Policy on Business Continuity



Similar documents
AGRICULTURAL TRAINING INSTITUTES MODERATION AND PROCEDURE POLICY DIRECTORATE: SECTORAL COLLEGES

NHS Business Services Authority Information Security Policy

ICT SERVICE LEVEL AGREEMENT MANAGEMENT POLICY (EXTERNAL SERVICE PROVIDERS/VENDORS)

Business Continuity Policy and Business Continuity Management System

Information security policy

REMOTE WORKING POLICY

HIPAA Privacy Rule Policies

ADMINISTRATIVE POLICY # (2014) Information Security Roles and Responsibilities

Council Policy. Records & Information Management

Information Security Policy. Chapter 11. Business Continuity

OFFICIAL. NCC Records Management and Disposal Policy

information Records Management Checklist business people security preservation accountability Foreword Introduction Purpose of the checklist

Information Security Management System Policy

Information Security Management System Information Security Policy

Records Management Policy

PUBLIC FINANCE MANAGEMENT ACT

State Records Guideline No 25. Managing Information Risk

Head of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2

PROCUREMENT MANAGER Support Services. Salary range 30,843 to 33,315 (Subject to Job Evaluation)

Policy on Succession Planning

State Medicaid HIT Plan RFP # Responses to Submitted Questions. Section 1.1 of the RFP states in part the following.

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000

Presented by Vuyelwa Toni Penxa, Samuel Isaacs, Joe Samuels and Mark Albertyn

Hertsmere Borough Council. Data Quality Strategy. December

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation

Business Continuity Planning and Disaster Recovery Planning

GENERAL CONDITIONS OF THE FEDERAL DEPARTMENT OF FOREIGN AFFAIRS FOR LOCAL MANDATES

Privacy and Cloud Computing for Australian Government Agencies

LINCOLNSHIRE POLICE Policy Document

COUNCIL POLICY R180 RECORDS MANAGEMENT

How To Ensure Information Security In Nhs.Org.Uk

OVERSTRAND MUNICIPALITY

Information Security Program

UMHLABUYALINGANA MUNICIPALITY

INFORMATION GOVERNANCE STRATEGY NO.CG02

F I N A N C I A L R E G U L A T I O N S

Records Management plan

INTERNATIONAL SOS. Data Retention, Archiving and Destruction Policy. Version 1.07

Guidance Note XGN XXX.1

WATERBERG DISTRICT MUNICIPALITY

CONTRACT MANAGEMENT POLICY POLICY ADOPTED BY COUNCIL ON???? AT ITEM C.????

University of Brighton School and Departmental Information Security Policy

Encryption Security Standard

Information Security Program CHARTER

Information Security Policy

Significant Revisions to OMB Circular A-127. Section Revision to A-127 Purpose of Revision Section 1. Purpose

Merthyr Tydfil County Borough Council. Information Security Policy

CCG: IG06: Records Management Policy and Strategy

Records Management Checklist. preservation. accountability. information. security. peoplep. A tool to improve records management

IT Charter and IT Governance Framework

IM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction Policy Statement Purpose...

Pearson Vocational Centre Detail Change Request Form (United Kingdom and the Republic of Ireland)

Public Records (Scotland) Act Healthcare Improvement Scotland and Scottish Health Council Assessment Report

COMMERCIALISM INTEGRITY STEWARDSHIP. Back-up Policy & Guidance

How To Manage A Disruption Event

NATIONAL TREASURY Republic of South Africa December 2003

GUIDELINE ON THE APPLICATION OF THE OUTSOURCING REQUIREMENTS UNDER THE FSA RULES IMPLEMENTING MIFID AND THE CRD IN THE UK

Private Health Insurance Amendment (Lifetime Health Cover Loading and Other Measures) Act 2013

RULES AND REGULATIONS. of the UNION SPORTIVE INTERNATIONALE DES POLICES ( USIP )

NHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé

INFORMATION TECHNOLOGY SECURITY STANDARDS

Part 3D - Officers' Employment Procedure Rules 1

2.1 notes the statistics and information contained within this report;

Policy and Procedure for approving, monitoring and reviewing personal data processing agreements

Schedule 13 - NHS Counter Fraud and Security

PORT SAFETY PLAN GUIDELINES

Information Governance Management Framework

Business Continuity (Policy & Procedure)

Guideline for Roles & Responsibilities in Information Asset Management

Business Continuity Management

Bank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management

International Paralympic Committee Medical Code. December 2011

Business Continuity and Disaster Recovery Policy

Policy Document Control Page

Version No: 2 Date: 27 July Data Quality Policy. Assistant Chief Executive. Planning & Performance. Data Quality Policy

BUSINESS CONTINUITY & STRATEGY POLICY

Rotherham CCG Network Security Policy V2.0

Transcription:

Status: Approved Custodian: Executive Office Date approved: 2013-12-04 Implementation date: 2013-12-05 Decision number: SAQA 07102/13 Due for review: 2016-12-03 File Number:

Table of contents 1 Preamble... 3 2 Purpose... 3 3 Ownership... 3 4 Scope of Practice... 3 5 Related Procedure:... 3 6 Type of Policy... 3 7 Definitions... 3 8... 4 9 Responsibilities... 4 2

1 Preamble The South African Qualifications Authority (SAQA) recognises the importance of comprehensive Business Continuity Planning so that SAQA can continue to operate, to some extent, during and after a disaster, to ensure the continued availability of employment of its employees and services for those we serve. 2 Purpose The purpose of the Business Continuity Policy is to have a plan in place to ensure the effective availability of essential information, products and services, to protect SAQA from, or minimise the impact of a disaster. 3 Ownership The Executive Office is the custodian of this Policy. 4 Scope of Practice 4.1 The Policy applies to all the key business processes of SAQA. All employees of SAQA will be bound by the Policy. Contractors and employees who are or may be in a position to affect the business processes or services of SAQA shall be required to acknowledge their acceptance of all or relevant sections of the Policy. 4.2 The Policy sets out the responsibilities of SAQA employees. It does not create any basis for one employee to become legally liable to another. 5 Related Policies and Procedures: The following policies and procedures relate to this Policy: 5.1 Policy on Information Security 5.2 Disaster Recovery Plan 5.3 Information Technology Disaster Recovery Plan 5.4 SAQA Procedure on Emergency Evacuation 6 Type of Policy This Policy is of strategic nature 7 Definitions None. 3

8 8.1 It is the policy of SAQA that a comprehensive Business Continuity Plan (BCP) is developed and maintained on an annual basis, to ensure that essential services and business can continue after a disaster. 8.2 The successful implementation of the Policy on Business Continuity (hereafter the Policy ) cannot be achieved without the cooperation of all directorates. It is crucial, therefore, that all are aware of, and fully comply with the general requirements outlined in the Policy and also those specific to their office and function. This includes existing policies such as the Policy on Information Security. 8.3 When implemented, the BCP should include those procedures and support agreements which ensure on-time availability and delivery of SAQA's required information and services. 8.4 Each directorate in SAQA is responsible for current and comprehensive Business Continuity Planning, which includes the regular (at least twice per year) updating of procedures and monthly updating of all contact details or as changes occur. 8.5 The BCP must be tested at least annually (in accordance with paragraph 9.2 below) in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed. 8.6 All staff must be made aware of the BCP and their own respective roles. It is each Director s responsibility to make sure that staff knows about the policy. 9 Responsibilities 9.1 Executive Office The Deputy Chief Executive Officer is responsible for: Managing the Policy and granting sanction for specific and necessary deviation from the Policy. Facilitating a review, before the end of October every year, by the Executive Management Team, of the overall BCP as well as Directorates Business Continuity Plans. Ensuring the implementation of the Policy and its consequential procedures, including its associated administrative and monitoring procedures 4

9.2 Directorate: Information Technology The responsibilities of the IT Directorate will include: To advise the Executive Management Committee on the sufficiency and effectiveness of its Policy on Business Continuity and drafting any necessary amendments for the Executive Management Committee. To ensure adherence to the SAQA Disaster Recovery Plan as laid down by the Policy on Information Security. To ensure that an up-to-date copy of SAQA's BCP is stored safely at an off-site location To schedule, before the end of December each year, a test of the BCP and to report on the outcomes of the test to the following I & IT Steering Committee Meeting. 9.3 Directors 9.4 Staff It is a collective responsibility of Directors to implement the Policy within the operational procedures of their areas. Directors are responsible for ensuring that the Business Continuity Plan of their Directorate is kept up to date on an annual basis. Staff complement details are updated as changes occur. Directors are responsible to ensure that their staff are aware of the Business Continuity Policy and Plan, and how it relates to the operations of their Directorate. Directors are responsible for initiating any disciplinary measures against employees who fail to comply with the Policy. Each employee must be aware of the Policy. Each employee must understand and comply with the Policy. Each employee must be aware of his or her role and responsibilities as stipulated in the BCP. 9.5 Disciplinary procedure Any breach of the Policy or associated policies may result in SAQA taking disciplinary action against an employee. Details of the disciplinary process are in line with the Disciplinary Procure, and can be obtained from the Directorate: Human Resources. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information