Resilience Audit Checklist ORG 5 RESILIENCE AUDIT CHECKLIST ORG 5

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Resilience Audit Checklist ORG 5 RESILIENCE AUDIT CHECKLIST ORG 5"

Transcription

1 ORG 5 Andrew Wood, Organisational Resilience Consultant 1 Introduction We define organisational resilience as the ability and capability to anticipate, avoid, deter, protect, respond and adapt to threats that could affect the delivery of our strategic objectives. It incorporates the key elements of a common threat and risk identification and assessment process supported by processes covering risk, security, business continuity and crisis management. Auditing the resilience management processes provides assurance that not only is there an efficient and embedded resilience management system but also that appropriate risks have been identified and that those risks are being addressed by effective actions. This document provides guidance on the questions to be addressed during an audit of an organisation s resilience management processes. 2 Instructions for Completion Against each of the questions, provide a (Red Amber Green) status assessment using the relevant response in the following criteria: RED (R) Answer to question is NO. Processes generally not documented. Few controls and / or actions in place. Non-compliance across most areas. Few or no reviews / audits taking place. Low degree of confidence in overall resilience of contract / site. AMBER (A) Answer to question is PARTIALLY. Documented processes in place. Controls and / or actions mostly in place. Compliance across most areas. Some reviews / audits taking place but with some significant non-conformities. Reasonable degree of confidence in overall resilience of contract / site. GREEN (G) Answer to question is YES. Strong, documented processes in place. Robust controls and / or actions in place. Full compliance across all areas. Regular reviews / audits taking place with only minor non-conformities. High degree of confidence in overall resilience of contract / site. Add supporting evidence, references to documents or more detailed explanation in the column. In particular, identify what action is being taken to address RED and AMBER assessments. Page 1

2 3 Checklist 1 Business and Resilience Objectives 1.1 Do you have clearly identified business objectives that take into account key stakeholders and their objectives? 1.2 Have resilience objectives been identified and communicated to staff? 1.3 Is there an effective resilience management system and supporting processes and procedures to support the delivery of the resilience objectives? 1.4 Are the resilience audit and oversight arrangements clearly identified? 2 Threat and Risk Identification and Assessment 2.1 Is there a local risk identification and assessment process and does it conform to the process defined in the resilience management framework? 2.2 Have the key risks to the achievement of the business objectives been identified and do they take into account both internal and external threats? 2.3 Have the risks been prioritised using an appropriate risk scoring system to identify the ones requiring most urgent action? 2.4 Does the contract risk register document current risks and is it regularly reviewed? 2.5 Does the risk identification process take into account all risk areas (eg operational, financial, compliance, reputation etc)? Page 2

3 3 Risk Management (er to RMG 15 Risk Audit Checklist) 3.1 Is there a local risk management process and does it conform to the process defined in the resilience management framework? 3.2 Have appropriate risk reduction and mitigation actions or controls been identified for each risk? 3.3 Is there a clear allocation of responsibilities and ownership for each risk and the associated actions, controls or decisions? 3.4 Do local management receive timely, relevant and reliable reports on the risks and the associated actions that provide sufficient information needed for decision-making and management review purposes? 3.5 Are changes in the contract risk register and the status of actions for critical risks reported to senior management at regular intervals (usually quarterly)? 4 Security Management (er to SMG 5 Security Audit Checklist) 4.1 Is there a local security management process and does it conform to the process defined in the resilience management framework? 4.2 Have responsibilities been defined for physical, personnel and information security? 4.3 Have security threats covering physical, personnel and information security been identified and included in the contract risk register? 4.4 Are appropriate controls in place to manage the identified security threats? 4.5 Is there a process for reporting and investigating security incidents and taking appropriate corrective action? 4.6 Is the status of physical, personnel and information security and any incidents reported to senior management at regular intervals (usually quarterly)? Page 3

4 5 Business Continuity Management (er to BCG 4 Business Continuity Audit Checklist) 5.1 Is there a local business continuity management process and does it conform to the process defined in the resilience management framework? 5.2 Have the hazards / threats that could disrupt business operations been identified? Natural hazards (flood, storm, extreme weather, contamination, disease) Loss of utilities (electricity, gas, water, sewerage, telecommunications) Loss of facilities (fire, explosion, water damage, contamination, crime / terrorism) Unavailability of staff or resources (travel disruption, supply chain) 5.3 Have the critical processes and resources (people, equipment and information) that are essential to your ability to continue to delivery contracted services been identified? 5.4 Are plans in place to respond to events that cause business disruption and restore critical processes as quickly as possible? 5.5 Have the business continuity arrangements of your key suppliers (internal and external) been checked? 5.6 Are your business continuity plans coordinated with those of your customer(s) and key suppliers? 5.7 Are your staff familiar with their responsibilities in the case of a business disruption and have they received appropriate training? 5.8 Have your plans been tested or exercised in the last 12 months? 5.9 Is the status of business continuity and any incidents reported to the Contract Board and Business Unit / Division at regular intervals (usually quarterly)? Page 4

5 6 Crisis Management (er to CMG 5 Crisis Management Audit Checklist) 6.1 Is there a local crisis management process and does it conform to the process defined in the resilience management framework? 6.2 Are plans in place to respond to a major incident that could affect wider the organisation s interests including reputation? 6.3 Is there a process in place for reporting a major incident to senior management? 6.4 Is your crisis management plan coordinated with those of your customer(s) and key suppliers? 6.5 Are your staff familiar with their responsibilities in the case of a major incident and have they received appropriate training? 6.6 Has your plan been tested or exercised in the last 12 months? 6.7 Is the status of crisis management and any incidents reported to senior management at regular intervals (usually quarterly)? 7 Audit and Oversight 7.1 Is there an audit system to confirm the effectiveness of resilience management systems and processes? 7.2 Does the internal audit process provide oversight of the risk actions or controls to give appropriate assurance to management? 7.3 Does the internal audit process provide oversight of the security, business continuity and crisis management arrangements to give appropriate assurance to management? Page 5

6 7.4 Is there an independent resilience oversight function that reviews the resilience management system and associated risk registers at regular intervals and provides reports to senior management? 7.5 Are the resilience management system and associated processes periodically reviewed and their suitability and effectiveness assessed in order to identify improvements? Page 6

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

EPRR: Toolkit Business Impact

EPRR: Toolkit Business Impact NHS England Business Continuity Management EPRR: Toolkit Business Impact Assessment (BIA) Template Appendix 3.1 0 [Intentionally Blank] 1 INTRODUCTION The purpose of this document is to assist those who

More information

Business Continuity Policy. Version 1.0

Business Continuity Policy. Version 1.0 Business Continuity Policy Version.0 January 206 Contents Contents Version control Foreword Policy. Scope.2 Aim and objectives.3 Methods and standards.4 Responsibilities.5 Governance.6 Training and exercises

More information

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author

More information

Coping with a major business disruption. Some practical advice

Coping with a major business disruption. Some practical advice Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps

More information

Business Continuity Policy

Business Continuity Policy Page 1 of 16 Business Continuity Policy Issue Date: Aug 2013 Document Number: 00241 Prepared by: Business Management and Continuity Senior Manager Next Review Date: April 2014 Page 2 of 16 NHS England

More information

Business Continuity Strategy Manual

Business Continuity Strategy Manual Business Continuity Strategy Manual Issue 03 July 2009 Authorised by: Managing Director, Date: 1. Amendments 2. Definitions 3. BCM System Management 4. Purpose 5. Scope 6. Roles & Responsibilities 7. Business

More information

Relocation, sheltering and evacuation guide

Relocation, sheltering and evacuation guide Relocation, sheltering and evacuation guide A guide to emergency planning for the health and human services sectors October 2015 Relocation, shelter in place or evacuation guide Page 1 Relocation, sheltering

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN >Insert Company Logo Here< >Insert Company Name Here< BUSINESS CONTINUITY PLAN Date Version Author Address Telephone (Landline/Mobile) E-mail Plan Approval Approved By (Please print) Signature Date Page

More information

BS 25999 BUSINESS CONTINUITY MANAGEMENT

BS 25999 BUSINESS CONTINUITY MANAGEMENT BS 25999 BUSINESS CONTINUITY MANAGEMENT AUDIT, CERTIFICATION & training services HOW CAN YOU ENSURE BUSINESS CONTINUITY? BS 25999 AUDITS & CERTIFICATION FROM SGS Most organisations will, at some point,

More information

Business Continuity Management Why now? Mike Hill Director Itica Consulting

Business Continuity Management Why now? Mike Hill Director Itica Consulting Business Continuity Management Why now? Mike Hill Director Itica Consulting Introduction Objectives Demonstrate why BCM is just as important today Practical tips for effective BCM Business Continuity Plan

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Page 1 of 15 Business Continuity Policy First published: Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/14 Vicky Ryan Updated to include

More information

BUSINESS CONTINUITY POLICY

BUSINESS CONTINUITY POLICY BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility

More information

Strategic Alliance. Business Continuity Policy

Strategic Alliance. Business Continuity Policy Version 1.1 April 2016 Contents Contents Version control Foreword Policy Scope Aim and objectives Methods and standards Responsibilities Governance Training and exercises Page i ii 1 2 2 2 Version 1.1

More information

NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0

NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0 NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy Version 1.0 Document Control Title: Status: Version: 1.0 Issue date: May 2014 Document owner: (Name,

More information

Risk Management & Business Continuity Manual 2011-2014

Risk Management & Business Continuity Manual 2011-2014 ANNEX C Risk Management & Business Continuity Manual 2011-2014 Produced by the Risk Produced and by the Business Risk and Business Continuity Continuity Team Team February 2011 April 2011 Draft V.10 Page

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy 1 NHS England INFORMATION READER BOX Directorate Medical Commissioning Operations Patients and Information Nursing Trans. & Corp. Ops. Commissioning Strategy Finance Publications

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective

More information

HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING

HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYSTEMS Most organisations will, at some point, be faced with having to respond

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

BUSINESS CONTINUITY MANAGEMENT POLICY

BUSINESS CONTINUITY MANAGEMENT POLICY BUSINESS CONTINUITY MANAGEMENT POLICY AUTHORISED BY: DATE: Andy Buck Chief Executive March 2011 Ratifying Committee: NHS Rotherham Board Date Agreed: Issue No: NEXT REVIEW DATE: 2013 1 Lead Director John

More information

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY AUTHOR/ APPROVAL DETAILS Document Author Written By: Human Resources Authorised Signature Authorised By: Helen Shields Date: 20

More information

Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council

Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council Aim To provide an introduction to Business Continuity Management (BCM). Objectives

More information

Business Continuity Management (BCM) Policy

Business Continuity Management (BCM) Policy Business Continuity Management (BCM) Policy Reference number: Corporate 042 Title: Business Continuity Management (BCM) Policy Version number: Version 2 Policy Approved by: LLR PCT Cluster Board Date of

More information

PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE INTRODUCTION. 1 What is Business Continuity Management? 2 Link to Risk Management

PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE INTRODUCTION. 1 What is Business Continuity Management? 2 Link to Risk Management PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE This Framework has been developed in support of both the Business Continuity and Crisis Management Policy and the Emergency and Fire Evacuation

More information

Lay Members are expected to attend a minimum of four committee meetings per year.

Lay Members are expected to attend a minimum of four committee meetings per year. WREXHAM COUNTY BOROUGH COUNCIL AUDIT COMMITTEE LAY MEMBER JOB DESRCRIPTION KEY PURPOSE Wrexham County Borough Council is committed to ensuring and demonstrating good governance, and has established an

More information

Staffordshire County Council. Civil Contingencies Policy

Staffordshire County Council. Civil Contingencies Policy Staffordshire County Council Civil Contingencies Policy Version 1 September 2012 Staffordshire County Council s Civil Contingencies Policy 1.1 Introduction The County Council aims to protect the wellbeing

More information

Revenue Scotland. Risk Management Framework

Revenue Scotland. Risk Management Framework Revenue Scotland Risk Management Framework Contents 1. Introduction... 3 1.1 Overview of risk management... 3 2. Policy statement... 4 3. Risk management approach... 5 3.1 Risk management objectives...

More information

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business

More information

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC Annex 1 TITLE VERSION Version 2 Risk Management Strategy and Policy SUMMARY The policy provides the framework for the management and control of risk within the GOC DATE CREATED January 2013 REVIEW DATE

More information

TRUST POLICY FOR EMERGENCY PLANNING

TRUST POLICY FOR EMERGENCY PLANNING TRUST POLICY FOR EMERGENCY PLANNING Reference Number: CL-OP/ 2013/027 Version: 1.4 Status: New Draft Author: Ashley Reed Job Title: Head of Security and EPO Version / Amendment History Version Date Author

More information

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012 To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached

More information

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY

DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining

More information

Harrow Business Consultative Panel. Business Continuity Management. Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy

Harrow Business Consultative Panel. Business Continuity Management. Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy Meeting: Harrow Business Consultative Panel Date: 18 th July 2006 Subject: Business Continuity Management Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy Contact Officer:

More information

1.0 Policy Statement / Intentions (FOIA - Open)

1.0 Policy Statement / Intentions (FOIA - Open) Force Policy & Procedure Reference Number Business Continuity Management D269 Policy Version Date 23 July 2015 Review Date 23 July 2016 Policy Ownership Portfolio Holder Links or overlaps with other policies

More information

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014

www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis

More information

Business Continuity Management For Small to Medium-Sized Businesses

Business Continuity Management For Small to Medium-Sized Businesses Business Continuity Management For Small to Medium-Sized Businesses Produced by NORMIT and Norfolk County Council Resilience Team For an electronic copy of this document visit www.normit.org Telephone

More information

Emergency Management and Business Continuity Policy

Emergency Management and Business Continuity Policy www.surreycc.gov.uk Making Surrey a better place Emergency Management and Business Continuity Policy 4 TH EDITION June 2011 Title Emergency Management and Business Continuity Policy Version 4.0 Policy

More information

CFAMLE6 Ensure health and safety requirements are met in your area of responsibility

CFAMLE6 Ensure health and safety requirements are met in your area of responsibility Ensure health and safety requirements are met in your area of Overview This unit is concerned with managing the overall health and safety process in your area of. It is intended to go beyond meeting health

More information

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Tour de France Grand Départ Basic Business Continuity Planning RESTRICTED

Tour de France Grand Départ Basic Business Continuity Planning RESTRICTED Tour de France Grand Départ Basic Business Continuity Planning RESTRICTED Scope of the presentation Aim of the presentation What is a Business Continuity Plan? Understanding your business and identifying

More information

EPRR: Toolkit Facilitator Guide

EPRR: Toolkit Facilitator Guide NHS England Business Continuity Management EPRR: Toolkit Facilitator Guide APPENDIX 1 1 [Intentionally Blank] INTRODUCTION The document has been designed to assist you to deliver the outcomes of the workshop

More information

V1.0 - Eurojuris ISO 9001:2008 Certified

V1.0 - Eurojuris ISO 9001:2008 Certified Risk Management Manual V1.0 - Eurojuris ISO 9001:2008 Certified Section Page No 1 An Introduction to Risk Management 1-2 2 The Framework of Risk Management 3-6 3 Identification of Risks 7-8 4 Evaluation

More information

Business Continuity Planning

Business Continuity Planning Business Continuity Planning Assistance for Young Enterprise Business Continuity Planning for small to medium-sized businesses This information will guide you through some steps that could help your business

More information

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013 2016 South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013-2016 1 1 Context 3 SCOPE 3 WHAT IS RISK MANAGEMENT? 3 LOCAL AND NATIONAL DRIVERS 3 Business

More information

APES 325 Risk Management for Firms

APES 325 Risk Management for Firms APES 325 Risk Management for Firms Prepared and issued by Accounting Professional & Ethical Standards Board Limited ISSUED: December 2011 Copyright 2011 Accounting Professional & Ethical Standards Board

More information

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and

More information

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES THIS POLICY SETS OUT THE REQUIREMENTS FOR SAFEGUARDING COMPANY ASSETS AND RESOURCES TO PROTECT PATIENTS, STAFF, PRODUCTS, PROPERTY AND

More information

Crisis and Emergency Management Plan Development

Crisis and Emergency Management Plan Development Crisis and Emergency Management Plan Development AGENDA Administrative Code Crisis What is a crisis Four phases of crisis management Mitigation/Prevention Preparedness Response Recovery Long-Range Planning

More information

DIRECTORATE OF AUDIT, RISK FF AND ASSURANCE. Appendix 2a FOLLOW UP REVIEW OF CORPORATE BUSINESS CONTINUITY

DIRECTORATE OF AUDIT, RISK FF AND ASSURANCE. Appendix 2a FOLLOW UP REVIEW OF CORPORATE BUSINESS CONTINUITY DIRECTORATE OF AUDIT, RISK FF AND ASSURANCE Internal (Foundry Audit Forms Service San/ Font size to 20/ the RBG: 160, GLA 160, 170) Appendix 2a FOLLOW UP REVIEW OF CORPORATE BUSINESS CONTINUITY DISTRIBUTION

More information

Bridgend County Borough Council. Corporate Risk Management Policy

Bridgend County Borough Council. Corporate Risk Management Policy Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN Business Logo or Name here BUSINESS CONTINUITY PLAN FOR PERSONAL CARE PROVIDERS TEMPLATE PREPARED BY DEVON COUNTY COUNCIL EMERGENCY PLANNING SERVICE BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...

More information

Emergency Planning and Business Continuity Policy

Emergency Planning and Business Continuity Policy Nottingham University Academy of Science and Technology Emergency Planning and Business Continuity Policy Responsible officer: Vice Principal Curriculum & Quality Date approved: 15/07/2014 Review date:

More information

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy NHS Hardwick Clinical Commissioning Group Business Continuity Policy Version Date: 26 January 2016 Version Number: 2.0 Status: Approved Next Revision Due: January 2017 Gordon Stevens MBCI Corporate Assurance

More information

International Diploma in Risk Management Syllabus

International Diploma in Risk Management Syllabus International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.

More information

Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015. Business Continuity Policy Statement 2015

Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015. Business Continuity Policy Statement 2015 Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015 Business Continuity Policy Statement 2015 This Policy sets the direction for Business Continuity

More information

CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY AND POLICY

CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY AND POLICY Zurich Management Services Limited Registered in England: No 2741053 Registered Office The Zurich Centre, 3000 Parkway Whiteley, Fareham Hampshire, PO15 7JZ CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY

More information

Version: 3.0. Effective From: 19/06/2014

Version: 3.0. Effective From: 19/06/2014 Policy No: RM66 Version: 3.0 Name of Policy: Business Continuity Planning Policy Effective From: 19/06/2014 Date Ratified 05/06/2014 Ratified Business Service Development Committee Review Date 01/06/2016

More information

ISO 20000-1:2005 Requirements Summary

ISO 20000-1:2005 Requirements Summary Contents 3. Requirements for a Management System... 3 3.1 Management Responsibility... 3 3.2 Documentation Requirements... 3 3.3 Competence, Awareness, and Training... 4 4. Planning and Implementing Service

More information

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited Business Continuity and Risk Management Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited What does Business Continuity mean? Business Continuity Management- Definition Business Continuity

More information

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy WEST YORKSHIRE FIRE & RESCUE SERVICE Business Continuity Management Strategy Date Issued: 12 November 2012 Review Date: 12 November 2015 Version Control Version Number Date Author Comment 0.1 June 2011

More information

7 Directorate Performance Managers. 7 Performance Reporting and Data Quality Officer. 8 Responsible Officers

7 Directorate Performance Managers. 7 Performance Reporting and Data Quality Officer. 8 Responsible Officers Contents Page 1 Introduction 2 2 Objectives of the Strategy 2 3 Data Quality Standards 3 4 The National Indicator Set 3 5 Structure of this Strategy 3 5.1 Awareness 4 5.2 Definitions 4 5.3 Recording 4

More information

GUIDANCE ON THE COMPILATION OF BUSINESS CONTINUITY PLANS. Front cover Add your logo, company name and the date the plan was last amended.

GUIDANCE ON THE COMPILATION OF BUSINESS CONTINUITY PLANS. Front cover Add your logo, company name and the date the plan was last amended. LINCOLNSHIRE SUPPORTING PEOPLE GUIDANCE ON THE COMPILATION OF BUSINESS CONTINUITY PLANS Front cover Add your logo, company name and the date the plan was last amended. Distribution list List who has a

More information

Flinders University IT Disaster Recovery Framework

Flinders University IT Disaster Recovery Framework Flinders University IT Disaster Recovery Framework Establishment: Flinders University, 1 August 2013 Last Amended: Manager, ITS Security Services, 4 October 2013 Nature of Amendment: Initial release Date

More information

Business Continuity Management. Policy Statement and Strategy

Business Continuity Management. Policy Statement and Strategy Business Continuity Management Policy Statement and Strategy November 2011 Title Business Continuity Management Policy & Strategy Date of Publication: Cabinet Council Published by Borough Council of King

More information

Business Continuity Management

Business Continuity Management Annex A Business Continuity Management Programme Business Continuity Management Policy 1. Introduction This Business Continuity Management (BCM) Policy defines the scope of the SPCB s ability to maintain

More information

Section A: Introduction, Definitions and Principles of Infrastructure Resilience

Section A: Introduction, Definitions and Principles of Infrastructure Resilience Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose

More information

ISO & Business Continuity Management System Standards and Application for Incident Communication Plans

ISO & Business Continuity Management System Standards and Application for Incident Communication Plans ISO 22301 & 22313 Business Continuity Management System Standards and Application for Incident Communication Plans ISO 22301 & 22313: Business Continuity Management System Standards and Application for

More information

Intel Business Continuity Practices

Intel Business Continuity Practices Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business

More information

Information Guide. 2011 Version 1.0

Information Guide. 2011 Version 1.0 Information Guide 2011 Version 1.0 NMIC - National Maritime Information Centre Contents WELCOME...2 1.0 INTRODUCTION...3 1.1 What is the NMIC?...3 2.0 NMIC VISION, MISSION STATEMENT & CHARTER...4 2.1

More information

Appendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement - 2016

Appendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement - 2016 Appendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement - 2016 Policy Statement - 2016 This Policy sets the direction for Business Continuity Management at Leicester

More information

Guideline on Business Continuity Management

Guideline on Business Continuity Management Circular No. 033/B/2009-DSB/AMCM (Date: 14/8/2009) Guideline on Business Continuity Management The Monetary Authority of Macao (AMCM), under the powers conferred by Article 9 of the Charter approved by

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Business Continuity Management All Licensees 1. Statement of Objectives 1.1. To enhance the resilience of the financial sector and to minimise the potential impact of a major operational

More information

Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità

Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Massimo Cacciotti Business Services Manager BSI Group Italia Agenda BSI: Introduction 1. Why we need BCM? 2. Benefits of BCM

More information

PDNPA Project Management Peak District National Park Authority Internal Audit Report 2014/15

PDNPA Project Management Peak District National Park Authority Internal Audit Report 2014/15 Audit, Resources and Performance Committee 20 March 2015 Item 10 Appendix 2 PDNPA Project Management Peak District National Park Authority Internal Audit Report 2014/15 Business Unit: Project Management

More information

Social & Community Services. Support At Home Services Provider Induction Meeting. Business Continuity

Social & Community Services. Support At Home Services Provider Induction Meeting. Business Continuity Social & Community Services Support At Home Services Provider Induction Meeting Business Continuity 6 th September 2011 1 Welcome & Domestics Welcome Domestic Arrangements Health & Safety No Smoking Fire

More information

NOT PROTECTIVELY MARKED. Business Continuity Management Policy. Risk and Business Continuity Management

NOT PROTECTIVELY MARKED. Business Continuity Management Policy. Risk and Business Continuity Management Policy Title CCMT Sponsor Department/Area Section/Sector Business Continuity Management Policy Deputy Chief Constable Strategic Development Risk and Business Continuity Management 1.0 Rationale Thames

More information

Business Continuity Business Continuity Management Policy

Business Continuity Business Continuity Management Policy Business Continuity Business Continuity Management Policy : Date of Issue: 28 January 2009 Version no: 1.1 Review Date: January 2010 Document Owner: Patricia Hughes Document Authoriser: Tony Curtis 1 Version

More information

Business Continuity Management Policy

Business Continuity Management Policy Governance: Business Committee Policy Owner: Chief Superintendent, Corporate Services Department: Corporate Services Policy Number: 002 Version: 3.0 Policy Writer: Business Continuity Co-ordinator Effective

More information

WILTSHIRE POLICE FORCE POLICY

WILTSHIRE POLICE FORCE POLICY Template v4 WILTSHIRE POLICE FORCE POLICY BUSINESS CONTINUITY MANAGEMENT SYSTEMS (BCMS) Effective from: July 2013 Version: 2.0 Next Review Date: July 2015 POLICY STATEMENT Wiltshire Police has a statutory

More information

Overview TECHIS60441. Carry out security testing activities

Overview TECHIS60441. Carry out security testing activities Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being

More information

BUSINESS CONTINUITY FRAMEWORK

BUSINESS CONTINUITY FRAMEWORK BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational

More information

Business Continuity Planning. A guide to loss prevention

Business Continuity Planning. A guide to loss prevention Business Continuity Planning A guide to loss prevention There are many statistics quoted about the effect that a lack of planning for a disaster has on a business. What s certain is that any unplanned

More information

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015 Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity

More information

Emergency Response and Business Continuity Management Policy

Emergency Response and Business Continuity Management Policy Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated

More information

Disaster Recovery Plan Checklist

Disaster Recovery Plan Checklist Disaster Recovery Plan Checklist Your guide for setting up or updating a Disaster Recovery Plan for your business. ArcSource Disaster Recovery Plan Checklist 1. Compile Your Internal Contacts Information

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan March 2014 Version: 1.0 Ratified by: Quality Group Date ratified: Name of originator/author: Name of responsible committee/ individual: Julie Killingbeck NHS North Lincolnshire

More information

South Norfolk Council Business Continuity Policy

South Norfolk Council Business Continuity Policy South Norfolk Council Business Continuity Policy 1 Title: Business Continuity Policy Date of Publication: TBC Version: 2 Published by: Emergency Planning Team Review date: April 2014 Document Owner: Document

More information

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan? Business Continuity Is your Business Prepared for the worse? Major emergencies can develop suddenly without warning. Situations can threaten and disrupt your business and impact upon you and your staff.

More information

Table of Contents... 1

Table of Contents... 1 ... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012

More information

Business Continuity Planning in IT

Business Continuity Planning in IT Introduction: Business Continuity Planning in IT The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions

More information

Business Continuity & Crisis Management

Business Continuity & Crisis Management Group Standard Business Continuity & Crisis Management The need to plan and respond effectively is critical to the successful management of any crisis situation. Business Continuity Management is the holistic

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Reference Number: 243 Author & Title: Siân Dyson Resilience Manager Responsible Director: Chief Operating Officer Review Date: 29 May 2018 Ratified by: Francesca Thompson Chief

More information

NOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Specialist Operations Contingency Planning Business Continuity Manager 17.09.12

NOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Specialist Operations Contingency Planning Business Continuity Manager 17.09.12 POLICY BUSINESS CONTINUITY Policy owners Policy holder Author Head of Services Specialist Operations Contingency Planning Business Continuity Manager Policy No. 132 Approved by Legal Services 17.09.12

More information

Business Continuity Policy & Plans

Business Continuity Policy & Plans Agenda Item 8.3a SNCCG Governing Body 11.03.2014 Business Continuity Policy & Plans Ref Number: Version: 1 Status: Pending Approval Author: A Brown Approval body Governing Body Date Approved Date Issued

More information