Business continuity plans
Identifies business continuity plans patterns in security and access control contexts. Detects potential exposure of sensitive security information in international systems.
- Type
- regex
- Engine
- boost_regex
- Confidence
- medium
- Confidence justification
- category-aware structural regex with anchor and context constraints replaces phrase-only detection. Added context gating and exclusion rules improve precision and reduce incidental matches.
- Detection quality
- Mixed
- Jurisdictions
- global
- Regulations
- GDPR
- Data categories
- credentials, security
- Scope
- wide
- Platform compatibility
- Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Degraded, Netskope: Unsupported
Pattern
(?is)\b(?:business\s+continuity|continuity\s+plan|crisis\s+management|business\s+impact\s+analysis|critical\s+functions|alternate\s+site|recovery\s+strategy|essential\s+services|maximum\s+tolerable\s+downtime|succession\s+planning|emergency\s+operations)\bCorroborative evidence keywords
business continuity plans, business, continuity, plans, operations, resilience, student, transcript, grade, GPA, enrollment, FERPA, FAFSA, financial aid, tuition, degree, field, column, row, entry (+25 more)
Proximity: 300 characters
Should match
business continuity— Primary topic phrase matchcontinuity plan— Case-insensitive topic phrase matchcrisis management— Alternative topic phrase matchbusiness impact analysis— Additional topic phrase match
Should not match
unrelated generic text without domain phrases— No relevant topic phrases presentplaceholder value 12345— Random text should not match topic-specific regexbackup outage— Generic word pair from old broad template should not match
Known false positives
- Authentication-related terminology in software documentation, security training materials, or system architecture descriptions without actual credentials. Mitigation: Require proximity to credential-specific patterns (API keys, connection strings, tokens) rather than general security terminology.
- Code snippets and configuration examples containing credential-related keywords or placeholder values in developer documentation. Mitigation: Check for common placeholder patterns (example.com, localhost, 0000) and documentation file types to reduce false positives from technical writing.
References
- https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism
- https://www.homeaffairs.gov.au/about-us/our-portfolios/emergency-management
- https://www.disasterassist.gov.au/
- https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-11-app-11-security-of-personal-information