The “bus factor” you mention reminds me of “The Secret Life of Passwords” , a NYT article that discusses, among other things, how a financial services firm went about trying to guess business critical passwords after most of their employees were killed in the 9/11 attack.
Howard Lutnick, the chief executive of Cantor Fitzgerald, one of the world’s largest financial-services firms, still cries when he talks about it. Not long after the planes struck the twin towers, killing 658 of his co-workers and friends, including his brother, one of the first things on Lutnick’s mind was passwords. This may seem callous, but it was not.
Like virtually everyone else caught up in the events that day, Lutnick, who had taken the morning off to escort his son, Kyle, to his first day of kindergarten, was in shock. But he was also the one person most responsible for ensuring the viability of his company. The biggest threat to that survival became apparent almost immediately: No one knew the passwords for hundreds of accounts and files that were needed to get back online in time for the reopening of the bond markets. Cantor Fitzgerald did have extensive contingency plans in place, including a requirement that all employees tell their work passwords to four nearby colleagues. But now a large majority of the firm’s 960 New York employees were dead.
I don’t think it is realistic to aim for no relevant knowledge getting lost even if your company loses half of its employees in one day. A bus factor of five is already shockingly competent when compared to any company I have ever worked for, going for a bus factor of 658 is just madness.