I am sure Cyber Security types come into contact with DRP occasionally.
Who is normally responsible in a med (2-400 staff) organisation? We do not have any dedicated security resources, this is part of existing IT roles with vCISO bolted on.
What does it look like? Do you see well oiled DRP that operational practices are closely tied to so the DRP is always up to date. Is it practised.