Fast decisions
Predefined roles, clear escalation criteria, priorities set in advance to act without hesitation in the first critical minutes.
Business continuity · ISO 22301 + NIS 2 + DORA
Stay up, even when your servers don't.
A business continuity plan (BCP) that's not just a binder, but a system kept up to date continuously, ISO 22301-aligned, compliant with NIS 2 and DORA if you fall under them, and crucially accessible even when your IT is down. Run by our team, hosted on our infrastructure, available from anywhere.
What you get on the day it happens
A static BCP stored in a shared folder is rarely useful. Our approach ensures it serves you at the critical moment.
Achievable recovery times
For each critical activity we set and validate two concrete targets: how quickly it must be running again, and how much data loss is acceptable at worst. Measurable, not theoretical.
Controlled communication
Pre-approved communication plans for customers, regulators, partners and media.
Audit-ready evidence pack
All the evidence an auditor or regulator could need: internal policies, exercise reports, action plans after every incident or test, management review minutes. Aligned with ISO 22301, NIS 2 and DORA.
Luxgap differentiator
A portal accessible even when everything is down.
If your continuity plan lives on your internal SharePoint, a ransomware attack makes it unreachable exactly when you need it. Our portal hosts it on dedicated infrastructure, fully separate from yours, accessible from a phone, from home, from anywhere.
🚨 "Total crash" page
What to do in the first 0–60 minutes, activation checklists, priority contacts.
📋 Escalation tree
Trigger thresholds, priority levels, activation criteria, decided cold, executed hot.
👥 Crisis committee
Roles, responsibilities, designated alternates, multi-channel contacts.
🔧 Operational plans
IT recovery plans, business continuity, crisis communication, vendor management.
Why now?
Two EU regulations make business continuity non-negotiable.
NIS 2 (Dir. UE 2022/2555)
Cyber risk management measures for essential and important entities, explicitly including business continuity.
DORA (Règl. UE 2022/2554)
Direct obligation for the financial sector: continuity plans for your IT systems, mandatory business-impact analysis, recurring tests.
Let's set up your continuity plan.
Configure your BCP quote, implementation, annual exercises, break-glass portal and audit evidence included.
Build my quote →