IT systems and operations to an alternate site, the recovery of IT functions using alternate equipment, or the performance of IT functions using manual methods. The information presented in this document addresses specific contingency planning recommendations and provides strategies and techniques common to desktops and portable systems, servers, Web sites, local area networks, wide area networks, distributed systems, and mainframe systems.The document also defines the following seven-step contingency process that an agency may apply to develop and maintain a viable contingency planning program for their IT systems. These seven progressive steps develop the contingency planning policy statement, conduct the business impact analysis (BIA), identify preventive controls, develop recovery strategies, develop an IT contingency plan, plan testing/training/exercises, and plan maintenance are designed to be integrated into each stage of the system development life cycle.
Special Publication (NIST SP) - 800-34
Report Number


contingency planning, resilience, information system contingency plan, incident response plan, disaster recovery plan
Created June 13, 2002, Updated February 19, 2017