How a BCP Can Help Your Organisation Survive a Zombie Apocalypse

Heather Todd • June 2, 2023

The idea of a zombie apocalypse may seem far-fetched, but recent pop culture phenomena such as The Walking Dead and World War Z have brought this hypothetical scenario to the forefront of many people's minds. While a zombie outbreak is an unlikely event, it can serve as a useful thought experiment for testing an organisation's preparedness for unexpected disruptions.


Here's how a Business Continuity Plan (BCP) might help your organisation survive a fictional zombie apocalypse:

Know Your Critical Business Functions

During a zombie apocalypse, it's important to know which business functions are essential for your organisation's survival. Is it your sales team, your IT department, or your HR staff? By identifying your critical business functions in advance, you can prioritise your response efforts and ensure that your organisation can continue to function even in the face of a zombie outbreak.

Conduct a Zombie Risk Assessment

A risk assessment is a process for identifying potential risks and threats to your organisation. In the case of a zombie apocalypse, the primary risk is, of course, zombies. By conducting a zombie risk assessment, you can identify the likelihood and potential impact of a zombie outbreak, as well as develop strategies for mitigating or avoiding the threat. This assessment could include evaluating the vulnerability of your physical facilities, assessing the adequacy of your emergency supplies, and determining the best escape routes in case of an outbreak.

Develop Response and Recovery Strategies

A BCP should include specific response and recovery strategies for different types of disruptions. In the case of a zombie apocalypse, these strategies may include:



  • Emergency response procedures for evacuating or securing your facilities: Establish protocols for safely evacuating employees and securing your premises to prevent zombie infiltration.
  • Backup and recovery plans for restoring critical IT systems and infrastructure: Ensure that your data is regularly backed up and can be restored quickly in case of damage or loss during the chaos of a zombie outbreak.
  • Communication protocols for keeping employees, customers, and other stakeholders informed: Establish clear communication channels to provide updates, instructions, and reassurance to employees, customers, and other stakeholders, especially if physical meetings are impossible due to the zombie threat.
  • Zombie defence tactics, such as barricading doors and windows and arming yourself with improvised weapons: Develop strategies and train employees on how to fortify their immediate surroundings, protect themselves from zombies, and safely neutralise any zombie encounters.

Plan Activation and Notification

In the event of a zombie outbreak, it may be necessary to activate your BCP quickly and efficiently. This requires clear communication protocols and well-defined roles and responsibilities for key personnel. Your plan should include procedures for activating the plan, as well as for notifying employees, customers, and other stakeholders of the situation and the organisation's response. Consider using creative and attention-grabbing notification methods, such as a mock emergency broadcast system or a humorous "Zombie Survival Guide" delivered via email or intranet.

Plan Maintenance and Testing

A BCP is only effective if it is regularly reviewed, updated, and tested. This ensures that the plan remains relevant and effective, and that key personnel are familiar with their roles and responsibilities. Testing can also help identify areas for improvement and refine response and recovery strategies. Conducting periodic "zombie drills" or tabletop exercises can engage employees and provide an opportunity to evaluate the effectiveness of the plan in a simulated zombie outbreak scenario. You can even turn it into a fun team-building exercise by organising a zombie-themed escape room!


While a zombie apocalypse may seem like a far-fetched scenario, it can actually be a fun and useful way to test your organisation's preparedness for unexpected disruptions. By developing a BCP that addresses the unique challenges of a zombie outbreak, your organisation can be better prepared to respond to a wide range of disruptions and ensure its continued operation and survival. So, grab your cricket bat and get ready to defend your organisation against the undead hordes!

Recent Posts

Why you should think of your technology partner as an iceberg.

February 21, 2025
And no, it’s not because it has the potential to turn you into a Titanic. Rather, it’s because what you see and interact with most days is just the tip of what we do. Below the waterline of everyday interaction is a significant mass of knowledge, expertise, and strategic value – all aimed at helping to secure and enable the growth of your business.

NZ Privacy Act – what you really, really need to know - (Data Privacy Day Part 2)

By Yorb January 30, 2025
In part 1 of our Data Privacy Day blog, we discussed the state of cybersecurity in New Zealand (as you do) and the critical importance of data governance. You can catch up on the whys and wherefores of data governance as it applies to you here . Moving on, this time, we’re focusing on the 13 Information Privacy Principles in our Privacy Act (2020) and what you need to do to stay on the good side of our legislation – and your customers. But first, this is why you should care.

Data Privacy Day, and why you should mind your own business - (Data Privacy Day Part 1)

By Yorb January 23, 2025
Data Privacy Day has been internationally observed on 28 January since 2007. Its purpose is to raise awareness and promote best privacy and data protection practices. It serves as an excellent reminder of exactly how precious our data is, as well as our ethical and legal obligations as businesses to securely manage and protect it. So, in terms of data privacy, how have we fared here in New Zealand? Why is data governance so important - what is it, and why exactly do you need it? Warning – triggering content: It may not be your job to manage data – and you may not think you even need to care about it. But if you are a stakeholder, it’s your responsibility to make sure that your business complies with New Zealand’s privacy and data protection best practices.  This is a big topic (sorry!), so it’s in two parts.
Share by: