PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE INTRODUCTION. 1 What is Business Continuity Management? 2 Link to Risk Management
|
|
- Angelina Copeland
- 7 years ago
- Views:
Transcription
1 PROCEDURES BUSINESS CONTINUITY MANAGEMENT FRAMEWORK PURPOSE This Framework has been developed in support of both the Business Continuity and Crisis Management Policy and the Emergency and Fire Evacuation Policy. It is intended for use by the CQUniversity community and controlled entities (such as CMS) to assist in the continuance of key processes and critical infrastructure during identified incidents. CQUniversity s Business Continuity and Crisis Management Policy is the official document by which the University clearly communicates: support for the Business Continuity Management Process; and the expected roles and responsibilities of the various committees and Executive in the control of Business Continuity and Crisis Management. The University will manage a consistent process for the management of its operations across all campuses of the University, facilitated by task groups which will coordinate emergency responses under an overall Business Continuity Framework Business Continuity and Crisis Management Policy. INTRODUCTION 1 What is Business Continuity Management? CQUniversity s business strategies and decisions are based on the assumption that the University will continue to operate as normal on a daily basis. While Risk Management is about identifying possible risks and putting into place treatments to try to prevent an occurrence that impacts on University operations, Business Continuity Management details the necessary procedures and strategies that are to be actioned should an actual disruption occur. The objective of Business Continuity Management is to ensure the uninterrupted availability of all key University resources required to support essential (or critical) business activities. The Business Continuity Management Framework sets out the processes and tools necessary to enable rapid response to incidents, recovery of key processes and restoration to core business activities (Business As Usual). The Business Continuity Management Framework is based on the preparation of: Business Continuity Plans (BCP) for key areas and activities of the University; disaster recovery planning for critical infrastructure and resources; communications and media liaison strategies; and crisis management and recovery, and emergency planning. 2 Link to Risk Management Business Continuity Management is inextricably linked to Risk Management one is the consequence of the other. Where Business Continuity Management (including Planning and Testing) comes into force is through Impact. The risk event has occurred, how should the University respond, recover and restore to full operations? Similarly to Risk Management, the scale and timing of incidents/events cannot be reliably predicted, however the difference lies in being able to categorise where the known impacts can occur. Further information on Risk Management at CQUniversity can be obtained by accessing the Risk Management Framework and Guidelines. Business Continuity Management Framework Page 1 of 7
2 3 Why a Business Continuity Management Approach? Due consideration needs to be given to the management of incidents and crises across the wider University from a multi-city perspective. This requires collaboration between all campuses (regional and metropolitan) and a two-way flow of information during incidents and events. Planning also allows for both correct local and high level response to occur and also drives fundamental awareness at the University and core resource area level of capital requirements, service availability and gaps. By implementing a Business Continuity Management Framework the University is able to: recognise the risks and impacts, key resources and core processes; respond to the event; protect life, property, systems and other resources; recover the resources, systems and processes; restore to full operations; and review response, test preparedness and recalibrate planning. 4 Responsibility for Business Continuity Management Whilst the University Council is ultimately responsible for monitoring risk and setting the risk appetite for the University, management of the implementation of Business Continuity Management is the responsibility of the Vice-Chancellor within the identified committee structure, as well as senior and local managers of the University for their respective work areas. Business Continuity Planning Committee (BCPC) Crisis Management Control Group (CMCG) Emergency Response Team (ERT) Responsible for the development and review of a strategic framework, including BCP testing, to ensure effective University operations in the event of a major incident or crisis. Event-driven emergency work group, responsible for the coordination of major incident and crisis responses across the University. Activated to effectively manage local crisis events identified on University campuses 5 Definition of Event Levels Business Continuity Management acknowledges that despite the best efforts employed in organisational risk management, events adversely affecting (disrupting) University operations will sometimes occur. At CQUniversity, these events are categorised as follows: Incident/Emergency: Major Incident/Emergency: Crisis: A localised event or outage, within a single area or process, insignificant or minor impact on the University. Please note: Multiple or ongoing incidents may have a cumulative effect, becoming a major incident or crisis. An extraordinary event or outage where key business processes are disrupted or resources are lost; has a moderate or major impact on the University. May affect external areas. A disaster event, or series of incidents, that have the potential for extreme impact on processes, resources and the University s long term prospects or reputation. May affect external areas. It is important to remember that incidents can occur across, or affect a range of categories, and are not limited to the traditionally-expected areas of Facilities Emergencies and ITD Disasters. Taking a broader view allows a wider classification of impacts as per the following impact categories: Business Continuity Management Framework Page 2 of 7
3 People (Staff, Students, Public); Facilities, Services and Environment; Systems and Communication; Finance and Legal; and Reputation and other. Some examples of incident/emergency/crisis events (risk management link) include but are not limited to: adverse research outcomes; bomb threat; building invasion; bushfire, building fire; chemical, biological and radiological disaster event; civil disorder; cyclones, including major storm damage; hazardous substance incidents; industrial accident; major financial issue; other natural disasters: flood, earthquake; 6 Prioritised Scope BCM Monitoring and Control serious ethical issue, such as fraud, public international student complaints, major legal issues; serious health issue/outbreak of disease or pandemic; severe weather event; significant adverse change in Government policy; structural instability; systems collapse; terrorism event, bomb threat or major intrusion event; and toxic emission. Given the complexity of CQUniversity, it is not possible to plan for every conceivable incident/event type. Therefore, a prioritised, risk-based approach is required to ensure that adequate planning is put in place to ensure that the University is able to respond to and recover from any incident/emergency/crisis, and restore to normal operations across the board as efficiently and effectively as possible. The primary output from the business continuity management process is a development of Business Continuity Plan (BCP) for each of the priority areas identified by the Business Continuity Planning Committee. The BCP comprises many elements which, collectively, define the approach to dealing with an event that adversely affects University operations, and which details the steps to take to enable rapid response, recovery of key processes and restoration to core business activities. For each priority area identified by the Business Continuity Planning Committee, a Business Continuity Plan (or similar document) is to be developed and maintained detailing the following: description and scope; key staff, inputs, processes and resources including Impact Analysis and contacts; key principles and core considerations; escalation procedures maximum acceptable outages, response requirements; any instructions for incoming committees (Crisis / Emergency Management); communication plan (internal and external); specific requirements for each campus/centre; and testing requirements. Business Continuity Management Framework Page 3 of 7
4 This documentation is not a one-size-fits-all approach, and the final result may need to be much more complex in some areas than it is in others. The most important consideration is that key staff are able to enact the plan with minimal prompting at the time of a Business Continuity event. The following areas have been identified as CQUniversity priorities for this approach (note particularly that they are linked to each other in many cases). The managers of controlled entities, will also need to ensure that a similar approach is taken for these priority areas (where in existence) for their own organisations. For some areas, including group crisis management, and media/communication strategies, participation in an organisation-wide solution is required. Please note the descriptions below are simplistic this is a high level framework only. BCP 1 Campus Operations including Emergency Management Process Owner(s): Head of Campus; Director, Facilities Management Associated Process Owner(s): Director, People and Culture; Manager, Health, Safety, Environment and Training CQUniversity campuses are the hubs of learning and teaching delivery, research activity, engagement work and the day-to-day operations of the organisation. There are various threats (natural or manmade), which could cause a full or partial disruption to the operations of or access to any of these campuses. Appropriate Business Continuity and Crisis planning needs to be in place to ensure that these disruption events can be managed quickly, with particular regard to the safety of life and property being the highest priority. It is recognised that some campuses are entirely contained with a single building or facility, such that the loss of access to or operation of that facility would constitute full closure. Specific Emergency Management protocols are details separately in the associated processes contained within CQUniversity s Fire Evacuation Program; however they are very much linked. BCP 2 Core IT Systems including Disaster Recovery Planning Responsible Manager: Director, Information Technology CQUniversity Core Information Technology (IT) systems will focus on supporting the University s core business of Engagement, Learning and Teaching, Research and Innovation, and Engaged Enterprise. As such it is imperative that appropriate measures are put in place to quickly rectify any disruption to IT services across all our campuses and learning delivery sites. Disaster Recovery Planning is a key requirement in this area, and continuous efforts must be made to ensure that successful enactment of this requirement can be undertaken quickly, to reduce the flow on effects of disruption. Obvious linkage to Campus Operations, thus plans need to take this into account. BCP 3 Financial Operations Responsible Managers: Chief Financial Officer; Director, Financial Services The ability to conduct transactional business (both inwards and outwards) is critical for the operations of any organisation, let alone CQUniversity. Business Continuity Planning in this regard needs to consider activities including Accounts Receivable, Accounts Payable, Treasury and Banking, Financial and Management Reporting (non-exhaustive). Obvious linkage to core IT systems, thus plans need to take this into account. Considerations of fraud and other like inappropriate activity must also be taken into account, and will utilise existing structure / implementation for internal audit, tracking and management control. Business Continuity Management Framework Page 4 of 7
5 BCP 4 Payroll Responsible Managers: Director, People and Culture; Manager, Salaries, Superannuation and Systems Our employees are the key to delivering CQUniversity s promise to our stakeholders and for meeting the University s strategic aspirations in regards to Engagement, Learning and Teaching, Research and Innovation, and Engaged Enterprise. As such, the University has an obligation to ensure that staff are not personally affected by a disruption to payroll activities. Obvious linkage to Campus Operations, Core IT Systems and Financial Operations, thus plans need to take this into account. Other Areas The priority list does not, nor shall it preclude any other areas of the University or controlled entities from understanding the key inputs, processes and outputs of their day-to-day business in order to build a Business Continuity Management culture organisation wide. All areas of the University are encouraged to utilise this framework to build resilience for their respective work areas. 7 Requirements Responsible Managers will ensure that: a BCP (or similarly fashioned document eg Campus Emergency Response Plan) is developed detailing the steps taken to ensure rapid restoration to business activities; a communication plan is developed; all responsible officers are made aware of the BCP and their responsibilities in the event of an adverse disruption to normal operations; and periodical testing of the BCP is undertaken to ensure its effectiveness. Remember: Impacts will not just be Facilities and Information Technology! Categories: People (Staff, Students, Public); Facilities, Services and Environment; Systems and Communication; Finance and Legal; and Reputation and other. The big concern for responsible managers In the absence of or interruption to any, many or all of the above categories, how processes be kept active, and service to stakeholders going? 8 A Note on Testing of Business Continuity Plans Review of a BCP is essential to ensure it reflects the University s objectives, its core business functions, the corresponding processes and resources and an agreed priority for recovery. Testing and maintenance of the recovery process documented in the BCP will provide management assurance that the plan is effective and will ensure continuity of business should key functions be lost. The major components of the BCP should be tested at least annually and updated based on the results of each test. It is important each component be individually tested. Testing can be disruptive and requires commitment from management to ensure sufficient resources are available. Business Continuity Management Framework Page 5 of 7
6 Quality assurance reviews of the BCP during its preparation and throughout its life are recommended to ensure its content remains relevant. 9 Corporate Governance Principles Corporate governance is the way in which the University is controlled and governed in order to achieve its objectives. The control environment makes the University reliable in achieving these objectives within an acceptable degree of risk. CQUniversity is committed to establishing an organisational culture that ensures risk and Business Continuity Management is an integral part of all activities. This not only contributes to good governance, it also provides protection for CQUniversity in the event of adverse outcomes. Provided Business Continuity Management has been managed in accordance with the appropriate guidelines, protection occurs on two levels. Firstly, the adverse outcome may not be as severe as it might otherwise have been. Secondly, those accountable can, in their defence, demonstrate that they have exercised a proper level of diligence. The University is committed to business continuity management. This Business Continuity Management Framework, issued under the authority of the Vice-Chancellor and President, will govern the practice of Business Continuity Management. DEFINITIONS Business Continuity Management Framework: sets out the processes and tools necessary to enable rapid response, recovery and restoration to core business activities. Business Continuity Plan (BCP): comprises many elements which, collectively, define the approach to dealing with a break in business continuity, and which prescribes the steps an organisation should take to recover lost business functions. Risk Management: the systematic application of management policies, procedures and practices to the tasks of communication, establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risks to the attainment of the University s outcomes and outputs. Event: an occurrence that affects/disrupts University operations. Levels of events are categorised as incident/emergency, major incident/emergency or crisis. Prioritised Scope: identifies those key priority areas of University operations for focused Business Continuity Planning efforts. Corporate Governance: refers to the way in which CQUniversity is directed and controlled in order to achieve its strategic goals and operational objectives. Risk Management Framework: the structure within CQUniversity that supports the risk management practice, reporting, responsibilities and accountabilities at all management levels within the enterprise. The risk management framework is a description of streams of accountability and reporting that will support the Risk Management Process within the existing organisational structure. RESPONSIBILITIES Vice-Chancellor and President The Vice-Chancellor and President is accountable to the University Council and has overall responsibility as the accountable officer for protecting the University from unacceptable costs or losses associated with its operations and for developing and implementing systems for effectively managing the risks that may affect the achievement of objectives and operational outcomes. Business Continuity Management Framework Page 6 of 7
7 Executive and Senior Management The effectiveness of risk and business continuity management is unavoidably linked to management competence, commitment and integrity, all of which forms the basis of sound corporate governance. Corporate governance provides a systematic framework within which the executive management group can discharge their duties in managing the University. Line Management Line managers at all levels will be responsible for the adoption of risk management and business continuity management practices and will be directly responsible for the results of activities, relevant to their area of responsibility. All Employees All employees are responsible for: Acting at all times in a manner which does not place at risk the health and safety of themselves or any other person in the workplace; Providing direction and training to persons for whom they have a supervisory responsibility or duty of care provision relating to health and safety; Identifying areas where risk management and business continuity practices should be adopted and advising their supervisors accordingly; Meeting their obligations under relevant legislation including workplace health and safety, equal employment opportunity and anti-discrimination; and Taking all practical steps to minimise the university s exposure to contractual, tortuous and professional liability. RECORDS All records relevant to these procedures are to be maintained in a recognised University recordkeeping system, which will include the normal place of business for records pertaining to each Priority type. Approval Authority Vice Chancellor Administrator Deputy Vice Chancellor (International and Services) Original Approval Date 5 April 2013 Amendment History Date of Next Review 5 April 2016 Related Documents Business Continuity and Crisis Management Policy Emergency and Fire Evacuation Policy Business Continuity Management Framework Page 7 of 7
South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy
South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationCritical Incident Management Policy
Name of Policy Critical Incident Management Policy Description of Policy This policy outlines ACU s commitment to effectively respond and manage incidents and critical incidents. Students, staff, contractors
More informationPROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk?
PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE This Framework and Guidelines have been developed in support of the CQUniversity Risk Management Policy and are intended for use by the CQUniversity
More informationBUSINESS CONTINUITY MANAGEMENT SINGAPORE SS540 BCM STANDARDS. LSA Consultants Pte Ltd
BUSINESS CONTINUITY MANAGEMENT SINGAPORE SS540 BCM STANDARDS LSA Consultants Pte Ltd BCM SINGAPORE LSA Consultants Who are we? Business Continuity Management (BCM) What is it? Singapore Standard SS540
More informationPOLICIES AND ASSOCIATED PROCEDURES
POLICIES AND ASSOCIATED PROCEDURES POLICY NUMBER: POLICY NAME: POP080512000 Business Continuity Management ( BCM ) DATE APPROVED: 15 May 2008 POLICY TYPE AND CATEGORY: RESPONSIBLE OFFICER: MANAGER RESPONSIBLE
More informationEmergency Planning and Business Continuity Policy
Nottingham University Academy of Science and Technology Emergency Planning and Business Continuity Policy Responsible officer: Vice Principal Curriculum & Quality Date approved: 15/07/2014 Review date:
More informationTRUST POLICY FOR EMERGENCY PLANNING
TRUST POLICY FOR EMERGENCY PLANNING Reference Number: CL-OP/ 2013/027 Version: 1.4 Status: New Draft Author: Ashley Reed Job Title: Head of Security and EPO Version / Amendment History Version Date Author
More informationCorporate Policy. Emergency Response. Vice President, Finance and Administration. Senior Leadership Team. CR804 Accidents and First Aid Policy
Corporate Policy POLICY NUMBER: POLICY TITLE: OWNER: APPROVED BY: CS-1403-2008 Emergency Response Vice President, Finance and Administration Senior Leadership Team EFFECTIVE: June 18, 2008 REFERENCE: LINKS
More informationBusiness Continuity Management Policy
Governance 1 Purpose The purpose of this policy is to communicate Business Continuity Management (BCM) framework, responsibilities and guiding principles for Victoria to effectively prepare for and achieve
More informationNHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0
NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy Version 1.0 Document Control Title: Status: Version: 1.0 Issue date: May 2014 Document owner: (Name,
More informationNHS Hardwick Clinical Commissioning Group. Business Continuity Policy
NHS Hardwick Clinical Commissioning Group Business Continuity Policy Version Date: 26 January 2016 Version Number: 2.0 Status: Approved Next Revision Due: January 2017 Gordon Stevens MBCI Corporate Assurance
More informationBusiness continuity management policy
Business continuity management policy health.wa.gov.au Effective: XXX Title: Business continuity management policy 1. Purpose All public sector bodies are required to establish, maintain and review business
More informationBusiness continuity plan
Business continuity plan CONTENTS INTRODUCTION 2 - Scope - Components BUSINESS IMPACT ANALYSIS 3 - Business Affairs - Information Technology RISK ASSESSMENT 5 - Broad Categories of Hazards - Hazard Table
More informationBusiness Continuity Management (BCM) Policy
Business Continuity Management (BCM) Policy Reference number: Corporate 042 Title: Business Continuity Management (BCM) Policy Version number: Version 2 Policy Approved by: LLR PCT Cluster Board Date of
More informationBUSINESS CONTINUITY MANAGEMENT POLICY
BUSINESS CONTINUITY MANAGEMENT POLICY AUTHORISED BY: DATE: Andy Buck Chief Executive March 2011 Ratifying Committee: NHS Rotherham Board Date Agreed: Issue No: NEXT REVIEW DATE: 2013 1 Lead Director John
More informationBusiness Continuity Management Systems. Protecting for tomorrow by building resilience today
Business Continuity Management Systems Protecting for tomorrow by building resilience today Vital statistics 31% 40% of UK businesses have been affected by bad weather related transport problems, power
More informationEmergency Management Policy v. 6.04 Page 1 of 12
UC Policy Library Emergency Management Policy Policy Statements and Delegations Last Modified January 2016 Review Date February 2017 Approval Authority Vice-Chancellor Contact Person Senior Risk and Insurance
More informationCorporate Risk Management Policy
Corporate Risk Management Policy Managing the Risk and Realising the Opportunity www.reading.gov.uk Risk Management is Good Management Page 1 of 19 Contents 1. Our Risk Management Vision 3 2. Introduction
More informationBusiness Continuity Policy
Business Continuity Policy Page 1 of 15 Business Continuity Policy First published: Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/14 Vicky Ryan Updated to include
More informationBUSINESS CONTINUITY PLAN. Specific Issues for Public Health Emergencies. Guidelines for Air Carriers
BUSINESS CONTINUITY PLAN Specific Issues for Public Health Emergencies Guidelines for Air Carriers 1 Contents PART 1 BACKGROUND 1.1. Introduction 1.2. Purpose 1.3. Scope and Application 1.4. Definition
More informationBSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012
To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached
More informationBusiness Continuity Plan
Business Continuity Plan March 2014 Version: 1.0 Ratified by: Quality Group Date ratified: Name of originator/author: Name of responsible committee/ individual: Julie Killingbeck NHS North Lincolnshire
More informationPOLICY. 1) Business Continuity Management 2) Disaster Recovery 3) Critical Incident Management 4) Risk Management
POLICY Policy Title: Management Descriptors: 1) Management 2) Disaster Recovery 3) Critical Incident Management 4) Risk Management Category: Risk Management Intent Organisational Scope Definitions Policy
More informationSolihull Clinical Commissioning Group
Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience
More informationBusiness Continuity Policy. Version 1.0
Business Continuity Policy Version.0 January 206 Contents Contents Version control Foreword Policy. Scope.2 Aim and objectives.3 Methods and standards.4 Responsibilities.5 Governance.6 Training and exercises
More information(5) CRISIS MANAGEMENT POLICY
(5) CRISIS MANAGEMENT POLICY To anticipate, manage and plan for emergency situations that could cause harm or injury to any person, damage to property and disruption of any day to day School activity.
More informationBusiness Continuity Policy
Business Continuity Policy Ref. No. TP/028 Title: Business Continuity Policy Page 1 of 15 DOCUMENT PROFILE and CONTROL. Purpose of the document: Provides an overview of the London Ambulance Service NHS
More informationBUSINESS IMPACT ANALYSIS.5
Table of Contents I. GENERAL.3 Introduction.3 Scope.3 Components.3 II. BUSINESS IMPACT ANALYSIS.5 Academic Affairs...5 Finance and Administration.6 Planning and Accountability..8 Student Affairs.8 Institutional
More informationEMERGENCY PREPAREDNESS POLICY
EMERGENCY PREPAREDNESS POLICY CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: Policy Emergency Planning PURPOSE This document sets out the strategic framework for the management of emergency preparedness
More informationUNION COLLEGE INCIDENT RESPONSE PLAN
UNION COLLEGE INCIDENT RESPONSE PLAN The college is committed to supporting the safety and welfare of all its students, faculty, staff and visitors. It also consists of academic, research and other facilities,
More informationPSPSOHS606A Develop and implement crisis management processes
PSPSOHS606A Develop and implement crisis management processes Revision Number: 1 PSPSOHS606A Develop and implement crisis management processes Modification History Not applicable. Unit Descriptor Unit
More informationFlinders University IT Disaster Recovery Framework
Flinders University IT Disaster Recovery Framework Establishment: Flinders University, 1 August 2013 Last Amended: Manager, ITS Security Services, 4 October 2013 Nature of Amendment: Initial release Date
More informationAppendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015. Business Continuity Policy Statement 2015
Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy 2015 Business Continuity Policy Statement 2015 This Policy sets the direction for Business Continuity
More informationBusiness Continuity Policy
Page 1 of 16 Business Continuity Policy Issue Date: Aug 2013 Document Number: 00241 Prepared by: Business Management and Continuity Senior Manager Next Review Date: April 2014 Page 2 of 16 NHS England
More informationRisk Management Guide
Risk Management Guide Page(s) Introduction 3 The 5 steps to identifying risk 4 Risk Management Process - Step 1 5 Identify - Step 2 Assess Step 3 5-6 6 Control - Step 4 6 Monitor and Review -Step 5 6 Risk
More informationNORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)
NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationEmergency Response and Business Continuity Management Policy
Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated
More informationIRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS
IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and
More informationGuideline on Business Continuity Management
Circular No. 033/B/2009-DSB/AMCM (Date: 14/8/2009) Guideline on Business Continuity Management The Monetary Authority of Macao (AMCM), under the powers conferred by Article 9 of the Charter approved by
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationREGULATIONS ON OPERATIONAL RISK MANAGEMENT OF THE BUDAPEST STOCK EXCHANGE LTD.
REGULATIONS ON OPERATIONAL RISK MANAGEMENT OF THE BUDAPEST STOCK EXCHANGE LTD. Date and number of approval/modification by the Board of Directors: 36/2010 September 15, 2010 No. and date of approval by
More informationBUSINESS CONTINUITY PLAN OVERVIEW
BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and
More informationCouncil Policy Business Continuity Management
Policy Name: Business Continuity Management Council Policy Business Continuity Management ADOPTED BY COUNCIL: 19 th April 2016 DATE OF NEXT REVIEW: 18 th April 2020 RESPONSIBLE OFFICER: REFERENCES: Chief
More informationInternational Diploma in Risk Management Syllabus
International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.
More informationEmergency Management and Business Continuity Policy
www.surreycc.gov.uk Making Surrey a better place Emergency Management and Business Continuity Policy 4 TH EDITION June 2011 Title Emergency Management and Business Continuity Policy Version 4.0 Policy
More informationQUEENSLAND HEALTH POLICY STATEMENT
Policy Identifier: 28028 QUEENSLAND HEALTH POLICY STATEMENT Policy Title Policy Statement Emergency Preparedness and Continuity Management Policy Queensland Health must maintain prepared ness and the capability
More informationCoping with a major business disruption. Some practical advice
Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps
More informationCRITICAL/NON CRITICAL INCIDENT MANAGEMENT AND REPORTING PROCEDURE
CRITICAL/NON CRITICAL INCIDENT MANAGEMENT AND REPORTING PROCEDURE This procedure must be read in conjunction and interpreted in line with the Critical/Non Critical Incident Management and Reporting policy.
More informationRelease: 1. BSBCON601B Develop and maintain business continuity plans
Release: 1 BSBCON601B Develop and maintain business continuity plans BSBCON601B Develop and maintain business continuity plans Modification History Release Release 1 Comments This version first released
More informationNHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY
NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY AUTHOR/ APPROVAL DETAILS Document Author Written By: Human Resources Authorised Signature Authorised By: Helen Shields Date: 20
More informationBusiness Continuity Management
Business Continuity Management Version 1 approved by SMG December 2013 Business Continuity Policy Version 1 1 of 9 Business Continuity Management Summary description: This document provides the rationale
More informationEmergency management in Cardiff. A practical guide
Emergency management in Cardiff A practical guide Emergency management in Cardiff Introduction It is very unlikely that any of us will ever be caught up in an emergency or disaster, but by being informed
More informationAppendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement - 2016
Appendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement - 2016 Policy Statement - 2016 This Policy sets the direction for Business Continuity Management at Leicester
More informationStrategic Alliance. Business Continuity Policy
Version 1.1 April 2016 Contents Contents Version control Foreword Policy Scope Aim and objectives Methods and standards Responsibilities Governance Training and exercises Page i ii 1 2 2 2 Version 1.1
More informationSouth Norfolk Council Business Continuity Policy
South Norfolk Council Business Continuity Policy 1 Title: Business Continuity Policy Date of Publication: TBC Version: 2 Published by: Emergency Planning Team Review date: April 2014 Document Owner: Document
More informationV1.0 - Eurojuris ISO 9001:2008 Certified
Risk Management Manual V1.0 - Eurojuris ISO 9001:2008 Certified Section Page No 1 An Introduction to Risk Management 1-2 2 The Framework of Risk Management 3-6 3 Identification of Risks 7-8 4 Evaluation
More informationBUSINESS RESILIENCE READY OR NOT
BUSINESS RESILIENCE READY OR NOT EDC Whitepaper 2014 Table of Contents Executive Summary 2 Need for Effective BCM 2 Government requirements for BCM 4 The Challenge - Disasters and Threats 4 Pandemic and
More informationBirmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy
Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author
More informationInformation Governance Management Framework
Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date
More informationBUSINESS CONTINUITY PLAN
MEETING DATE: 10 April 2014 AGENDA ITEM NUMBER: Item 7.6.2 AUTHOR: JOB TITLE: DEPARTMENT: Julie Killingbeck/Catherine Wylie Relationship Manager Commissioning/Director Quality and Assurance NHS North Lincolnshire
More informationASX SETTLEMENT OPERATING RULES Guidance Note 10
BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they
More informationBUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE
BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE Introduction 1. Recently many organisations both public and private have directed much more time, money and effort towards protecting service
More informationBusiness Continuity Planning Guide
Business Continuity Planning Guide For Small Businesses Prepared by the City of Vaughan Emergency Planning Department 1 Business Continuity Planning Business Continuity Planning (BCP) is a planning process
More informationBusiness Continuity Plans
Version Number Issue 2 Business Continuity Policy Date Revision Complete Policy Owner Author Reason for Revision Proof Read April 2016 Business Improvement Manager Emma Earle, Business Services Officer
More informationRisk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
More informationRisk Management Guidelines
Business Continuity Management Understanding Risk We live in an unpredictable world. No matter how effectively a business protects itself through insurance, there are some risks that cannot be anticipated,
More informationSection A: Introduction, Definitions and Principles of Infrastructure Resilience
Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationASTRAZENECA GLOBAL POLICY SAFETY, HEALTH AND ENVIRONMENT (SHE)
ASTRAZENECA GLOBAL POLICY SAFETY, HEALTH AND ENVIRONMENT (SHE) THIS POLICY SETS OUT HOW WE WILL MEET OUR COMMITMENT TO OPERATING OUR BUSINESS IN A WAY THAT PROTECTS PERSONAL HEALTH, WELLBEING AND SAFETY
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationBusiness Continuity Policy & Plans
Agenda Item 8.3a SNCCG Governing Body 11.03.2014 Business Continuity Policy & Plans Ref Number: Version: 1 Status: Pending Approval Author: A Brown Approval body Governing Body Date Approved Date Issued
More informationBusiness Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?
Business Continuity Is your Business Prepared for the worse? Major emergencies can develop suddenly without warning. Situations can threaten and disrupt your business and impact upon you and your staff.
More informationONTARIO'S DRINKING WATER QUALITY MANAGEMENT STANDARD
September 2007 ONTARIO'S DRINKING WATER QUALITY MANAGEMENT STANDARD POCKET GUIDE PIBS 6278e The Drinking Water Quality Management Standard (DWQMS) was developed in partnership between the Ministry of the
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationBusiness Continuity Management Policy and Plan
Business Continuity Management Policy and Plan 1 Page No: Contents 1.0 Introduction 3 2.0 Purpose 3 3.0 Definitions 4 4.0 Roles, Duties & Responsibilities 4 4.1 Legal And Statutory Duties, Responsibilities
More informationASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10
BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they
More informationSALVE REGINA UNIVERSITY. Emergency. Office of Safety & Security
SALVE REGINA UNIVERSITY Emergency Response Plan Office of Safety & Security Original: October 2000 Updated & Revised: February 2006 Updated & Revised: March 2010 Table of Contents Section I: Overview
More informationand Entry to Premises by Local
: the new health protection duty of local authorities under the Local Authorities (Public Health Functions and Entry to Premises by Local Healthwatch Representatives) Regulations 2013 1 Purpose of this
More informationStaffordshire County Council. Civil Contingencies Policy
Staffordshire County Council Civil Contingencies Policy Version 1 September 2012 Staffordshire County Council s Civil Contingencies Policy 1.1 Introduction The County Council aims to protect the wellbeing
More informationCrisis Management Plan
St. Louis Community College Crisis Management Plan February 2004 TABLE OF CONTENTS Definitions I-IV I. Purpose 1 II. Crisis Management Team 1 A) Members 1 B) Campus Site Plans 2 C) Duties and Responsibilities
More informationA guide for members APES 325 Risk Management for Firms
A guide for members APES 325 Risk Management for Firms An explanation and introduction to APES 325 Risk Management for Firms Overview of the scope and application of a risk management framework. APES 325
More informationSFJCCAD2 Promote business continuity management
Overview This unit is about providing advice and assistance on business continuity management, including general advice for the business and voluntary sectors, and specific advice and assistance to individual
More informationRisk Management Policy
1 Purpose Risk management relates to the culture, processes and structures directed towards the effective management of potential opportunities and adverse effects within the University s environment.
More informationDRAFT BUSINESS CONTINUITY MANAGEMENT POLICY
DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationRisk Management & Business Continuity Manual 2011-2014
ANNEX C Risk Management & Business Continuity Manual 2011-2014 Produced by the Risk Produced and by the Business Risk and Business Continuity Continuity Team Team February 2011 April 2011 Draft V.10 Page
More informationBusiness Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited
Business Continuity and Risk Management Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited What does Business Continuity mean? Business Continuity Management- Definition Business Continuity
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationSafety Management Systems (SMS) guidance for organisations
Safety and Airspace Regulation Group Safety Management Systems (SMS) guidance for organisations CAP 795 Published by the Civil Aviation Authority, 2014 Civil Aviation Authority, CAA House, 45-59 Kingsway,
More informationEmergency Management Plan 2 0 1 3-2 0 1 4
Emergency Management Plan 2 0 1 3-2 0 1 4 Bedford Campus Lowell Campus Emergency Management Plan 1 Table of Contents Emergency Management Planning................................2 Emergency Management
More informationThe Risk Management strategy sets out the framework that the Council has established.
Derbyshire County Council Management Policy Statement The Authority adopts a proactive approach to Management to achieve Best Value and continuous improvement and is committed to the effective management
More informationPAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationBusiness Continuity Management Group Policy
THE WAREHOUSE GROUP LIMITED ( the Company ) 1. Purpose of Policy This policy is to communicate The Warehouse Group Limited ( TWG ) governance requirements and arrangements for developing and sustaining
More informationGLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY. 1. Occupational Health and Safety Policy Statement 1
GLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY CONTENTS PAGE 1. Occupational Health and Safety Policy Statement 1 2. Occupational Health and Safety Management System 2 3. Organisational Management
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Document Type Corporate Policy Unique Identifier CO-038 Document Purpose To provide a structure through which: i. A comprehensive business continuity management system (BCMS)
More informationContinuity Planning and Disaster Recovery
Responsible Officer: AVP - Information Technology Services & UC Chief Information Officer Responsible Office: IT - Information Technology Services Issuance Date: 7/27/2007 Effective Date: 7/27/2007 Scope:
More informationBusiness Continuity Management
Annex A Business Continuity Management Programme Business Continuity Management Policy 1. Introduction This Business Continuity Management (BCM) Policy defines the scope of the SPCB s ability to maintain
More information