Runbooks, recovery plans, emergency contacts — for many organisations the crisis knowledge sits exactly where it can't be reached when it matters. We make that knowledge backable, recoverable and readable offline.
Sound business continuity follows a repeatable management cycle — oriented on ISO 22301 and the BSI 200-4 standard. These are the stages we run with you.
Responsibility, objectives and which processes are in scope. Continuity starts as a management decision.
Which processes are time-critical, what depends on them, and your recovery targets (RTO/RPO).
Assess the threats and weaknesses that could interrupt those critical processes.
Recovery, emergency and communication plans — concrete, owned and findable.
Prove the plans work. Common practice per BSI 200-4: at least once a year.
Every exercise and incident feeds back into better plans. Then the cycle starts again.
Documentation only becomes emergency preparedness once you can actually read it in an emergency.
BCM is more than a backup. It's a considered cycle of analysis, preparation, testing and improvement. We bring these building blocks into your knowledge base.
Which processes are time-critical? Which documentation is vital — and therefore protected first?
How fast must it be back (RTO), how much data loss is tolerable (RPO)? This defines your backup strategy.
Move content out of the instance regularly and completely — the backup building block of your BCMS.
A clean, tested rebuild. A restore that was never rehearsed is hope, not a plan.
Your plans available offline and independently — even when the instance, network or login are unreachable.
Clear roles, escalation and communication. The right contacts and checklists in one accessible place.
BSI 200-4 calls for regular tests — common practice: at least annually, plus after major changes.
Plan–Do–Check–Act: every exercise and incident flows back into better plans and fresher docs.
Local processing, no cloud waypoint, no sharing with third parties or external AI services.
Each block addresses a concrete BCM requirement — built for Confluence, run under your control.
Pulls your content out of the instance regularly and completely — structured, traceable, with no detour through someone else's cloud.
Restores secured content cleanly. Makes the restore rehearsable — turning "should work" into tested evidence.
Makes your documentation readable independently of the running instance — the actual emergency handbook when everything else is down.
Tools are half the battle. The other half is roles, routines and rehearsal — we build those with you, tailored to your organisation.
Who decides, who coordinates, who communicates? We staff the crisis team — from emergency coordinator to situation assessment to internal and external communication — and set escalation and decision paths. The detailed shape is tailored to your organisation.
A plan that's never rehearsed rarely survives the real thing. Tabletop exercises, team awareness and leadership training turn documents into lived routine. Format and depth match your maturity level.
The one set that bundles the essentials in a blackout: critical documentation, contacts and access paths — offline, sorted, instantly at hand. What goes in is derived together from your critical processes.
From single block to coherent whole: a BCM oriented on established standards and sized to fit you — no overhead, but auditable. We sketch the roadmap in the readiness check.
Many tools move your most sensitive knowledge into someone else's infrastructure. We go the other way: preparedness that stays under your control.
Processing runs in your environment. No external waypoint for internal content.
No transfer to external AI or analytics services. What's internal stays internal.
Your emergency access doesn't hinge on the survival or availability of a single cloud service.
Backup and tested recovery provide the evidence NIS2 and DORA expect.
Two European frameworks require continuity, recovery and tested preparedness — with a much wider scope than before.
The German implementing act (NIS2UmsuCG) obliges affected entities to backup management, recovery after an incident and crisis management (§ 30 BSIG).
For financial entities and their IT providers, tested business continuity plans with defined recovery times are mandatory — owned by management.
Note: general orientation, not legal advice. Whether and how you're affected, we clarify in the readiness check based on your specific situation.
You start where you are. Each stage stands on its own and builds on the previous.
Where does your Confluence-based emergency documentation stand? Gaps, quick wins and a BIA entry point — as a clear finding with recommendations.
We set up the backup and restore path and provide offline emergency access — cleanly documented and handed over.
Regular restore tests, audit-ready evidence and alignment with the current regulatory picture. The stage that turns preparedness into demonstrable resilience.
Operated in a sovereign environment — no cloud dependency, with clearly defined responsibility. For organisations that outsource continuity without giving it away.
The BCM readiness check is compact, concrete and without obligation — and afterwards you'll know where your biggest gaps are.
Request a BCM readiness checkTelefon: +49 1556 6350001
E-Mail: kontakt@gerber-resilience.eu
Als Kleinunternehmer im Sinne des § 19 UStG wird keine Umsatzsteuer berechnet und ausgewiesen. Eine Umsatzsteuer-Identifikationsnummer liegt nicht vor.
Dirk Gerber, Anschrift wie oben.
Wir sind nicht verpflichtet und nicht bereit, an einem Streitbeilegungsverfahren vor einer Verbraucherschlichtungsstelle teilzunehmen (§ 36 VSBG).
Die Inhalte dieser Seiten wurden mit größter Sorgfalt erstellt. Für Richtigkeit, Vollständigkeit und Aktualität können wir jedoch keine Gewähr übernehmen. Als Diensteanbieter sind wir gemäß § 7 Abs. 1 DDG für eigene Inhalte nach den allgemeinen Gesetzen verantwortlich. Nach §§ 8 bis 10 DDG sind wir nicht verpflichtet, übermittelte oder gespeicherte fremde Informationen zu überwachen.
Unser Angebot kann Links zu externen Websites Dritter enthalten, auf deren Inhalte wir keinen Einfluss haben. Für diese fremden Inhalte ist stets der jeweilige Anbieter oder Betreiber verantwortlich.
Die durch den Betreiber erstellten Inhalte und Werke unterliegen dem deutschen Urheberrecht. Vervielfältigung, Bearbeitung, Verbreitung und Verwertung außerhalb der Grenzen des Urheberrechts bedürfen der schriftlichen Zustimmung.
Confluence und Atlassian sind Marken der Atlassian Pty Ltd. Gerber Resilience steht in keiner Verbindung zu Atlassian; Produktnamen werden ausschließlich beschreibend verwendet.
Verantwortlich im Sinne der DSGVO: Dirk Gerber, Gerber Resilience, Bei der Rolandsmühle 2, 22763 Hamburg, Deutschland. E-Mail: kontakt@gerber-resilience.eu, Telefon: +49 1556 6350001.
Diese Website verwendet keine Cookies, kein Tracking und keine Analyse- oder Statistik-Werkzeuge. Es werden keine Inhalte Dritter eingebunden (keine externen Schriftarten, Karten, Videos oder Skripte); alle Ressourcen liefert diese Website selbst aus. Eine Einwilligung über ein Cookie-Banner ist daher nicht erforderlich.
Diese Website wird bei Codeberg e.V., Berlin, Deutschland, gehostet (Codeberg Pages). Beim Aufruf verarbeitet der Hoster technisch notwendige Zugriffsdaten in Server-Logfiles (z. B. IP-Adresse, Datum und Uhrzeit, abgerufene Datei, Referrer, Browser- und Systemangaben), um Auslieferung, Stabilität und Sicherheit zu gewährleisten. Rechtsgrundlage ist Art. 6 Abs. 1 lit. f DSGVO (berechtigtes Interesse an einem sicheren Betrieb).
Kontaktieren Sie uns per E-Mail oder Telefon, verarbeiten wir die mitgeteilten Daten zur Bearbeitung Ihres Anliegens. Rechtsgrundlage ist Art. 6 Abs. 1 lit. b DSGVO (vorvertragliche bzw. vertragliche Maßnahmen) oder lit. f (berechtigtes Interesse an der Beantwortung). Die Daten werden gelöscht, sobald sie nicht mehr erforderlich sind und keine Aufbewahrungspflichten entgegenstehen.
Sie haben das Recht auf Auskunft (Art. 15), Berichtigung (Art. 16), Löschung (Art. 17), Einschränkung (Art. 18), Datenübertragbarkeit (Art. 20) und Widerspruch (Art. 21 DSGVO). Eine erteilte Einwilligung können Sie jederzeit mit Wirkung für die Zukunft widerrufen.
Sie haben das Recht, sich bei einer Aufsichtsbehörde zu beschweren. Zuständig ist der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (HmbBfDI); aktuelle Kontaktdaten unter datenschutz-hamburg.de.
Diese Website nutzt eine TLS-Verschlüsselung; erkennbar am „https://“ in der Adresszeile.
Stand: Juni 2026.
Dirk Gerber, Gerber Resilience, Bei der Rolandsmühle 2, 22763 Hamburg, Germany. Phone +49 1556 6350001, e-mail kontakt@gerber-resilience.eu. Information pursuant to § 5 DDG. Small business under § 19 German VAT Act; no VAT is charged or shown, no VAT ID. Responsible for content under § 18 (2) MStV: Dirk Gerber, address as above. We are neither obliged nor willing to take part in dispute-resolution proceedings before a consumer arbitration board (§ 36 VSBG). Confluence and Atlassian are trademarks of Atlassian Pty Ltd; Gerber Resilience is not affiliated with Atlassian and uses product names descriptively only.
This website uses no cookies, no tracking and no analytics, and embeds no third-party content; all resources are served from this site, so no consent banner is required. Hosting: Codeberg e.V., Berlin, Germany (Codeberg Pages), which processes technically necessary access data in server logs (e.g. IP address, time, requested file) to deliver and secure the site (Art. 6 (1) (f) GDPR). If you contact us, we process the data you provide to handle your request (Art. 6 (1) (b)/(f) GDPR). You have the rights of access, rectification, erasure, restriction, portability and objection (Art. 15–21 GDPR) and may complain to a supervisory authority (for us: the Hamburg Data Protection Commissioner, datenschutz-hamburg.de). The site uses TLS encryption. Last updated: June 2026.