It should be distinguished between risk reduction and recovery planning.
Risk reduction concentrates on preventing, and recovery planning deals with Continuity options. The Continuity Strategy tries
to find an optimum balance between risk reduction and recovery planning.