Business Continuity Management Policy

Transcription

1 The Public Trustee Business Cntinuity Management Plicy Octber 2015 Business Cntinuity Management Plicy Octber 2015 Page 1 f 6

2 Dcument Infrmatin Apprved Name Psitin Signature Date Mark Crftn A/Public Trustee f Queensland RETAINED ON FILE 19/11/2015 Endrsed Name Psitin Signature Date Tim Murphy Executive Directr Investments & CFO RETAINED ON FILE 18/11/2015 Kathryn Williams A/Official Slicitr RETAINED ON FILE 19/11/2015 Tny Steinmetz Executive Directr Client Services RETAINED ON FILE 9/11/2015 Stephanie Duggan A/Directr Gvernance & Executive Directrate RETAINED ON FILE 4/11/2015 Revisin Histry Versin Date Updated by Summary f Changes 1.1 April 2014 Mark Blair Draft 1.2 August 2014 Mark Blair Final Draft 1.3 Nvember 2014 Mark Blair Final Draft fr Apprval 1.4 April 2015 Tni Farrell Updated 1.5 Octber 2015 Tni Farrell Updated fllwing review by A/Dir GED Prepared by: A/Directr, Gvernance & Executive Directrate Cntact Details: Prgram Name: Gvernance & Executive Directrate Dcument Status: Review File:TRIM P15/94 Business Cntinuity Management Plicy Octber 2015 Page 2 f 6

3 1. Intrductin This plicy is part f the Public Trustee s risk management framewrk and invlves managing business interruptin by having strategies in place that enable the Public Trustee t: manage the immediate impacts f a disruptive event; deliver critical services t Public Trustee clients until full service resumes; and resume business t usual capacity, where pssible. 2. The Public Trustee s Business Cntinuity Management Framewrk The figure belw prvides an indicatin f the relatinships between the varius aspects f the Public Trustee s Business Cntinuity Management (BCM) framewrk. Figure 1. The Public Trustee s Business Cntinuity Management Framewrk. 3. Plicy Statement The Public Trustee has an bligatin t emplyees, clients and stakehlders t ensure service delivery is maintained in a disruptive event r crisis impacting the Office. The Public Trustee recgnises the ptential strategic, peratinal and financial risks assciated with business interruptins and the imprtance f maintaining a viable capability t cntinue the Public Trustee s service delivery t clients. The BCM framewrk prvides an efficient and cst effective apprach t use in the case f a disruptive event r crisis impacting service delivery t clients. Business Cntinuity Management Plicy Octber 2015 Page 3 f 6

4 4. Applicatin This plicy applies t all Public Trustee prgrams and staff, including permanent and temprary emplyees, cntractrs and any ther persn wh prvides a service n a paid r vluntary basis t the Public Trustee. 5. Scpe In scpe This plicy cvers the preventin, preparatin, respnse and recvery f pssible r actual interruptins t critical business peratins assciated with the Public Trustee s delivery f cre services. Critical business peratins are defined as thse functins which, if nt perfrmed, culd have a serius impact n: Staff; Service delivery t clients and the cmmunity; Ability t maintain service delivery and cre peratins; Legal and cmpliance issues; and Reputatin. Out f scpe Events that are managed using nrmal management prcesses and prcedures are ut f the scpe f this plicy. 6. Principles i. Business Cntinuity Management is a cre cmpnent f gd gvernance and is an integral element in the Public Trustee s verall Risk Management framewrk. ii. iii. iv. Business cntinuity fcuses n the Public Trustee s capacity t achieve ur cre business bjectives. Business cntinuity will be managed in accrdance with the prcedures set ut in the Public Trustee s Business Cntinuity Plan. In the case f a disruptive event, the primary fcus is the immediate and nging safety f staff and clients. If a prir warning f a disruptive event has been issued by an authrity, the Public Trustee will plan t ensure interruptin t services is minimised and cntinuity is maintained t the extent pssible. v. During r fllwing a disruptive event, the Public Trustee will make every effrt t achieve the earliest restratin f service delivery. vi. Fllwing a disruptive event, a review will be undertaken f the event, the Public Trustee s respnse and business cntinuity in preparatin fr (r preventin f) future similar events. Business Cntinuity Management Plicy Octber 2015 Page 4 f 6

5 7. The Public Trustee business cntinuity management mdel There are three distinct phases t the Public Trustee s respnse t a disruptive event r crisis. The Public Trustee s respnse is intended t be timely and handled by the apprpriate management level. The three event management phases are: a. Event respnse and management A lcalised tactical activity that is fcused upn safeguarding peple, service delivery, systems and facilities. In many events, immediate actin r the severity f the event means it will nt be necessary t initiate a crisis respnse. Generally, if the event can be respnded t and managed by nrmal management prcedures, it des nt require activatin f the Crisis Management Plan (CMP) r the Business Cntinuity Plan (BCP). b. Crisis management The CMP is activated where nrmal management prcedures are unlikely t prvide an adequate r ptimal respnse t cntain a disruptive event. The respnse is aimed at managing the brader implicatins and stabilising a crisis event. c. Business cntinuity and recvery The BCP includes plans t: (a) enable cntinuatin f critical business functins during and fllwing an event; and (b) recver functins t business as usual. This plicy is t be read with the Public Trustee s Risk Management Plicy and Prcedure. 8. Rles and respnsibilities Rle Executive Management Team (EMT) Respnsibility Endrses the Business Cntinuity Management Framewrk and plicy. Bth the Business Cntinuity Plan and the Crisis Management Plan set ut the rles and respnsibilities f the members f the EMT in the situatin f a disruptive event r crisis. 9. Plicy review Gvernance and Executive Directrate will review the Business Cntinuity Management Plicy annually t ensure its relevance and effectiveness. Business Cntinuity Management Plicy Octber 2015 Page 5 f 6

6 10. Definitins Term Business cntinuity management (BCM) Business Cntinuity Plan (BCP) Crisis Management Plan (CMP) Disruptive event Gvernance & Executive Directrate (GED) ICT Pandemic Plan Definitin The prcess fr managing the Public Trustee s peratins t ensure that service delivery can, in the event f a material disruptin arising frm internal r external event, be maintained, r restred in a timely way with minimal impact t emplyees, clients and stakehlders. Identifies the respnses that the Public Trustee will use t cntinue service delivery fllwing a disruptive event. Earliest pssible restratin f service delivery after the disruptin is the main bjective f BCP. Prvides a structured respnse t a crisis event, regardless f the nature f the event. Any event that may cause a significant business disruptin, lss, emergency r crisis in the delivery f client services. Examples f a disruptive event may include: Cyclne; Fld; Pwer utage; r Scial unrest. and may result in: Lss f building; Lss f ICT; and Significant unavailability f staff. Crdinates the Public Trustee s business cntinuity management framewrk including develping and reviewing the business cntinuity management plicy. Infrmatin and cmmunicatins technlgy In the event f a pandemic, the BCP Team Leader will fllw the guidance prvided by the Chief Health Officer Queensland. 11. References Financial Accuntability Act 2009 Financial and Perfrmance Management Standard 2009 Disaster Management Act 2003 Standards Australia Risk Management Principles and Guidelines (ISO AS/NZS 31000:2009) Business Cntinuity manage disruptin related risk (ISO AS/NZS 5050:2010) Queensland Health Pandemic influenza plan Public Trustee f Queensland Risk Management Framewrk Strategic Plan Wrk Health and Safety Act 2011 Business Cntinuity Management Plicy Octber 2015 Page 6 f 6