top of page
71BEFDDD-A075-4BA4-A8DE-97FC28AB8996.PNG

Disaster Recovery & Business Continuity Program

Led the end-to-end design and implementation of an enterprise-wide Disaster Recovery and Business Continuity program within a PCI-regulated payments environment. Established a unified resilience framework aligning compliance, operations, and cross-functional teams to ensure coordinated response and rapid recovery during critical incidents.

This initiative transformed fragmented risk practices into a structured, audit-ready system, strengthening organizational resilience and operational continuity.

Context

 The organization operated in a PCI-regulated payments environment with fragmented disaster recovery and business continuity practices. Ownership was unclear, documentation was inconsistent, and processes were not fully aligned to SOC 2 and PCI DSS requirements creating operational and audit risk.

Objective

 Design and operationalize a unified, enterprise-wide resilience program that strengthens incident response, ensures compliance, and enables coordinated recovery across systems, teams, and third-party dependencies.

Strategy & Approach

  • Conducted enterprise-wide risk and gap assessment

  • Mapped current practices to SOC 2 and PCI DSS controls

  • Designed a centralized DR/BC framework integrating people, process, and technology

  • Established governance, escalation structures, and testing protocols

  • Partnered cross-functionally with IT, Security, Compliance, and Operations

Anticipated Risks & Mitigation Strategy

  • Fragmented ownership across teams was mitigated by implementing a clear RACI model and incident command structure with defined escalation paths​

  • Compliance gaps were addressed through control mapping and audit-ready documentation with traceability

  • Low engagement in testing was mitigated by introducing scenario-based simulations tied to real business impact and leadership visibility

  • Third-party and offshore dependencies were integrated into recovery plans with SLA expectations and participation in testing cycles

  • Crisis communication breakdowns were prevented through predefined templates, centralized communication hubs, and assigned executive communication leads

Key Solutions & Innovations

  • Built a centralized resilience ecosystem replacing siloed recovery efforts

  • Introduced real-world simulation testing across critical scenarios

  • Developed a Hurricane Preparedness Program and live Confluence hub

  • Integrated vendor and offshore dependencies into resilience planning

  • Created audit-ready frameworks aligned to compliance standards
     

Results & Impact

  • Delivered a fully operational, audit-ready DR/BC program aligned to SOC 2 and PCI DSS

  • Improved incident response speed and clarity through defined ownership

  • Increased enterprise readiness through structured testing and simulations

  • Strengthened cross-functional alignment and risk visibility

Leadership Takeaway


Resilience becomes real when ownership, communication, and compliance operate as one system—not separate efforts.

Contact
Information

DIRECTOR OF LEARNING & DEVELOPMENT
Enterprise Transformation Leader

Tampa Bay Area, Florida


Soshbuckle@gmail.com

  • LinkedIn

© 2026 Soshane Buckle, MSc · PMP® · CPP®
Building systems that scale organizations


Location: Tampa Bay Area, Florida

bottom of page