Organizations of all sizes and shapes must comply with government and industry regulations. Some regulations are limited to public companies, while others are relevant only to certain verticals.
Many regulations cut across type, size, and industry in their impact. In addition to legally mandated requirements, many organizations voluntarily adopt quality and process standards (such as Six Sigma or ITIL) or establish performance guidelines that impact employees and customer agreements. Adhering to these standards brings with it additional (and not always overlapping) sets of rules.
In compliance with these standards, regulations, and rules ‐ or just to maintain best practices ‐ most organizations are implementing some degree of business continuity/disaster recovery plan.