It should be that business continuity is seen as part of the infosec role but so often the subtle differences between Disaster Recovery, Business Continuity, and Risk Management contribute to a blurring of the lines that can result in Business Continuity not appearing on anyone’s agenda.
Trying to get your trustees to think through this important threat to the organisation can often result in them identifying risks of biblical proportions which have little chance of occurring. If all you wanted to do was have them think about the simple issues maybe it’s time for a different tack? Why not invite some of your CSF colleagues along to share the experience of other charities and demonstrate their success. Look out too for the sessions that the CSF facilities with experts in the Business Continuity field.