Business Continuity Plan (A.5.29, A.5.30)
Document ID: bcp-policy
Version: 1.0
Effective from: 2025-01-01
Owner: Founder / CEO
Review cycle: Quarterly (drill) + Annual (policy)
Business continuity objectives
| Objective | Target |
|---|
| Recovery Time Objective (RTO) | ≤ 60 minutes for production services |
| Recovery Point Objective (RPO) | ≤ 24 hours for customer data (D1 backup cadence) |
| Evidence continuity | Automated collectors resume on next cron trigger (≤ 24 hours) |
Threat scenarios
| Scenario | Likelihood | Impact | Mitigation |
|---|
| Cloudflare regional outage | Low | High | Multi-region Cloudflare Workers + R2 geo-replication |
| D1 database corruption | Very low | Critical | Weekly D1 backup export + quarterly restore test |
| Signing key loss | Very low | Critical | Key recovery procedure + V2 overlap slot |
| GitHub outage (CI/CD blocked) | Low | Medium | Deployments via Wrangler CLI from local; Cloudflare handles runtime |
| Founder incapacitation | Low | Critical | Key escrow procedure (sealed envelope) |
Recovery procedures
Production service recovery
- Confirm outage via Cloudflare status page and tail-consumer-coverage alerts
- If regional: Cloudflare automatically routes to healthy regions (no action required)
- If account-level: Contact Cloudflare support with account ID and evidence of ownership
Database (D1) recovery
- Retrieve latest backup from
sigmashake-d1-backups R2 bucket
- Create new D1 database:
wrangler d1 create sigmashake-compliance-recovery
- Restore:
wrangler d1 execute --local < backup.sql
- Update wrangler.toml binding + deploy
Evidence collection recovery
- Identify stale collectors via cron-health or self-evaluation
- Trigger manual run:
POST /compliance/admin/cron/trigger
- Verify evidence resumes via
/api/v1/soa.json?framework=iso27001
Signing key recovery
- Generate new Ed25519 key pair
- Set
COMPLIANCE_SIGNING_KEY via wrangler secret put
- Register new key in
signing_keys table
- Previous key retained as
retiring (historical evidence still verifiable)
Testing
Quarterly BCP drill performed by bcp-test collector:
- Verifies Merkle chain is unbroken for the period
- Checks for stuck error evidence runs
- Records drill outcome in
bcp_tests table
Evidence
| Collector | Cadence | Control |
|---|
bcp-test | Quarterly | A1.2, A1.3, A.5.29, A.5.30 |
d1-backup-export | Weekly | A.8.13 |
d1-backup-verify | Daily | A.8.13, A.8.14 |
dr-runbook-currency | Quarterly | A.5.30, A.8.14 |