Business Continuity Management Policy



Similar documents
Business Continuity Management

1.0 Policy Statement / Intentions (FOIA - Open)

Business Continuity Policy

Business Continuity (Policy & Procedure)

Business Continuity Management Policy

CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY AND POLICY

BUSINESS CONTINUITY POLICY RM03

Business Continuity Policy

Business Continuity Policy

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy

NOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Specialist Operations Contingency Planning Business Continuity Manager

Business Continuity Management. Policy Statement and Strategy

Business Continuity Management Framework

Business Continuity Management Framework

BUSINESS CONTINUITY MANAGEMENT POLICY

Business Continuity Policy and Business Continuity Management System

Cumbria Constabulary. Business Continuity Planning

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY

Essex Clinical Commissioning Groups. Business Continuity Management System. Scope and Policy

Appendix 2 - Leicester City Council s Business Continuity Management Policy Statement and Strategy Business Continuity Policy Statement 2015

I attach the following documents in response:

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

Business Continuity Management

Business Continuity Management and BS by Steve Chan, Head of Training - HK, BSI Management Systems

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

Business Continuity Management Policy and Framework

University of Sunderland Business Assurance Information Security Policy

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

Business continuity management policy

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Business Continuity Policy

Appendix 1 - Leicester City Council s Business Continuity Management Strategy and Policy Statement

Business Continuity Management Policy

Emergency Management and Business Continuity Policy

Succession Planning Policy and Procedure

Confident in our Future, Risk Management Policy Statement and Strategy

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Information Governance Strategy & Policy

Audit of Business Continuity Planning

BUSINESS CONTINUITY MANAGEMENT POLICY

Departmental Business Continuity Framework. Part 2 Working Guides

APPENDIX 50. Enterprise risk management - Risk management overview

BUSINESS CONTINUITY STRATEGY

Business Continuity Planning. A guide to loss prevention

Update from the Business Continuity Working Group

Information Governance Policy

How To Manage A Disruption Event

Information Governance Strategy

Business Continuity Management

NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

BCP and DR. P K Patel AGM, MoF

Proposal for Business Continuity Plan and Management Review 6 August 2008

BUSINESS CONTINUITY POLICY

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

Chapter 6 Business continuity management

Global Statement of Business Continuity

NHS Commissioning Board: Information governance policy

How To Ensure Information Security In Nhs.Org.Uk

Risk Management Within an Organisation

Version: 3.0. Effective From: 19/06/2014

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

Information Governance Strategy

Policy Document Control Page

Business Continuity Policy

Risk Management & Business Continuity Manual

University of Glasgow. Policy for. Business Continuity Management

Business Continuity Management (BCM) Policy

PS 172 Protective Monitoring Policy

Coping with a major business disruption. Some practical advice

MARCH Strategic Risk Policy Update March 2012 v1.10.doc

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation

Business Continuity Business Continuity Management Policy

Update from the Business Continuity Working Group

VISION FOR LEARNING AND DEVELOPMENT

People Strategy 2013/17

BUSINESS CONTINUITY MANAGEMENT POLICY

Business Continuity Policy

INFORMATION GOVERNANCE POLICY

BUSINESS CONTINUITY POLICY

La Trobe University is committed to maintaining a comprehensive and effective Compliance Framework.

INFORMATION GOVERNANCE POLICY

Transcription:

Governance: Business Committee Policy Owner: Chief Superintendent, Corporate Services Department: Corporate Services Policy Number: 002 Version: 3.0 Policy Writer: Business Continuity Co-ordinator Effective Date: 12 th March 2015 Review Date: 12 th March 2018 1. Policy Aim The Civil Contingencies Act 2004, places a statutory duty on the police to have Business Continuity Management (BCM) in place to ensure continued service delivery of essential services. BCM is also a regulatory requirement for compliance with the ACPO Community Security Policy and an integral part of the Force s risk management framework. The purpose of this policy and its associated documents is to establish the processes and structures that will enable North Wales Police to survive disruptions to everyday business practice whilst continuing to deliver, as a minimum, its most critical functions. North Wales Police has set out a Business Continuity Management System (BCMS) aligned to the International Standard for Business Continuity, ISO22301. The operation of this BCMS has many benefits for the business, including: Ensures that North Wales Police can continue to deliver critical services to the public in the event of a disruption Proactively improves organisational resilience by developing strategies to minimise any disruption from identified threats and risks Minimises the impact on the organisation and the public in the event of any emergency or disruption Ensures resources are used more effectively Protects against reputational damage and increases public confidence In line with all Force Policies, the overarching purpose of this document is to directly support the North Wales Police (NWP) Police and Crime Objectives. Overall the intention of this policy is to provide a Safer North Wales. Page 1 of 5

In the writing of this policy cognisance has been taken of the College of Policing Code of Ethics (2014). NWP policies will be written in accordance with the approved corporate format and published on the Force Intranet, allowing access to staff and, where appropriate, on the pages of the public facing Internet site under the Freedom of Information Act 2000. 2. Policy Statement 2.1 Introduction It is important to understand which areas of the business are currently within the umbrella of the BCMS and which are excluded. The boundaries of the BCMS as implemented within North Wales Police are defined within the document entitled Business Continuity Context, Requirements and Scope (Appendix 1). This document should be reviewed in conjunction with this policy. The purpose of this document is to define an overall policy with regard to business continuity that is appropriate to the purpose of North Wales Police and addresses three key areas:- Business continuity objectives Commitment to delivery of business continuity Identification and management of business continuity risk This BCMS Policy is available in both paper and electronic form and will be communicated within the organisation and to all relevant stakeholders and interested third parties. 2.2 Business Continuity Objectives. The high-level objectives for business continuity within North Wales Police are defined within the document Business Continuity Context, Requirements and Scope (Appendix 1). These are fundamental to the organisation and should not be subject to frequent change. These overall objectives will used as guidance in the setting of lower level, more short-term objectives for business continuity planning within an annual cycle. A plan for low level objectives will be maintained by the Business Continuity Co-ordinator. The plan will be monitored by the Policy and Business Continuity Task and Finish Group and will be reviewed on a quarterly basis, at which time the objectives will also be reviewed to ensure that they remain valid. 2.3 Commitment to Delivery of Business Continuity Commitment to the delivery of business continuity extends to senior levels of the organisation and will be demonstrated through this Business Continuity Page 2 of 5

Policy and the provision of appropriate resources to establish and develop the Business Continuity Management System. Service Leads and Department Heads should seek to develop a BCM culture in their area or department by: Giving proactive support to the BCM process. Encouraging awareness of BCM. Ensuring ownership of BCM. Demonstrating a commitment to the annual programme of audit, maintenance and review of BC Plans. Communicating the importance of BCM to all staff and clarifying their roles and responsibilities Within the field of Business Continuity Management, there are a number of key roles that need to be undertaken to ensure the success of the BCMS and protect the organisation from risk. Full details of the responsibilities associated with each of the required roles and how they are allocated within North Wales Police are given in Appendix 2 Business Continuity Management Roles, Responsibilities and Authorities. The Business Continuity Co-ordinator has overall responsibility for the implementation and management of the Business Continuity Management System. Individuals who have responsibility for BCM will receive awareness training and support from the force Business Continuity Co-ordinator. This will ensure that individuals have the knowledge to develop, implement and test an effective Business Continuity Plan (BCP). They will receive support and guidance throughout the year, particularly when a Plan is to be reviewed annually. Externally, BCM applies to the management of out-sourced contracts. It requires those responsible for negotiating and managing them to ensure appropriate business continuity standards are included in contracts. This will seek to ensure that the service provider is able to deliver acceptable standards of service following a disruption to North Wales Police, or to the external supplier themselves. Please see Appendix 3 entitled Supplier Business Continuity Evaluation Process 2.4 Approach to Managing Risk The process of assessing business continuity needs will include the consideration of a range of risks to all assets that form part of critical service delivery. Risk will be assessed and scored in line with existing force risk management procedures. Page 3 of 5

The Business Continuity Co-ordinator and Force Risk Manager will liaise regularly to ensure that business continuity risks are managed in an appropriate and consistent manner and escalated as necessary. 2.5 Review Once in place, it is important that regular reviews take place of how well business continuity management processes and procedures are being adhered to. This will happen at two levels: 1. Regular self-assessment and quality assurance. 2. Internal audit review by Denbighshire County Council. 3. Control of Documents and Records All business continuity management policies and plans that form part of the BCMS will be documented and managed in accordance with Force Policy and the Management of Police information Code of Practice. The Business Continuity Co-ordinator is responsible for the maintenance of all relevant documentation. 4. Scope All police officers and police staff, including the extended police family and those working voluntarily or under contract to North Wales Police must be aware of, and are required to comply with, all relevant policy and associated procedures. The policy applies to all parts of the force with implementation being the responsibility of Service Leads and Department Heads. 5. Monitoring This policy is governed by the Business Committee and will be monitored and owned by the Chief Superintendent, Corporate Services. 6. Legal Requirements In writing this policy the following have been taken into account The Civil Contingencies Act 2004 ISO 22301:2012 Societal Security Business Management Systems Business Continuity Institute Good Practice Guidelines 2013 National Decision Making Model This policy has been written giving due regard to the above legislation and has considered the risk of unfair and/or disproportionate impacts on Page 4 of 5

individuals or groups (actual or perceived) and has done so via an Equality Impact Assessment (EIA). 7. Associated Documents Please find attached (list all supporting guidance documents) Business Continuity Management Guidance Appendix 1 Business Continuity Context and Scope Appendix 2 Roles, Responsibilities and Authorities Appendix 3 Supplier Business Continuity Evaluation Process Appendix 4 Withdrawn Appendix 5 Business Continuity Plan Invocation and Recovery Team Procedure Appendix 6 Business Impact Analysis Process Appendix 7 Business Continuity Plan Appendix 8 Governance Report Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information